public void ConstructorInitCombinations() { //no policy, user properties TokenCacheKey key = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId); this.ValidateTokenCacheKey(key, true); //with policy, user properties key = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); this.ValidateTokenCacheKey(key, false); User user = new User(); user.DisplayableId = TestConstants.DefaultDisplayableId; user.UniqueId = TestConstants.DefaultUniqueId; user.HomeObjectId = TestConstants.DefaultHomeObjectId; //no policy, user object key = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, user); this.ValidateTokenCacheKey(key, true); //with policy, user object key = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, user, TestConstants.DefaultPolicy); this.ValidateTokenCacheKey(key, false); }
/// <summary> /// Determines whether the specified TokenCacheKey is equal to the current object. /// </summary> /// <returns> /// true if the specified TokenCacheKey is equal to the current object; otherwise, false. /// </returns> /// <param name="other">The TokenCacheKey to compare with the current object. </param><filterpriority>2</filterpriority> public bool Equals(TokenCacheKey other) { return(ReferenceEquals(this, other) || (other != null && (other.Authority == this.Authority) && this.ScopeEquals(other.Scope) && this.Equals(this.ClientId, other.ClientId) && (other.UniqueId == this.UniqueId) && this.Equals(this.DisplayableId, other.DisplayableId) && (this.HomeObjectId == other.HomeObjectId) && this.Equals(this.Policy, other.Policy))); }
private void ValidateTokenCacheKey(TokenCacheKey key, bool policyMissing) { Assert.IsNotNull(key); Assert.AreEqual(TestConstants.DefaultAuthorityHomeTenant, key.Authority); Assert.AreEqual(TestConstants.DefaultScope, key.Scope); Assert.AreEqual(TestConstants.DefaultClientId, key.ClientId); Assert.AreEqual(TestConstants.DefaultUniqueId, key.UniqueId); Assert.AreEqual(TestConstants.DefaultDisplayableId, key.DisplayableId); Assert.AreEqual(TestConstants.DefaultHomeObjectId, key.HomeObjectId); Assert.AreEqual(policyMissing, key.Policy == null); if (!policyMissing) { Assert.AreEqual(TestConstants.DefaultPolicy, key.Policy); } }
/// <summary> /// Default constructor. /// </summary> internal TokenCacheItem(TokenCacheKey key, AuthenticationResult result) { this.Authority = key.Authority; this.Scope = key.Scope; this.ClientId = key.ClientId; this.UniqueId = key.UniqueId; this.DisplayableId = key.DisplayableId; this.HomeObjectId = key.HomeObjectId; this.TenantId = result.TenantId; this.ExpiresOn = result.ExpiresOn; this.Token = result.Token; this.User = result.User; this.Policy = key.Policy; if (result.User!= null) { this.Name = result.User.Name; } }
public static TokenCache CreateCacheWithItems() { TokenCache cache = new TokenCache(); TokenCacheKey key = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); AuthenticationResultEx ex = new AuthenticationResultEx(); ex.Result = new AuthenticationResult("Bearer", key.ToString(), new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn))); ex.Result.User = new User { DisplayableId = TestConstants.DefaultDisplayableId, UniqueId = TestConstants.DefaultUniqueId, HomeObjectId = TestConstants.DefaultHomeObjectId }; ex.Result.ScopeSet = TestConstants.DefaultScope; ex.Result.FamilyId = "1"; ex.RefreshToken = "someRT"; cache.tokenCacheDictionary[key] = ex; key = new TokenCacheKey(TestConstants.DefaultAuthorityGuestTenant, TestConstants.ScopeForAnotherResource, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId + "more", TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); ex = new AuthenticationResultEx(); ex.Result = new AuthenticationResult("Bearer", key.ToString(), new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn))); ex.Result.User = new User { DisplayableId = TestConstants.DefaultDisplayableId, UniqueId = TestConstants.DefaultUniqueId + "more", HomeObjectId = TestConstants.DefaultHomeObjectId }; ex.Result.ScopeSet = TestConstants.ScopeForAnotherResource; ex.RefreshToken = "someRT"; cache.tokenCacheDictionary[key] = ex; return cache; }
