public static void DeleteCredentials(Program program, OperationArguments operationArguments)
{
if (ReferenceEquals(operationArguments, null))
{
throw new ArgumentNullException("operationArguments");
}
var task = Task.Run(async() => { return(await program.CreateAuthentication(operationArguments)); });
BaseAuthentication authentication = task.Result;
switch (operationArguments.Authority)
{
default:
case AuthorityType.Basic:
Git.Trace.WriteLine($"deleting basic credentials for '{operationArguments.TargetUri}'.");
authentication.DeleteCredentials(operationArguments.TargetUri);
break;
case AuthorityType.AzureDirectory:
case AuthorityType.MicrosoftAccount:
Git.Trace.WriteLine($"deleting VSTS credentials for '{operationArguments.TargetUri}'.");
BaseVstsAuthentication vstsAuth = authentication as BaseVstsAuthentication;
vstsAuth.DeleteCredentials(operationArguments.TargetUri);
break;
case AuthorityType.GitHub:
Git.Trace.WriteLine($"deleting GitHub credentials for '{operationArguments.TargetUri}'.");
Github.Authentication ghAuth = authentication as Github.Authentication;
ghAuth.DeleteCredentials(operationArguments.TargetUri);
break;
case AuthorityType.Bitbucket:
Git.Trace.WriteLine($"deleting Bitbucket credentials for '{operationArguments.TargetUri}'.");
var bbAuth = authentication as Bitbucket.Authentication;
bbAuth.DeleteCredentials(operationArguments.TargetUri, operationArguments.CredUsername);
break;
}
}
public static async Task <BaseAuthentication> CreateAuthentication(Program program, OperationArguments operationArguments)
{
if (operationArguments is null)
{
throw new ArgumentNullException(nameof(operationArguments));
}
if (operationArguments.TargetUri is null)
{
var innerException = new NullReferenceException($"`{operationArguments.TargetUri}` cannot be null.");
throw new ArgumentException(innerException.Message, nameof(operationArguments), innerException);
}
var secretsNamespace = operationArguments.CustomNamespace ?? Program.SecretsNamespace;
BaseAuthentication authority = null;
var basicCredentialCallback = (operationArguments.UseModalUi)
? new AcquireCredentialsDelegate(program.ModalPromptForCredentials)
: new AcquireCredentialsDelegate(program.BasicCredentialPrompt);
var bitbucketPrompts = new Bitbucket.AuthenticationPrompts(program.Context);
var bitbucketCredentialCallback = (operationArguments.UseModalUi)
? bitbucketPrompts.CredentialModalPrompt
: new Bitbucket.Authentication.AcquireCredentialsDelegate(program.BitbucketCredentialPrompt);
var bitbucketOauthCallback = (operationArguments.UseModalUi)
? bitbucketPrompts.AuthenticationOAuthModalPrompt
: new Bitbucket.Authentication.AcquireAuthenticationOAuthDelegate(program.BitbucketOAuthPrompt);
var githubPrompts = new Github.AuthenticationPrompts(program.Context);
var githubCredentialCallback = (operationArguments.UseModalUi)
? new Github.Authentication.AcquireCredentialsDelegate(githubPrompts.CredentialModalPrompt)
: new Github.Authentication.AcquireCredentialsDelegate(program.GitHubCredentialPrompt);
var githubAuthcodeCallback = (operationArguments.UseModalUi)
? new Github.Authentication.AcquireAuthenticationCodeDelegate(githubPrompts.AuthenticationCodeModalPrompt)
: new Github.Authentication.AcquireAuthenticationCodeDelegate(program.GitHubAuthCodePrompt);
NtlmSupport basicNtlmSupport = NtlmSupport.Auto;
switch (operationArguments.Authority)
{
case AuthorityType.Auto:
program.Trace.WriteLine($"detecting authority type for '{operationArguments.TargetUri}'.");
// Detect the authority.
authority = await BaseVstsAuthentication.GetAuthentication(program.Context,
operationArguments.TargetUri,
Program.VstsCredentialScope,
new SecretStore(program.Context, secretsNamespace, BaseVstsAuthentication.UriNameConversion))
?? Github.Authentication.GetAuthentication(program.Context,
operationArguments.TargetUri,
Program.GitHubCredentialScope,
new SecretStore(program.Context, secretsNamespace, Secret.UriToName),
githubCredentialCallback,
githubAuthcodeCallback,
null)
?? Bitbucket.Authentication.GetAuthentication(program.Context,
operationArguments.TargetUri,
new SecretStore(program.Context, secretsNamespace, Secret.UriToIdentityUrl),
bitbucketCredentialCallback,
bitbucketOauthCallback);
if (authority != null)
{
// Set the authority type based on the returned value.
