public static void Main(string tenantId, string clientId, string orgName)
{
_ = tenantId ?? throw new ArgumentNullException("TenantId cannot be null");
_ = clientId ?? throw new ArgumentNullException("ClientId cannot be null");
_ = orgName ?? throw new ArgumentNullException("OrgId cannot be null");
_FullUrl = $"{baseUrl}{orgName}";
AuthenticationContext ctx = GetAuthenticationContext(tenantId);
AuthenticationResult result = null;
try
{
DeviceCodeResult codeResult = ctx.AcquireDeviceCodeAsync(ADOResourceId, clientId).Result;
Console.WriteLine("You need to sign in.");
Console.WriteLine("Message: " + codeResult.Message + "\n");
result = ctx.AcquireTokenByDeviceCodeAsync(codeResult).Result;
var bearerAuthHeader = new AuthenticationHeaderValue("Bearer", result.AccessToken);
ListProjects(bearerAuthHeader);
}
catch (Exception ex)
{
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine("Something went wrong.");
Console.WriteLine("Message: " + ex.Message + "\n");
}
}
protected override async Task <AuthenticationResult> InitialGetAccessCodeAsync(CancellationToken ct)
{
var codeResult = await AuthenticationContext.AcquireDeviceCodeAsync(ResourceUri, ClientId).ConfigureAwait(false);
_notifyDeviceCodeRequest(codeResult.VerificationUrl, codeResult.UserCode);
return(await AuthenticationContext.AcquireTokenByDeviceCodeAsync(codeResult).ConfigureAwait(false));
}
public static async Task <string> AcquireAccessTokenAsync(string tenant)
{
string accessToken = null;
var ctx = new AuthenticationContext($"https://login.windows.net/{tenant}", _tokenCache);
try
{
accessToken = (await ctx.AcquireTokenSilentAsync(resource, clientId)).AccessToken;
}
catch (AdalException x)
{
Logger.WriteLine($"Silent token acquisition failed.");
Logger.WriteLine($"ADAL Exception: {x.Message}");
Logger.WriteLine($"Retrieving token via device code authentication now.");
DeviceCodeResult codeResult = await ctx.AcquireDeviceCodeAsync(resource, clientId);
Logger.WriteLine("Please sign into your AAD account.");
Logger.WriteLine($"{codeResult.Message}");
Logger.WriteLine("");
accessToken = (await ctx.AcquireTokenByDeviceCodeAsync(codeResult)).AccessToken;
SerializationHelper.WriteToFile(TokenCacheFileName, new ByteArrayWrapper {
theBytes = _tokenCache.SerializeAdalV3()
});
}
return(accessToken);
}
public async Task <IAdalToken> AcquireTokenWithDeviceFlowAsync(Func <DeviceCodeResult, Task> deviceCodeHandler, CancellationToken cancellationToken, ILogger logger)
{
var authenticationContext = new AuthenticationContext(authority, tokenCache);
var deviceCode = await authenticationContext.AcquireDeviceCodeAsync(resource, clientId);
cancellationToken.ThrowIfCancellationRequested();
if (deviceCodeHandler != null)
{
await deviceCodeHandler(deviceCode);
cancellationToken.ThrowIfCancellationRequested();
}
AuthenticationResult result = null;
var deviceFlowTimeout = EnvUtil.GetDeviceFlowTimeoutFromEnvironmentInSeconds(logger);
var task = authenticationContext.AcquireTokenByDeviceCodeAsync(deviceCode);
if (await Task.WhenAny(task, Task.Delay(deviceFlowTimeout * 1000, cancellationToken)) == task)
{
result = await task;
}
else
{
logger.Error(string.Format(Resources.DeviceFlowTimedOut, deviceFlowTimeout));
}
return(new AdalToken(result));
}
public override async Task ProcessHttpRequestAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
AuthenticationResult ar;
try
{
ar = await _authenticationContext.AcquireTokenSilentAsync(_audience, _clientId).ConfigureAwait(false);
}
catch (AdalSilentTokenAcquisitionException ex)
{
if (UserTokenInteraction == null)
{
throw new AuthenticationException("Interactive logon required, but no UI element was supplied", ex);
}
DeviceCodeResult dc = await _authenticationContext.AcquireDeviceCodeAsync(_audience, _clientId);
UserTokenInteraction.UserCode = dc.UserCode;
UserTokenInteraction.VerificationUrl = dc.VerificationUrl;
ar = await _authenticationContext.AcquireTokenByDeviceCodeAsync(dc);
await UserTokenInteraction.CompleteAuthAsync();
}
catch (Exception ex)
{
throw ex;
}