public void LoadFromCacheExpiredToken() { TokenCache cache = new TokenCache(); TokenCacheKey key = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); AuthenticationResultEx ex = new AuthenticationResultEx(); ex.Result = new AuthenticationResult("Bearer", key.ToString(), new DateTimeOffset(DateTime.UtcNow)); ex.RefreshToken = "someRT"; cache.tokenCacheDictionary[key] = ex; AuthenticationResultEx resultEx = cache.LoadFromCache(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUser, TestConstants.DefaultPolicy, null); Assert.IsNotNull(resultEx); Assert.IsNotNull(resultEx.Result); Assert.IsNull(resultEx.Result.Token); Assert.AreEqual(resultEx.RefreshToken, "someRT"); }
private static void AddToDictionary(TokenCache tokenCache, TokenCacheKey key, AuthenticationResultEx value) { tokenCache.OnBeforeAccess(new TokenCacheNotificationArgs {TokenCache = tokenCache}); tokenCache.OnBeforeWrite(new TokenCacheNotificationArgs {TokenCache = tokenCache}); tokenCache.tokenCacheDictionary.Add(key, value); tokenCache.HasStateChanged = true; tokenCache.OnAfterAccess(new TokenCacheNotificationArgs {TokenCache = tokenCache}); }
private static bool RemoveFromDictionary(TokenCache tokenCache, TokenCacheKey key) { tokenCache.OnBeforeAccess(new TokenCacheNotificationArgs {TokenCache = tokenCache}); tokenCache.OnBeforeWrite(new TokenCacheNotificationArgs {TokenCache = tokenCache}); bool result = tokenCache.tokenCacheDictionary.Remove(key); tokenCache.HasStateChanged = true; tokenCache.OnAfterAccess(new TokenCacheNotificationArgs {TokenCache = tokenCache}); return result; }
private static void VerifyCacheItems(TokenCache cache, int expectedCount, TokenCacheKey firstKey, TokenCacheKey secondKey) { var items = cache.ReadItems(TestConstants.DefaultClientId).ToList(); Assert.AreEqual(expectedCount, items.Count); if (firstKey != null) { Assert.IsTrue(AreEqual(items[0], firstKey) || AreEqual(items[0], secondKey)); } if (secondKey != null) { Assert.IsTrue(AreEqual(items[1], firstKey) || AreEqual(items[1], secondKey)); } }
private static bool AreEqual(TokenCacheItem item, TokenCacheKey key) { return item.Match(key); }
internal void StoreToCache(AuthenticationResultEx resultEx, string authority, string clientId, string policy, bool restrictToSingleUser, CallState callState) { lock (lockObject) { PlatformPlugin.Logger.Verbose(callState, "Storing token in the cache..."); //single user mode cannot allow more than 1 unique id in the cache including null if (restrictToSingleUser && (resultEx.Result.User == null || string.IsNullOrEmpty(resultEx.Result.User.UniqueId) || !this.GetUniqueIdsFromCache(clientId).Contains(resultEx.Result.User.UniqueId))) { throw new MsalException(MsalError.InvalidCacheOperation, "Cannot add more than 1 user with a different unique id when RestrictToSingleUser is set to TRUE."); } this.OnBeforeWrite(new TokenCacheNotificationArgs { Scope = resultEx.Result.Scope, ClientId = clientId, User = resultEx.Result.User, Policy = policy }); TokenCacheKey tokenCacheKey = new TokenCacheKey(authority, resultEx.Result.ScopeSet, clientId, resultEx.Result.User, policy); // First identify all potential tokens. List<KeyValuePair<TokenCacheKey, AuthenticationResultEx>> items = this.QueryCache(authority, clientId, resultEx.Result.User, policy); List<KeyValuePair<TokenCacheKey, AuthenticationResultEx>> itemsToRemove = items.Where(p => p.Key.ScopeIntersects(resultEx.Result.ScopeSet)).ToList(); if (!itemsToRemove.Any()) { this.tokenCacheDictionary[tokenCacheKey] = resultEx; PlatformPlugin.Logger.Verbose(callState, "An item was stored in the cache"); } else { //remove all intersections PlatformPlugin.Logger.Verbose(callState, "Items to remove - " + itemsToRemove.Count); foreach (var itemToRemove in itemsToRemove) { this.tokenCacheDictionary.Remove(itemToRemove); } this.tokenCacheDictionary[tokenCacheKey] = resultEx; PlatformPlugin.Logger.Verbose(callState, "An item was updated in the cache"); } this.UpdateCachedRefreshTokens(resultEx, authority, clientId, policy); this.HasStateChanged = true; } }
private static void VerifyCacheItems(TokenCache cache, int expectedCount, TokenCacheKey firstKey) { VerifyCacheItems(cache, expectedCount, firstKey, null); }