if (authority is VstsMsaAuthentication)
{
operationArguments.Authority = AuthorityType.MicrosoftAccount;
goto case AuthorityType.MicrosoftAccount;
}
else if (authority is VstsAadAuthentication)
{
operationArguments.Authority = AuthorityType.AzureDirectory;
goto case AuthorityType.AzureDirectory;
}
else if (authority is Github.Authentication)
{
operationArguments.Authority = AuthorityType.GitHub;
goto case AuthorityType.GitHub;
}
else if (authority is Bitbucket.Authentication)
{
operationArguments.Authority = AuthorityType.Bitbucket;
goto case AuthorityType.Bitbucket;
}
}
goto default;
case AuthorityType.AzureDirectory:
program.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is Azure Directory.");
Guid tenantId = Guid.Empty;
// Get the identity of the tenant.
var result = await BaseVstsAuthentication.DetectAuthority(program.Context, operationArguments.TargetUri);
if (result.HasValue)
{
tenantId = result.Value;
}
// Return the allocated authority or a generic AAD backed VSTS authentication object.
return(authority ?? new VstsAadAuthentication(program.Context,
tenantId,
operationArguments.VstsTokenScope,
new SecretStore(program.Context, secretsNamespace, VstsAadAuthentication.UriNameConversion)));
case AuthorityType.Basic:
// Enforce basic authentication only.
basicNtlmSupport = NtlmSupport.Never;
goto default;
case AuthorityType.GitHub:
program.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is GitHub.");
// Return a GitHub authentication object.
return(authority ?? new Github.Authentication(program.Context,
operationArguments.TargetUri,
Program.GitHubCredentialScope,
new SecretStore(program.Context, secretsNamespace, Secret.UriToName),
githubCredentialCallback,
githubAuthcodeCallback,
null));
case AuthorityType.Bitbucket:
program.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is Bitbucket");
// Return a Bitbucket authentication object.
return(authority ?? new Bitbucket.Authentication(program.Context,
new SecretStore(program.Context, secretsNamespace, Secret.UriToIdentityUrl),
bitbucketCredentialCallback,
bitbucketOauthCallback));
case AuthorityType.MicrosoftAccount:
program.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is Microsoft Live.");
// Return the allocated authority or a generic MSA backed VSTS authentication object.
return(authority ?? new VstsMsaAuthentication(program.Context,
operationArguments.VstsTokenScope,
new SecretStore(program.Context, secretsNamespace, VstsMsaAuthentication.UriNameConversion)));
case AuthorityType.Ntlm:
// Enforce NTLM authentication only.
basicNtlmSupport = NtlmSupport.Always;
goto default;
default:
program.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is basic with NTLM={basicNtlmSupport}.");
// Return a generic username + password authentication object.
return(authority ?? new BasicAuthentication(program.Context,
new SecretStore(program.Context, secretsNamespace, Secret.UriToIdentityUrl),
basicNtlmSupport,
basicCredentialCallback,
null));
}
}
private static void Delete()
{
Trace.WriteLine("Program::Erase");
string[] args = Environment.GetCommandLineArgs();
if (args.Length < 3)
{
goto error_parse;
}
string url = args[2];
Uri uri = null;
if (Uri.IsWellFormedUriString(url, UriKind.Absolute))
{
if (!Uri.TryCreate(url, UriKind.Absolute, out uri))
{
goto error_parse;
}
}
else
{
url = String.Format("{0}://{1}", Uri.UriSchemeHttps, url);
if (!Uri.TryCreate(url, UriKind.Absolute, out uri))
{
goto error_parse;
}
}
var stdin = Console.OpenStandardInput();
OperationArguments operationArguments = new OperationArguments(stdin);
operationArguments.QueryUri = uri;
LoadOperationArguments(operationArguments);
BaseAuthentication authentication = CreateAuthentication(operationArguments);
switch (operationArguments.Authority)
{
default:
case AuthorityType.Basic:
Trace.WriteLine(" deleting basic credentials");
authentication.DeleteCredentials(operationArguments.TargetUri);
break;
case AuthorityType.AzureDirectory:
case AuthorityType.MicrosoftAccount:
Trace.WriteLine(" deleting VSTS credentials");
BaseVstsAuthentication vstsAuth = authentication as BaseVstsAuthentication;
vstsAuth.DeleteCredentials(operationArguments.TargetUri);
// call delete twice to purge any stored ADA tokens
vstsAuth.DeleteCredentials(operationArguments.TargetUri);
break;
case AuthorityType.GitHub:
Trace.WriteLine(" deleting GitHub credentials");
GitHubAuthentication ghAuth = authentication as GitHubAuthentication;
ghAuth.DeleteCredentials(operationArguments.TargetUri);
break;
}
return;
error_parse:
Console.Error.WriteLine("Fatal: unable to parse target URI.");
}
public static async Task <BaseAuthentication> CreateAuthentication(Program program, OperationArguments operationArguments)
{
Debug.Assert(operationArguments != null, "The operationArguments is null");
