/// <summary> /// Gets the Common Auth Parameters to be passed to Native Interop /// </summary> /// <param name="authenticationRequestParameters"></param> /// <param name="isMsaPassthrough"></param> public static NativeInterop.AuthParameters GetCommonAuthParameters( AuthenticationRequestParameters authenticationRequestParameters, bool isMsaPassthrough) { var authParams = new NativeInterop.AuthParameters (authenticationRequestParameters.AppConfig.ClientId, authenticationRequestParameters.Authority.AuthorityInfo.CanonicalAuthority); //scopes authParams.RequestedScopes = string.Join(" ", authenticationRequestParameters.Scope); //WAM redirect URi does not need to be configured by the user //this is used internally by the interop to fallback to the browser authParams.RedirectUri = authenticationRequestParameters.RedirectUri.ToString(); //MSA-PT if (isMsaPassthrough) { authParams.Properties[NativeInteropMsalRequestType] = ConsumersPassthroughRequest; } //Client Claims if (!string.IsNullOrWhiteSpace(authenticationRequestParameters.ClaimsAndClientCapabilities)) { authParams.DecodedClaims = authenticationRequestParameters.ClaimsAndClientCapabilities; } //pass extra query parameters if there are any if (authenticationRequestParameters.ExtraQueryParameters != null) { foreach (KeyValuePair <string, string> kvp in authenticationRequestParameters.ExtraQueryParameters) { authParams.Properties[kvp.Key] = kvp.Value; } } AddPopParams(authenticationRequestParameters, authParams); return(authParams); }
/// <summary> /// Configures the MSAL Runtime authentication request to use proof of possession . /// </summary> private static void AddPopParams(AuthenticationRequestParameters authenticationRequestParameters, NativeInterop.AuthParameters authParams) { // if PopAuthenticationConfiguration is set, proof of possession will be performed via the runtime broker if (authenticationRequestParameters.PopAuthenticationConfiguration != null) { authenticationRequestParameters.RequestContext.Logger.Info("[WamBroker] Proof-of-Possession is configured. Using Proof-of-Posession with broker request"); authParams.PopParams.HttpMethod = authenticationRequestParameters.PopAuthenticationConfiguration.HttpMethod?.Method; authParams.PopParams.UriHost = authenticationRequestParameters.PopAuthenticationConfiguration.HttpHost; authParams.PopParams.UriPath = authenticationRequestParameters.PopAuthenticationConfiguration.HttpPath; authParams.PopParams.Nonce = authenticationRequestParameters.PopAuthenticationConfiguration.Nonce; } }