/// <summary> /// Determines whether the specified TokenCacheKey is equal to the current object. /// </summary> /// <returns> /// true if the specified TokenCacheKey is equal to the current object; otherwise, false. /// </returns> /// <param name="other">The TokenCacheKey to compare with the current object. </param><filterpriority>2</filterpriority> public bool Equals(TokenCacheKey other) { return ReferenceEquals(this, other) || (other != null && (other.Authority == this.Authority) && this.ScopeEquals(other.Scope) && this.Equals(this.ClientId, other.ClientId) && (other.UniqueId == this.UniqueId) && this.Equals(this.DisplayableId, other.DisplayableId) && (this.HomeObjectId == other.HomeObjectId) && this.Equals(this.Policy, other.Policy)); }
/// <summary> /// Determines whether the specified object is equal to the current object. /// </summary> /// <returns> /// true if the specified object is equal to the current object; otherwise, false. /// </returns> /// <param name="obj">The object to compare with the current object. </param><filterpriority>2</filterpriority> public override bool Equals(object obj) { TokenCacheKey other = obj as TokenCacheKey; return((other != null) && this.Equals(other)); }
public void LoadSingleItemFromCacheIntersectingScopeDifferentAuthorities() { TokenCache cache = TokenCacheHelper.CreateCacheWithItems(); HashSet<string> scope = new HashSet<string>(new[] {"r1/scope1"}); KeyValuePair<TokenCacheKey, AuthenticationResultEx>? item = cache.LoadSingleItemFromCache(TestConstants.DefaultAuthorityHomeTenant, scope, TestConstants.DefaultClientId, TestConstants.DefaultUser, TestConstants.DefaultPolicy, null); Assert.IsNotNull(item); TokenCacheKey key = item.Value.Key; AuthenticationResultEx resultEx = item.Value.Value; Assert.AreEqual(TestConstants.DefaultAuthorityHomeTenant, key.Authority); Assert.AreEqual(TestConstants.DefaultScope, key.Scope); Assert.AreEqual(TestConstants.DefaultClientId, key.ClientId); Assert.AreEqual(TestConstants.DefaultUniqueId, key.UniqueId); Assert.AreEqual(TestConstants.DefaultDisplayableId, key.DisplayableId); Assert.AreEqual(TestConstants.DefaultHomeObjectId, key.HomeObjectId); Assert.AreEqual(TestConstants.DefaultPolicy, key.Policy); Assert.AreEqual(key.ToString(), resultEx.Result.Token); scope.Add("unique-scope"); item = cache.LoadSingleItemFromCache(TestConstants.DefaultAuthorityHomeTenant, scope, TestConstants.DefaultClientId, TestConstants.DefaultUser, TestConstants.DefaultPolicy, null); Assert.IsNotNull(item); key = item.Value.Key; resultEx = item.Value.Value; Assert.AreEqual(TestConstants.DefaultAuthorityHomeTenant, key.Authority); Assert.AreEqual(TestConstants.DefaultScope, key.Scope); //default scope contains r1/scope1 Assert.AreEqual(TestConstants.DefaultClientId, key.ClientId); Assert.AreEqual(TestConstants.DefaultUniqueId, key.UniqueId); Assert.AreEqual(TestConstants.DefaultDisplayableId, key.DisplayableId); Assert.AreEqual(TestConstants.DefaultHomeObjectId, key.HomeObjectId); Assert.AreEqual(TestConstants.DefaultPolicy, key.Policy); Assert.AreEqual(key.ToString(), resultEx.Result.Token); //invoke multiple tokens error TokenCacheKey cacheKey = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId + "more", TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); AuthenticationResultEx ex = new AuthenticationResultEx(); ex.Result = new AuthenticationResult("Bearer", key.ToString(), new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn))); ex.RefreshToken = "someRT"; cache.tokenCacheDictionary[cacheKey] = ex; try { User user = TestConstants.DefaultUser; user.DisplayableId = null; item = cache.LoadSingleItemFromCache(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, user, TestConstants.DefaultPolicy, null); Assert.Fail("multiple tokens should have been detected"); } catch (MsalException exception) { Assert.AreEqual("multiple_matching_tokens_detected", exception.ErrorCode); } }
