private async Task <MsalTokenResponse> GetTokenResponseAsync(CancellationToken cancellationToken)
{
cancellationToken.ThrowIfCancellationRequested();
if (_requestParams.AppConfig.IsBrokerEnabled)
{
_logger.Info("Broker is configured. Starting broker flow without knowing the broker installation app link. ");
MsalTokenResponse brokerTokenResponse = await FetchTokensFromBrokerAsync(
null, // we don't have an installation URI yet
cancellationToken)
.ConfigureAwait(false);
// if we don't get back a result, then continue with the WebUi
if (brokerTokenResponse != null)
{
_logger.Info("Broker attempt completed successfully. ");
Metrics.IncrementTotalAccessTokensFromBroker();
return(brokerTokenResponse);
}
_logger.Info("Broker attempt did not complete, most likely because the broker is not installed. Attempting to use a browser / web UI. ");
cancellationToken.ThrowIfCancellationRequested();
}
IAuthCodeRequestComponent authorizationFetcher =
_authCodeRequestComponentOverride ??
new AuthCodeRequestComponent(
_requestParams,
_interactiveParameters);
var result = await authorizationFetcher.FetchAuthCodeAndPkceVerifierAsync(cancellationToken)
.ConfigureAwait(false);
_logger.Info("An authorization code was retrieved from the /authorize endpoint. ");
AuthorizationResult authResult = result.Item1;
string authCode = authResult.Code;
string pkceCodeVerifier = result.Item2;
if (BrokerInteractiveRequestComponent.IsBrokerRequiredAuthCode(authCode, out string brokerInstallUri))
{
return(await RunBrokerWithInstallUriAsync(brokerInstallUri, cancellationToken).ConfigureAwait(false));
}
_logger.Info("Exchanging the auth code for tokens. ");
var authCodeExchangeComponent =
_authCodeExchangeComponentOverride ??
new AuthCodeExchangeComponent(
_requestParams,
_interactiveParameters,
authCode,
pkceCodeVerifier,
authResult.ClientInfo);
MsalTokenResponse idpTokenResponse = await authCodeExchangeComponent.FetchTokensAsync(cancellationToken)
.ConfigureAwait(false);
Metrics.IncrementTotalAccessTokensFromIdP();
return(idpTokenResponse);
}
public async Task NoBroker_WebUiOnly_Async()
{
// Arrange - common stuff
using (MockHttpAndServiceBundle harness = CreateTestHarness())
{
MockInstanceDiscovery(harness.HttpManager);
ITokenCacheInternal cache = new TokenCache(harness.ServiceBundle, false);
var requestParams = harness.CreateAuthenticationRequestParameters(
TestConstants.AuthorityHomeTenant,
TestConstants.s_scope,
cache);
var interactiveParameters = new AcquireTokenInteractiveParameters();
// Arrange - important for test
requestParams.AppConfig.IsBrokerEnabled = false;
var authCodeResult = new Tuple <AuthorizationResult, string>(new AuthorizationResult()
{
Code = "some_auth_code"
}, "pkce_verifier");
_authCodeRequestComponentOverride.FetchAuthCodeAndPkceVerifierAsync(CancellationToken.None)
.Returns(Task.FromResult(authCodeResult));
_authCodeExchangeComponentOverride.FetchTokensAsync(CancellationToken.None)
.Returns(Task.FromResult(_msalTokenResponse));
InteractiveRequest interactiveRequest = new InteractiveRequest(
requestParams,
interactiveParameters,
_authCodeRequestComponentOverride,
_authCodeExchangeComponentOverride,
_brokerExchangeComponentOverride);
// Act
AuthenticationResult result = await interactiveRequest.RunAsync().ConfigureAwait(false);
// Assert - common stuff
Assert.IsNotNull(result);
Assert.AreEqual(TokenSource.IdentityProvider, result.AuthenticationResultMetadata.TokenSource);
Assert.IsTrue(!string.IsNullOrEmpty(result.AccessToken));
Assert.AreEqual(1, cache.Accessor.GetAllAccessTokens().Count());
// Assert - orchestration
#pragma warning disable VSTHRD101 // Avoid unsupported async delegates
Received.InOrder(async() =>
{
await _authCodeRequestComponentOverride
.FetchAuthCodeAndPkceVerifierAsync(default)
private async Task <MsalTokenResponse> GetTokenResponseAsync(CancellationToken cancellationToken)
{
cancellationToken.ThrowIfCancellationRequested();
if (_requestParams.AppConfig.IsBrokerEnabled)
{
_logger.Info("Broker is configured. Starting broker flow without knowing the broker installation app link. ");
MsalTokenResponse brokerTokenResponse = await FetchTokensFromBrokerAsync(
null, // we don't have an installation URI yet
cancellationToken)
.ConfigureAwait(false);
// if we don't get back a result, then continue with the WebUi
if (brokerTokenResponse != null)
{
_logger.Info("Broker attempt completed successfully. ");
Metrics.IncrementTotalAccessTokensFromBroker();
return(brokerTokenResponse);
}
if (string.Equals(_requestParams.AuthenticationScheme.AccessTokenType, Constants.PoPTokenType))
{
_logger.Error("A broker application is required for Proof-of-Possesion, but one could not be found or communicated with. See https://aka.ms/msal-net-pop");
throw new MsalClientException(MsalError.BrokerApplicationRequired, MsalErrorMessage.CannotInvokeBrokerForPop);
}
_logger.Info("Broker attempt did not complete, most likely because the broker is not installed. Attempting to use a browser / web UI. ");
cancellationToken.ThrowIfCancellationRequested();
}
if (_requestParams.AppConfig.MultiCloudSupportEnabled)
{
_logger.Info("Instance Aware was configured.");
_requestParams.AppConfig.ExtraQueryParameters[InstanceAwareParam] = "true";
}
IAuthCodeRequestComponent authorizationFetcher =
_authCodeRequestComponentOverride ??
new AuthCodeRequestComponent(
_requestParams,
_interactiveParameters);
var result = await authorizationFetcher.FetchAuthCodeAndPkceVerifierAsync(cancellationToken)
.ConfigureAwait(false);
_logger.Info("An authorization code was retrieved from the /authorize endpoint. ");
AuthorizationResult authResult = result.Item1;
string authCode = authResult.Code;
string pkceCodeVerifier = result.Item2;
if (BrokerInteractiveRequestComponent.IsBrokerRequiredAuthCode(authCode, out string brokerInstallUri))
{
return(await RunBrokerWithInstallUriAsync(brokerInstallUri, cancellationToken).ConfigureAwait(false));
}
if (_requestParams.AppConfig.MultiCloudSupportEnabled && !string.IsNullOrEmpty(authResult.CloudInstanceHost))
{
_logger.Info("Updating the authority to the cloud specific authority.");
_requestParams.AuthorityManager = new AuthorityManager(
_requestParams.RequestContext,
Authority.CreateAuthorityWithEnvironment(_requestParams.Authority.AuthorityInfo, authResult.CloudInstanceHost));
await ResolveAuthorityAsync().ConfigureAwait(false);
}
_logger.Info("Exchanging the auth code for tokens. ");
var authCodeExchangeComponent =
_authCodeExchangeComponentOverride ??
new AuthCodeExchangeComponent(
_requestParams,
_interactiveParameters,
authCode,
pkceCodeVerifier,
authResult.ClientInfo);
MsalTokenResponse idpTokenResponse = await authCodeExchangeComponent.FetchTokensAsync(cancellationToken)
.ConfigureAwait(false);
Metrics.IncrementTotalAccessTokensFromIdP();
return(idpTokenResponse);
}