private static AuthorizationResult ProcessAuthorizationResult(WebAuthenticationResult webAuthenticationResult)
{
AuthorizationResult result;
switch (webAuthenticationResult.ResponseStatus)
{
case WebAuthenticationStatus.Success:
result = AuthorizationResult.FromUri(webAuthenticationResult.ResponseData);
break;
case WebAuthenticationStatus.ErrorHttp:
result = AuthorizationResult.FromStatus(AuthorizationStatus.ErrorHttp);
result.Code = webAuthenticationResult.ResponseErrorDetail.ToString(CultureInfo.InvariantCulture);
break;
case WebAuthenticationStatus.UserCancel:
result = AuthorizationResult.FromStatus(AuthorizationStatus.UserCancel);
break;
default:
result = AuthorizationResult.FromStatus(AuthorizationStatus.UnknownError);
break;
}
return(result);
}
private bool CheckForClosingUrl(Uri url)
{
bool readyToClose = false;
if (url.Authority.Equals(_desiredCallbackUri.Authority, StringComparison.OrdinalIgnoreCase) &&
url.AbsolutePath.Equals(_desiredCallbackUri.AbsolutePath))
{
RequestContext.Logger.Info("Redirect Uri was reached. Stopping webview navigation...");
Result = AuthorizationResult.FromUri(url.OriginalString);
readyToClose = true;
}
if (!readyToClose && !url.Scheme.Equals("https", StringComparison.OrdinalIgnoreCase) &&
!url.AbsoluteUri.Equals("about:blank", StringComparison.OrdinalIgnoreCase) && !url.Scheme.Equals("javascript", StringComparison.OrdinalIgnoreCase))
{
RequestContext.Logger.Error(string.Format(CultureInfo.InvariantCulture,
"Redirection to non-HTTPS scheme ({0}) found! Webview will fail...", url.Scheme));
Result = AuthorizationResult.FromStatus(
AuthorizationStatus.ErrorHttp,
MsalError.NonHttpsRedirectNotSupported,
MsalErrorMessage.NonHttpsRedirectNotSupported);
readyToClose = true;
}
if (readyToClose)
{
StopWebBrowser();
// in this handler object could be already disposed, so it should be the last method
OnClosingUrl();
}
return(readyToClose);
}
private bool CheckForEndUrl(Uri url)
{
bool readyToClose = false;
if (url.Authority.Equals(_endUri.Authority, StringComparison.OrdinalIgnoreCase) &&
url.AbsolutePath.Equals(_endUri.AbsolutePath))
{
_logger.Info("Redirect Uri was reached. Stopping webview navigation...");
_result = AuthorizationResult.FromUri(url.OriginalString);
readyToClose = true;
}
if (!readyToClose &&
!url.Scheme.Equals("https", StringComparison.OrdinalIgnoreCase) &&
!url.AbsoluteUri.Equals("about:blank", StringComparison.OrdinalIgnoreCase) &&
!url.Scheme.Equals("javascript", StringComparison.OrdinalIgnoreCase))
{
_logger.Error($"Redirection to non-HTTPS scheme ({url.Scheme}) found! Webview will fail...");
_result = AuthorizationResult.FromStatus(
AuthorizationStatus.ErrorHttp,
MsalError.NonHttpsRedirectNotSupported,
MsalErrorMessage.NonHttpsRedirectNotSupported);
readyToClose = true;
}
if (readyToClose)
{
// This should close the dialog
DialogResult = DialogResult.OK;
}
return(readyToClose);
}
private bool CheckForClosingUrl(Uri url, byte[] postData = null)
{
bool readyToClose = false;
if (url.Authority.Equals(_desiredCallbackUri.Authority, StringComparison.OrdinalIgnoreCase) &&
url.AbsolutePath.Equals(_desiredCallbackUri.AbsolutePath))
{
RequestContext.Logger.Info("[Legacy WebView] Redirect URI was reached. Stopping WebView navigation...");
Result = AuthorizationResult.FromPostData(postData);
readyToClose = true;
}
if (!readyToClose && !EmbeddedUiCommon.IsAllowedIeOrEdgeAuthorizationRedirect(url)) // IE error pages
{
RequestContext.Logger.Error(string.Format(CultureInfo.InvariantCulture,
"[Legacy WebView] Redirection to non-HTTPS uri: {0} - WebView1 will fail...", url));
Result = AuthorizationResult.FromStatus(
AuthorizationStatus.ErrorHttp,
MsalError.NonHttpsRedirectNotSupported,
MsalErrorMessage.NonHttpsRedirectNotSupported);
readyToClose = true;
}
if (readyToClose)
{
StopWebBrowser();
// in this handler object could be already disposed, so it should be the last method
OnClosingUrl();
}
return(readyToClose);
}
public void DidFinish(SFSafariViewController controller)
{
controller.DismissViewController(true, null);
if (returnedUriReady != null)
{
authorizationResult = AuthorizationResult.FromStatus(AuthorizationStatus.UserCancel);
returnedUriReady.Release();
}
}
public void ProcessCompletionHandlerError(NSError error)
{
if (returnedUriReady != null)
{
// The authorizationResult is set on the class and sent back to the InteractiveRequest
// There it's processed in VerifyAuthorizationResult() and an MsalClientException
// will be thrown.
