public InteractiveRequest( IServiceBundle serviceBundle, AuthenticationRequestParameters authenticationRequestParameters, ApiEvent.ApiIds apiId, IEnumerable <string> extraScopesToConsent, string loginHint, UIBehavior uiBehavior, IWebUI webUi) : base(serviceBundle, authenticationRequestParameters, apiId) { RedirectUriHelper.Validate(authenticationRequestParameters.RedirectUri); webUi?.ValidateRedirectUri(authenticationRequestParameters.RedirectUri); _extraScopesToConsent = new SortedSet <string>(); if (!extraScopesToConsent.IsNullOrEmpty()) { _extraScopesToConsent = ScopeHelper.CreateSortedSetFromEnumerable(extraScopesToConsent); } ValidateScopeInput(_extraScopesToConsent); authenticationRequestParameters.LoginHint = loginHint; if (!string.IsNullOrWhiteSpace(authenticationRequestParameters.ExtraQueryParameters) && authenticationRequestParameters.ExtraQueryParameters[0] == '&') { authenticationRequestParameters.ExtraQueryParameters = authenticationRequestParameters.ExtraQueryParameters.Substring(1); } _webUi = webUi; _uiBehavior = uiBehavior; AuthenticationRequestParameters.RequestContext.Logger.Info( "Additional scopes - " + _extraScopesToConsent.AsSingleString() + ";" + "UIBehavior - " + _uiBehavior.PromptValue); }
private async Task <Tuple <AuthorizationResult, string> > FetchAuthCodeAndPkceInternalAsync( IWebUI webUi, CancellationToken cancellationToken) { RedirectUriHelper.Validate(_requestParams.RedirectUri); _requestParams.RedirectUri = webUi.UpdateRedirectUri(_requestParams.RedirectUri); Tuple <Uri, string, string> authorizationTuple = CreateAuthorizationUri(true); Uri authorizationUri = authorizationTuple.Item1; string state = authorizationTuple.Item2; string codeVerifier = authorizationTuple.Item3; var uiEvent = new UiEvent(_requestParams.RequestContext.CorrelationId.AsMatsCorrelationId()); using (_requestParams.RequestContext.CreateTelemetryHelper(uiEvent)) { var authorizationResult = await webUi.AcquireAuthorizationAsync( authorizationUri, _requestParams.RedirectUri, _requestParams.RequestContext, cancellationToken).ConfigureAwait(false); uiEvent.UserCancelled = authorizationResult.Status == AuthorizationStatus.UserCancel; uiEvent.AccessDenied = authorizationResult.Status == AuthorizationStatus.ProtocolError; VerifyAuthorizationResult(authorizationResult, state); return(new Tuple <AuthorizationResult, string>(authorizationResult, codeVerifier)); } }
public void ValidateRedirectUri_NoOAuth2DefaultWhenUsingSystemBrowser() { Assert.ThrowsException <MsalClientException>(() => RedirectUriHelper.Validate(new Uri(Constants.DefaultRedirectUri), true)); RedirectUriHelper.Validate(new Uri(Constants.DefaultRedirectUri), false); }
public void ValidateRedirectUri_Throws() { Assert.ThrowsException <MsalClientException>( () => RedirectUriHelper.Validate(null)); Assert.ThrowsException <ArgumentException>( () => RedirectUriHelper.Validate(new Uri("https://redirectUri/uri#fragment")), "Validatation should fail if uri has a fragment, i.e. #foo"); }
public ConfidentialAuthCodeRequest( IServiceBundle serviceBundle, AuthenticationRequestParameters authenticationRequestParameters, AcquireTokenByAuthorizationCodeParameters authorizationCodeParameters) : base(serviceBundle, authenticationRequestParameters, authorizationCodeParameters) { _authorizationCodeParameters = authorizationCodeParameters; RedirectUriHelper.Validate(authenticationRequestParameters.RedirectUri); }
public void ValidateRedirectUri_DoesNotThrow() { // Arrange Uri inputUri = new Uri("http://redirectUri"); // Act RedirectUriHelper.Validate(inputUri); // Assert // no exception is thrown }
public AuthorizationCodeRequest( IServiceBundle serviceBundle, AuthenticationRequestParameters authenticationRequestParameters, ApiEvent.ApiIds apiId) : base(serviceBundle, authenticationRequestParameters, apiId) { if (string.IsNullOrWhiteSpace(authenticationRequestParameters.AuthorizationCode)) { throw new ArgumentNullException(nameof(authenticationRequestParameters.AuthorizationCode)); } RedirectUriHelper.Validate(authenticationRequestParameters.RedirectUri); }
public Uri UpdateRedirectUri(Uri redirectUri) { if (string.Equals(redirectUri.OriginalString, Constants.UapWEBRedirectUri, StringComparison.OrdinalIgnoreCase)) { _ssoMode = true; return(WebAuthenticationBroker.GetCurrentApplicationCallbackUri()); } else { RedirectUriHelper.Validate(redirectUri, usesSystemBrowser: false); return(redirectUri); } }
public InteractiveRequest( IServiceBundle serviceBundle, AuthenticationRequestParameters authenticationRequestParameters, AcquireTokenInteractiveParameters interactiveParameters, IWebUI webUi) : base(serviceBundle, authenticationRequestParameters, interactiveParameters) { _webUi = webUi; // can be null just to generate the authorization uri _interactiveParameters = interactiveParameters; RedirectUriHelper.Validate(authenticationRequestParameters.RedirectUri); // todo(migration): can't this just come directly from interactive parameters instead of needing do to this? _extraScopesToConsent = new SortedSet <string>(); if (!_interactiveParameters.ExtraScopesToConsent.IsNullOrEmpty()) { _extraScopesToConsent = ScopeHelper.CreateSortedSetFromEnumerable(_interactiveParameters.ExtraScopesToConsent); } ValidateScopeInput(_extraScopesToConsent); _interactiveParameters.LogParameters(authenticationRequestParameters.RequestContext.Logger); }
private async Task <Tuple <AuthorizationResult, string> > FetchAuthCodeAndPkceInternalAsync( IWebUI webUi, CancellationToken cancellationToken) { RedirectUriHelper.Validate(_requestParams.RedirectUri); _requestParams.RedirectUri = webUi.UpdateRedirectUri(_requestParams.RedirectUri); Tuple <Uri, string, string> authorizationTuple = CreateAuthorizationUri(true); Uri authorizationUri = authorizationTuple.Item1; string state = authorizationTuple.Item2; string codeVerifier = authorizationTuple.Item3; var authorizationResult = await webUi.AcquireAuthorizationAsync( authorizationUri, _requestParams.RedirectUri, _requestParams.RequestContext, cancellationToken).ConfigureAwait(false); VerifyAuthorizationResult(authorizationResult, state); return(new Tuple <AuthorizationResult, string>(authorizationResult, codeVerifier)); }
public Uri UpdateRedirectUri(Uri redirectUri) { RedirectUriHelper.Validate(redirectUri, usesSystemBrowser: false); return(redirectUri); }
public Uri UpdateRedirectUri(Uri redirectUri) { RedirectUriHelper.Validate(redirectUri); return(redirectUri); }
public override Uri UpdateRedirectUri(Uri redirectUri) { RedirectUriHelper.Validate(redirectUri, usesSystemBrowser: true); return(redirectUri); }
public override void ValidateRedirectUri(Uri redirectUri) { RedirectUriHelper.Validate(redirectUri, usesSystemBrowser: false); }
public void ValidateRedirectUri(Uri redirectUri) { RedirectUriHelper.Validate(redirectUri); }