internal SharedTokenCacheCredential(string tenantId, string username, TokenCredentialOptions options, CredentialPipeline pipeline, MsalPublicClient client) { _tenantId = tenantId; _username = username; _record = (options as SharedTokenCacheCredentialOptions)?.AuthenticationRecord; _pipeline = pipeline ?? CredentialPipeline.GetInstance(options); _client = client ?? new MsalPublicClient(_pipeline, tenantId, Constants.DeveloperSignOnClientId, null, (options as ITokenCacheOptions) ?? s_DefaultCacheOptions); _accountAsyncLock = new AsyncLockWithValue <IAccount>(); }
internal SharedTokenCacheCredential(string tenantId, string username, TokenCredentialOptions options, CredentialPipeline pipeline, MsalPublicClient client) { _tenantId = tenantId; _username = username; _skipTenantValidation = (options as SharedTokenCacheCredentialOptions)?.EnableGuestTenantAuthentication ?? false; _record = (options as SharedTokenCacheCredentialOptions)?.AuthenticationRecord; _pipeline = pipeline ?? CredentialPipeline.GetInstance(options); Client = client ?? new MsalPublicClient( _pipeline, tenantId, (options as SharedTokenCacheCredentialOptions)?.ClientId ?? Constants.DeveloperSignOnClientId, null, (options as ITokenCacheOptions) ?? s_DefaultCacheOptions, options?.IsLoggingPIIEnabled ?? false); _accountAsyncLock = new AsyncLockWithValue <IAccount>(); }
private async Task <AccessToken> GetTokenViaBrowserLoginAsync(TokenRequestContext context, bool async, CancellationToken cancellationToken) { Prompt prompt = LoginHint switch { null => Prompt.SelectAccount, _ => Prompt.NoPrompt }; var tenantId = TenantIdResolver.Resolve(_tenantId ?? Record?.TenantId, context, _allowMultiTenantAuthentication); AuthenticationResult result = await Client .AcquireTokenInteractiveAsync(context.Scopes, context.Claims, prompt, LoginHint, tenantId, async, cancellationToken) .ConfigureAwait(false); Record = new AuthenticationRecord(result, ClientId); return(new AccessToken(result.AccessToken, result.ExpiresOn)); } }
private async Task <AccessToken> GetTokenImplAsync(bool async, TokenRequestContext requestContext, CancellationToken cancellationToken) { using CredentialDiagnosticScope scope = _pipeline.StartGetTokenScope("UsernamePasswordCredential.GetToken", requestContext); try { AuthenticationResult result = await _client .AcquireTokenByUsernamePasswordAsync(requestContext.Scopes, _username, _password, async, cancellationToken) .ConfigureAwait(false); _record = new AuthenticationRecord(result, _clientId); return(scope.Succeeded(new AccessToken(result.AccessToken, result.ExpiresOn))); } catch (Exception e) { throw scope.FailWrapAndThrow(e); } }
private async Task <AuthenticationResult> AuthenticateImplAsync(bool async, TokenRequestContext requestContext, CancellationToken cancellationToken) { using CredentialDiagnosticScope scope = _pipeline.StartGetTokenScope($"{nameof(UsernamePasswordCredential)}.{nameof(Authenticate)}", requestContext); try { var tenantId = TenantIdResolver.Resolve(_tenantId, requestContext); AuthenticationResult result = await Client .AcquireTokenByUsernamePasswordAsync(requestContext.Scopes, requestContext.Claims, _username, _password, tenantId, async, cancellationToken) .ConfigureAwait(false); _record = new AuthenticationRecord(result, _clientId); return(result); } catch (Exception e) { throw scope.FailWrapAndThrow(e, Troubleshooting); } }
private async ValueTask <AccessToken> GetTokenImplAsync(bool async, TokenRequestContext requestContext, CancellationToken cancellationToken = default) { using CredentialDiagnosticScope scope = _pipeline.StartGetTokenScope($"{nameof(AuthorizationCodeCredential)}.{nameof(GetToken)}", requestContext); try { AccessToken token = default; if (_record is null) { AuthenticationResult result = await _confidentialClient.AcquireTokenByAuthorizationCode(requestContext.Scopes, _authCode).ExecuteAsync(async, cancellationToken).ConfigureAwait(false); _record = new AuthenticationRecord(result); token = new AccessToken(result.AccessToken, result.ExpiresOn); } else { AuthenticationResult result = await _confidentialClient.AcquireTokenSilent(requestContext.Scopes, (AuthenticationAccount)_record).ExecuteAsync(async, cancellationToken).ConfigureAwait(false); token = new AccessToken(result.AccessToken, result.ExpiresOn); } return(scope.Succeeded(token)); } catch (OperationCanceledException e) { scope.Failed(e); throw; } catch (Exception e) { throw scope.FailAndWrap(e); } }
