public void CanExtractClaimsFromICaeAuthenticationProviderOption()
{
// Arrange
var httpRequestMessage = new HttpRequestMessage(HttpMethod.Get, "http://example.com/bar");
var authenticationHandlerOption = new AuthenticationHandlerOption();
var authenticationProviderOption = new CaeAuthProviderOptionTest()
{
Scopes = new [] { "User.Read" },
Claims = "claim"
};
authenticationHandlerOption.AuthenticationProviderOption = authenticationProviderOption;
// set the original AuthenticationProviderOptionTest as the auth provider
var originalRequestContext = httpRequestMessage.GetRequestContext();
originalRequestContext.MiddlewareOptions[typeof(AuthenticationHandlerOption).ToString()] = authenticationHandlerOption;
httpRequestMessage.Properties[typeof(GraphRequestContext).ToString()] = originalRequestContext;
// Act by trying to extract info from ICaeAuthenticationProviderOption type
AuthenticationProviderOption authProviderOption = httpRequestMessage.GetMsalAuthProviderOption();
// Assert that we can still find the information
Assert.Single(authProviderOption.Scopes);
Assert.Equal("User.Read", authProviderOption.Scopes[0]);
Assert.Equal("claim", authProviderOption.Claims);
}
/// <summary>
/// Attempts to acquire access token silently from the token cache.
/// </summary>
/// <exception cref="AuthenticationException">An exception occured when attempting to get access token silently.</exception>
internal static async Task <AuthenticationResult> GetAccessTokenSilentAsync(this IClientApplicationBase clientApplication, AuthenticationProviderOption msalAuthProviderOption)
{
IAccount account;
if (msalAuthProviderOption.UserAccount?.ObjectId != null)
{
// Parse GraphUserAccount to IAccount instance
account = new GraphAccount(msalAuthProviderOption.UserAccount);
}
else
{
// If no graph user account is passed, try get the one in cache.
IEnumerable <IAccount> accounts = await clientApplication.GetAccountsAsync();
account = accounts.FirstOrDefault();
}
if (account == null)
{
return(null);
}
try
{
AcquireTokenSilentParameterBuilder tokenSilentBuilder = clientApplication.AcquireTokenSilent(msalAuthProviderOption.Scopes, account)
.WithForceRefresh(msalAuthProviderOption.ForceRefresh);
if (!ContainsWellKnownTenantName(clientApplication.Authority))
{
tokenSilentBuilder.WithAuthority(clientApplication.Authority);
}
if (!string.IsNullOrEmpty(msalAuthProviderOption.Claims))
{
tokenSilentBuilder.WithClaims(msalAuthProviderOption.Claims);
}
return(await tokenSilentBuilder.ExecuteAsync());
}
catch (MsalException)
{
return(null);
}
catch (Exception exception)
{
throw new AuthenticationException(
new Error
{
Code = ErrorConstants.Codes.GeneralException,
Message = ErrorConstants.Message.UnexpectedException
},
exception);
}
}
