public static void DeleteCredentials(Program program, OperationArguments operationArguments) { if (ReferenceEquals(operationArguments, null)) { throw new ArgumentNullException("operationArguments"); } var task = Task.Run(async() => { return(await program.CreateAuthentication(operationArguments)); }); BaseAuthentication authentication = task.Result; switch (operationArguments.Authority) { default: case AuthorityType.Basic: Git.Trace.WriteLine($"deleting basic credentials for '{operationArguments.TargetUri}'."); authentication.DeleteCredentials(operationArguments.TargetUri); break; case AuthorityType.AzureDirectory: case AuthorityType.MicrosoftAccount: Git.Trace.WriteLine($"deleting VSTS credentials for '{operationArguments.TargetUri}'."); BaseVstsAuthentication vstsAuth = authentication as BaseVstsAuthentication; vstsAuth.DeleteCredentials(operationArguments.TargetUri); break; case AuthorityType.GitHub: Git.Trace.WriteLine($"deleting GitHub credentials for '{operationArguments.TargetUri}'."); Github.Authentication ghAuth = authentication as Github.Authentication; ghAuth.DeleteCredentials(operationArguments.TargetUri); break; case AuthorityType.Bitbucket: Git.Trace.WriteLine($"deleting Bitbucket credentials for '{operationArguments.TargetUri}'."); var bbAuth = authentication as Bitbucket.Authentication; bbAuth.DeleteCredentials(operationArguments.TargetUri, operationArguments.CredUsername); break; } }
public static async Task <BaseAuthentication> CreateAuthentication(Program program, OperationArguments operationArguments) { if (operationArguments is null) { throw new ArgumentNullException(nameof(operationArguments)); } if (operationArguments.TargetUri is null) { var innerException = new NullReferenceException($"`{operationArguments.TargetUri}` cannot be null."); throw new ArgumentException(innerException.Message, nameof(operationArguments), innerException); } var secretsNamespace = operationArguments.CustomNamespace ?? Program.SecretsNamespace; BaseAuthentication authority = null; var basicCredentialCallback = (operationArguments.UseModalUi) ? new AcquireCredentialsDelegate(program.ModalPromptForCredentials) : new AcquireCredentialsDelegate(program.BasicCredentialPrompt); var bitbucketPrompts = new Bitbucket.AuthenticationPrompts(program.Context); var bitbucketCredentialCallback = (operationArguments.UseModalUi) ? bitbucketPrompts.CredentialModalPrompt : new Bitbucket.Authentication.AcquireCredentialsDelegate(program.BitbucketCredentialPrompt); var bitbucketOauthCallback = (operationArguments.UseModalUi) ? bitbucketPrompts.AuthenticationOAuthModalPrompt : new Bitbucket.Authentication.AcquireAuthenticationOAuthDelegate(program.BitbucketOAuthPrompt); var githubPrompts = new Github.AuthenticationPrompts(program.Context); var githubCredentialCallback = (operationArguments.UseModalUi) ? new Github.Authentication.AcquireCredentialsDelegate(githubPrompts.CredentialModalPrompt) : new Github.Authentication.AcquireCredentialsDelegate(program.GitHubCredentialPrompt); var githubAuthcodeCallback = (operationArguments.UseModalUi) ? new Github.Authentication.AcquireAuthenticationCodeDelegate(githubPrompts.AuthenticationCodeModalPrompt) : new Github.Authentication.AcquireAuthenticationCodeDelegate(program.GitHubAuthCodePrompt); NtlmSupport basicNtlmSupport = NtlmSupport.Auto; switch (operationArguments.Authority) { case AuthorityType.Auto: program.Trace.WriteLine($"detecting authority type for '{operationArguments.TargetUri}'."); // Detect the authority. authority = await BaseVstsAuthentication.GetAuthentication(program.Context, operationArguments.TargetUri, Program.VstsCredentialScope, new SecretStore(program.Context, secretsNamespace, BaseVstsAuthentication.UriNameConversion)) ?? Github.Authentication.GetAuthentication(program.Context, operationArguments.TargetUri, Program.GitHubCredentialScope, new SecretStore(program.Context, secretsNamespace, Secret.UriToName), githubCredentialCallback, githubAuthcodeCallback, null) ?? Bitbucket.Authentication.GetAuthentication(program.Context, operationArguments.TargetUri, new SecretStore(program.Context, secretsNamespace, Secret.UriToIdentityUrl), bitbucketCredentialCallback, bitbucketOauthCallback); if (authority != null) { // Set the authority type based on the returned value. if (authority is VstsMsaAuthentication) { operationArguments.Authority = AuthorityType.MicrosoftAccount; goto case AuthorityType.MicrosoftAccount; } else if (authority is VstsAadAuthentication) { operationArguments.Authority = AuthorityType.AzureDirectory; goto case AuthorityType.AzureDirectory; } else if (authority is Github.Authentication) { operationArguments.Authority = AuthorityType.GitHub; goto case AuthorityType.GitHub; } else if (authority is Bitbucket.Authentication) { operationArguments.Authority = AuthorityType.Bitbucket; goto case AuthorityType.Bitbucket; } } goto default; case AuthorityType.AzureDirectory: program.