/// <summary> /// acquires a <see cref="TokenPair"/> from the authority via an interactive user logon /// prompt. /// </summary> /// <param name="targetUri"> /// The uniform resource indicator of the resource access tokens are being requested for. /// </param> /// <param name="clientId">Identifier of the client requesting the token.</param> /// <param name="resource"> /// Identifier of the target resource that is the recipient of the requested token. /// </param> /// <param name="redirectUri"> /// Address to return to upon receiving a response from the authority. /// </param> /// <param name="queryParameters"> /// Optional: appended as-is to the query string in the HTTP authentication request to the /// authority. /// </param> /// <returns>If successful a <see cref="TokenPair"/>; otherwise <see langword="null"/>.</returns> public TokenPair AcquireToken(TargetUri targetUri, string clientId, string resource, Uri redirectUri, string queryParameters = null) { Debug.Assert(targetUri != null && targetUri.IsAbsoluteUri, "The targetUri parameter is null"); Debug.Assert(!String.IsNullOrWhiteSpace(clientId), "The clientId parameter is null or empty"); Debug.Assert(!String.IsNullOrWhiteSpace(resource), "The resource parameter is null or empty"); Debug.Assert(redirectUri != null, "The redirectUri parameter is null"); Debug.Assert(redirectUri.IsAbsoluteUri, "The redirectUri parameter is not an absolute Uri"); Trace.WriteLine("AzureAuthority::AcquireToken"); TokenPair tokens = null; queryParameters = queryParameters ?? String.Empty; try { Trace.WriteLine(String.Format(" authority host url = '{0}'.", AuthorityHostUrl)); AuthenticationContext authCtx = new AuthenticationContext(AuthorityHostUrl, _adalTokenCache); AuthenticationResult authResult = authCtx.AcquireToken(resource, clientId, redirectUri, PromptBehavior.Always, UserIdentifier.AnyUser, queryParameters); tokens = new TokenPair(authResult); Trace.WriteLine(" token acquisition succeeded."); } catch (AdalException) { Trace.WriteLine(" token acquisition failed."); } return(tokens); }
/// <summary> /// acquires a <see cref="TokenPair"/> from the authority using optionally provided /// credentials or via the current identity. /// </summary> /// <param name="targetUri"> /// The uniform resource indicator of the resource access tokens are being requested for. /// </param> /// <param name="clientId">Identifier of the client requesting the token.</param> /// <param name="resource"> /// Identifier of the target resource that is the recipient of the requested token. /// </param> /// <param name="credentials">Optional: user credential to use for token acquisition.</param> /// <returns>If successful a <see cref="TokenPair"/>; otherwise <see langword="null"/>.</returns> public async Task <TokenPair> AcquireTokenAsync(TargetUri targetUri, string clientId, string resource, Credential credentials = null) { Debug.Assert(targetUri != null && targetUri.IsAbsoluteUri, "The targetUri parameter is null or invalid"); Debug.Assert(!String.IsNullOrWhiteSpace(clientId), "The clientId parameter is null or empty"); Debug.Assert(!String.IsNullOrWhiteSpace(resource), "The resource parameter is null or empty"); Trace.WriteLine("AzureAuthority::AcquireTokenAsync"); TokenPair tokens = null; try { Trace.WriteLine(String.Format(" authority host url = '{0}'.", AuthorityHostUrl)); UserCredential userCredential = credentials == null ? new UserCredential() : new UserCredential(credentials.Username, credentials.Password); AuthenticationContext authCtx = new AuthenticationContext(AuthorityHostUrl, _adalTokenCache); AuthenticationResult authResult = await authCtx.AcquireTokenAsync(resource, clientId, userCredential); tokens = new TokenPair(authResult); Trace.WriteLine(" token acquisition succeeded."); } catch (AdalException) { Trace.WriteLine(" token acquisition failed."); } return(tokens); }