if (UserInfoReceiver != null)
{
UserInfoReceiver.SetUserInfo(ar.UserInfo);
}
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", ar.AccessToken);
}
/// <summary>
/// Acquires a user token with the bot service first party app as audience
/// </summary>
/// <returns></returns>
public async Task <AuthenticationResult> AcquireTokenAsync()
{
var authority = $"https://login.windows.net/{tenantId}";
var context = new AuthenticationContext(
authority: authority,
validateAuthority: true);
SynchronizationContext.SetSynchronizationContext(new SynchronizationContext());
#if NET452
return(context.AcquireToken(
resource: BotFirstPartyAppId,
clientId: AadClientId,
redirectUri: new Uri(AadRedirectUri),
promptBehavior: PromptBehavior.Always));
#endif
#if NETSTANDARD1_4
// Request a device code
var deviceCodeResult = await context.AcquireDeviceCodeAsync(BotFirstPartyAppId, AadClientId);
if (deviceCodeAuthHandler == null)
{
throw new ArgumentException(BotServiceErrorMessages.DeviceCodeAuthNotProvided,
nameof(deviceCodeAuthHandler));
}
// Execute the user-provided handler for device code. It should prompt the user to
// do device login
deviceCodeAuthHandler(deviceCodeResult);
// Now, the user should have entered the device code, acquire token
return(await context.AcquireTokenByDeviceCodeAsync(deviceCodeResult));
#endif
}
static void Main(string[] args)
{
#region parameters
string authority, resource, deviceloginaddr;
//#if(instance=="global")
authority = "https://login.microsoftonline.com/common";
resource = "https://office365devlabs.onmicrosoft.com/TodoListService-OBO";
deviceloginaddr = "https://aka.ms/devicelogin";
//#else
authority = "https://login.chinacloudapi.cn/common";
resource = "https://modtsp.partner.onmschina.cn/dotnet-obo-webapi";
deviceloginaddr = "https://aka.ms/gallatindevicelogin";
//#endif
#endregion
var ctx = new AuthenticationContext(authority: authority);
var deviceCode = ctx.AcquireDeviceCodeAsync(resource, "{{obo-console-clientid}}").Result;
Console.WriteLine($"请打开浏览器,访问 {deviceloginaddr} ,并以 {deviceCode.UserCode} 登陆");
var result = ctx.AcquireTokenByDeviceCodeAsync(deviceCode).Result;
var httpClient = new HttpClient();
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", result.AccessToken);
// Call the To Do list service.
HttpResponseMessage response = httpClient.GetAsync("http://localhost:5000/api/values").Result;
Console.WriteLine(response.Content.ReadAsStringAsync().Result);
}
static async Task Main(string[] args)
{
const string aadInstance = "https://login.windows.net/{0}";
const string tenant = "thinktecture.com";
const string serviceResourceId = "https://gab-easy-auth-test.azurewebsites.net";
const string clientId = "fb50c490-9ecf-4a1a-88d6-5ba9759de599";
var authContext = new AuthenticationContext(string.Format(CultureInfo.InvariantCulture, aadInstance, tenant));
var deviceCodeResult = await authContext.AcquireDeviceCodeAsync(serviceResourceId, clientId);
Console.WriteLine(deviceCodeResult.Message);
var result = await authContext.AcquireTokenByDeviceCodeAsync(deviceCodeResult);
Console.WriteLine($"Token acquired. ");
Console.WriteLine("--------------------------------------------");
var httpClient = new HttpClient();
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", result.AccessToken);
Console.WriteLine("Calling Function 1");
var response = await httpClient.GetAsync($"https://gab-easy-auth-test.azurewebsites.net/api/Function1");
Console.WriteLine($"Status {response.StatusCode} Content: {await response.Content.ReadAsStringAsync()}");
Console.WriteLine("--------------------------------------------");
Console.WriteLine("Calling Function 2");
response = await httpClient.GetAsync($"https://gab-easy-auth-test.azurewebsites.net/api/Function2");
Console.WriteLine($"Status {response.StatusCode} Content: {await response.Content.ReadAsStringAsync()}");
}
// This prompts the user to open a browser and input a unique key to authenticate their app
// This allows dotnet core apps to authorize an application through user credentials without displaying UI.
