/// <summary> /// Refreshes the partner credentials. /// </summary> /// <param name="context">The partner context.</param> /// <returns>A task which is complete when the refresh is done.</returns> private async Task RefreshAsync(IRequestContext context) { if (AADToken.IsExpired()) { if (tokenRefresher != null) { AuthenticationToken authenticationToken = await tokenRefresher(AADToken).ConfigureAwait(false); if (authenticationToken == null) { throw new PartnerException("Token refresher returned null token.", context, PartnerErrorCategory.Unauthorized, null); } if (authenticationToken.IsExpired()) { throw new PartnerException("Token refresher returned an expired token.", context, PartnerErrorCategory.Unauthorized, null); } AADToken = authenticationToken; } else { throw new PartnerException("AAD Token needs refreshing but no handler was registered.", context, PartnerErrorCategory.Unauthorized, null); } } await AuthenticateAsync(context).ConfigureAwait(false); }
/// <summary> /// Initializes a new instance of the <see cref="UserPartnerCredentials" /> class. /// </summary> /// <param name="aadApplicationId">The id of the application in Azure Active Directory.</param> /// <param name="aadAuthenticationToken">The Azure Active Directory token.</param> /// <param name="aadTokenRefresher">An optional delegate which will be called when the Azure Active Directory token /// expires and can no longer be used to generate the partner credentials. This delegate should return /// an up to date Azure Active Directory token.</param> public UserPartnerCredentials(string aadApplicationId, AuthenticationToken aadAuthenticationToken, TokenRefresher aadTokenRefresher = null) : base(aadApplicationId) { aadAuthenticationToken.AssertNotNull(nameof(aadAuthenticationToken)); if (aadAuthenticationToken.IsExpired()) { throw new ArgumentException(Resources.AuthenticationTokenExpired); } AADToken = aadAuthenticationToken; tokenRefresher = aadTokenRefresher; }
/// <exception cref="System.Exception"/> private void TestValidDelegationTokenHeader() { HttpServletRequest request = Org.Mockito.Mockito.Mock <HttpServletRequest>(); HttpServletResponse response = Org.Mockito.Mockito.Mock <HttpServletResponse>(); Org.Apache.Hadoop.Security.Token.Token <DelegationTokenIdentifier> dToken = (Org.Apache.Hadoop.Security.Token.Token <DelegationTokenIdentifier>)handler.GetTokenManager().CreateToken(UserGroupInformation .GetCurrentUser(), "user"); Org.Mockito.Mockito.When(request.GetHeader(Org.Mockito.Mockito.Eq(DelegationTokenAuthenticator .DelegationTokenHeader))).ThenReturn(dToken.EncodeToUrlString()); AuthenticationToken token = handler.Authenticate(request, response); Assert.Equal(UserGroupInformation.GetCurrentUser().GetShortUserName (), token.GetUserName()); Assert.Equal(0, token.GetExpires()); Assert.Equal(handler.GetType(), token.GetType()); Assert.True(token.IsExpired()); }