public IDictionary <string, JToken> Deserialize(byte[] bytes, bool clearExistingCacheData) { CacheSerializationContract cache; try { cache = CacheSerializationContract.FromJsonString(CoreHelpers.ByteArrayToString(bytes)); } catch (Exception ex) { throw new MsalClientException(MsalError.JsonParseError, MsalErrorMessage.TokenCacheJsonSerializerFailedParse, ex); } if (clearExistingCacheData) { _accessor.Clear(); } if (cache.AccessTokens != null) { foreach (var atItem in cache.AccessTokens.Values) { _accessor.SaveAccessToken(atItem); } } if (cache.RefreshTokens != null) { foreach (var rtItem in cache.RefreshTokens.Values) { _accessor.SaveRefreshToken(rtItem); } } if (cache.IdTokens != null) { foreach (var idItem in cache.IdTokens.Values) { _accessor.SaveIdToken(idItem); } } if (cache.Accounts != null) { foreach (var account in cache.Accounts.Values) { _accessor.SaveAccount(account); } } if (cache.AppMetadata != null) { foreach (var appMetadata in cache.AppMetadata.Values) { _accessor.SaveAppMetadata(appMetadata); } } return(cache.UnknownNodes); }
public static void AddAccountToCache(ITokenCacheAccessor accessor, string uid, string utid) { MsalAccountCacheItem accountCacheItem = new MsalAccountCacheItem (MsalTestConstants.ProductionPrefCacheEnvironment, null, MockHelpers.CreateClientInfo(uid, utid), null, null, utid, null, null); accessor.SaveAccount(accountCacheItem); }
public IDictionary <string, JToken> Deserialize(byte[] bytes, bool clearExistingCacheData) { List <KeyValuePair <string, IEnumerable <string> > > cacheKvpList; try { cacheKvpList = JsonHelper.DeserializeFromJson <List <KeyValuePair <string, IEnumerable <string> > > >(bytes); } catch (Exception ex) { throw new MsalClientException(MsalError.JsonParseError, MsalErrorMessage.TokenCacheDictionarySerializerFailedParse, ex); } var cacheDict = cacheKvpList.ToDictionary(x => x.Key, x => x.Value); if (clearExistingCacheData) { _accessor.Clear(); } if (cacheKvpList == null || cacheKvpList.Count == 0) { return(null); } if (cacheDict.ContainsKey(AccessTokenKey)) { foreach (var atItem in cacheDict[AccessTokenKey]) { _accessor.SaveAccessToken(MsalAccessTokenCacheItem.FromJsonString(atItem)); } } if (cacheDict.ContainsKey(RefreshTokenKey)) { foreach (var rtItem in cacheDict[RefreshTokenKey]) { _accessor.SaveRefreshToken(MsalRefreshTokenCacheItem.FromJsonString(rtItem)); } } if (cacheDict.ContainsKey(IdTokenKey)) { foreach (var idItem in cacheDict[IdTokenKey]) { _accessor.SaveIdToken(MsalIdTokenCacheItem.FromJsonString(idItem)); } } if (cacheDict.ContainsKey(AccountKey)) { foreach (var account in cacheDict[AccountKey]) { _accessor.SaveAccount(MsalAccountCacheItem.FromJsonString(account)); } } return(null); }
internal static (MsalAccessTokenCacheItem AT, MsalRefreshTokenCacheItem RT, MsalIdTokenCacheItem ID, MsalAccountCacheItem Account) PopulateCacheWithOneAccessToken(ITokenCacheAccessor accessor, bool randomizeClientInfo = false) { string uid = randomizeClientInfo ? Guid.NewGuid().ToString() : TestConstants.Uid; string utid = randomizeClientInfo ? Guid.NewGuid().ToString() : TestConstants.Utid; string clientInfo = MockHelpers.CreateClientInfo(uid, utid); string homeAccountId = ClientInfo.CreateFromJson(clientInfo).ToAccountIdentifier(); MsalAccessTokenCacheItem atItem = new