private static async Task <AuthenticationResult> GetResultsUsingDeviceCode(AuthenticationContext authContext, AppSettings appSettings)
{
var codeResult = await authContext.AcquireDeviceCodeAsync(appSettings.Resource, appSettings.ClientId);
Console.WriteLine(codeResult.Message);
return(await authContext.AcquireTokenByDeviceCodeAsync(codeResult));
}
/// <summary>
/// Authenticates using the device code flow. See here for more information:
/// https://azure.microsoft.com/en-us/resources/samples/active-directory-dotnet-deviceprofile/.
/// </summary>
/// <param name="displayDeviceCodeMessageToUser">
/// The action which displays the message from ADAL (containing the retrieved device code) to the user.
/// The message will instruct the user to enter the device code by navigating to http://aka.ms/devicelogin/.
/// </param>
/// <param name="useAdminConsentFlow">
/// Whether or not to trigger the admin consent flow for this app ID.
/// </param>
/// <returns>The HTTP header to use when making calls.</returns>
internal static SdkAuthResult AuthWithDeviceCode(
Action <string> displayDeviceCodeMessageToUser,
bool useAdminConsentFlow = false)
{
if (displayDeviceCodeMessageToUser == null)
{
throw new ArgumentNullException(nameof(displayDeviceCodeMessageToUser));
}
// Get the environment parameters
EnvironmentParameters environmentParameters = AuthUtils.CurrentEnvironmentParameters;
// Create auth context that we will use to connect to the AAD endpoint
AuthenticationContext authContext = new AuthenticationContext(environmentParameters.AuthUrl);
if (useAdminConsentFlow)
{
// Remove this user's token from the token cache so they have to log in again (we must use the "Auto" Prompt behavior to add query parameters)
SdkAuthResult currentLogin = AuthUtils.LatestAdalAuthResult;
if (currentLogin != null)
{
// Find all the items in the cache with the logged in user ID, client ID and resource ID
IEnumerable <TokenCacheItem> toRemove = authContext.TokenCache.ReadItems()
.Where(
tokenCacheItem => tokenCacheItem.UniqueId == currentLogin.UserUniqueId &&
tokenCacheItem.ClientId == environmentParameters.AppId &&
tokenCacheItem.Resource == environmentParameters.ResourceId);
// Remove the items
foreach (TokenCacheItem tokenCacheItem in toRemove)
{
authContext.TokenCache.DeleteItem(tokenCacheItem);
}
}
}
// Get the device code
DeviceCodeResult deviceCodeResult = authContext.AcquireDeviceCodeAsync(
environmentParameters.ResourceId,
environmentParameters.AppId,
useAdminConsentFlow ? AuthUtils.AdminConsentQueryParameter : null)
.GetAwaiter().GetResult();
// Display the device code
displayDeviceCodeMessageToUser(deviceCodeResult.Message);
// Get the auth token
//TODO: Figure out why this call hangs and crashes the PowerShell session if the first login was cancelled and the second login times out
AuthenticationResult authenticationResult = authContext.AcquireTokenByDeviceCodeAsync(deviceCodeResult)
.GetAwaiter().GetResult();
// Convert the auth result into our own type
SdkAuthResult authResult = authenticationResult.ToSdkAuthResult();
// Save the auth result
AuthUtils.LatestAdalAuthResult = authResult;
return(authResult);
}
// This prompts the user to open a browser and input a unique key to authenticate their app
// This allows dotnet core apps to authorize an application through user credentials without displaying UI.
