protected override async Task <AuthenticationResult> ExecuteAsync(CancellationToken cancellationToken) { await ResolveAuthorityAsync().ConfigureAwait(false); var client = new OAuth2Client(ServiceBundle.ApplicationLogger, ServiceBundle.HttpManager); var deviceCodeScopes = new HashSet <string>(); deviceCodeScopes.UnionWith(AuthenticationRequestParameters.Scope); deviceCodeScopes.Add(OAuth2Value.ScopeOfflineAccess); deviceCodeScopes.Add(OAuth2Value.ScopeProfile); deviceCodeScopes.Add(OAuth2Value.ScopeOpenId); client.AddBodyParameter(OAuth2Parameter.ClientId, AuthenticationRequestParameters.AppConfig.ClientId); client.AddBodyParameter(OAuth2Parameter.Scope, deviceCodeScopes.AsSingleString()); client.AddBodyParameter(OAuth2Parameter.Claims, AuthenticationRequestParameters.ClaimsAndClientCapabilities); var builder = new UriBuilder(AuthenticationRequestParameters.Authority.GetDeviceCodeEndpoint()); builder.AppendQueryParameters(AuthenticationRequestParameters.ExtraQueryParameters); var response = await client.ExecuteRequestAsync <DeviceCodeResponse>( builder.Uri, HttpMethod.Post, AuthenticationRequestParameters.RequestContext, // Normally AAD responds with an error HTTP code, but /devicecode endpoint sends errors on 200OK expectErrorsOn200OK : true).ConfigureAwait(false); var deviceCodeResult = response.GetResult(AuthenticationRequestParameters.AppConfig.ClientId, deviceCodeScopes); await _deviceCodeParameters.DeviceCodeResultCallback(deviceCodeResult).ConfigureAwait(false); var msalTokenResponse = await WaitForTokenResponseAsync(deviceCodeResult, cancellationToken).ConfigureAwait(false); return(await CacheTokenResponseAndCreateAuthenticationResultAsync(msalTokenResponse).ConfigureAwait(false)); }
internal override async Task <AuthenticationResult> ExecuteAsync(CancellationToken cancellationToken) { //Adfs device code flow not currently supported if (ServiceBundle.Config.AuthorityInfo.AuthorityType == AuthorityType.Adfs) { throw new InvalidOperationException(MsalErrorMessage.AdfsDeviceFlowNotSupported); } await ResolveAuthorityEndpointsAsync().ConfigureAwait(false); var client = new OAuth2Client(ServiceBundle.DefaultLogger, ServiceBundle.HttpManager, ServiceBundle.TelemetryManager); var deviceCodeScopes = new HashSet <string>(); deviceCodeScopes.UnionWith(AuthenticationRequestParameters.Scope); deviceCodeScopes.Add(OAuth2Value.ScopeOfflineAccess); deviceCodeScopes.Add(OAuth2Value.ScopeProfile); deviceCodeScopes.Add(OAuth2Value.ScopeOpenId); client.AddBodyParameter(OAuth2Parameter.ClientId, AuthenticationRequestParameters.ClientId); client.AddBodyParameter(OAuth2Parameter.Scope, deviceCodeScopes.AsSingleString()); client.AddQueryParameter(OAuth2Parameter.Claims, AuthenticationRequestParameters.Claims); // Talked with Shiung, devicecode will be added to the discovery endpoint "soon". // Fow now, the string replace is correct. // TODO: We should NOT be talking to common, need to work with henrik/bogdan on why /common is being set // as default for msal. string deviceCodeEndpoint = AuthenticationRequestParameters.Endpoints.TokenEndpoint .Replace("token", "devicecode").Replace( "common", "organizations"); var builder = new UriBuilder(deviceCodeEndpoint); builder.AppendQueryParameters(AuthenticationRequestParameters.ExtraQueryParameters); var response = await client.ExecuteRequestAsync <DeviceCodeResponse>( builder.Uri, HttpMethod.Post, AuthenticationRequestParameters.RequestContext).ConfigureAwait(false); var deviceCodeResult = response.GetResult(AuthenticationRequestParameters.ClientId, deviceCodeScopes); await _deviceCodeParameters.DeviceCodeResultCallback(deviceCodeResult).ConfigureAwait(false); var msalTokenResponse = await WaitForTokenResponseAsync(deviceCodeResult, cancellationToken).ConfigureAwait(false); return(await CacheTokenResponseAndCreateAuthenticationResultAsync(msalTokenResponse).ConfigureAwait(false)); }
internal override async Task <AuthenticationResult> ExecuteAsync(CancellationToken cancellationToken) { await ResolveAuthorityEndpointsAsync().ConfigureAwait(false); var client = new OAuth2Client(ServiceBundle.DefaultLogger, ServiceBundle.HttpManager, ServiceBundle.TelemetryManager); var deviceCodeScopes = new HashSet <string>(); deviceCodeScopes.UnionWith(AuthenticationRequestParameters.Scope); deviceCodeScopes.Add(OAuth2Value.ScopeOfflineAccess); deviceCodeScopes.Add(OAuth2Value.ScopeProfile); deviceCodeScopes.Add(OAuth2Value.ScopeOpenId); client.AddBodyParameter(OAuth2Parameter.ClientId, AuthenticationRequestParameters.ClientId); client.AddBodyParameter(OAuth2Parameter.Scope, deviceCodeScopes.AsSingleString()); client.AddQueryParameter(OAuth2Parameter.Claims, AuthenticationRequestParameters.Claims); string deviceCodeEndpoint = AuthenticationRequestParameters.Endpoints.TokenEndpoint .Replace("token", "devicecode"); var builder = new UriBuilder(deviceCodeEndpoint); builder.AppendQueryParameters(AuthenticationRequestParameters.ExtraQueryParameters); var response = await client.ExecuteRequestAsync <DeviceCodeResponse>( builder.Uri, HttpMethod.Post, AuthenticationRequestParameters.RequestContext).ConfigureAwait(false); var deviceCodeResult = response.GetResult(AuthenticationRequestParameters.ClientId, deviceCodeScopes); await _deviceCodeParameters.DeviceCodeResultCallback(deviceCodeResult).ConfigureAwait(false); var msalTokenResponse = await WaitForTokenResponseAsync(deviceCodeResult, cancellationToken).ConfigureAwait(false); return(await CacheTokenResponseAndCreateAuthenticationResultAsync(msalTokenResponse).ConfigureAwait(false)); }