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is Azure Directory."); Guid tenantId = Guid.Empty; // Get the identity of the tenant. var result = await BaseVstsAuthentication.DetectAuthority(program.Context, operationArguments.TargetUri); if (result.HasValue) { tenantId = result.Value; } // Return the allocated authority or a generic AAD backed VSTS authentication object. return(authority ?? new VstsAadAuthentication(program.Context, tenantId, operationArguments.VstsTokenScope, new SecretStore(program.Context, secretsNamespace, VstsAadAuthentication.UriNameConversion))); case AuthorityType.Basic: // Enforce basic authentication only. basicNtlmSupport = NtlmSupport.Never; goto default; case AuthorityType.GitHub: program.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is GitHub."); // Return a GitHub authentication object. return(authority ?? new Github.Authentication(program.Context, operationArguments.TargetUri, Program.GitHubCredentialScope, new SecretStore(program.Context, secretsNamespace, Secret.UriToName), githubCredentialCallback, githubAuthcodeCallback, null)); case AuthorityType.Bitbucket: program.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is Bitbucket"); // Return a Bitbucket authentication object. return(authority ?? new Bitbucket.Authentication(program.Context, new SecretStore(program.Context, secretsNamespace, Secret.UriToIdentityUrl), bitbucketCredentialCallback, bitbucketOauthCallback)); case AuthorityType.MicrosoftAccount: program.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is Microsoft Live."); // Return the allocated authority or a generic MSA backed VSTS authentication object. return(authority ?? new VstsMsaAuthentication(program.Context, operationArguments.VstsTokenScope, new SecretStore(program.Context, secretsNamespace, VstsMsaAuthentication.UriNameConversion))); case AuthorityType.Ntlm: // Enforce NTLM authentication only. basicNtlmSupport = NtlmSupport.Always; goto default; default: program.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is basic with NTLM={basicNtlmSupport}."); // Return a generic username + password authentication object. return(authority ?? new BasicAuthentication(program.Context, new SecretStore(program.Context, secretsNamespace, Secret.UriToIdentityUrl), basicNtlmSupport, basicCredentialCallback, null)); } }
private static void Delete() { Trace.WriteLine("Program::Erase"); string[] args = Environment.GetCommandLineArgs(); if (args.Length < 3) { goto error_parse; } string url = args[2]; Uri uri = null; if (Uri.IsWellFormedUriString(url, UriKind.Absolute)) { if (!Uri.TryCreate(url, UriKind.Absolute, out uri)) { goto error_parse; } } else { url = String.Format("{0}://{1}", Uri.UriSchemeHttps, url); if (!Uri.TryCreate(url, UriKind.Absolute, out uri)) { goto error_parse; } } var stdin = Console.OpenStandardInput(); OperationArguments operationArguments = new OperationArguments(stdin); operationArguments.QueryUri = uri; LoadOperationArguments(operationArguments); BaseAuthentication authentication = CreateAuthentication(operationArguments); switch (operationArguments.Authority) { default: case AuthorityType.Basic: Trace.WriteLine(" deleting basic credentials"); authentication.DeleteCredentials(operationArguments.TargetUri); break; case AuthorityType.AzureDirectory: case AuthorityType.MicrosoftAccount: Trace.WriteLine(" deleting VSTS credentials"); BaseVstsAuthentication vstsAuth = authentication as BaseVstsAuthentication; vstsAuth.DeleteCredentials(operationArguments.TargetUri); // call delete twice to purge any stored ADA tokens vstsAuth.DeleteCredentials(operationArguments.TargetUri); break; case AuthorityType.GitHub: Trace.WriteLine(" deleting GitHub credentials"); GitHubAuthentication ghAuth = authentication as GitHubAuthentication; ghAuth.DeleteCredentials(operationArguments.TargetUri); break; } return; error_parse: Console.Error.WriteLine("Fatal: unable to parse target URI."); }