private static async Task <AuthenticationResult> GetResultsUsingDeviceCode(AuthenticationContext authContext, string resource, string clientId)
{
var codeResult = await authContext.AcquireDeviceCodeAsync(resource, clientId);
await FeedbackHelper.Channel.SendMessageAsync(codeResult.Message, MessageType.Info);
return(await authContext.AcquireTokenByDeviceCodeAsync(codeResult));
}
/// <summary>
///
/// </summary>
/// <returns></returns>
public static async Task <AuthenticationResult> AcquireTokenWithDeviceCodeAsync()
{
DeviceCodeResult codeResult = await ctx.AcquireDeviceCodeAsync(Resource, ClientId);
Console.WriteLine("You need to sign in.");
Console.WriteLine("Message: " + codeResult.Message + "\n");
return(await ctx.AcquireTokenByDeviceCodeAsync(codeResult).ConfigureAwait(false));
}
private static async Task <AuthenticationResult> GetTokenFromDeviceCodeAsync()
{
// [SCENARIO] OAuth 2.0 Device Code Flow
// Get a token to authenticate against the Web API.
var context = new AuthenticationContext(StsConfiguration.Authority, StsConfiguration.CanValidateAuthority);
var deviceCode = await context.AcquireDeviceCodeAsync(AppConfiguration.TodoListWebApiResourceId, AppConfiguration.TodoListConsoleClientId);
Console.WriteLine(deviceCode.Message);
return(await context.AcquireTokenByDeviceCodeAsync(deviceCode));
}
static AuthenticationResult UserLogin()
{
authenticationContext = new AuthenticationContext
(String.Format(CultureInfo.InvariantCulture, Configuration["AzureAd:AadInstance"], Configuration["AzureAd:TenantId"]));
authenticationContext.TokenCache.Clear();
DeviceCodeResult deviceCodeResult = authenticationContext.AcquireDeviceCodeAsync(aadResourceAppId, (Configuration["AzureAd:ClientId"])).Result;
Console.WriteLine(deviceCodeResult.Message);
return(authenticationContext.AcquireTokenByDeviceCodeAsync(deviceCodeResult).Result);
}
static void Main(string[] args)
{
#region parameters
string authority, resource, deviceloginaddr;
//#if(instance=="gallatin")
authority = "https://login.chinacloudapi.cn/common";
resource = "https://microsoftgraph.chinacloudapi.cn";
deviceloginaddr = "https://aka.ms/gallatindevicelogin";
//#else
authority = "https://login.microsoftonline.com/common";
resource = "https://graph.microsoft.com";
deviceloginaddr = "https://aka.ms/devicelogin";
//#endif
#endregion
var token = "";
var client = new GraphServiceClient(new DelegateAuthenticationProvider((request) =>
{
if (string.IsNullOrEmpty(token))
{
var ctx = new AuthenticationContext(authority: authority);
var deviceCode = ctx.AcquireDeviceCodeAsync(resource, "{{clientId}}").Result;
Console.WriteLine($"请打开浏览器,访问 {deviceloginaddr} ,并以 {deviceCode.UserCode} 登陆");
token = ctx.AcquireTokenByDeviceCodeAsync(deviceCode).Result.AccessToken;
}
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
return(Task.FromResult(0));
}))
{
BaseUrl = $"{resource}/{{version}}"
};
var user = client.Me.Request().GetAsync().Result;
Console.WriteLine($"当前登录用户为:{user.DisplayName}\r\n");
var messages = client.Me.Messages.Request().GetAsync().Result;
Console.WriteLine($"当前用户的收件箱最近十封邮件如下:");
foreach (var item in messages)
{
Console.WriteLine($"\t{item.Subject}");
}
var files = client.Me.Drive.Root.Children.Request().GetAsync().Result;
Console.WriteLine($"\r\n当前用户的个人网盘的文件信息如下:");
foreach (var item in files)
{
Console.WriteLine($"\t{item.Name}");
}
}
static async Task <string> GetTokenAsync()
{
var authContext = new AuthenticationContext(Settings.Authority);
var deviceCodeResult = await
authContext.AcquireDeviceCodeAsync(Settings.DigitalTwinsResourceId, Settings.ClientId);
Console.WriteLine(deviceCodeResult.Message);
var token = await authContext.AcquireTokenByDeviceCodeAsync(deviceCodeResult);
return(token.AccessToken);
}
public async Task EnsureAuthTokenValid(HttpClient client)
{
// Check to see if the token has expired before requesting one.