MsalAccessTokenCacheItem( TestConstants.ProductionPrefCacheEnvironment, TestConstants.ClientId, TestConstants.s_scope.AsSingleString(), TestConstants.Utid, "", DateTimeOffset.UtcNow, new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn)), new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExtendedExpiresIn)), clientInfo, homeAccountId); // add access token accessor.SaveAccessToken(atItem); MsalIdTokenCacheItem idTokenCacheItem = new MsalIdTokenCacheItem( TestConstants.ProductionPrefCacheEnvironment, TestConstants.ClientId, MockHelpers.CreateIdToken(TestConstants.UniqueId + "more", TestConstants.DisplayableId), clientInfo, homeAccountId, TestConstants.Utid); accessor.SaveIdToken(idTokenCacheItem); MsalAccountCacheItem accountCacheItem = new MsalAccountCacheItem( TestConstants.ProductionPrefNetworkEnvironment, null, clientInfo, homeAccountId, null, null, TestConstants.Utid, null, null, null); accessor.SaveAccount(accountCacheItem); var rt = AddRefreshTokenToCache(accessor, uid, utid); return(atItem, rt, idTokenCacheItem, accountCacheItem); }
internal static void PopulateCache(ITokenCacheAccessor accessor) { MsalAccessTokenCacheItem atItem = new MsalAccessTokenCacheItem( CoreTestConstants.ProductionPrefCacheEnvironment, CoreTestConstants.ClientId, "Bearer", CoreTestConstants.Scope.AsSingleString(), CoreTestConstants.Utid, "", new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn)), new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExtendedExpiresIn)), MockHelpers.CreateClientInfo()); // add access token accessor.SaveAccessToken(atItem); MsalIdTokenCacheItem idTokenCacheItem = new MsalIdTokenCacheItem( CoreTestConstants.ProductionPrefCacheEnvironment, CoreTestConstants.ClientId, MockHelpers.CreateIdToken(CoreTestConstants.UniqueId + "more", CoreTestConstants.DisplayableId), MockHelpers.CreateClientInfo(), CoreTestConstants.Utid); accessor.SaveIdToken(idTokenCacheItem); MsalAccountCacheItem accountCacheItem = new MsalAccountCacheItem (CoreTestConstants.ProductionPrefNetworkEnvironment, null, MockHelpers.CreateClientInfo(), null, null, CoreTestConstants.Utid, null, null); accessor.SaveAccount(accountCacheItem); atItem = new MsalAccessTokenCacheItem( CoreTestConstants.ProductionPrefCacheEnvironment, CoreTestConstants.ClientId, "Bearer", CoreTestConstants.ScopeForAnotherResource.AsSingleString(), CoreTestConstants.Utid, "", new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn)), new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExtendedExpiresIn)), MockHelpers.CreateClientInfo()); // add another access token accessor.SaveAccessToken(atItem); AddRefreshTokenToCache(accessor, CoreTestConstants.Uid, CoreTestConstants.Utid, CoreTestConstants.Name); }
internal void PopulateCacheWithOneAccessToken(ITokenCacheAccessor accessor) { string clientInfo = MockHelpers.CreateClientInfo(); string homeAccountId = ClientInfo.CreateFromJson(clientInfo).ToAccountIdentifier(); MsalAccessTokenCacheItem atItem = new MsalAccessTokenCacheItem( TestConstants.ProductionPrefCacheEnvironment, TestConstants.ClientId, TestConstants.s_scope.AsSingleString(), TestConstants.Utid, "", new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn)), new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExtendedExpiresIn)), clientInfo, homeAccountId); // add access token accessor.SaveAccessToken(atItem); MsalIdTokenCacheItem idTokenCacheItem = new MsalIdTokenCacheItem( TestConstants.ProductionPrefCacheEnvironment, TestConstants.ClientId, MockHelpers.CreateIdToken(TestConstants.UniqueId + "more", TestConstants.DisplayableId), clientInfo, homeAccountId, TestConstants.Utid); accessor.SaveIdToken(idTokenCacheItem); MsalAccountCacheItem accountCacheItem = new MsalAccountCacheItem( TestConstants.ProductionPrefNetworkEnvironment, null, clientInfo, homeAccountId, null, null, TestConstants.Utid, null, null, null); accessor.SaveAccount(accountCacheItem); AddRefreshTokenToCache(accessor, TestConstants.Uid, TestConstants.Utid); }
