public async Task ResolveEndpointsAsync(string userPrincipalName, RequestContext requestContext)
{
var msg = "Resolving authority endpoints... Already resolved? - " + _resolved;
requestContext.Logger.Info(msg);
requestContext.Logger.InfoPii(msg);
if (!_resolved)
{
var authorityUri = new Uri(CanonicalAuthority);
string host = authorityUri.Authority;
string path = authorityUri.AbsolutePath.Substring(1);
string tenant = path.Substring(0, path.IndexOf("/", StringComparison.Ordinal));
IsTenantless = TenantlessTenantNames.Contains(tenant.ToLowerInvariant());
// create log message
msg = "Is Authority tenantless? - " + IsTenantless;
requestContext.Logger.Info(msg);
requestContext.Logger.InfoPii(msg);
if (ExistsInValidatedAuthorityCache(userPrincipalName))
{
msg = "Authority found in validated authority cache";
requestContext.Logger.Info(msg);
requestContext.Logger.InfoPii(msg);
Authority authority = ValidatedAuthorities[CanonicalAuthority];
AuthorityType = authority.AuthorityType;
CanonicalAuthority = authority.CanonicalAuthority;
ValidateAuthority = authority.ValidateAuthority;
IsTenantless = authority.IsTenantless;
AuthorizationEndpoint = authority.AuthorizationEndpoint;
TokenEndpoint = authority.TokenEndpoint;
EndSessionEndpoint = authority.EndSessionEndpoint;
SelfSignedJwtAudience = authority.SelfSignedJwtAudience;
return;
}
string openIdConfigurationEndpoint =
await
GetOpenIdConfigurationEndpoint(userPrincipalName, requestContext)
.ConfigureAwait(false);
//discover endpoints via openid-configuration
TenantDiscoveryResponse edr =
await DiscoverEndpoints(openIdConfigurationEndpoint, requestContext).ConfigureAwait(false);
if (string.IsNullOrEmpty(edr.AuthorizationEndpoint))
{
throw new MsalClientException(MsalClientException.TenantDiscoveryFailedError,
"Authorize endpoint was not found in the openid configuration");
}
if (string.IsNullOrEmpty(edr.TokenEndpoint))
{
throw new MsalClientException(MsalClientException.TenantDiscoveryFailedError,
"Token endpoint was not found in the openid configuration");
}
if (string.IsNullOrEmpty(edr.Issuer))
{
throw new MsalClientException(MsalClientException.TenantDiscoveryFailedError,
"Issuer was not found in the openid configuration");
}
AuthorizationEndpoint = edr.AuthorizationEndpoint.Replace("{tenant}", tenant);
TokenEndpoint = edr.TokenEndpoint.Replace("{tenant}", tenant);
SelfSignedJwtAudience = edr.Issuer.Replace("{tenant}", tenant);
_resolved = true;
AddToValidatedAuthorities(userPrincipalName);
}
}
public async Task ResolveEndpointsAsync(string userPrincipalName, CallState callState)
{
if (!this._resolved)
{
var authorityUri = new Uri(this.CanonicalAuthority);
string host = authorityUri.Authority;
string path = authorityUri.AbsolutePath.Substring(1);
string tenant = path.Substring(0, path.IndexOf("/", StringComparison.Ordinal));
this.IsTenantless =
TenantlessTenantName.Any(
name => string.Compare(tenant, name, StringComparison.OrdinalIgnoreCase) == 0);
if (ExistsInValidatedAuthorityCache(userPrincipalName))
{
Authority authority = ValidatedAuthorities[this.CanonicalAuthority];
AuthorityType = authority.AuthorityType;
CanonicalAuthority = authority.CanonicalAuthority;
ValidateAuthority = authority.ValidateAuthority;
IsTenantless = authority.IsTenantless;
AuthorizationEndpoint = authority.AuthorizationEndpoint;
TokenEndpoint = authority.TokenEndpoint;
EndSessionEndpoint = authority.EndSessionEndpoint;
SelfSignedJwtAudience = authority.SelfSignedJwtAudience;
return;
}
string openIdConfigurationEndpoint =
await
this.GetOpenIdConfigurationEndpoint(host, tenant, userPrincipalName, callState)
.ConfigureAwait(false);
//discover endpoints via openid-configuration
TenantDiscoveryResponse edr =
await this.DiscoverEndpoints(openIdConfigurationEndpoint, callState).ConfigureAwait(false);
if (string.IsNullOrEmpty(edr.AuthorizationEndpoint))
{
throw new MsalServiceException(MsalError.TenantDiscoveryFailed,
string.Format(CultureInfo.InvariantCulture, "Authorize endpoint was not found at {0}",
openIdConfigurationEndpoint));
}
if (string.IsNullOrEmpty(edr.TokenEndpoint))
{
throw new MsalServiceException(MsalError.TenantDiscoveryFailed,
string.Format(CultureInfo.InvariantCulture, "Authorize endpoint was not found at {0}",
openIdConfigurationEndpoint));
}
if (string.IsNullOrEmpty(edr.Issuer))
{
throw new MsalServiceException(MsalError.TenantDiscoveryFailed,
string.Format(CultureInfo.InvariantCulture, "Issuer was not found at {0}",
openIdConfigurationEndpoint));
}
this.AuthorizationEndpoint = edr.AuthorizationEndpoint.Replace("{tenant}", tenant);
this.TokenEndpoint = edr.TokenEndpoint.Replace("{tenant}", tenant);
this.SelfSignedJwtAudience = edr.Issuer.Replace("{tenant}", tenant);
this._resolved = true;
this.AddToValidatedAuthorities(userPrincipalName);
}
}