// We will go ahead and request a new one if we are within 2 minutes of the token expiring.
if (_tokenExpiresAtUtc < DateTime.UtcNow.AddMinutes(-2))
{
var context = new AuthenticationContext("https://login.microsoftonline.com/common", _tokenCache);
string tenantFromToken = null;
if (context.TokenCache.Count > 0)
{
tenantFromToken = context.TokenCache.ReadItems().First().TenantId;
}
var tenant = tenantFromToken ?? _tenantId ?? "common";
context = new AuthenticationContext("https://login.microsoftonline.com/" + tenant, _tokenCache);
AuthenticationResult result;
if (!string.IsNullOrEmpty(_clientId) && !string.IsNullOrEmpty(_clientSecret))
{
result = await context.AcquireTokenAsync(
AzureManagementResource,
new ClientCredential(_clientId, _clientSecret));
}
else
{
try
{
result = await context.AcquireTokenSilentAsync(
AzureManagementResource,
PowerShellClientId);
}
catch (AdalSilentTokenAcquisitionException)
{
var codeResult = await context.AcquireDeviceCodeAsync(
AzureManagementResource,
PowerShellClientId);
Console.WriteLine("You need to sign in.");
Console.WriteLine(codeResult.Message);
result = await context.AcquireTokenByDeviceCodeAsync(codeResult);
}
}
if (string.IsNullOrEmpty(result.AccessToken))
{
throw new AuthenticationFailureException("Blank Auth Token");
}
_tokenExpiresAtUtc = result.ExpiresOn.UtcDateTime;
_tokenValue = result.AccessToken;
Console.WriteLine($"Authenticated as {AuthUser}");
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", _tokenValue);
}
}
public async Task FullCoveragePositiveTestAsync()
{
MockHttpMessageHandler mockMessageHandler = new MockHttpMessageHandler(TestConstants.DefaultAuthorityHomeTenant)
{
Method = HttpMethod.Get,
Url = TestConstants.DefaultAuthorityHomeTenant + "oauth2/devicecode",
ResponseMessage = MockHelpers.CreateSuccessDeviceCodeResponseMessage()
};
HttpMessageHandlerFactory.AddMockHandler(mockMessageHandler);
mockMessageHandler = new MockHttpMessageHandler(TestConstants.DefaultAuthorityHomeTenant)
{
Method = HttpMethod.Post,
Url = TestConstants.DefaultAuthorityHomeTenant + "oauth2/token",
ResponseMessage = MockHelpers.CreateFailureResponseMessage("{\"error\":\"authorization_pending\"," +
"\"error_description\":\"AADSTS70016: Pending end-user authorization." +
"\\r\\nTrace ID: f6c2c73f-a21d-474e-a71f-d8b121a58205\\r\\nCorrelation ID: " +
"36fe3e82-442f-4418-b9f4-9f4b9295831d\\r\\nTimestamp: 2015-09-24 19:51:51Z\"," +
"\"error_codes\":[70016],\"timestamp\":\"2015-09-24 19:51:51Z\",\"trace_id\":" +
"\"f6c2c73f-a21d-474e-a71f-d8b121a58205\",\"correlation_id\":" +
"\"36fe3e82-442f-4418-b9f4-9f4b9295831d\"}")
};
HttpMessageHandlerFactory.AddMockHandler(mockMessageHandler);
HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler(TestConstants.DefaultAuthorityHomeTenant)
{
Method = HttpMethod.Post,
Url = TestConstants.DefaultAuthorityHomeTenant + "oauth2/token",
ResponseMessage =
MockHelpers.CreateSuccessTokenResponseMessage(TestConstants.DefaultUniqueId,
TestConstants.DefaultDisplayableId, TestConstants.DefaultResource)
});
TokenCache cache = new TokenCache();
AuthenticationContext ctx = new AuthenticationContext(TestConstants.DefaultAuthorityHomeTenant, cache);
DeviceCodeResult dcr = await ctx.AcquireDeviceCodeAsync("some-resource", "some-client").ConfigureAwait(false);
Assert.IsNotNull(dcr);
Assert.AreEqual("some-device-code", dcr.DeviceCode);
Assert.AreEqual("some-user-code", dcr.UserCode);
Assert.AreEqual("some-URL", dcr.VerificationUrl);
Assert.AreEqual(5, dcr.Interval);
Assert.AreEqual("some-message", dcr.Message);
Assert.AreEqual("some-client", dcr.ClientId);
AuthenticationResult result = await ctx.AcquireTokenByDeviceCodeAsync(dcr).ConfigureAwait(false);
Assert.IsNotNull(result);
Assert.AreEqual("some-access-token", result.AccessToken);
// There should be one cached entry.