authorizationResult = AuthorizationResult.FromStatus(AuthorizationStatus.UserCancel);
returnedUriReady.Release();
}
}
private static AuthorizationResult ProcessFromSystemWebview(int requestCode, Result resultCode, Intent data)
{
switch ((int)resultCode)
{
case AndroidConstants.AuthCodeReceived:
return(AuthorizationResult.FromUri(data.GetStringExtra("com.microsoft.identity.client.finalUrl")));
case AndroidConstants.Cancel:
return(AuthorizationResult.FromStatus(AuthorizationStatus.UserCancel));
default:
return(AuthorizationResult.FromStatus(AuthorizationStatus.UnknownError));
}
}
private static AuthorizationResult ProcessFromEmbeddedWebview(int requestCode, Result resultCode, Intent data)
{
switch ((int)resultCode)
{
case (int)Result.Ok:
return(AuthorizationResult.FromUri(data.GetStringExtra("ReturnedUrl")));
case (int)Result.Canceled:
return(AuthorizationResult.FromStatus(AuthorizationStatus.UserCancel));
default:
return(AuthorizationResult.FromStatus(AuthorizationStatus.UnknownError));
}
}
/// <summary>
/// </summary>
public void ShowBrowser()
{
DialogResult uiResult = DialogResult.None;
InvokeHandlingOwnerWindow(() => uiResult = ShowDialog(ownerWindow));
switch (uiResult)
{
case DialogResult.OK:
break;
case DialogResult.Cancel:
Result = AuthorizationResult.FromStatus(AuthorizationStatus.UserCancel);
break;
default:
throw CreateExceptionForAuthenticationUiFailed(_statusCode);
}
}
private static AuthorizationResult ProcessFromEmbeddedWebview(int requestCode, Result resultCode, Intent data)
{
switch ((int)resultCode)
{
case (int)Result.Ok:
return(AuthorizationResult.FromUri(data.GetStringExtra("ReturnedUrl")));
case (int)Result.Canceled:
return(AuthorizationResult.FromStatus(AuthorizationStatus.UserCancel));
case BrokerResponseCode.ResponseReceived:
case BrokerResponseCode.BrowserCodeError:
case BrokerResponseCode.UserCancelled:
AndroidBroker.SetBrokerResult(data, (int)resultCode);
return(null);
default:
return(AuthorizationResult.FromStatus(AuthorizationStatus.UnknownError));
}
}
private void DisplayDialog()
{
DialogResult uiResult = DialogResult.None;
InvokeHandlingOwnerWindow(() => uiResult = ShowDialog(_ownerWindow));
switch (uiResult)
{
case DialogResult.OK:
break;
case DialogResult.Cancel:
_result = AuthorizationResult.FromStatus(AuthorizationStatus.UserCancel);
break;
default:
throw new MsalClientException(
"webview2_unexpectedResult",
"WebView2 returned an unexpected result: " + uiResult);
}
}
public override void DecidePolicy(WKWebView webView, WKNavigationAction navigationAction, Action <WKNavigationActionPolicy> decisionHandler)
{
string requestUrlString = navigationAction.Request.Url.ToString();
// If the URL has the browser:// scheme then this is a request to open an external browser
if (requestUrlString.StartsWith(iOSBrokerConstants.BrowserExtPrefix, StringComparison.OrdinalIgnoreCase))
{
DispatchQueue.MainQueue.DispatchAsync(() => _authenticationAgentUIViewController.CancelAuthentication(null, null));
// Build the HTTPS URL for launching with an external browser
var httpsUrlBuilder = new UriBuilder(requestUrlString)
{
Scheme = Uri.UriSchemeHttps
};
requestUrlString = httpsUrlBuilder.Uri.AbsoluteUri;
DispatchQueue.MainQueue.DispatchAsync(
() => UIApplication.SharedApplication.OpenUrl(new NSUrl(requestUrlString)));
_authenticationAgentUIViewController.DismissViewController(true, null);
decisionHandler(WKNavigationActionPolicy.Cancel);
return;
}
if (requestUrlString.StartsWith(_authenticationAgentUIViewController.Callback, StringComparison.OrdinalIgnoreCase) ||
requestUrlString.StartsWith(iOSBrokerConstants.BrowserExtInstallPrefix, StringComparison.OrdinalIgnoreCase))
{
_authenticationAgentUIViewController.DismissViewController(true, () =>
_authenticationAgentUIViewController.CallbackMethod(AuthorizationResult.FromUri(requestUrlString)));
decisionHandler(WKNavigationActionPolicy.Cancel);
return;
}