public static async Task <BaseAuthentication> CreateAuthentication(Program program, OperationArguments operationArguments) { Debug.Assert(operationArguments != null, "The operationArguments is null"); Debug.Assert(operationArguments.TargetUri != null, "The operationArgument.TargetUri is null"); var secretsNamespace = operationArguments.CustomNamespace ?? Program.SecretsNamespace; var secrets = new SecretStore(secretsNamespace, null, null, Secret.UriToName); BaseAuthentication authority = null; var basicCredentialCallback = (operationArguments.UseModalUi) ? new AcquireCredentialsDelegate(program.ModalPromptForCredentials) : new AcquireCredentialsDelegate(program.BasicCredentialPrompt); var bitbucketCredentialCallback = (operationArguments.UseModalUi) ? Bitbucket.AuthenticationPrompts.CredentialModalPrompt : new Bitbucket.Authentication.AcquireCredentialsDelegate(program.BitbucketCredentialPrompt); var bitbucketOauthCallback = (operationArguments.UseModalUi) ? Bitbucket.AuthenticationPrompts.AuthenticationOAuthModalPrompt : new Bitbucket.Authentication.AcquireAuthenticationOAuthDelegate(program.BitbucketOAuthPrompt); var githubCredentialCallback = (operationArguments.UseModalUi) ? new Github.Authentication.AcquireCredentialsDelegate(Github.AuthenticationPrompts.CredentialModalPrompt) : new Github.Authentication.AcquireCredentialsDelegate(program.GitHubCredentialPrompt); var githubAuthcodeCallback = (operationArguments.UseModalUi) ? new Github.Authentication.AcquireAuthenticationCodeDelegate(Github.AuthenticationPrompts.AuthenticationCodeModalPrompt) : new Github.Authentication.AcquireAuthenticationCodeDelegate(program.GitHubAuthCodePrompt); NtlmSupport basicNtlmSupport = NtlmSupport.Auto; switch (operationArguments.Authority) { case AuthorityType.Auto: Git.Trace.WriteLine($"detecting authority type for '{operationArguments.TargetUri}'."); // detect the authority authority = await BaseVstsAuthentication.GetAuthentication(operationArguments.TargetUri, Program.VstsCredentialScope, secrets) ?? Github.Authentication.GetAuthentication(operationArguments.TargetUri, Program.GitHubCredentialScope, secrets, githubCredentialCallback, githubAuthcodeCallback, null) ?? Bitbucket.Authentication.GetAuthentication(operationArguments.TargetUri, new SecretStore(secretsNamespace, Secret.UriToActualUrl), bitbucketCredentialCallback, bitbucketOauthCallback); if (authority != null) { // set the authority type based on the returned value if (authority is VstsMsaAuthentication) { operationArguments.Authority = AuthorityType.MicrosoftAccount; goto case AuthorityType.MicrosoftAccount; } else if (authority is VstsAadAuthentication) { operationArguments.Authority = AuthorityType.AzureDirectory; goto case AuthorityType.AzureDirectory; } else if (authority is Github.Authentication) { operationArguments.Authority = AuthorityType.GitHub; goto case AuthorityType.GitHub; } else if (authority is Bitbucket.Authentication) { operationArguments.Authority = AuthorityType.Bitbucket; goto case AuthorityType.Bitbucket; } } goto default; case AuthorityType.AzureDirectory: Git.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is Azure Directory."); Guid tenantId = Guid.Empty; // Get the identity of the tenant. var result = await BaseVstsAuthentication.DetectAuthority(operationArguments.TargetUri); if (result.Key) { tenantId = result.Value; } // return the allocated authority or a generic AAD backed VSTS authentication object return(authority ?? new VstsAadAuthentication(tenantId, Program.VstsCredentialScope, secrets)); case AuthorityType.Basic: // enforce basic authentication only basicNtlmSupport = NtlmSupport.Never; goto default; case AuthorityType.GitHub: Git.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is GitHub."); // return a GitHub authentication object return(authority ?? new Github.Authentication(operationArguments.TargetUri, Program.GitHubCredentialScope, secrets, githubCredentialCallback, githubAuthcodeCallback, null)); case AuthorityType.Bitbucket: Git.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is Bitbucket"); // return a Bitbucket authentication object return(authority ?? new Bitbucket.Authentication(secrets, bitbucketCredentialCallback, bitbucketOauthCallback)); case AuthorityType.MicrosoftAccount: Git.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is Microsoft Live."); // return the allocated authority or a generic MSA backed VSTS authentication object return(authority ?? new VstsMsaAuthentication(Program.VstsCredentialScope, secrets)); case AuthorityType.Ntlm: // enforce NTLM authentication only basicNtlmSupport = NtlmSupport.Always; goto default; default: Git.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is basic with NTLM={basicNtlmSupport}."); // return a generic username + password authentication object return(authority ?? new BasicAuthentication(secrets, basicNtlmSupport, basicCredentialCallback, null)); } }