/// <summary>
/// Apply this authenticator to the given authentication parameters.
/// </summary>
/// <param name="parameters">The complex object containing authentication specific information.</param>
/// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param>
/// <returns>
/// An instance of <see cref="AuthenticationResult" /> that represents the access token generated as result of a successful authenication.
/// </returns>
public override async Task <AuthenticationResult> AuthenticateAsync(AuthenticationParameters parameters, CancellationToken cancellationToken = default)
{
IClientApplicationBase app = GetClient(parameters.Account, parameters.Environment);
ServiceClientTracing.Information("[RefreshTokenAuthenticator] Calling GetAccountsAysnc");
IAccount account = await app.GetAccountAsync(parameters.Account.Identifier).ConfigureAwait(false);
if (account != null)
{
ServiceClientTracing.Information($"[RefreshTokenAuthenticator] Calling AcquireTokenSilent - Scopes: '{string.Join(", ", parameters.Scopes)}'");
return(await app.AcquireTokenSilent(parameters.Scopes, account).ExecuteAsync(cancellationToken).ConfigureAwait(false));
}
ServiceClientTracing.Information($"[RefreshTokenAuthenticator] Calling AcquireTokenByRefreshToken - Scopes: '{string.Join(", ", parameters.Scopes)}'");
return(await app.AsRefreshTokenClient().AcquireTokenByRefreshToken(
parameters.Scopes,
parameters.Account.GetProperty(PartnerAccountPropertyType.RefreshToken)).ExecuteAsync(cancellationToken).ConfigureAwait(false));
}
/// <summary>
/// Apply this authenticator to the given authentication parameters.
/// </summary>
/// <param name="parameters">The complex object containing authentication specific information.</param>
/// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param>
/// <returns>
/// An instance of <see cref="AuthenticationResult" /> that represents the access token generated as result of a successful authenication.
/// </returns>
public override async Task <AuthenticationResult> AuthenticateAsync(AuthenticationParameters parameters, CancellationToken cancellationToken = default)
{
JsonWebToken token;
string value;
if (parameters.Scopes.Contains($"{parameters.Environment.PartnerCenterEndpoint}/user_impersonation"))
{
value = parameters.Account.GetProperty(PartnerAccountPropertyType.AccessToken);
}
else
{
throw new PSInvalidOperationException("This operation is not supported when you connect using an access token. Please connect interactively or using a refresh token.");
}
token = new JsonWebToken(value);
ServiceClientTracing.Information($"[AccessTokenAuthenticator] The specified access token expires at {token.ValidTo}");
if (DateTimeOffset.UtcNow > token.ValidTo)
{
throw new PartnerException("The access token has expired. Generate a new one and try again.");
}
await Task.CompletedTask;
ServiceClientTracing.Information("[AccessTokenAuthenticator] Constructing the authentication result based on the specified access token");
return(new AuthenticationResult(
value,
false,
null,
token.ValidTo,
token.ValidTo,
token.GetClaim("tid").Value,
GetAccount(token),
null,
parameters.Scopes,
Guid.Empty));
}
/// <summary>
/// Apply this authenticator to the given authentication parameters.
/// </summary>
/// <param name="parameters">The complex object containing authentication specific information.</param>
/// <param name="promptAction">The action used to prompt for interaction.</param>
/// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param>
/// <returns>
/// An instance of <see cref="AuthenticationResult" /> that represents the access token generated as result of a successful authenication.
/// </returns>
public override async Task <AuthenticationResult> AuthenticateAsync(AuthenticationParameters parameters, Action <string> promptAction = null, CancellationToken cancellationToken = default)
{
AccessTokenParameters accessTokenParameters = parameters as AccessTokenParameters;
JsonWebToken jwt = new JsonWebToken(accessTokenParameters.AccessToken);
if (DateTimeOffset.UtcNow > jwt.ValidTo)
{
throw new PartnerException("The access token has expired. Generate a new one and try again.");
}
await Task.CompletedTask;
return(new AuthenticationResult(
accessTokenParameters.AccessToken,
false,
null,
jwt.ValidTo,
jwt.ValidTo,
parameters.Account.Tenant,
null,
null,
parameters.Scopes));
}
/// <summary>
/// Determine if this authenticator can apply to the given authentication parameters.
/// </summary>
/// <param name="parameters">The complex object containing authentication specific information.</param>
/// <returns><c>true</c> if this authenticator can apply; otherwise <c>false</c>.</returns>
public override bool CanAuthenticate(AuthenticationParameters parameters)
{
return(parameters is ServicePrincipalParameters);
}
/// <summary>
/// Apply this authenticator to the given authentication parameters.
