public async Task BrokerSilentRequestTestExecutorAsync(bool brokerConfiguredByUser, bool brokerIsInstalledAndInvokable)
{
string brokerID = "*****@*****.**";
using (var harness = new MockHttpTestHarness(TestConstants.AuthorityHomeTenant))
{
// resul will be from the cache
_tokenCacheHelper.PopulateCache(harness.Cache.Accessor,
TestConstants.Uid,
TestConstants.Utid,
TestConstants.ClientId,
TestConstants.ProductionPrefCacheEnvironment,
brokerID);
IBroker mockBroker = Substitute.For <IBroker>();
mockBroker.IsBrokerInstalledAndInvokable().ReturnsForAnyArgs(brokerIsInstalledAndInvokable);
harness.ServiceBundle.Config.BrokerCreatorFunc = (app, logger) => mockBroker;
var parameters = harness.CreateRequestParams(
harness.Cache,
null,
TestConstants.ExtraQueryParameters,
null,
authorityOverride: AuthorityInfo.FromAuthorityUri(TestConstants.AuthorityCommonTenant, false));
parameters.AppConfig.IsBrokerEnabled = brokerConfiguredByUser;
var silentParameters = new AcquireTokenSilentParameters()
{
Account = new Account(TestConstants.HomeAccountId, TestConstants.DisplayableId, TestConstants.ProductionPrefCacheEnvironment),
};
var request = new SilentRequest(harness.ServiceBundle, parameters, silentParameters);
var result = await request.RunAsync(default).ConfigureAwait(false);
public void SilentRefreshFailedNoCacheItemFoundTest()
{
using (var harness = new MockHttpTestHarness(MsalTestConstants.AuthorityHomeTenant))
{
var parameters = harness.CreateRequestParams(
harness.Cache,
ScopeHelper.CreateSortedSetFromEnumerable(
new[]
{
"some-scope1",
"some-scope2"
}),
authorityOverride: AuthorityInfo.FromAuthorityUri(MsalTestConstants.AuthorityHomeTenant, false));
var silentParameters = new AcquireTokenSilentParameters()
{
Account = new Account(MsalTestConstants.HomeAccountId, MsalTestConstants.DisplayableId, MsalTestConstants.ProductionPrefCacheEnvironment),
};
try
{
var request = new SilentRequest(harness.ServiceBundle, parameters, silentParameters);
Task <AuthenticationResult> task = request.RunAsync(CancellationToken.None);
var authenticationResult = task.Result;
Assert.Fail("MsalUiRequiredException should be thrown here");
}
catch (AggregateException ae)
{
var exc = ae.InnerException as MsalUiRequiredException;
Assert.IsNotNull(exc, "Actual exception type is " + ae.InnerException.GetType());
Assert.AreEqual(MsalError.NoTokensFoundError, exc.ErrorCode);
}
}
}
public async Task <AuthenticationResult> ExecuteAsync(
AcquireTokenCommonParameters commonParameters,
AcquireTokenSilentParameters silentParameters,
CancellationToken cancellationToken)
{
//Since the AcquireTokenSilentParameterBuilder api is shared between public and confidential clients,
//We need some way to validate that MSAL is not performing AcquireTokenSilent with POP on public clients without Broker
if (commonParameters.PopAuthenticationConfiguration != null &&
ServiceBundle?.Config.IsBrokerEnabled == false &&
//Validates that we are not on CCA
//TODO: Find a better way to determine this
ServiceBundle?.Config.ClientCredential == null &&
commonParameters.OnBeforeTokenRequestHandler == null &&
ServiceBundle?.Config.AppTokenProvider == null
)
{
throw new MsalClientException(MsalError.BrokerRequiredForPop, MsalErrorMessage.BrokerRequiredForPop);
}
var requestContext = CreateRequestContextAndLogVersionInfo(commonParameters.CorrelationId, cancellationToken);
var requestParameters = await _clientApplicationBase.CreateRequestParametersAsync(
commonParameters,
requestContext,
_clientApplicationBase.UserTokenCacheInternal).ConfigureAwait(false);
requestParameters.SendX5C = silentParameters.SendX5C ?? false;
var handler = new SilentRequest(ServiceBundle, requestParameters, silentParameters);
return(await handler.RunAsync(cancellationToken).ConfigureAwait(false));
}
internal async Task <AuthenticationResult> AcquireTokenSilentCommonAsync(Authenticator authenticator, string[] scope, User user, IPlatformParameters parameters, string policy, bool forceRefresh)
{
if (parameters == null)
{
parameters = PlatformPlugin.DefaultPlatformParameters;
}
var handler = new SilentRequest(this.GetHandlerData(authenticator, scope, policy, this.UserTokenCache), user, parameters, forceRefresh);
return(await handler.RunAsync().ConfigureAwait(false));
}
private static BaseTask CreateTask(TaskInfo taskInfo)
{
BaseTask task;
switch (taskInfo.Action)
{
case ActionType.SilentRequest:
task = new SilentRequest();
break;
default:
task = new BaseTask();
break;
}
return(task);
}
public void ExpiredTokenRefreshFlowTest()
{
Authority authority = Authority.CreateAuthority(TestConstants.AuthorityHomeTenant, false);
TokenCache cache = new TokenCache()
{
ClientId = TestConstants.ClientId
};
TokenCacheHelper.PopulateCache(cache.TokenCacheAccessor);
AuthenticationRequestParameters parameters = new AuthenticationRequestParameters()
{
Authority = authority,
ClientId = TestConstants.ClientId,
Scope = new[] { "some-scope1", "some-scope2" }.CreateSetFromEnumerable(),
TokenCache = cache,
RequestContext = new RequestContext(Guid.Empty, null),
User = new User()
{
Identifier = TestConstants.UserIdentifier,
DisplayableId = TestConstants.DisplayableId
}
};
//add mock response for tenant endpoint discovery
HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler
{
Method = HttpMethod.Get,
ResponseMessage = MockHelpers.CreateOpenIdConfigurationResponse(TestConstants.AuthorityHomeTenant)
});
HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler()
{
Method = HttpMethod.Post,
ResponseMessage = MockHelpers.CreateSuccessTokenResponseMessage()
});
SilentRequest request = new SilentRequest(parameters, false);
Task <AuthenticationResult> task = request.RunAsync();
AuthenticationResult result = task.Result;
Assert.IsNotNull(result);
Assert.AreEqual("some-access-token", result.AccessToken);
Assert.AreEqual("some-scope1 some-scope2", result.Scopes.AsSingleString());
Assert.IsTrue(HttpMessageHandlerFactory.IsMocksQueueEmpty, "All mocks should have been consumed");
}