public static void WriteMsalRefreshToken(ITokenCacheAccessor tokenCacheAccessor, AdalResultWrapper resultWrapper, string authority, string clientId, string displayableId, string givenName, string familyName, string objectId) { if (string.IsNullOrEmpty(resultWrapper.RawClientInfo)) { MsalLogger.Default.Info("Client Info is missing. Skipping MSAL refresh token cache write"); return; } if (string.IsNullOrEmpty(resultWrapper.RefreshToken)) { MsalLogger.Default.Info("Refresh Token is missing. Skipping MSAL refresh token cache write"); return; } if (string.IsNullOrEmpty(resultWrapper.Result.IdToken)) { MsalLogger.Default.Info("Id Token is missing. Skipping MSAL refresh token cache write"); return; } try { var rtItem = new MsalRefreshTokenCacheItem (new Uri(authority).Host, clientId, resultWrapper.RefreshToken, resultWrapper.RawClientInfo); tokenCacheAccessor.SaveRefreshToken(rtItem); MsalAccountCacheItem accountCacheItem = new MsalAccountCacheItem (new Uri(authority).Host, objectId, resultWrapper.RawClientInfo, null, displayableId, resultWrapper.Result.TenantId, givenName, familyName); tokenCacheAccessor.SaveAccount(accountCacheItem); } catch (Exception ex) { MsalLogger.Default.WarningPiiWithPrefix( ex, "An error occurred while writing ADAL refresh token to the cache in MSAL format. " + "For details please see https://aka.ms/net-cache-persistence-errors. "); } }
internal void PopulateCache( ITokenCacheAccessor accessor, string uid = MsalTestConstants.Uid, string utid = MsalTestConstants.Utid, string clientId = MsalTestConstants.ClientId) { MsalAccessTokenCacheItem atItem = new MsalAccessTokenCacheItem( MsalTestConstants.ProductionPrefCacheEnvironment, clientId, MsalTestConstants.Scope.AsSingleString(), utid, "", new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn)), new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExtendedExpiresIn)), MockHelpers.CreateClientInfo(uid, utid)); // add access token accessor.SaveAccessToken(atItem); var idTokenCacheItem = new MsalIdTokenCacheItem( MsalTestConstants.ProductionPrefCacheEnvironment, clientId, MockHelpers.CreateIdToken(MsalTestConstants.UniqueId + "more", MsalTestConstants.DisplayableId), MockHelpers.CreateClientInfo(uid, utid), utid); accessor.SaveIdToken(idTokenCacheItem); var accountCacheItem = new MsalAccountCacheItem( MsalTestConstants.ProductionPrefCacheEnvironment, null, MockHelpers.CreateClientInfo(uid, utid), null, MsalTestConstants.DisplayableId, utid, null, null); accessor.SaveAccount(accountCacheItem); atItem = new MsalAccessTokenCacheItem( MsalTestConstants.ProductionPrefCacheEnvironment, clientId, MsalTestConstants.ScopeForAnotherResource.AsSingleString(), utid, "", new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn)), new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExtendedExpiresIn)), MockHelpers.CreateClientInfo(uid, utid)); // add another access token accessor.SaveAccessToken(atItem); AddRefreshTokenToCache(accessor, uid, utid, clientId); var appMetadataItem = new MsalAppMetadataCacheItem( clientId, MsalTestConstants.ProductionPrefCacheEnvironment, null); accessor.SaveAppMetadata(appMetadataItem); }