public void ActAsCurrentUserNoSsoHeaderForLoginHintOnlyTest() { //this test validates that no SSO header is added when developer passes only login hint and UiOption.ActAsCurrentUser Authenticator authenticator = new Authenticator(TestConstants.DefaultAuthorityHomeTenant, false, Guid.NewGuid()); TokenCache cache = new TokenCache(); TokenCacheKey key = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); AuthenticationResultEx ex = new AuthenticationResultEx(); ex.Result = new AuthenticationResult("Bearer", key.ToString(), new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(3599))); ex.Result.User = new User { DisplayableId = TestConstants.DefaultDisplayableId, UniqueId = TestConstants.DefaultUniqueId, HomeObjectId = TestConstants.DefaultHomeObjectId }; ex.Result.FamilyId = "1"; ex.RefreshToken = "someRT"; cache.tokenCacheDictionary[key] = ex; MockWebUI webUi = new MockWebUI(); webUi.MockResult = new AuthorizationResult(AuthorizationStatus.Success, TestConstants.DefaultAuthorityHomeTenant + "?code=some-code"); AuthenticationRequestParameters parameters = new AuthenticationRequestParameters() { Authenticator = authenticator, ClientKey = new ClientKey(TestConstants.DefaultClientId), Policy = TestConstants.DefaultPolicy, RestrictToSingleUser = TestConstants.DefaultRestrictToSingleUser, Scope = TestConstants.DefaultScope.ToArray(), TokenCache = cache }; InteractiveRequest request = new InteractiveRequest(parameters, TestConstants.ScopeForAnotherResource.ToArray(), new Uri("some://uri"), new PlatformParameters(), ex.Result.User, UiOptions.ActAsCurrentUser, "extra=qp", webUi); request.PreRunAsync().Wait(); request.PreTokenRequest().Wait(); }
public void LoadSingleItemFromCacheNullUserSingleUniqueIdInCacheTest() { TokenCache cache = new TokenCache(); TokenCacheKey key = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); AuthenticationResultEx ex = new AuthenticationResultEx(); ex.Result = new AuthenticationResult("Bearer", key.ToString(), new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn))); ex.Result.User = new User { DisplayableId = TestConstants.DefaultDisplayableId, UniqueId = TestConstants.DefaultUniqueId, HomeObjectId = TestConstants.DefaultHomeObjectId }; ex.Result.FamilyId = "1"; ex.RefreshToken = "someRT"; cache.tokenCacheDictionary[key] = ex; KeyValuePair<TokenCacheKey, AuthenticationResultEx>? item = cache.LoadSingleItemFromCache(TestConstants.DefaultAuthorityCommonTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, null, TestConstants.DefaultPolicy, null); Assert.IsNotNull(item); Assert.AreEqual(TestConstants.DefaultAuthorityHomeTenant, key.Authority); Assert.AreEqual(TestConstants.DefaultScope, key.Scope); Assert.AreEqual(TestConstants.DefaultClientId, key.ClientId); Assert.AreEqual(TestConstants.DefaultUniqueId, key.UniqueId); Assert.AreEqual(TestConstants.DefaultDisplayableId, key.DisplayableId); Assert.AreEqual(TestConstants.DefaultHomeObjectId, key.HomeObjectId); Assert.AreEqual(TestConstants.DefaultPolicy, key.Policy); }
public void LoadFromCacheCrossTenantNullUserToken() { //this test will result only in a RT and no access token returned. TokenCache tokenCache = TokenCacheHelper.CreateCacheWithItems(); TokenCacheKey key = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId + "more", TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); AuthenticationResultEx ex = new AuthenticationResultEx(); ex.Result = new AuthenticationResult("Bearer", key.ToString(), new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn))); ex.Result.User = new User { DisplayableId = TestConstants.DefaultDisplayableId, UniqueId = TestConstants.DefaultUniqueId, HomeObjectId = TestConstants.DefaultHomeObjectId }; ex.Result.FamilyId = "1"; ex.RefreshToken = "someRT"; tokenCache.tokenCacheDictionary[key] = ex; try { AuthenticationResultEx resultEx = tokenCache.LoadFromCache(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, null, TestConstants.DefaultPolicy, null); Assert.Fail("multiple tokens should have been detected"); } catch (MsalException exception) { Assert.AreEqual("multiple_matching_tokens_detected", exception.ErrorCode); } }