Assert.AreEqual(1, ctx.TokenCache.Count);
}
static async Task <AuthenticationResult> GetTokenViaCode(AuthenticationContext ctx)
{
AuthenticationResult result = null;
DeviceCodeResult codeResult = await ctx.AcquireDeviceCodeAsync(RESOURCE_ID, CLIENT_ID);
Console.ResetColor();
Console.WriteLine("You need to sign in.");
Console.WriteLine("Message: " + codeResult.Message + "\n");
result = await ctx.AcquireTokenByDeviceCodeAsync(codeResult);
return(result);
}
private static async Task <string> GetTokenViaCode(string clientId)
{
var resource = "https://graph.microsoft.com";
var ctx = new AuthenticationContext("https://login.microsoftonline.com/common");
DeviceCodeResult codeResult = await ctx.AcquireDeviceCodeAsync(resource, clientId);
Console.WriteLine("You need to sign in.");
Console.WriteLine("Message: " + codeResult.Message);
var token = await ctx.AcquireTokenByDeviceCodeAsync(codeResult);
return(token.AccessToken);
}
public async Task <AuthData> AcquireDeviceCodeAsync()
{
TokenCache TC = new TokenCache();
// Create an instance of AuthenticationContext to acquire an Azure access token
authContext = new AuthenticationContext(authority, TC);
deviceCode = await authContext.AcquireDeviceCodeAsync(resourceUri, clientID);
return(new AuthData
{
VerificationUrl = deviceCode.VerificationUrl,
UserCode = deviceCode.UserCode
});
}
public static async Task <string> GetTokenByCode(AzureAd azureAd)
{
var ctx = new AuthenticationContext("https://login.microsoftonline.com/common");
var resource = azureAd.Resource;
var clientId = azureAd.ClientId;
var deviceCodeResult = await ctx.AcquireDeviceCodeAsync(resource, clientId);
Console.ResetColor();
Console.WriteLine("You need to sign in.");
Console.WriteLine("Message: " + deviceCodeResult.Message);
var authResult = await ctx.AcquireTokenByDeviceCodeAsync(deviceCodeResult);
return(authResult.AccessToken);
}
public static async Task <string> GetAccessTokenAsync(AadMetadata aad, CancellationToken cancellationToken)
{
var authority = aad.Authority;
var authContext = new AuthenticationContext(authority);
AuthenticationResult authResult = null;
var token = string.Empty;
// On full .net framework, use interactive logon to get token.
// On dotnet core, acquire token using device id.
