private static AadAuthParams ExtractAuthParamsFromIdentityProvider(string identityProvider) { if (string.IsNullOrEmpty(identityProvider)) { return(null); } AadAuthParams aadAuthParams = new AadAuthParams(); if (identityProvider.Contains(",")) { string[] array = identityProvider.Split(new char[] { ',' }); aadAuthParams.Authority = array[0]; aadAuthParams.ApplicationId = array[1]; if (string.IsNullOrEmpty(aadAuthParams.ApplicationId)) { aadAuthParams.ApplicationId = "cf710c6e-dfcc-4fa8-a093-d47294e44c66"; } } else { aadAuthParams.Authority = identityProvider; aadAuthParams.ApplicationId = "cf710c6e-dfcc-4fa8-a093-d47294e44c66"; } return(aadAuthParams); }
private static void ValidateAuthority(string authority) { Uri uri; if (!AadAuthParams.IsValidUrl(authority, out uri) || string.IsNullOrEmpty(uri.AbsolutePath) || !uri.AbsolutePath.StartsWith("/") || uri.AbsolutePath.Length == 1) { throw new ArgumentException(XmlaSR.Authentication_ClaimsToken_IdentityProviderFormatInvalid); } }
private static AadAuthParams[] ReadLocalSecurityAuthParams() { AadAuthParams[] result; using (Stream resourceAsStream = AadAuthParams.GetResourceAsStream("ASAzureSecurityConfig.xml")) { result = AadAuthParams.DeserializeAuthParams(resourceAsStream); } return(result); }
private static object CreateAuthenticationContextWithCache(AadAuthParams authParams, string dataSource) { AdalRuntimeLibrary instance = AdalRuntimeLibrary.Instance; object obj = Activator.CreateInstance(instance.TokenCacheT); new AdalRuntimeLibrary.CacheLocalStorage(obj, dataSource); return(Activator.CreateInstance(instance.AuthenticationContextT, new object[] { authParams.Authority, obj })); }
private static AadAuthParams FindAuthParams(Uri uri, AadAuthParams[] authParams) { string host = uri.Host; AadAuthParams aadAuthParams = null; for (int i = 0; i < authParams.Length; i++) { AadAuthParams aadAuthParams2 = authParams[i]; if (host.EndsWith(aadAuthParams2.DomainPostfix, StringComparison.InvariantCultureIgnoreCase) && (aadAuthParams == null || aadAuthParams2.DomainPostfix.Length > aadAuthParams.DomainPostfix.Length)) { aadAuthParams = aadAuthParams2; } } return(aadAuthParams); }
private void SetValues(string accessToken, string refreshToken, DateTimeOffset expiresOn, AadAuthParams authParams, string dataSource, bool useAdalCache, bool refreshableToken) { this.accessToken = accessToken; this.refreshToken = refreshToken; this.authParams = authParams; this.dataSource = dataSource; this.useAdalCache = useAdalCache; this.refreshableToken = refreshableToken; this.expiresOn = expiresOn; double totalSeconds = expiresOn.Subtract(DateTimeOffset.Now).TotalSeconds; if (totalSeconds > 0.0) { double value = totalSeconds * 0.08; this.reAcquireOn = expiresOn.Subtract(TimeSpan.FromSeconds(value)); return; } this.reAcquireOn = expiresOn; }
private static AadAuthParams[] ReadRemoteSecurityAuthParams() { AadAuthParams[] result; using (WebClient webClient = new WebClient()) { try { byte[] buffer = webClient.DownloadData("https://global.asazure.windows.net/ASAzureSecurityConfig.xml"); using (MemoryStream memoryStream = new MemoryStream(buffer)) { result = AadAuthParams.DeserializeAuthParams(memoryStream); } } catch (WebException) { result = new AadAuthParams[0]; } } return(result); }
public static AadAuthParams FindMatchingAuthParams(string identityProvider, Uri dataSourceUri) { AadAuthParams aadAuthParams = AadAuthParams.ExtractAuthParamsFromIdentityProvider(identityProvider); if (aadAuthParams != null) { return(aadAuthParams); } aadAuthParams = AadAuthParams.FindAuthParams(dataSourceUri, AadAuthParams.LocalSecurityAuthParams); if (aadAuthParams != null) { return(aadAuthParams); } aadAuthParams = AadAuthParams.FindAuthParams(dataSourceUri, AadAuthParams.RemoteSecurityAuthParams); if (aadAuthParams != null) { return(aadAuthParams); } throw new ArgumentException(XmlaSR.Authentication_ClaimsToken_AuthorityNotFound); }