public void LoadFromCacheNullUserSingleEntry() { var tokenCache = new TokenCache(); TokenCacheKey key = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); AuthenticationResultEx ex = new AuthenticationResultEx(); ex.Result = new AuthenticationResult("Bearer", key.ToString(), new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn))); ex.Result.User = new User { DisplayableId = TestConstants.DefaultDisplayableId, UniqueId = TestConstants.DefaultUniqueId, HomeObjectId = TestConstants.DefaultHomeObjectId }; ex.Result.FamilyId = "1"; ex.RefreshToken = "someRT"; tokenCache.tokenCacheDictionary[key] = ex; AuthenticationResultEx resultEx = tokenCache.LoadFromCache(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, null, TestConstants.DefaultPolicy, null); Assert.IsNotNull(resultEx); Assert.IsNotNull(resultEx.Result); Assert.IsNotNull(resultEx.Result.Token); }
internal bool Match(TokenCacheKey key) { return key != null && (key.Authority == this.Authority && key.ScopeEquals(this.Scope) && key.Equals(key.ClientId, this.ClientId) && key.UniqueId == this.UniqueId && key.Equals(key.DisplayableId, this.DisplayableId) && (key.HomeObjectId == this.HomeObjectId) && key.Equals(key.Policy, this.Policy)); }
/// <summary> /// Deserializes state of the cache. The state should be the blob received earlier by calling the method Serialize. /// </summary> /// <param name="state">State of the cache as a blob</param> public void Deserialize(byte[] state) { lock (lockObject) { if (state == null || state.Length == 0) { this.tokenCacheDictionary.Clear(); return; } using (Stream stream = new MemoryStream()) { BinaryWriter writer = new BinaryWriter(stream); writer.Write(state); writer.Flush(); stream.Position = 0; BinaryReader reader = new BinaryReader(stream); int schemaVersion = reader.ReadInt32(); if (schemaVersion != SchemaVersion) { PlatformPlugin.Logger.Warning(null, "The version of the persistent state of the cache does not match the current schema, so skipping deserialization."); return; } this.tokenCacheDictionary.Clear(); int count = reader.ReadInt32(); for (int n = 0; n < count; n++) { string keyString = reader.ReadString(); string[] kvpElements = keyString.Split(new[] {Delimiter}, StringSplitOptions.None); AuthenticationResultEx resultEx = AuthenticationResultEx.Deserialize(reader.ReadString()); TokenCacheKey key = new TokenCacheKey(kvpElements[0], kvpElements[1].AsSet(), kvpElements[2], resultEx.Result.User, kvpElements[3]); this.tokenCacheDictionary.Add(key, resultEx); } PlatformPlugin.Logger.Information(null, string.Format(CultureInfo.InvariantCulture,"Deserialized {0} items to token cache.", count)); } } }
public void TestEquals() { TokenCacheKey key1 = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); TokenCacheKey key2 = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); Assert.IsTrue(key1.Equals(key2)); //scope key2 = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.ScopeForAnotherResource, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); Assert.IsFalse(key1.Equals(key2)); //different case scope HashSet<string> uppercaseScope = new HashSet<string>(); foreach (var item in TestConstants.DefaultScope) { uppercaseScope.Add(item.ToUpper(CultureInfo.InvariantCulture)); } key2 = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, uppercaseScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); Assert.IsTrue(key1.Equals(key2)); //authority key2 = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant + "more", TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); Assert.IsFalse(key1.Equals(key2)); key2 = new TokenCacheKey(null, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); Assert.IsFalse(key1.Equals(key2)); //null scope key2 = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, null, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); Assert.IsFalse(key1.Equals(key2)); //client id key2 = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, null, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); Assert.IsFalse(key1.Equals(key2)); key2 = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId + "more", TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); Assert.IsFalse(key1.Equals(key2)); //unique id key2 = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, null, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); Assert.IsFalse(key1.Equals(key2)); key2 = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId + "more", TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); Assert.IsFalse(key1.Equals(key2)); //displayable id key2 = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, null, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); Assert.IsFalse(key1.Equals(key2)); key2 = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId + "more", TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); Assert.IsFalse(key1.Equals(key2)); //root id key2 = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, null, TestConstants.DefaultPolicy); Assert.IsFalse(key1.Equals(key2)); key2 = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId + "more", TestConstants.DefaultPolicy); Assert.IsFalse(key1.Equals(key2)); //policy key2 = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, null); Assert.IsFalse(key1.Equals(key2)); key2 = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy + "more"); Assert.IsFalse(key1.Equals(key2)); // mistmatched object Assert.IsFalse(key1.Equals(new object())); }
public void TestScopeContains() { //null scope TokenCacheKey key = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, null, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); //null will contain null HashSet<string> otherScope = null; Assert.IsTrue(key.ScopeContains(otherScope)); Assert.IsFalse(key.ScopeContains(new HashSet<string>())); //put scope value key = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); Assert.IsTrue(key.ScopeContains(otherScope)); Assert.IsTrue(key.ScopeContains(new HashSet<string>())); otherScope = new HashSet<string>(TestConstants.DefaultScope.ToArray()); Assert.IsTrue(key.ScopeContains(otherScope)); // other scope has more otherScope.Add("anotherscope"); Assert.IsFalse(key.ScopeContains(otherScope)); }
public void LoadSingleItemFromCacheCrossTenantLookupTest() { var tokenCache = new TokenCache(); TokenCacheKey key = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); AuthenticationResultEx ex = new AuthenticationResultEx(); ex.Result = new AuthenticationResult("Bearer", key.ToString(), new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn))); ex.Result.User = new User { DisplayableId = TestConstants.DefaultDisplayableId, UniqueId = TestConstants.DefaultUniqueId, HomeObjectId = TestConstants.DefaultHomeObjectId }; ex.Result.FamilyId = "1"; ex.RefreshToken = "someRT"; tokenCache.tokenCacheDictionary[key] = ex; User user = TestConstants.DefaultUser; user.DisplayableId = null; user.UniqueId = null; //cross-tenant works by default. search cache using non-existant authority //using root id. Code will find multiple results with the same root id. it can return any. KeyValuePair<TokenCacheKey, AuthenticationResultEx>? item = tokenCache.LoadSingleItemFromCache(TestConstants.DefaultAuthorityGuestTenant + "non-existant", new HashSet<string>(new[] {"scope1", "random-scope"}), TestConstants.DefaultClientId, user, TestConstants.DefaultPolicy, null); Assert.IsNotNull(item); key = item.Value.Key; AuthenticationResultEx resultEx = item.Value.Value; Assert.AreEqual(TestConstants.DefaultAuthorityHomeTenant, key.Authority); Assert.AreEqual(TestConstants.DefaultScope, key.Scope); Assert.AreEqual(TestConstants.DefaultClientId, key.ClientId); Assert.AreEqual(TestConstants.DefaultUniqueId, key.UniqueId); Assert.AreEqual(TestConstants.DefaultDisplayableId, key.DisplayableId); Assert.AreEqual(TestConstants.DefaultHomeObjectId, key.HomeObjectId); Assert.AreEqual(TestConstants.DefaultPolicy, key.Policy); Assert.AreEqual(key.ToString(), resultEx.Result.Token); }
private AuthenticationResultEx CreateResultExFromCacheResultEx(TokenCacheKey key, AuthenticationResultEx resultEx) { var newResultEx = new AuthenticationResultEx { Result = new AuthenticationResult(null, null, DateTimeOffset.MinValue) { ScopeSet = new HashSet<string>(resultEx.Result.ScopeSet.ToArray()) }, RefreshToken = resultEx.RefreshToken, }; newResultEx.Result.UpdateTenantAndUser(resultEx.Result.TenantId, resultEx.Result.IdToken, resultEx.Result.User); if (newResultEx.Result.User != null) { newResultEx.Result.User.Authority = key.Authority; newResultEx.Result.User.ClientId = key.ClientId; newResultEx.Result.User.TokenCache = this; } return newResultEx; }