if (requestUrlString.StartsWith(iOSBrokerConstants.DeviceAuthChallengeRedirect, StringComparison.OrdinalIgnoreCase))
{
Uri uri = new Uri(requestUrlString);
string query = uri.Query;
if (query.StartsWith("?", StringComparison.OrdinalIgnoreCase))
{
query = query.Substring(1);
}
Dictionary <string, string> keyPair = CoreHelpers.ParseKeyValueList(query, '&', true, false, null);
string responseHeader = DeviceAuthHelper.CreateDeviceAuthChallengeResponseAsync(keyPair).Result;
NSMutableUrlRequest newRequest = (NSMutableUrlRequest)navigationAction.Request.MutableCopy();
newRequest.Url = new NSUrl(keyPair["SubmitUrl"]);
newRequest[iOSBrokerConstants.ChallengeResponseHeader] = responseHeader;
webView.LoadRequest(newRequest);
decisionHandler(WKNavigationActionPolicy.Cancel);
return;
}
if (!navigationAction.Request.Url.AbsoluteString.Equals(AboutBlankUri, StringComparison.OrdinalIgnoreCase) &&
!navigationAction.Request.Url.Scheme.Equals(Uri.UriSchemeHttps, StringComparison.OrdinalIgnoreCase))
{
AuthorizationResult result = AuthorizationResult.FromStatus(
AuthorizationStatus.ErrorHttp,
MsalError.NonHttpsRedirectNotSupported,
MsalErrorMessage.NonHttpsRedirectNotSupported);
_authenticationAgentUIViewController.DismissViewController(true, () => _authenticationAgentUIViewController.CallbackMethod(result));
decisionHandler(WKNavigationActionPolicy.Cancel);
return;
}
decisionHandler(WKNavigationActionPolicy.Allow);
return;
}
public void CancelAuthentication(object sender, EventArgs e)
{
this.DismissViewController(true, () =>
CallbackMethod(AuthorizationResult.FromStatus(AuthorizationStatus.UserCancel)));
}
void CancelAuthentication()
{
_callbackMethod(AuthorizationResult.FromStatus(AuthorizationStatus.UserCancel));
}
void DecidePolicyForNavigation(WebView webView, NSDictionary actionInformation, NSUrlRequest request, WebFrame frame, NSObject decisionToken)
{
if (request == null)
{
WebView.DecideUse(decisionToken);
return;
}
string requestUrlString = request.Url.ToString();
if (requestUrlString.StartsWith(BrokerConstants.BrowserExtPrefix, StringComparison.OrdinalIgnoreCase))
{
var result = AuthorizationResult.FromStatus(
AuthorizationStatus.ProtocolError,
"Unsupported request",
"Server is redirecting client to browser. This behavior is not yet defined on Mac OS X.");
_callbackMethod(result);
WebView.DecideIgnore(decisionToken);
Close();
return;
}
if (requestUrlString.ToLower(CultureInfo.InvariantCulture).StartsWith(_callback.ToLower(CultureInfo.InvariantCulture), StringComparison.OrdinalIgnoreCase) ||
requestUrlString.StartsWith(BrokerConstants.BrowserExtInstallPrefix, StringComparison.OrdinalIgnoreCase))
{
_callbackMethod(AuthorizationResult.FromUri(request.Url.ToString()));
WebView.DecideIgnore(decisionToken);
Close();
return;
}
if (requestUrlString.StartsWith(BrokerConstants.DeviceAuthChallengeRedirect, StringComparison.CurrentCultureIgnoreCase))
{
var uri = new Uri(requestUrlString);
string query = uri.Query;
if (query.StartsWith("?", StringComparison.OrdinalIgnoreCase))
{
query = query.Substring(1);
}
Dictionary <string, string> keyPair = CoreHelpers.ParseKeyValueList(query, '&', true, false, null);
string responseHeader = DeviceAuthHelper.GetBypassChallengeResponse(keyPair);
var newRequest = (NSMutableUrlRequest)request.MutableCopy();
newRequest.Url = new NSUrl(keyPair["SubmitUrl"]);
newRequest[BrokerConstants.ChallengeResponseHeader] = responseHeader;
webView.MainFrame.LoadRequest(newRequest);
WebView.DecideIgnore(decisionToken);
return;
}
if (!request.Url.AbsoluteString.Equals("about:blank", StringComparison.CurrentCultureIgnoreCase) &&
!request.Url.Scheme.Equals("https", StringComparison.CurrentCultureIgnoreCase))
{
var result = AuthorizationResult.FromStatus(
AuthorizationStatus.ErrorHttp,
MsalError.NonHttpsRedirectNotSupported,
MsalErrorMessage.NonHttpsRedirectNotSupported);
_callbackMethod(result);
WebView.DecideIgnore(decisionToken);
Close();
}
WebView.DecideUse(decisionToken);
}