// https://github.com/AzureAD/azure-activedirectory-library-for-dotnet/wiki/Acquiring-a-token-return-AuthenticationResult-and-possibly-UserInfo
#if DotNetCoreClr
try
{
authResult = await authContext.AcquireTokenSilentAsync(aad.Cluster, aad.Client);
}
catch (AdalException adalException)
{
if (adalException.ErrorCode == AdalError.FailedToAcquireTokenSilently ||
adalException.ErrorCode == AdalError.InteractionRequired)
{
try
{
var codeResult = await authContext.AcquireDeviceCodeAsync(aad.Cluster, aad.Client);
Console.WriteLine(Resource.MsgAADSignin);
Console.WriteLine(codeResult.Message + "\n");
authResult = await authContext.AcquireTokenByDeviceCodeAsync(codeResult);
}
catch (Exception ex)
{
Console.WriteLine(Resource.ErrorAAD);
Console.WriteLine("Message: " + ex.Message + "\n");
}
}
}
token = authResult.AccessToken;
#else
authResult = await authContext.AcquireTokenAsync(
aad.Cluster,
aad.Client,
new Uri(aad.Redirect),
new PlatformParameters(PromptBehavior.SelectAccount));
token = authResult.AccessToken;
#endif
return(token);
}
public static async Task <string> AcquireUserAccessTokenAsync(string authority, string resource, string scope)
{
var context = new AuthenticationContext(authority, TokenCache.DefaultShared);
if (_deviceCodeResponse == null)
{
_deviceCodeResponse = await context.AcquireDeviceCodeAsync(resource, SampleConstants.WellKnownClientId).ConfigureAwait(false);
Console.WriteLine("############################################################################################");
Console.WriteLine("To continue with the test run, please follow these instructions: {0}", _deviceCodeResponse.Message);
Console.WriteLine("############################################################################################");
}
var result = await context.AcquireTokenByDeviceCodeAsync(_deviceCodeResponse).ConfigureAwait(false);
return(result.AccessToken);
}
private static async Task <(TokenCredentials, TokenCredentials)> AuthenticateDeviceCode(string tenantId)
{
var authority = new Authority(tenantId);
var context = new AuthenticationContext(authority.AuthorityUri);
var code = await context.AcquireDeviceCodeAsync(authority.ResourceUri, authority.ClientId);
Console.WriteLine("\n" + code.Message + "\n\n");
AuthenticationResult token = await context.AcquireTokenByDeviceCodeAsync(code);
var serviceCredentials = new TokenCredentials(token.AccessToken);
var silentToken = await context.AcquireTokenSilentAsync(authority.GraphUri, authority.ClientId, new UserIdentifier(token.UserInfo.UniqueId, UserIdentifierType.UniqueId));
var graphCredentials = new TokenCredentials(silentToken.AccessToken);
return(serviceCredentials, graphCredentials);
}
public async Task NegativeDeviceCodeTimeoutTestAsync()
{
MockHttpMessageHandler mockMessageHandler = new MockHttpMessageHandler(TestConstants.DefaultAuthorityHomeTenant)
{
Method = HttpMethod.Get,
Url = TestConstants.DefaultAuthorityHomeTenant + "oauth2/devicecode",
ResponseMessage = MockHelpers.CreateSuccessDeviceCodeResponseMessage("1")
};
HttpMessageHandlerFactory.AddMockHandler(mockMessageHandler);
mockMessageHandler = new MockHttpMessageHandler(TestConstants.DefaultAuthorityHomeTenant)
{
Method = HttpMethod.Post,
Url = TestConstants.DefaultAuthorityHomeTenant + "oauth2/token",
ResponseMessage = MockHelpers.CreateFailureResponseMessage("{\"error\":\"authorization_pending\"," +
"\"error_description\":\"AADSTS70016: Pending end-user authorization." +
"\\r\\nTrace ID: f6c2c73f-a21d-474e-a71f-d8b121a58205\\r\\nCorrelation ID: " +
"36fe3e82-442f-4418-b9f4-9f4b9295831d\\r\\nTimestamp: 2015-09-24 19:51:51Z\"," +
"\"error_codes\":[70016],\"timestamp\":\"2015-09-24 19:51:51Z\",\"trace_id\":" +
"\"f6c2c73f-a21d-474e-a71f-d8b121a58205\",\"correlation_id\":" +
"\"36fe3e82-442f-4418-b9f4-9f4b9295831d\"}")
};
