/// <summary>
        /// Refreshes the partner credentials.
        /// </summary>
        /// <param name="context">The partner context.</param>
        /// <returns>A task which is complete when the refresh is done.</returns>
        private async Task RefreshAsync(IRequestContext context)
        {
            if (AADToken.IsExpired())
            {
                if (tokenRefresher != null)
                {
                    AuthenticationToken authenticationToken = await tokenRefresher(AADToken).ConfigureAwait(false);

                    if (authenticationToken == null)
                    {
                        throw new PartnerException("Token refresher returned null token.", context, PartnerErrorCategory.Unauthorized, null);
                    }
                    if (authenticationToken.IsExpired())
                    {
                        throw new PartnerException("Token refresher returned an expired token.", context, PartnerErrorCategory.Unauthorized, null);
                    }

                    AADToken = authenticationToken;
                }
                else
                {
                    throw new PartnerException("AAD Token needs refreshing but no handler was registered.", context, PartnerErrorCategory.Unauthorized, null);
                }
            }

            await AuthenticateAsync(context).ConfigureAwait(false);
        }
        /// <summary>
        /// Initializes a new instance of the <see cref="UserPartnerCredentials" /> class.
        /// </summary>
        /// <param name="aadApplicationId">The id of the application in Azure Active Directory.</param>
        /// <param name="aadAuthenticationToken">The Azure Active Directory token.</param>
        /// <param name="aadTokenRefresher">An optional delegate which will be called when the Azure Active Directory token
        /// expires and can no longer be used to generate the partner credentials. This delegate should return
        /// an up to date Azure Active Directory token.</param>
        public UserPartnerCredentials(string aadApplicationId, AuthenticationToken aadAuthenticationToken, TokenRefresher aadTokenRefresher = null)
            : base(aadApplicationId)
        {
            aadAuthenticationToken.AssertNotNull(nameof(aadAuthenticationToken));

            if (aadAuthenticationToken.IsExpired())
            {
                throw new ArgumentException(Resources.AuthenticationTokenExpired);
            }

            AADToken       = aadAuthenticationToken;
            tokenRefresher = aadTokenRefresher;
        }
Esempio n. 3
0
        /// <exception cref="System.Exception"/>
        private void TestValidDelegationTokenHeader()
        {
            HttpServletRequest  request  = Org.Mockito.Mockito.Mock <HttpServletRequest>();
            HttpServletResponse response = Org.Mockito.Mockito.Mock <HttpServletResponse>();

            Org.Apache.Hadoop.Security.Token.Token <DelegationTokenIdentifier> dToken = (Org.Apache.Hadoop.Security.Token.Token
                                                                                         <DelegationTokenIdentifier>)handler.GetTokenManager().CreateToken(UserGroupInformation
                                                                                                                                                           .GetCurrentUser(), "user");
            Org.Mockito.Mockito.When(request.GetHeader(Org.Mockito.Mockito.Eq(DelegationTokenAuthenticator
                                                                              .DelegationTokenHeader))).ThenReturn(dToken.EncodeToUrlString());
            AuthenticationToken token = handler.Authenticate(request, response);

            Assert.Equal(UserGroupInformation.GetCurrentUser().GetShortUserName
                             (), token.GetUserName());
            Assert.Equal(0, token.GetExpires());
            Assert.Equal(handler.GetType(), token.GetType());
            Assert.True(token.IsExpired());
        }