/// <summary> /// Creates a new DeviceCodeCredential with the specified options, which will authenticate users using the device code flow. /// </summary> /// <param name="deviceCodeCallback">The callback to be executed to display the device code to the user.</param> /// <param name="options">The client options for the newly created <see cref="DeviceCodeCredential"/>.</param> internal DeviceCodeCredential(Func <DeviceCodeInfo, CancellationToken, Task> deviceCodeCallback, DeviceCodeCredentialOptions options = default) : this(deviceCodeCallback, options?.TenantId, options?.ClientId, options, null) { _disableAutomaticAuthentication = options?.DisableAutomaticAuthentication ?? false; _record = options?.AuthenticationRecord; }
public virtual async ValueTask <AuthenticationResult> AcquireTokenSilentAsync(string[] scopes, string claims, AuthenticationRecord record, bool async, CancellationToken cancellationToken) { IPublicClientApplication client = await GetClientAsync(async, cancellationToken).ConfigureAwait(false); // if the user specified a TenantId when they created the client we want to authenticate to that tenant. // otherwise we should authenticate with the tenant specified by the authentication record since that's the tenant the // user authenticated to originally. return(await client.AcquireTokenSilent(scopes, (AuthenticationAccount)record) .WithAuthority(Pipeline.AuthorityHost.AbsoluteUri, TenantId ?? record.TenantId) .WithClaims(claims) .ExecuteAsync(async, cancellationToken) .ConfigureAwait(false)); }
/// <summary> /// Creates a new <see cref="InteractiveBrowserCredential"/> with the specified options, which will authenticate users with the specified application. /// </summary> /// <param name="options">The client options for the newly created <see cref="InteractiveBrowserCredential"/>.</param> internal InteractiveBrowserCredential(InteractiveBrowserCredentialOptions options) : this(options?.TenantId, options?.ClientId ?? Constants.DeveloperSignOnClientId, null, null) { _disableAutomaticAuthentication = options?.DisableAutomaticAuthentication ?? false; _record = options?.AuthenticationRecord; }
public async ValueTask <AuthenticationResult> AcquireTokenSilentAsync(string[] scopes, string claims, AuthenticationRecord record, string tenantId, bool async, CancellationToken cancellationToken) { return(await AcquireTokenSilentCoreAsync(scopes, claims, record, tenantId, async, cancellationToken).ConfigureAwait(false)); }
/// <summary> /// Creates a new <see cref="InteractiveBrowserCredential"/> with the specified options, which will authenticate users with the specified application. /// </summary> /// <param name="options">The client options for the newly created <see cref="InteractiveBrowserCredential"/>.</param> public InteractiveBrowserCredential(InteractiveBrowserCredentialOptions options) : this(options?.TenantId, options?.ClientId ?? Constants.DeveloperSignOnClientId, CredentialPipeline.GetInstance(options), options?.EnablePersistentCache ?? false) { _disableAutomaticAuthentication = options?.DisableAutomaticAuthentication ?? false; _record = options?.AuthenticationRecord; }
/// <summary> /// Creates a new DeviceCodeCredential with the specified options, which will authenticate users using the device code flow. /// </summary> /// <param name="deviceCodeCallback">The callback to be executed to display the device code to the user.</param> /// <param name="options">The client options for the newly created <see cref="DeviceCodeCredential"/>.</param> public DeviceCodeCredential(Func <DeviceCodeInfo, CancellationToken, Task> deviceCodeCallback, DeviceCodeCredentialOptions options = default) : this(deviceCodeCallback, options?.TenantId, options?.ClientId, CredentialPipeline.GetInstance(options), options) { _disableAutomaticAuthentication = options?.DisableAutomaticAuthentication ?? false; _record = options?.AuthenticationRecord; }
internal AuthenticationAccount(AuthenticationRecord profile) { _profile = profile; }