/// <summary>
        /// Attempts to acquire access token from the token cache silently by calling AcquireTokenSilentAsync
        /// </summary>
        internal async Task <AuthenticationResult> GetAccessTokenSilentAsync(MsalAuthenticationProviderOption msalAuthProviderOption)
        {
            IAccount account = null;

            if (msalAuthProviderOption.UserAccount?.ObjectId != null)
            {
                // Parse GraphUserAccount to IAccount instance
                account = new GraphAccount(msalAuthProviderOption.UserAccount);
            }
            else
            {
                // If no graph user account is passed, try get the one in cache.
                IEnumerable <IAccount> accounts = await ClientApplication.GetAccountsAsync();

                account = accounts.FirstOrDefault();
            }

            if (account == null)
            {
                return(null);
            }

            try
            {
                return(await ClientApplication.AcquireTokenSilentAsync(
                           msalAuthProviderOption.Scopes ?? Scopes,
                           account,
                           ClientApplication.Authority,
                           msalAuthProviderOption.ForceRefresh));
            }
            catch (MsalUiRequiredException msalUiEx)
            {
                return(null);
            }
            catch (MsalServiceException serviceException)
            {
                throw new AuthenticationException(
                          new Error
                {
                    Code    = ErrorConstants.Codes.GeneralException,
                    Message = ErrorConstants.Message.UnexpectedMsalException
                },
                          serviceException);
            }
            catch (Exception exception)
            {
                throw new AuthenticationException(
                          new Error
                {
                    Code    = ErrorConstants.Codes.GeneralException,
                    Message = ErrorConstants.Message.UnexpectedException
                },
                          exception);
            }
        }
Esempio n. 2
0
        /// <summary>
        /// Adds an authentication header to the incoming request by checking the application's <see cref="TokenCache"/>
        /// for an unexpired access token. If a token is not found or expired, it gets a new one.
        /// </summary>
        /// <param name="httpRequestMessage">A <see cref="HttpRequestMessage"/> to authenticate.</param>
        public async Task AuthenticateRequestAsync(HttpRequestMessage httpRequestMessage)
        {
            GraphRequestContext requestContext = httpRequestMessage.GetRequestContext();
            MsalAuthenticationProviderOption msalAuthProviderOption = httpRequestMessage.GetMsalAuthProviderOption();
            IAccount             account = new GraphAccount(msalAuthProviderOption.UserAccount);
            AuthenticationResult authenticationResult = await this.GetAccessTokenSilentAsync(msalAuthProviderOption);

            if (authenticationResult == null)
            {
                authenticationResult = await GetNewAccessTokenAsync(account, msalAuthProviderOption.Scopes ?? Scopes);
            }

            if (!string.IsNullOrEmpty(authenticationResult.AccessToken))
            {
                httpRequestMessage.Headers.Authorization = new AuthenticationHeaderValue(CoreConstants.Headers.Bearer, authenticationResult.AccessToken);
            }
        }