public async Task <WebTokenRequest> CreateWebTokenRequestAsync( WebAccountProvider provider, AuthenticationRequestParameters authenticationRequestParameters, bool isForceLoginPrompt, bool isInteractive, bool isAccountInWam) { bool setLoginHint = false; bool addNewAccount = false; string loginHint = !string.IsNullOrEmpty(authenticationRequestParameters.LoginHint) ? authenticationRequestParameters.LoginHint : authenticationRequestParameters.Account?.Username; if (isInteractive && !isAccountInWam) { if (!string.IsNullOrEmpty(loginHint)) { setLoginHint = true; } else { addNewAccount = !(await _webAccountProviderFactory.IsDefaultAccountMsaAsync().ConfigureAwait(false)); } } var promptType = (setLoginHint || addNewAccount || (isForceLoginPrompt && isInteractive)) ? WebTokenRequestPromptType.ForceAuthentication : WebTokenRequestPromptType.Default; string scopes = ScopeHelper.GetMsalScopes(authenticationRequestParameters.Scope).AsSingleString(); WebTokenRequest request = new WebTokenRequest( provider, scopes, authenticationRequestParameters.AppConfig.ClientId, promptType); if (addNewAccount || setLoginHint) { request.Properties.Add("Client_uiflow", "new_account"); // launch add account flow if (setLoginHint) { request.Properties.Add("LoginHint", loginHint); // prefill username } } AddV2Properties(request); if (ApiInformation.IsPropertyPresent("Windows.Security.Authentication.Web.Core.WebTokenRequest", "CorrelationId")) { LegacyOsWamProxy.SetCorrelationId(request, authenticationRequestParameters.CorrelationId.ToString()); } else { _logger.Warning("[WAM MSA Plugin] Could not add the correlation ID to the request."); } return(request); }
public Task <WebTokenRequest> CreateWebTokenRequestAsync( WebAccountProvider provider, AuthenticationRequestParameters authenticationRequestParameters, bool isForceLoginPrompt, bool isInteractive, bool isAccountInWam, string scopeOverride = null) { string loginHint = !string.IsNullOrEmpty(authenticationRequestParameters.LoginHint) ? authenticationRequestParameters.LoginHint : authenticationRequestParameters.Account?.Username; bool setLoginHint = isInteractive && !isAccountInWam && !string.IsNullOrEmpty(loginHint); var wamPrompt = setLoginHint || (isInteractive && isForceLoginPrompt) ? WebTokenRequestPromptType.ForceAuthentication : WebTokenRequestPromptType.Default; WebTokenRequest request = new WebTokenRequest( provider, scopeOverride ?? ScopeHelper.GetMsalScopes(authenticationRequestParameters.Scope).AsSingleString(), authenticationRequestParameters.AppConfig.ClientId, wamPrompt); if (setLoginHint) { request.Properties.Add("LoginHint", authenticationRequestParameters.LoginHint); } request.Properties.Add("wam_compat", "2.0"); if (ApiInformation.IsPropertyPresent("Windows.Security.Authentication.Web.Core.WebTokenRequest", "CorrelationId")) { LegacyOsWamProxy.SetCorrelationId(request, authenticationRequestParameters.CorrelationId.ToString()); } else { request.Properties.Add("correlationId", authenticationRequestParameters.CorrelationId.ToString()); } if (!string.IsNullOrEmpty(authenticationRequestParameters.ClaimsAndClientCapabilities)) { request.Properties.Add("claims", authenticationRequestParameters.ClaimsAndClientCapabilities); } return(Task.FromResult(request)); }
public async Task <IReadOnlyList <WebAccount> > FindAllWebAccountsAsync(WebAccountProvider provider, string clientID) { using (_logger.LogBlockDuration("WAM:FindAllWebAccountsAsync:")) { if (_logger.IsLoggingEnabled(LogLevel.Verbose)) { _logger.VerbosePii(provider.ToLogString(true), provider.ToLogString(false)); } // Win 10 RS3 release and above if (!ApiInformation.IsMethodPresent( "Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager", "FindAllAccountsAsync")) { _logger.Info("[WamProxy] FindAllAccountsAsync method does not exist (it was introduced in Win 10 RS3). " + "Returning 0 broker accounts. "); return(Enumerable.Empty <WebAccount>().ToList()); } return(await LegacyOsWamProxy.FindAllAccountsAsync(provider, clientID, _logger).ConfigureAwait(false)); } }