HttpMessageHandlerFactory.AddMockHandler(mockMessageHandler);
mockMessageHandler = new MockHttpMessageHandler(TestConstants.DefaultAuthorityHomeTenant)
{
Method = HttpMethod.Post,
Url = TestConstants.DefaultAuthorityHomeTenant + "oauth2/token",
ResponseMessage = MockHelpers.CreateDeviceCodeExpirationErrorResponse()
};
HttpMessageHandlerFactory.AddMockHandler(mockMessageHandler);
TokenCache cache = new TokenCache();
AuthenticationContext ctx = new AuthenticationContext(TestConstants.DefaultAuthorityHomeTenant, cache);
DeviceCodeResult dcr = await ctx.AcquireDeviceCodeAsync("some resource", "some authority").ConfigureAwait(false);
Assert.IsNotNull(dcr);
AuthenticationResult result;
AdalServiceException ex = AssertException.TaskThrows <AdalServiceException>(async() => result = await ctx.AcquireTokenByDeviceCodeAsync(dcr).ConfigureAwait(false));
Assert.IsTrue(ex.Message.Contains("Verification code expired"));
}
static async Task <AuthenticationResult> RetrieveToken(string method, ActiveDirectoryConfig config)
{
var ctx = new AuthenticationContext(ActiveDirectoryConfig.AuthorityHost + "/" + config.Tenant);
AuthenticationResult result;
try
{
result = await ctx.AcquireTokenSilentAsync(ActiveDirectoryConfig.Resource, config.ClientId);
}
catch (Exception)
{
switch (method)
{
case "aadauthcode":
result = await ctx.AcquireTokenAsync(ActiveDirectoryConfig.Resource, config.ClientId,
new Uri(config.RedirectUri),
new PlatformParameters(PromptBehavior.SelectAccount));
break;
case "aaddevice":
var codeResult = await ctx.AcquireDeviceCodeAsync(ActiveDirectoryConfig.Resource, config.ClientId);
Console.WriteLine("Open: " + codeResult.VerificationUrl);
Console.WriteLine("Enter: " + codeResult.UserCode);
result = await ctx.AcquireTokenByDeviceCodeAsync(codeResult);
break;
case "aadclient":
var clientCredential = new ClientCredential(config.ClientId, config.ClientSecret);
result = await ctx.AcquireTokenAsync(ActiveDirectoryConfig.Resource, clientCredential);
break;
default:
Console.WriteLine("Method not found");
throw new Exception("Method not found");
}
}
return(result);
}
public async Task <IAdalToken> AcquireTokenWithDeviceFlowAsync(Func <DeviceCodeResult, Task> deviceCodeHandler, CancellationToken cancellationToken)
{
var deviceCode = await authenticationContext.AcquireDeviceCodeAsync(resource, clientId);
cancellationToken.ThrowIfCancellationRequested();
if (deviceCodeHandler != null)
{
await deviceCodeHandler(deviceCode);
cancellationToken.ThrowIfCancellationRequested();
}
var result = await authenticationContext.AcquireTokenByDeviceCodeAsync(deviceCode);
cancellationToken.ThrowIfCancellationRequested();
return(new AdalToken(result));
}
static AuthenticationResult GetTokenViaCode(AuthenticationContext ctx)
{
AuthenticationResult result = null;
try
{
DeviceCodeResult codeResult = ctx.AcquireDeviceCodeAsync(resource, clientId).Result;
Console.ResetColor();
Console.WriteLine("You need to sign in.");
Console.WriteLine("Message: " + codeResult.Message + "\n");
result = ctx.AcquireTokenByDeviceCodeAsync(codeResult).Result;
}
catch (Exception exc)
{
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine("Something went wrong.");
Console.WriteLine("Message: " + exc.Message + "\n");
}
return(result);
}
private async Task <string> GetAccessTokenAsync()
{
var context = new AuthenticationContext(_settings.Authority);
AuthenticationResult result;
try
{
result = await context.AcquireTokenSilentAsync(_settings.ApiResourceUri, _settings.ClientId);
}
catch (AdalSilentTokenAcquisitionException)
{
DeviceCodeResult deviceCodeResult = await context.AcquireDeviceCodeAsync(_settings.ApiResourceUri, _settings.ClientId);
Console.WriteLine(deviceCodeResult.Message);
result = await context.AcquireTokenByDeviceCodeAsync(deviceCodeResult);
}
return(result.AccessToken);
}