public void NoCacheLookup() { Authenticator authenticator = new Authenticator(TestConstants.DefaultAuthorityHomeTenant, false, Guid.NewGuid()); TokenCache cache = new TokenCache(); TokenCacheKey key = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); AuthenticationResultEx ex = new AuthenticationResultEx(); ex.Result = new AuthenticationResult("Bearer", key.ToString(), new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(3599))); ex.Result.User = new User { DisplayableId = TestConstants.DefaultDisplayableId, UniqueId = TestConstants.DefaultUniqueId, HomeObjectId = TestConstants.DefaultHomeObjectId }; ex.Result.FamilyId = "1"; ex.RefreshToken = "someRT"; cache.tokenCacheDictionary[key] = ex; IWebUI ui = Substitute.For<IWebUI>(); AuthorizationResult ar = new AuthorizationResult(AuthorizationStatus.Success, TestConstants.DefaultAuthorityHomeTenant + "?code=some-code"); ui.AcquireAuthorizationAsync(Arg.Any<Uri>(), Arg.Any<Uri>(), Arg.Any<IDictionary<string, string>>(), Arg.Any<CallState>()) .Returns(ar); MockHttpMessageHandler mockHandler = new MockHttpMessageHandler(); mockHandler.Method = HttpMethod.Post; mockHandler.QueryParams = new Dictionary<string, string>() {{"p", "some-policy"}}; mockHandler.ResponseMessage = MockHelpers.CreateSuccessTokenResponseMessage(); HttpMessageHandlerFactory.MockHandler = mockHandler; AuthenticationRequestParameters parameters = new AuthenticationRequestParameters() { Authenticator = authenticator, ClientKey = new ClientKey(TestConstants.DefaultClientId), Policy = "some-policy", RestrictToSingleUser = TestConstants.DefaultRestrictToSingleUser, Scope = TestConstants.DefaultScope.ToArray(), TokenCache = cache }; InteractiveRequest request = new InteractiveRequest(parameters, TestConstants.ScopeForAnotherResource.ToArray(), new Uri("some://uri"), new PlatformParameters(), TestConstants.DefaultDisplayableId, UiOptions.SelectAccount, "extra=qp", ui); Task<AuthenticationResult> task = request.RunAsync(); task.Wait(); AuthenticationResult result = task.Result; Assert.IsNotNull(result); Assert.AreEqual(2, cache.Count); Assert.AreEqual(result.Token, "some-access-token"); //both cache entry authorities are TestConstants.DefaultAuthorityHomeTenant foreach (var item in cache.ReadItems(TestConstants.DefaultClientId)) { Assert.AreEqual(TestConstants.DefaultAuthorityHomeTenant, item.Authority); } }
public void ClearCacheTest() { TokenCache tokenCache = TokenCacheHelper.CreateCacheWithItems(); TokenCacheKey key = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId + "more", TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); AuthenticationResultEx ex = new AuthenticationResultEx(); ex.Result = new AuthenticationResult("Bearer", key.ToString(), new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn))); ex.Result.User = new User { DisplayableId = TestConstants.DefaultDisplayableId, UniqueId = TestConstants.DefaultUniqueId, HomeObjectId = TestConstants.DefaultHomeObjectId }; ex.Result.FamilyId = "1"; ex.RefreshToken = "someRT"; tokenCache.tokenCacheDictionary[key] = ex; tokenCache.Clear(TestConstants.DefaultClientId); Assert.AreEqual(1, tokenCache.Count); Assert.AreEqual(key, tokenCache.tokenCacheDictionary.Keys.First()); }
public void MapToIdentifierMultipleMatchingEntriesTest() { Authenticator authenticator = new Authenticator(TestConstants.DefaultAuthorityHomeTenant, false, Guid.NewGuid()); TokenCache cache = TokenCacheHelper.CreateCacheWithItems(); TokenCacheKey key = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.ScopeForAnotherResource, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); AuthenticationResultEx ex = new AuthenticationResultEx(); ex.Result = new AuthenticationResult("Bearer", key.ToString(), new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(3600))); ex.Result.User = new User { DisplayableId = TestConstants.DefaultDisplayableId, UniqueId = TestConstants.DefaultUniqueId, HomeObjectId = TestConstants.DefaultHomeObjectId }; ex.Result.ScopeSet = TestConstants.DefaultScope; ex.Result.FamilyId = "1"; ex.RefreshToken = "someRT"; cache.tokenCacheDictionary[key] = ex; AuthenticationRequestParameters parameters = new AuthenticationRequestParameters() { Authenticator = authenticator, ClientKey = new ClientKey(TestConstants.DefaultClientId), Policy = TestConstants.DefaultPolicy, RestrictToSingleUser = TestConstants.DefaultRestrictToSingleUser, Scope = new[] { "something" }, TokenCache = cache }; SilentRequest request = new SilentRequest(parameters, (string) null, new PlatformParameters(), false); User user = request.MapIdentifierToUser(TestConstants.DefaultUniqueId); Assert.IsNotNull(user); Assert.AreEqual(TestConstants.DefaultUniqueId, user.UniqueId); }
public void StoreToCacheNewUserRestrictToSingleUserTrueTest() { var tokenCache = new TokenCache(); TokenCacheKey key = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); AuthenticationResultEx ex = new AuthenticationResultEx(); ex.Result = new AuthenticationResult("Bearer", key.ToString(), new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn))); ex.Result.User = new User { DisplayableId = TestConstants.DefaultDisplayableId, UniqueId = TestConstants.DefaultUniqueId, HomeObjectId = TestConstants.DefaultHomeObjectId }; ex.Result.FamilyId = "1"; ex.RefreshToken = "someRT"; tokenCache.tokenCacheDictionary[key] = ex; var result = new AuthenticationResult("Bearer", "some-access-token", new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn))) { User = new User { UniqueId = TestConstants.DefaultUniqueId+"more", DisplayableId = TestConstants.DefaultDisplayableId }, ScopeSet = new HashSet<string>(new string[] { "r1/scope5", "r1/scope7" }) }; AuthenticationResultEx resultEx = new AuthenticationResultEx { Result = result, RefreshToken = "someRT" }; try { tokenCache.StoreToCache(resultEx, TestConstants.DefaultAuthorityGuestTenant, TestConstants.DefaultClientId, TestConstants.DefaultPolicy, true, null); Assert.Fail("MsalException should be thrown here"); } catch (MsalException me) { Assert.AreEqual(MsalError.InvalidCacheOperation, me.ErrorCode); Assert.AreEqual("Cannot add more than 1 user with a different unique id when RestrictToSingleUser is set to TRUE.", me.Message); } }
public void GetUsersTest() { PublicClientApplication app = new PublicClientApplication(TestConstants.DefaultClientId); IEnumerable<User> users = app.Users; Assert.IsNotNull(users); Assert.IsFalse(users.Any()); app.UserTokenCache = TokenCacheHelper.CreateCacheWithItems(); users = app.Users; Assert.IsNotNull(users); Assert.AreEqual(1, users.Count()); foreach (var user in users) { Assert.AreEqual(TestConstants.DefaultClientId, user.ClientId); Assert.IsNotNull(user.TokenCache); } // another cache entry for different home object id. user count should be 2. TokenCacheKey key = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.ScopeForAnotherResource, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId+"more", TestConstants.DefaultPolicy); AuthenticationResultEx ex = new AuthenticationResultEx(); ex.Result = new AuthenticationResult("Bearer", key.ToString(), new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(3600))); ex.Result.User = new User { DisplayableId = TestConstants.DefaultDisplayableId, UniqueId = TestConstants.DefaultUniqueId, HomeObjectId = TestConstants.DefaultHomeObjectId }; ex.Result.ScopeSet = TestConstants.DefaultScope; ex.Result.FamilyId = "1"; ex.RefreshToken = "someRT"; app.UserTokenCache.tokenCacheDictionary[key] = ex; users = app.Users; Assert.IsNotNull(users); Assert.AreEqual(2, users.Count()); foreach (var user in users) { Assert.AreEqual(TestConstants.DefaultClientId, user.ClientId); Assert.IsNotNull(user.TokenCache); } }
public void TestScopeEquals() { TokenCacheKey key = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultScope, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy); HashSet<string> otherScope = null; Assert.IsFalse(key.ScopeEquals(otherScope)); otherScope = new HashSet<string>(TestConstants.DefaultScope.ToArray()); Assert.IsTrue(key.ScopeEquals(otherScope)); otherScope.Add("anotherscope"); Assert.IsFalse(key.ScopeEquals(otherScope)); otherScope.Clear(); Assert.IsFalse(key.ScopeEquals(otherScope)); }