private async Task <AuthenticationResult> AcquireTokenInteractive(IPublicClientApplication app, string[] scopes, Guid connectionId, string userId) { CancellationTokenSource cts = new CancellationTokenSource(); #if netcoreapp /* * On .NET Core, MSAL will start the system browser as a separate process. MSAL does not have control over this browser, * but once the user finishes authentication, the web page is redirected in such a way that MSAL can intercept the Uri. * MSAL cannot detect if the user navigates away or simply closes the browser. Apps using this technique are encouraged * to define a timeout (via CancellationToken). We recommend a timeout of at least a few minutes, to take into account * cases where the user is prompted to change password or perform 2FA. * * https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/System-Browser-on-.Net-Core#system-browser-experience */ cts.CancelAfter(180000); #endif try { return(await app.AcquireTokenInteractive(scopes) /* * We will use the MSAL Embedded or System web browser which changes by Default in MSAL according to this table: * * Framework Embedded System Default * ------------------------------------------- * .NET Classic Yes Yes^ Embedded * .NET Core No Yes^ System * .NET Standard No No NONE * UWP Yes No Embedded * Xamarin.Android Yes Yes System * Xamarin.iOS Yes Yes System * Xamarin.Mac Yes No Embedded * * ^ Requires "http://localhost" redirect URI * * https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/MSAL.NET-uses-web-browser#at-a-glance */ //.WithUseEmbeddedWebView(true) .WithCorrelationId(connectionId) .WithLoginHint(userId) .ExecuteAsync(cts.Token)); } catch (OperationCanceledException) { throw SQL.ActiveDirectoryInteractiveTimeout(); } }
private async Task <AuthenticationResult> AcquireTokenInteractiveDeviceFlowAsync(IPublicClientApplication app, string[] scopes, Guid connectionId, string userId, SqlAuthenticationMethod authenticationMethod, CancellationTokenSource cts) { try { if (authenticationMethod == SqlAuthenticationMethod.ActiveDirectoryInteractive) { CancellationTokenSource ctsInteractive = new CancellationTokenSource(); #if NETCOREAPP /* * On .NET Core, MSAL will start the system browser as a separate process. MSAL does not have control over this browser, * but once the user finishes authentication, the web page is redirected in such a way that MSAL can intercept the Uri. * MSAL cannot detect if the user navigates away or simply closes the browser. Apps using this technique are encouraged * to define a timeout (via CancellationToken). We recommend a timeout of at least a few minutes, to take into account * cases where the user is prompted to change password or perform 2FA. * * https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/System-Browser-on-.Net-Core#system-browser-experience */ ctsInteractive.CancelAfter(180000); #endif if (_customWebUI != null) { return(await app.AcquireTokenInteractive(scopes) .WithCorrelationId(connectionId) .WithCustomWebUi(_customWebUI) .WithLoginHint(userId) .ExecuteAsync(ctsInteractive.Token)); } else { /* * We will use the MSAL Embedded or System web browser which changes by Default in MSAL according to this table: * * Framework Embedded System Default * ------------------------------------------- * .NET Classic Yes Yes^ Embedded * .NET Core No Yes^ System * .NET Standard No No NONE * UWP Yes No Embedded * Xamarin.Android Yes Yes System * Xamarin.iOS Yes Yes System * Xamarin.Mac Yes No Embedded * * ^ Requires "http://localhost" redirect URI * * https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/MSAL.NET-uses-web-browser#at-a-glance */ return(await app.AcquireTokenInteractive(scopes) .WithCorrelationId(connectionId) .WithLoginHint(userId) .ExecuteAsync(ctsInteractive.Token)); } } else { AuthenticationResult result = await app.AcquireTokenWithDeviceCode(scopes, deviceCodeResult => _deviceCodeFlowCallback(deviceCodeResult)) .WithCorrelationId(connectionId) .ExecuteAsync(cancellationToken: cts.Token); return(result); } } catch (OperationCanceledException) { SqlClientEventSource.Log.TryTraceEvent("AcquireTokenInteractiveDeviceFlowAsync | Operation timed out while acquiring access token."); throw (authenticationMethod == SqlAuthenticationMethod.ActiveDirectoryInteractive) ? SQL.ActiveDirectoryInteractiveTimeout() : SQL.ActiveDirectoryDeviceFlowTimeout(); } }