Debug.Assert(operationArguments.TargetUri != null, "The operationArgument.TargetUri is null");
var secretsNamespace = operationArguments.CustomNamespace ?? Program.SecretsNamespace;
var secrets = new SecretStore(secretsNamespace, null, null, Secret.UriToName);
BaseAuthentication authority = null;
var basicCredentialCallback = (operationArguments.UseModalUi)
? new AcquireCredentialsDelegate(program.ModalPromptForCredentials)
: new AcquireCredentialsDelegate(program.BasicCredentialPrompt);
var bitbucketCredentialCallback = (operationArguments.UseModalUi)
? Bitbucket.AuthenticationPrompts.CredentialModalPrompt
: new Bitbucket.Authentication.AcquireCredentialsDelegate(program.BitbucketCredentialPrompt);
var bitbucketOauthCallback = (operationArguments.UseModalUi)
? Bitbucket.AuthenticationPrompts.AuthenticationOAuthModalPrompt
: new Bitbucket.Authentication.AcquireAuthenticationOAuthDelegate(program.BitbucketOAuthPrompt);
var githubCredentialCallback = (operationArguments.UseModalUi)
? new Github.Authentication.AcquireCredentialsDelegate(Github.AuthenticationPrompts.CredentialModalPrompt)
: new Github.Authentication.AcquireCredentialsDelegate(program.GitHubCredentialPrompt);
var githubAuthcodeCallback = (operationArguments.UseModalUi)
? new Github.Authentication.AcquireAuthenticationCodeDelegate(Github.AuthenticationPrompts.AuthenticationCodeModalPrompt)
: new Github.Authentication.AcquireAuthenticationCodeDelegate(program.GitHubAuthCodePrompt);
NtlmSupport basicNtlmSupport = NtlmSupport.Auto;
switch (operationArguments.Authority)
{
case AuthorityType.Auto:
Git.Trace.WriteLine($"detecting authority type for '{operationArguments.TargetUri}'.");
// detect the authority
authority = await BaseVstsAuthentication.GetAuthentication(operationArguments.TargetUri,
Program.VstsCredentialScope,
secrets)
?? Github.Authentication.GetAuthentication(operationArguments.TargetUri,
Program.GitHubCredentialScope,
secrets,
githubCredentialCallback,
githubAuthcodeCallback,
null)
?? Bitbucket.Authentication.GetAuthentication(operationArguments.TargetUri,
new SecretStore(secretsNamespace, Secret.UriToActualUrl),
bitbucketCredentialCallback,
bitbucketOauthCallback);
if (authority != null)
{
// set the authority type based on the returned value
if (authority is VstsMsaAuthentication)
{
operationArguments.Authority = AuthorityType.MicrosoftAccount;
goto case AuthorityType.MicrosoftAccount;
}
else if (authority is VstsAadAuthentication)
{
operationArguments.Authority = AuthorityType.AzureDirectory;
goto case AuthorityType.AzureDirectory;
}
else if (authority is Github.Authentication)
{
operationArguments.Authority = AuthorityType.GitHub;
goto case AuthorityType.GitHub;
}
else if (authority is Bitbucket.Authentication)
{
operationArguments.Authority = AuthorityType.Bitbucket;
goto case AuthorityType.Bitbucket;
}
}
goto default;
case AuthorityType.AzureDirectory:
Git.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is Azure Directory.");
Guid tenantId = Guid.Empty;
// Get the identity of the tenant.
var result = await BaseVstsAuthentication.DetectAuthority(operationArguments.TargetUri);
if (result.Key)
{
tenantId = result.Value;
}
// return the allocated authority or a generic AAD backed VSTS authentication object
return(authority ?? new VstsAadAuthentication(tenantId, Program.VstsCredentialScope, secrets));
case AuthorityType.Basic:
// enforce basic authentication only
basicNtlmSupport = NtlmSupport.Never;
goto default;
case AuthorityType.GitHub:
Git.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is GitHub.");
// return a GitHub authentication object
return(authority ?? new Github.Authentication(operationArguments.TargetUri,
Program.GitHubCredentialScope,
secrets,
githubCredentialCallback,
githubAuthcodeCallback,
null));
case AuthorityType.Bitbucket:
Git.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is Bitbucket");
// return a Bitbucket authentication object
return(authority ?? new Bitbucket.Authentication(secrets,
bitbucketCredentialCallback,
bitbucketOauthCallback));
case AuthorityType.MicrosoftAccount:
Git.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is Microsoft Live.");
// return the allocated authority or a generic MSA backed VSTS authentication object
return(authority ?? new VstsMsaAuthentication(Program.VstsCredentialScope, secrets));
case AuthorityType.Ntlm:
// enforce NTLM authentication only
basicNtlmSupport = NtlmSupport.Always;
goto default;
default:
Git.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is basic with NTLM={basicNtlmSupport}.");
// return a generic username + password authentication object
return(authority ?? new BasicAuthentication(secrets, basicNtlmSupport, basicCredentialCallback, null));
}
}
