public override void TestInitialize()
{
base.TestInitialize();
_authCodeRequestComponentOverride = Substitute.For <IAuthCodeRequestComponent>();
_authCodeExchangeComponentOverride = Substitute.For <ITokenRequestComponent>();
_brokerExchangeComponentOverride = Substitute.For <ITokenRequestComponent>();
}
private async Task <MsalTokenResponse> GetTokenResponseAsync(CancellationToken cancellationToken)
{
cancellationToken.ThrowIfCancellationRequested();
if (_requestParams.AppConfig.IsBrokerEnabled)
{
_logger.Info("Broker is configured. Starting broker flow without knowing the broker installation app link. ");
MsalTokenResponse brokerTokenResponse = await FetchTokensFromBrokerAsync(
null, // we don't have an installation URI yet
cancellationToken)
.ConfigureAwait(false);
// if we don't get back a result, then continue with the WebUi
if (brokerTokenResponse != null)
{
_logger.Info("Broker attempt completed successfully. ");
Metrics.IncrementTotalAccessTokensFromBroker();
return(brokerTokenResponse);
}
_logger.Info("Broker attempt did not complete, most likely because the broker is not installed. Attempting to use a browser / web UI. ");
cancellationToken.ThrowIfCancellationRequested();
}
IAuthCodeRequestComponent authorizationFetcher =
_authCodeRequestComponentOverride ??
new AuthCodeRequestComponent(
_requestParams,
_interactiveParameters);
var result = await authorizationFetcher.FetchAuthCodeAndPkceVerifierAsync(cancellationToken)
.ConfigureAwait(false);
_logger.Info("An authorization code was retrieved from the /authorize endpoint. ");
AuthorizationResult authResult = result.Item1;
string authCode = authResult.Code;
string pkceCodeVerifier = result.Item2;
if (BrokerInteractiveRequestComponent.IsBrokerRequiredAuthCode(authCode, out string brokerInstallUri))
{
return(await RunBrokerWithInstallUriAsync(brokerInstallUri, cancellationToken).ConfigureAwait(false));
}
_logger.Info("Exchanging the auth code for tokens. ");
var authCodeExchangeComponent =
_authCodeExchangeComponentOverride ??
new AuthCodeExchangeComponent(
_requestParams,
_interactiveParameters,
authCode,
pkceCodeVerifier,
authResult.ClientInfo);
MsalTokenResponse idpTokenResponse = await authCodeExchangeComponent.FetchTokensAsync(cancellationToken)
.ConfigureAwait(false);
Metrics.IncrementTotalAccessTokensFromIdP();
return(idpTokenResponse);
}
public InteractiveRequest(
AuthenticationRequestParameters requestParams,
AcquireTokenInteractiveParameters interactiveParameters,
/* for test */ IAuthCodeRequestComponent authCodeRequestComponentOverride = null,
/* for test */ ITokenRequestComponent authCodeExchangeComponentOverride = null,
/* for test */ ITokenRequestComponent brokerExchangeComponentOverride = null) :
base(requestParams?.RequestContext?.ServiceBundle,
requestParams,
interactiveParameters)
{
_requestParams = requestParams ?? throw new ArgumentNullException(nameof(requestParams));
_interactiveParameters = interactiveParameters ?? throw new ArgumentNullException(nameof(interactiveParameters));
_authCodeRequestComponentOverride = authCodeRequestComponentOverride;
_authCodeExchangeComponentOverride = authCodeExchangeComponentOverride;
_brokerInteractiveComponent = brokerExchangeComponentOverride;
_serviceBundle = requestParams.RequestContext.ServiceBundle;
_logger = requestParams.RequestContext.Logger;
}
private async Task <MsalTokenResponse> GetTokenResponseAsync(CancellationToken cancellationToken)
{
cancellationToken.ThrowIfCancellationRequested();
if (_requestParams.AppConfig.IsBrokerEnabled)
{
_logger.Info("Broker is configured. Starting broker flow without knowing the broker installation app link. ");
MsalTokenResponse brokerTokenResponse = await FetchTokensFromBrokerAsync(
null, // we don't have an installation URI yet
cancellationToken)
.ConfigureAwait(false);
// if we don't get back a result, then continue with the WebUi
if (brokerTokenResponse != null)
{
_logger.Info("Broker attempt completed successfully. ");
Metrics.IncrementTotalAccessTokensFromBroker();
return(brokerTokenResponse);
}
if (string.Equals(_requestParams.AuthenticationScheme.AccessTokenType, Constants.PoPTokenType))
{
_logger.Error("A broker application is required for Proof-of-Possesion, but one could not be found or communicated with. See https://aka.ms/msal-net-pop");
throw new MsalClientException(MsalError.BrokerApplicationRequired, MsalErrorMessage.CannotInvokeBrokerForPop);
}
_logger.Info("Broker attempt did not complete, most likely because the broker is not installed. Attempting to use a browser / web UI. ");
cancellationToken.ThrowIfCancellationRequested();
}
if (_requestParams.AppConfig.MultiCloudSupportEnabled)
{
_logger.Info("Instance Aware was configured.");
_requestParams.AppConfig.ExtraQueryParameters[InstanceAwareParam] = "true";
}
IAuthCodeRequestComponent authorizationFetcher =
_authCodeRequestComponentOverride ??
new AuthCodeRequestComponent(
_requestParams,
_interactiveParameters);
var result = await authorizationFetcher.FetchAuthCodeAndPkceVerifierAsync(cancellationToken)
.ConfigureAwait(false);
_logger.Info("An authorization code was retrieved from the /authorize endpoint. ");
AuthorizationResult authResult = result.Item1;
string authCode = authResult.Code;
string pkceCodeVerifier = result.Item2;
if (BrokerInteractiveRequestComponent.IsBrokerRequiredAuthCode(authCode, out string brokerInstallUri))
{
return(await RunBrokerWithInstallUriAsync(brokerInstallUri, cancellationToken).ConfigureAwait(false));
}
if (_requestParams.AppConfig.MultiCloudSupportEnabled && !string.IsNullOrEmpty(authResult.CloudInstanceHost))
{
_logger.Info("Updating the authority to the cloud specific authority.");
_requestParams.AuthorityManager = new AuthorityManager(
_requestParams.RequestContext,
Authority.CreateAuthorityWithEnvironment(_requestParams.Authority.AuthorityInfo, authResult.CloudInstanceHost));
await ResolveAuthorityAsync().ConfigureAwait(false);
}
_logger.Info("Exchanging the auth code for tokens. ");
var authCodeExchangeComponent =
_authCodeExchangeComponentOverride ??
new AuthCodeExchangeComponent(
_requestParams,
_interactiveParameters,
authCode,
pkceCodeVerifier,
authResult.ClientInfo);
MsalTokenResponse idpTokenResponse = await authCodeExchangeComponent.FetchTokensAsync(cancellationToken)
.ConfigureAwait(false);
Metrics.IncrementTotalAccessTokensFromIdP();
return(idpTokenResponse);
}
