public void SaveRefreshToken(RefreshTokenCacheItem refreshTokenItem) { TokenCacheDictionary[refreshTokenItem.GetTokenCacheKey().ToString()] = JsonHelper.SerializeToJson(refreshTokenItem); }
internal AccessTokenCacheItem SaveAccessAndRefreshToken(AuthenticationRequestParameters requestParams, TokenResponse response) { lock (LockObject) { try { // create the access token cache item AccessTokenCacheItem accessTokenCacheItem = new AccessTokenCacheItem(requestParams.TenantUpdatedCanonicalAuthority, requestParams.ClientId, response) { UserAssertionHash = requestParams.UserAssertion?.AssertionHash }; TokenCacheNotificationArgs args = new TokenCacheNotificationArgs { TokenCache = this, ClientId = ClientId, User = accessTokenCacheItem.User }; HasStateChanged = true; OnBeforeAccess(args); OnBeforeWrite(args); //delete all cache entries with intersecting scopes. //this should not happen but we have this as a safe guard //against multiple matches. var msg = "Looking for scopes for the authority in the cache which intersect with " + requestParams.Scope.AsSingleString(); requestParams.RequestContext.Logger.Info(msg); requestParams.RequestContext.Logger.InfoPii(msg); IList <AccessTokenCacheItem> accessTokenItemList = new List <AccessTokenCacheItem>(); foreach (var accessTokenString in TokenCacheAccessor.GetAllAccessTokensAsString()) { AccessTokenCacheItem accessTokenItem = JsonHelper.DeserializeFromJson <AccessTokenCacheItem>(accessTokenString); if (accessTokenItem.ClientId.Equals(ClientId) && accessTokenItem.Authority.Equals(requestParams.TenantUpdatedCanonicalAuthority) && accessTokenItem.ScopeSet.ScopeIntersects(accessTokenCacheItem.ScopeSet)) { msg = "Intersecting scopes found - " + accessTokenItem.Scope; requestParams.RequestContext.Logger.Verbose(msg); requestParams.RequestContext.Logger.VerbosePii(msg); accessTokenItemList.Add(accessTokenItem); } } msg = "Intersecting scope entries count - " + accessTokenItemList.Count; requestParams.RequestContext.Logger.Info(msg); requestParams.RequestContext.Logger.InfoPii(msg); if (!requestParams.IsClientCredentialRequest) { //filter by identifer of the user instead accessTokenItemList = accessTokenItemList.Where( item => item.GetUserIdentifier().Equals(accessTokenCacheItem.GetUserIdentifier())) .ToList(); msg = "Matching entries after filtering by user - " + accessTokenItemList.Count; requestParams.RequestContext.Logger.Info(msg); requestParams.RequestContext.Logger.InfoPii(msg); } foreach (var cacheItem in accessTokenItemList) { TokenCacheAccessor.DeleteAccessToken(cacheItem.GetAccessTokenItemKey().ToString(), requestParams.RequestContext); } TokenCacheAccessor.SaveAccessToken(accessTokenCacheItem.GetAccessTokenItemKey().ToString(), JsonHelper.SerializeToJson(accessTokenCacheItem), requestParams.RequestContext); // if server returns the refresh token back, save it in the cache. if (response.RefreshToken != null) { // create the refresh token cache item RefreshTokenCacheItem refreshTokenCacheItem = new RefreshTokenCacheItem( requestParams.Authority.Host, requestParams.ClientId, response); msg = "Saving RT in cache..."; requestParams.RequestContext.Logger.Info(msg); requestParams.RequestContext.Logger.InfoPii(msg); TokenCacheAccessor.SaveRefreshToken(refreshTokenCacheItem.GetRefreshTokenItemKey().ToString(), JsonHelper.SerializeToJson(refreshTokenCacheItem), requestParams.RequestContext); } OnAfterAccess(args); return(accessTokenCacheItem); } finally { HasStateChanged = false; } } }
public void SerializeDeserializeCacheTest() { TokenCache cache = new TokenCache() { ClientId = TestConstants.ClientId }; TokenResponse response = new TokenResponse(); response.IdToken = MockHelpers.CreateIdToken(TestConstants.UniqueId, TestConstants.DisplayableId); response.ClientInfo = MockHelpers.CreateClientInfo(); response.AccessToken = "access-token"; response.ExpiresIn = 3599; response.CorrelationId = "correlation-id"; response.RefreshToken = "refresh-token"; response.Scope = TestConstants.Scope.AsSingleString(); response.TokenType = "Bearer"; RequestContext requestContext = new RequestContext(Guid.NewGuid(), null); AuthenticationRequestParameters requestParams = new AuthenticationRequestParameters() { RequestContext = requestContext, Authority = Authority.CreateAuthority(TestConstants.AuthorityHomeTenant, false), ClientId = TestConstants.ClientId, TenantUpdatedCanonicalAuthority = TestConstants.AuthorityHomeTenant }; cache.SaveAccessAndRefreshToken(requestParams, response); byte[] serializedCache = cache.Serialize(); cache.TokenCacheAccessor.AccessTokenCacheDictionary.Clear(); cache.TokenCacheAccessor.RefreshTokenCacheDictionary.Clear(); Assert.AreEqual(0, cache.TokenCacheAccessor.RefreshTokenCacheDictionary.Count); Assert.AreEqual(0, cache.TokenCacheAccessor.AccessTokenCacheDictionary.Count); cache.Deserialize(serializedCache); Assert.AreEqual(1, cache.TokenCacheAccessor.RefreshTokenCacheDictionary.Count); Assert.AreEqual(1, cache.TokenCacheAccessor.AccessTokenCacheDictionary.Count); serializedCache = cache.Serialize(); cache.Deserialize(serializedCache); //item count should not change because old cache entries should have //been overriden Assert.AreEqual(1, cache.TokenCacheAccessor.RefreshTokenCacheDictionary.Count); Assert.AreEqual(1, cache.TokenCacheAccessor.AccessTokenCacheDictionary.Count); AccessTokenCacheItem atItem = cache.GetAllAccessTokensForClient(requestContext).First(); Assert.AreEqual(response.AccessToken, atItem.AccessToken); Assert.AreEqual(TestConstants.AuthorityHomeTenant, atItem.Authority); Assert.AreEqual(TestConstants.ClientId, atItem.ClientId); Assert.AreEqual(response.TokenType, atItem.TokenType); Assert.AreEqual(response.Scope, atItem.ScopeSet.AsSingleString()); Assert.AreEqual(response.IdToken, atItem.RawIdToken); RefreshTokenCacheItem rtItem = cache.GetAllRefreshTokensForClient(requestContext).First(); Assert.AreEqual(response.RefreshToken, rtItem.RefreshToken); Assert.AreEqual(TestConstants.ClientId, rtItem.ClientId); Assert.AreEqual(TestConstants.UserIdentifier, rtItem.GetUserIdentifier()); Assert.AreEqual(TestConstants.ProductionEnvironment, rtItem.Environment); }
public void GetUsersTest() { PublicClientApplication app = new PublicClientApplication(TestConstants.ClientId); IEnumerable <IUser> users = app.Users; Assert.IsNotNull(users); Assert.IsFalse(users.Any()); cache = new TokenCache() { ClientId = TestConstants.ClientId }; app.UserTokenCache = cache; TokenCacheHelper.PopulateCache(cache.TokenCacheAccessor); users = app.Users; Assert.IsNotNull(users); Assert.AreEqual(1, users.Count()); AccessTokenCacheItem item = new AccessTokenCacheItem() { Authority = TestConstants.AuthorityHomeTenant, ClientId = TestConstants.ClientId, TokenType = "Bearer", ExpiresOnUnixTimestamp = MsalHelpers.DateTimeToUnixTimestamp((DateTime.UtcNow + TimeSpan.FromSeconds(3600))), RawIdToken = MockHelpers.CreateIdToken(TestConstants.UniqueId, TestConstants.DisplayableId), RawClientInfo = MockHelpers.CreateClientInfo(), ScopeSet = TestConstants.Scope }; item.IdToken = IdToken.Parse(item.RawIdToken); item.ClientInfo = ClientInfo.CreateFromJson(item.RawClientInfo); item.AccessToken = item.GetAccessTokenItemKey().ToString(); cache.TokenCacheAccessor.AccessTokenCacheDictionary[item.GetAccessTokenItemKey().ToString()] = JsonHelper.SerializeToJson(item); // another cache entry for different uid. user count should be 2. RefreshTokenCacheItem rtItem = new RefreshTokenCacheItem() { Environment = TestConstants.ProductionEnvironment, ClientId = TestConstants.ClientId, RefreshToken = "someRT", RawClientInfo = MockHelpers.CreateClientInfo(TestConstants.Uid + "more", TestConstants.Utid), DisplayableId = TestConstants.DisplayableId, IdentityProvider = TestConstants.IdentityProvider, Name = TestConstants.Name }; rtItem.ClientInfo = ClientInfo.CreateFromJson(rtItem.RawClientInfo); cache.TokenCacheAccessor.RefreshTokenCacheDictionary[rtItem.GetRefreshTokenItemKey().ToString()] = JsonHelper.SerializeToJson(rtItem); Assert.AreEqual(2, cache.TokenCacheAccessor.RefreshTokenCacheDictionary.Count); users = app.Users; Assert.IsNotNull(users); Assert.AreEqual(2, users.Count()); // another cache entry for different environment. user count should still be 2. Sovereign cloud user must not be returned rtItem = new RefreshTokenCacheItem() { Environment = TestConstants.SovereignEnvironment, ClientId = TestConstants.ClientId, RefreshToken = "someRT", RawClientInfo = MockHelpers.CreateClientInfo(TestConstants.Uid + "more1", TestConstants.Utid), DisplayableId = TestConstants.DisplayableId, IdentityProvider = TestConstants.IdentityProvider, Name = TestConstants.Name }; rtItem.ClientInfo = ClientInfo.CreateFromJson(rtItem.RawClientInfo); cache.TokenCacheAccessor.RefreshTokenCacheDictionary[rtItem.GetRefreshTokenItemKey().ToString()] = JsonHelper.SerializeToJson(rtItem); Assert.AreEqual(3, cache.TokenCacheAccessor.RefreshTokenCacheDictionary.Count); users = app.Users; Assert.IsNotNull(users); Assert.AreEqual(2, users.Count()); }
public void SaveRefreshToken(RefreshTokenCacheItem refreshTokenItem) { throw new NotImplementedException(); }