/// </summary>
/// <param name="parameters">The complex object containing authentication specific information.</param>
/// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param>
/// <returns>
/// An instance of <see cref="AuthenticationResult" /> that represents the access token generated as result of a successful authenication.
/// </returns>
public override async Task <AuthenticationResult> AuthenticateAsync(AuthenticationParameters parameters, CancellationToken cancellationToken = default)
{
IConfidentialClientApplication app = GetClient(parameters.Account, parameters.Environment).AsConfidentialClient();
return(await app.AcquireTokenForClient(parameters.Scopes).ExecuteAsync(cancellationToken).ConfigureAwait(false));
}
/// <summary>
/// Determine if this authenticator can apply to the given authentication parameters.
/// </summary>
/// <param name="parameters">The complex object containing authentication specific information.</param>
/// <returns><c>true</c> if this authenticator can apply; otherwise <c>false</c>.</returns>
public override bool CanAuthenticate(AuthenticationParameters parameters)
{
return(parameters is InteractiveParameters);
}
/// <summary>
/// Determine if this authenticator can apply to the given authentication parameters.
/// </summary>
/// <param name="parameters">The complex object containing authentication specific information.</param>
/// <returns><c>true</c> if this authenticator can apply; otherwise <c>false</c>.</returns>
public override bool CanAuthenticate(AuthenticationParameters parameters)
{
return(parameters is SilentParameters);
}
/// <summary>
/// Determine if this authenticator can apply to the given authentication parameters.
/// </summary>
/// <param name="parameters">The complex object containing authentication specific information.</param>
/// <returns><c>true</c> if this authenticator can apply; otherwise <c>false</c>.</returns>
public override bool CanAuthenticate(AuthenticationParameters parameters)
{
return(parameters is DeviceCodeParameters);
}
/// <summary> /// Determine if this authenticator can apply to the given authentication parameters. /// </summary> /// <param name="parameters">The complex object containing authentication specific information.</param> /// <returns><c>true</c> if this authenticator can apply; otherwise <c>false</c>.</returns> public abstract bool CanAuthenticate(AuthenticationParameters parameters);
/// <summary> /// Apply this authenticator to the given authentication parameters. /// </summary> /// <param name="parameters">The complex object containing authentication specific information.</param> /// <param name="promptAction">The action used to prompt for interaction.</param> /// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param> /// <returns> /// An instance of <see cref="AuthenticationResult" /> that represents the access token generated as result of a successful authenication. /// </returns> public abstract Task <AuthenticationResult> AuthenticateAsync(AuthenticationParameters parameters, Action <string> promptAction, CancellationToken cancellationToken = default);
/// <summary> /// Apply this authenticator to the given authentication parameters. /// </summary> /// <param name="parameters">The complex object containing authentication specific information.</param> /// <returns> /// An instance of <see cref="AuthenticationResult" /> that represents the access token generated as result of a successful authenication. /// </returns> public abstract Task <AuthenticationResult> AuthenticateAsync(AuthenticationParameters parameters);
/// <summary>
/// Determine if this authenticator can apply to the given authentication parameters.
/// </summary>
/// <param name="parameters">The complex object containing authentication specific information.</param>
/// <returns><c>true</c> if this authenticator can apply; otherwise <c>false</c>.</returns>
public override bool CanAuthenticate(AuthenticationParameters parameters)
{
return(parameters is AccessTokenParameters);
}
/// <summary> /// Apply this authenticator to the given authentication parameters. /// </summary> /// <param name="parameters">The complex object containing authentication specific information.</param> /// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param> /// <returns> /// An instance of <see cref="AuthenticationResult" /> that represents the access token generated as result of a successful authenication. /// </returns> public abstract Task <AuthenticationResult> AuthenticateAsync(AuthenticationParameters parameters, CancellationToken cancellationToken = default);
/// <summary>
/// Apply this authenticator to the given authentication parameters.
/// </summary>
/// <param name="parameters">The complex object containing authentication specific information.</param>
/// <param name="promptAction">The action used to prompt for interaction.</param>
/// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param>
/// <returns>
/// An instance of <see cref="AuthenticationToken" /> that represents the access token generated as result of a successful authenication.
/// </returns>
public override Task <AuthenticationResult> AuthenticateAsync(AuthenticationParameters parameters, Action <string> promptAction = null, CancellationToken cancellationToken = default)
{
IPublicClientApplication app = GetClient(parameters.Account, parameters.Environment).AsPublicClient();
return(GetResponseAsync(app, parameters.Scopes, promptAction, cancellationToken));
}