internal void PopulateCache( ITokenCacheAccessor accessor, string uid = TestConstants.Uid, string utid = TestConstants.Utid, string clientId = TestConstants.ClientId, string environment = TestConstants.ProductionPrefCacheEnvironment, string displayableId = TestConstants.DisplayableId, string rtSecret = TestConstants.RTSecret, string overridenScopes = null, bool expiredAccessTokens = false, bool addSecondAt = true) { string clientInfo = MockHelpers.CreateClientInfo(uid, utid); string homeAccId = ClientInfo.CreateFromJson(clientInfo).ToAccountIdentifier(); var accessTokenExpiresOn = expiredAccessTokens ? new DateTimeOffset(DateTime.UtcNow) : new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn)); var extendedAccessTokenExpiresOn = expiredAccessTokens ? new DateTimeOffset(DateTime.UtcNow) : new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExtendedExpiresIn)); MsalAccessTokenCacheItem atItem = new MsalAccessTokenCacheItem( environment, clientId, overridenScopes ?? TestConstants.s_scope.AsSingleString(), utid, "", accessTokenExpiresOn, extendedAccessTokenExpiresOn, clientInfo, homeAccId); // add access token accessor.SaveAccessToken(atItem); var idTokenCacheItem = new MsalIdTokenCacheItem( environment, clientId, MockHelpers.CreateIdToken(TestConstants.UniqueId + "more", displayableId), clientInfo, homeAccId, tenantId: utid); accessor.SaveIdToken(idTokenCacheItem); // add another access token if (addSecondAt) { atItem = new MsalAccessTokenCacheItem( environment, clientId, TestConstants.s_scopeForAnotherResource.AsSingleString(), utid, "", accessTokenExpiresOn, extendedAccessTokenExpiresOn, clientInfo, homeAccId); accessor.SaveAccessToken(atItem); } var accountCacheItem = new MsalAccountCacheItem( environment, null, clientInfo, homeAccId, null, displayableId, utid, null, null); accessor.SaveAccount(accountCacheItem); AddRefreshTokenToCache(accessor, uid, utid, clientId, environment, rtSecret); var appMetadataItem = new MsalAppMetadataCacheItem( clientId, environment, null); accessor.SaveAppMetadata(appMetadataItem); }
/// <summary> /// Deserializes the token cache from a serialization blob /// </summary> /// <param name="tokenCacheAccessor">Token cache accessor to perform cache write operations (to fill-in from the state)</param> /// <param name="unifiedState">Array of bytes containing serialized unified cache data</param> /// <param name="requestContext">call state to pass correlation id and logger instance</param> internal static void DeserializeUnifiedCache(ITokenCacheAccessor tokenCacheAccessor, byte[] unifiedState, RequestContext requestContext) { tokenCacheAccessor.Clear(); Dictionary <string, IEnumerable <string> > cacheDict = JsonHelper .DeserializeFromJson <Dictionary <string, IEnumerable <string> > >(unifiedState); if (cacheDict == null || cacheDict.Count == 0) { MsalLogger.Default.Info("Msal Cache is empty."); return; } if (cacheDict.ContainsKey(AccessTokenKey)) { foreach (var atItem in cacheDict[AccessTokenKey]) { var msalAccessTokenCacheItem = JsonHelper.TryToDeserializeFromJson <MsalAccessTokenCacheItem>(atItem, requestContext); if (msalAccessTokenCacheItem != null) { tokenCacheAccessor.SaveAccessToken(msalAccessTokenCacheItem); } } } if (cacheDict.ContainsKey(RefreshTokenKey)) { foreach (var rtItem in cacheDict[RefreshTokenKey]) { var