/// <summary> /// Attempts to generate a new personal access token (credentials) via use of a stored /// Azure refresh token, identified by the target resource. /// </summary> /// <param name="targetUri">The 'key' by which to identify the refresh token.</param> /// <param name="requireCompactToken">Generates a compact token if <see langword="true"/>; /// generates a self describing token if <see langword="false"/>.</param> /// <returns><see langword="true"/> if successful; <see langword="false"/> otherwise.</returns> public async Task <bool> RefreshCredentials(TargetUri targetUri, bool requireCompactToken) { BaseSecureStore.ValidateTargetUri(targetUri); Trace.WriteLine("BaseVstsAuthentication::RefreshCredentials"); try { TokenPair tokens = null; Token refreshToken = null; // attempt to read from the local store if (this.AdaRefreshTokenStore.ReadToken(targetUri, out refreshToken)) { if ((tokens = await this.VstsAuthority.AcquireTokenByRefreshTokenAsync(targetUri, this.ClientId, this.Resource, refreshToken)) != null) { Trace.WriteLine(" Azure token found in primary cache."); this.TenantId = tokens.AccessToken.TargetIdentity; return(await this.GeneratePersonalAccessToken(targetUri, tokens.AccessToken, requireCompactToken)); } } Token federatedAuthToken; // attempt to utilize any fedauth tokens captured by the IDE if (this.VstsIdeTokenCache.ReadToken(targetUri, out federatedAuthToken)) { Trace.WriteLine(" federated auth token found in IDE cache."); return(await this.GeneratePersonalAccessToken(targetUri, federatedAuthToken, requireCompactToken)); } } catch (Exception exception) { Debug.WriteLine(exception); } Trace.WriteLine(" failed to refresh credentials."); return(false); }
/// <summary> /// Acquires an access token from the authority using a previously acquired refresh token. /// </summary> /// <param name="targetUri"> /// The uniform resource indicator of the resource access tokens are being requested for. /// </param> /// <param name="clientId">Identifier of the client requesting the token.</param> /// <param name="resource"> /// Identifier of the target resource that is the recipient of the requested token. /// </param> /// <param name="refreshToken">The <see cref="Token"/> of type <see cref="TokenType.Refresh"/> /// to be used to acquire the access token.</param> /// <returns>If successful a <see cref="TokenPair"/>; otherwise <see langword="null"/>.</returns> public async Task <TokenPair> AcquireTokenByRefreshTokenAsync(TargetUri targetUri, string clientId, string resource, Token refreshToken) { Debug.Assert(targetUri != null && targetUri.IsAbsoluteUri, "The targetUri parameter is null or invalid"); Debug.Assert(!String.IsNullOrWhiteSpace(clientId), "The clientId parameter is null or empty"); Debug.Assert(!String.IsNullOrWhiteSpace(resource), "The resource parameter is null or empty"); Debug.Assert(refreshToken != null, "The refreshToken parameter is null"); Debug.Assert(refreshToken.Type == TokenType.Refresh, "The value of refreshToken parameter is not a refresh token"); Debug.Assert(!String.IsNullOrWhiteSpace(refreshToken.Value), "The value of refreshToken parameter is null or empty"); TokenPair tokens = null; try { string authorityHostUrl = AuthorityHostUrl; if (refreshToken.TargetIdentity != Guid.Empty) { authorityHostUrl = GetAuthorityUrl(refreshToken.TargetIdentity); Trace.WriteLine(" authority host url set by refresh token."); } Trace.WriteLine(String.Format(" authority host url = '{0}'.", authorityHostUrl)); AuthenticationContext authCtx = new AuthenticationContext(authorityHostUrl, _adalTokenCache); AuthenticationResult authResult = await authCtx.AcquireTokenByRefreshTokenAsync(refreshToken.Value, clientId, resource); tokens = new TokenPair(authResult); Trace.WriteLine(" token acquisition succeeded."); } catch (AdalException) { Trace.WriteLine(" token acquisition failed."); } return(tokens); }