internal static AadTokenHolder ReAcquireToken(string refreshToken, AadAuthParams authParams, string dataSource, bool useAdalCache) { AadTokenHolder result; using (new AdalRuntimeLibrary.Usage()) { AdalRuntimeLibrary instance = AdalRuntimeLibrary.Instance; object obj = useAdalCache ? AadAuthenticator.CreateAuthenticationContextWithCache(authParams, dataSource) : Activator.CreateInstance(instance.AuthenticationContextT, new object[] { authParams.Authority }); object obj2 = instance.AcquireTokenByRefreshTokenM.Invoke(obj, new string[] { refreshToken, authParams.ApplicationId }); result = new AadTokenHolder((string)instance.AccessTokenP.GetValue(obj2, null), (string)instance.RefreshTokenP.GetValue(obj2, null), (DateTimeOffset)instance.ExpiresOnP.GetValue(obj2, null), authParams, dataSource, useAdalCache); } return(result); }
private static bool TryToUpdateTenant(AadAuthParams authParams, object authContext, string userId, out AadAuthParams authParamsUpdated) { AdalRuntimeLibrary instance = AdalRuntimeLibrary.Instance; object value = instance.TokenCacheP.GetValue(authContext, null); foreach (object current in ((IEnumerable)instance.ReadItemsM.Invoke(value, null))) { string text = (string)instance.AuthorityP.GetValue(current, null); string b = (string)instance.ClientIdP.GetValue(current, null); string b2 = (string)instance.DisplayableIdP.GetValue(current, null); if (authParams.ApplicationId == b && AadAuthParams.IsSameInstance(authParams.Authority, text) && (userId == null || userId == b2)) { authParamsUpdated = new AadAuthParams { Authority = text, ApplicationId = authParams.ApplicationId, DomainPostfix = authParams.DomainPostfix }; return(true); } } authParamsUpdated = null; return(false); }
internal static AadTokenHolder AcquireToken(Uri dataSourceUri, string dataSource, string identityProvider, string userId, string password, bool useAdalCache) { if (userId == null && password != null) { return(new AadTokenHolder(password)); } AadAuthParams aadAuthParams = AadAuthParams.FindMatchingAuthParams(identityProvider, dataSourceUri); string text = string.Format("https://{0}", dataSourceUri.Host); AadTokenHolder result; using (new AdalRuntimeLibrary.Usage()) { AdalRuntimeLibrary instance = AdalRuntimeLibrary.Instance; object obj; if (useAdalCache) { obj = AadAuthenticator.CreateAuthenticationContextWithCache(aadAuthParams, dataSource); AadAuthParams aadAuthParams2; if (aadAuthParams.IsCommonTenant && AadAuthenticator.TryToUpdateTenant(aadAuthParams, obj, userId, out aadAuthParams2)) { aadAuthParams = aadAuthParams2; obj = AadAuthenticator.CreateAuthenticationContextWithCache(aadAuthParams, dataSource); } } else { obj = Activator.CreateInstance(instance.AuthenticationContextT, new object[] { aadAuthParams.Authority }); } object obj3; if (userId != null && password != null) { object obj2 = Activator.CreateInstance(instance.UserCredentialT, new object[] { userId, password }); obj3 = instance.AcquireTokenCredentialsM.Invoke(obj, new object[] { text, aadAuthParams.ApplicationId, obj2 }); } else if (userId != null) { object obj4 = Activator.CreateInstance(instance.UserIdentifierT, new object[] { userId, instance.OptionalDisplayableIdV }); obj3 = instance.AcquireTokenUserIdM.Invoke(obj, new object[] { text, aadAuthParams.ApplicationId, AadAuthenticator.RedirectUri, instance.PromptBehaviorAutoV, obj4 }); } else { obj3 = instance.AcquireTokenM.Invoke(obj, new object[] { text, aadAuthParams.ApplicationId, AadAuthenticator.RedirectUri, instance.PromptBehaviorAutoV }); } result = new AadTokenHolder((string)instance.AccessTokenP.GetValue(obj3, null), (string)instance.RefreshTokenP.GetValue(obj3, null), (DateTimeOffset)instance.ExpiresOnP.GetValue(obj3, null), aadAuthParams, dataSource, useAdalCache); } return(result); }
internal AadTokenHolder(string accessToken, string refreshToken, DateTimeOffset expiresOn, AadAuthParams authParams, string dataSource, bool useAdalCache) { this.SetValues(accessToken, refreshToken, expiresOn, authParams, dataSource, useAdalCache, true); }