msalRefreshTokenCacheItem = JsonHelper.TryToDeserializeFromJson <MsalRefreshTokenCacheItem>(rtItem, requestContext); if (msalRefreshTokenCacheItem != null) { tokenCacheAccessor.SaveRefreshToken(msalRefreshTokenCacheItem); } } } if (cacheDict.ContainsKey(IdTokenKey)) { foreach (var idItem in cacheDict[IdTokenKey]) { var msalIdTokenCacheItem = JsonHelper.TryToDeserializeFromJson <MsalIdTokenCacheItem>(idItem, requestContext); if (msalIdTokenCacheItem != null) { tokenCacheAccessor.SaveIdToken(msalIdTokenCacheItem); } } } if (cacheDict.ContainsKey(AccountKey)) { foreach (var account in cacheDict[AccountKey]) { var msalAccountCacheItem = JsonHelper.TryToDeserializeFromJson <MsalAccountCacheItem>(account, requestContext); if (msalAccountCacheItem != null) { tokenCacheAccessor.SaveAccount(msalAccountCacheItem); } } } }
/// <inheritdoc /> public void SaveAccount(MsalAccountCacheItem item) { _tokenCacheAccessor.SaveAccount(item); }
internal static void PopulateCache( ITokenCacheAccessor accessor, string uid = TestConstants.Uid, string utid = TestConstants.Utid, string clientId = TestConstants.ClientId, string environment = TestConstants.ProductionPrefCacheEnvironment, string displayableId = TestConstants.DisplayableId, string rtSecret = TestConstants.RTSecret, string overridenScopes = null, string userAssertion = null, bool expiredAccessTokens = false, bool addSecondAt = true) { bool addAccessTokenOnly = accessor is InMemoryPartitionedAppTokenCacheAccessor; string clientInfo = MockHelpers.CreateClientInfo(uid, utid); string homeAccId = ClientInfo.CreateFromJson(clientInfo).ToAccountIdentifier(); var accessTokenExpiresOn = expiredAccessTokens ? DateTimeOffset.UtcNow : DateTimeOffset.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn); var extendedAccessTokenExpiresOn = expiredAccessTokens ? DateTimeOffset.UtcNow : DateTimeOffset.UtcNow + TimeSpan.FromSeconds(ValidExtendedExpiresIn); string userAssertionHash = null; if (userAssertion != null) { var crypto = PlatformProxyFactory.CreatePlatformProxy(null).CryptographyManager; userAssertionHash = crypto.CreateBase64UrlEncodedSha256Hash(userAssertion); } MsalAccessTokenCacheItem atItem = new MsalAccessTokenCacheItem( environment, clientId, overridenScopes ?? TestConstants.s_scope.AsSingleString(), utid, "", DateTimeOffset.UtcNow, accessTokenExpiresOn, extendedAccessTokenExpiresOn, clientInfo, homeAccId, oboCacheKey: userAssertionHash); // add access token accessor.SaveAccessToken(atItem); // add another access token if (addSecondAt) { atItem = new MsalAccessTokenCacheItem( environment, clientId, TestConstants.s_scopeForAnotherResource.AsSingleString(), utid, "", DateTimeOffset.UtcNow, accessTokenExpiresOn, extendedAccessTokenExpiresOn, clientInfo, homeAccId); accessor.SaveAccessToken(atItem); } if (!addAccessTokenOnly) { var idTokenCacheItem = new MsalIdTokenCacheItem( environment, clientId, MockHelpers.CreateIdToken(TestConstants.UniqueId + "more", displayableId), clientInfo, homeAccId, tenantId: utid); accessor.SaveIdToken(idTokenCacheItem); var accountCacheItem = new MsalAccountCacheItem( environment, null, clientInfo, homeAccId, null, displayableId, utid, null, null, null); accessor.SaveAccount(accountCacheItem); AddRefreshTokenToCache(accessor, uid, utid, clientId, environment, rtSecret); var appMetadataItem = new MsalAppMetadataCacheItem( clientId, environment, null); accessor.SaveAppMetadata(appMetadataItem); } }