예제 #1
0
        public void CanExtractClaimsFromICaeAuthenticationProviderOption()
        {
            // Arrange
            var httpRequestMessage           = new HttpRequestMessage(HttpMethod.Get, "http://example.com/bar");
            var authenticationHandlerOption  = new AuthenticationHandlerOption();
            var authenticationProviderOption = new CaeAuthProviderOptionTest()
            {
                Scopes = new [] { "User.Read" },
                Claims = "claim"
            };

            authenticationHandlerOption.AuthenticationProviderOption = authenticationProviderOption;

            // set the original AuthenticationProviderOptionTest as the auth provider
            var originalRequestContext = httpRequestMessage.GetRequestContext();

            originalRequestContext.MiddlewareOptions[typeof(AuthenticationHandlerOption).ToString()] = authenticationHandlerOption;
            httpRequestMessage.Properties[typeof(GraphRequestContext).ToString()] = originalRequestContext;

            // Act by trying to extract info from ICaeAuthenticationProviderOption type
            AuthenticationProviderOption authProviderOption = httpRequestMessage.GetMsalAuthProviderOption();

            // Assert that we can still find the information
            Assert.Single(authProviderOption.Scopes);
            Assert.Equal("User.Read", authProviderOption.Scopes[0]);
            Assert.Equal("claim", authProviderOption.Claims);
        }
예제 #2
0
        /// <summary>
        /// Attempts to acquire access token silently from the token cache.
        /// </summary>
        /// <exception cref="AuthenticationException">An exception occured when attempting to get access token silently.</exception>
        internal static async Task <AuthenticationResult> GetAccessTokenSilentAsync(this IClientApplicationBase clientApplication, AuthenticationProviderOption msalAuthProviderOption)
        {
            IAccount account;

            if (msalAuthProviderOption.UserAccount?.ObjectId != null)
            {
                // Parse GraphUserAccount to IAccount instance
                account = new GraphAccount(msalAuthProviderOption.UserAccount);
            }
            else
            {
                // If no graph user account is passed, try get the one in cache.
                IEnumerable <IAccount> accounts = await clientApplication.GetAccountsAsync();

                account = accounts.FirstOrDefault();
            }

            if (account == null)
            {
                return(null);
            }

            try
            {
                AcquireTokenSilentParameterBuilder tokenSilentBuilder = clientApplication.AcquireTokenSilent(msalAuthProviderOption.Scopes, account)
                                                                        .WithForceRefresh(msalAuthProviderOption.ForceRefresh);

                if (!ContainsWellKnownTenantName(clientApplication.Authority))
                {
                    tokenSilentBuilder.WithAuthority(clientApplication.Authority);
                }

                if (!string.IsNullOrEmpty(msalAuthProviderOption.Claims))
                {
                    tokenSilentBuilder.WithClaims(msalAuthProviderOption.Claims);
                }

                return(await tokenSilentBuilder.ExecuteAsync());
            }
            catch (MsalException)
            {
                return(null);
            }
            catch (Exception exception)
            {
                throw new AuthenticationException(
                          new Error
                {
                    Code    = ErrorConstants.Codes.GeneralException,
                    Message = ErrorConstants.Message.UnexpectedException
                },
                          exception);
            }
        }