/// <summary> /// Retrieves a new auth token from AAD. /// </summary> /// <param name="authUrl">The root of the authority url.</param> /// <param name="tenantDomain">The domain name of the Azure tenant as the second part of the authority url.</param> /// <param name="targetServiceUrl">The url of the service that should be accessed. Be sure to check trailing slashes!</param> /// <param name="clientId">The unique client id as it is configured in Azure Portal.</param> /// <param name="appKey">This value is optional and contains the App-Key-Secret if it is configured in azure portal.</param> /// <param name="redirectUrl">The redirect url as it is configured in Azure Portal.</param> /// <returns>The authentication token.</returns> public static async Task<string> RetrieveTokenAsync(string authUrl, string tenantDomain, string targetServiceUrl, string clientId, Uri redirectUrl, string appKey = null) { var authenticationContext = new AuthenticationContext($"{authUrl}/{tenantDomain}"); try { AuthenticationResult result = null; if (appKey.IsNullOrEmpty()) { // use user auth var parameters = new PlatformParameters(PromptBehavior.Auto); result = await authenticationContext.AcquireTokenAsync(targetServiceUrl, clientId, redirectUrl, parameters).ConfigureAwait(false); } else { // use key auth var clientCredential = new ClientCredential(clientId, appKey); result = await authenticationContext.AcquireTokenAsync(targetServiceUrl, clientCredential).ConfigureAwait(false); } if (result == null) { throw new InvalidOperationException("Failed to obtain the JWT token"); } // store token for reuse return result.AccessToken; } catch (Exception ex) { throw new InvalidOperationException("Could not retrieve token.", ex); } }
public override void AddPromptBehaviorQueryParameter(IPlatformParameters parameters, DictionaryRequestParameters authorizationRequestParameters) { PlatformParameters authorizationParameters = (parameters as PlatformParameters); if (authorizationParameters == null) { throw new ArgumentException("parameters should be of type PlatformParameters", "parameters"); } PromptBehavior promptBehavior = authorizationParameters.PromptBehavior; switch (promptBehavior) { case PromptBehavior.Always: authorizationRequestParameters[OAuthParameter.Prompt] = PromptValue.Login; break; case PromptBehavior.SelectAccount: authorizationRequestParameters[OAuthParameter.Prompt] = PromptValue.SelectAccount; break; case PromptBehavior.RefreshSession: authorizationRequestParameters[OAuthParameter.Prompt] = PromptValue.RefreshSession; break; } }
public override void AddPromptBehaviorQueryParameter(IPlatformParameters parameters, DictionaryRequestParameters authorizationRequestParameters) { PlatformParameters authorizationParameters = (parameters as PlatformParameters); if (authorizationParameters == null) { throw new ArgumentException("parameters should be of type PlatformParameters", "parameters"); } PromptBehavior promptBehavior = authorizationParameters.PromptBehavior; // ADFS currently ignores the parameter for now. switch (promptBehavior) { case PromptBehavior.Always: authorizationRequestParameters[OAuthParameter.Prompt] = PromptValue.Login; break; case PromptBehavior.RefreshSession: authorizationRequestParameters[OAuthParameter.Prompt] = PromptValue.RefreshSession; break; case PromptBehavior.Never: authorizationRequestParameters[OAuthParameter.Prompt] = PromptValue.AttemptNone; break; } }
public async Task<string> Login(string sharePointSiteUrl, bool forceLogin = false) { var spUri = new Uri(sharePointSiteUrl); string resourceUri = spUri.Scheme + "://" + spUri.Authority; ADAL.AuthenticationResult authenticationResult; try { authenticationResult = await AuthContext.AcquireTokenSilentAsync(resourceUri, clientId); } catch (ADAL.AdalSilentTokenAcquisitionException) { //Console.WriteLine("Silent Async failed. Use prompt instead."); try { // prevent flashing of login window when credentials are valid var authParam = new ADAL.PlatformParameters(ADAL.PromptBehavior.Never); authenticationResult = await AuthContext.AcquireTokenAsync(resourceUri, clientId, new Uri(redirectUri), authParam); } catch (ADAL.AdalException /* e */) { //Console.WriteLine(e); var authParam = new ADAL.PlatformParameters(ADAL.PromptBehavior.Auto); authenticationResult = await AuthContext.AcquireTokenAsync(resourceUri, clientId, new Uri(redirectUri), authParam); } } return authenticationResult.CreateAuthorizationHeader(); }
public IWebUI CreateAuthenticationDialog(IPlatformParameters inputParameters) { this.parameters = inputParameters as PlatformParameters; if (this.parameters == null) { throw new ArgumentException("parameters should be of type PlatformParameters", "parameters"); } switch (this.parameters.PromptBehavior) { case PromptBehavior.Auto: return(new InteractiveWebUI { OwnerWindow = this.parameters.OwnerWindow }); case PromptBehavior.Always: case PromptBehavior.RefreshSession: return(new InteractiveWebUI { OwnerWindow = this.parameters.OwnerWindow }); case PromptBehavior.Never: return(new SilentWebUI { OwnerWindow = this.parameters.OwnerWindow }); default: throw new InvalidOperationException("Unexpected PromptBehavior value"); } }
public WebUI(IPlatformParameters parameters) { this.parameters = parameters as PlatformParameters; if (this.parameters == null) { throw new ArgumentException("parameters should be of type PlatformParameters", "parameters"); } }
public WebUI(IPlatformParameters parameters) { this.parameters = parameters as PlatformParameters; if (this.parameters == null) { throw new ArgumentException("parameters should be of type PlatformParameters", "parameters"); } }
public static async Task<AuthenticationResult> GetAccessToken(string serviceResourceId, PlatformParameters param) { authContext = new AuthenticationContext(Authority); if (authContext.TokenCache.ReadItems ().Any ()) authContext = new AuthenticationContext (authContext.TokenCache.ReadItems ().First ().Authority); var authResult = await authContext.AcquireTokenAsync(serviceResourceId, clientId, returnUri, param); return authResult; }
public async Task <AuthorizationResult> AcquireAuthorizationAsync(Uri authorizationUri, Uri redirectUri, CallState callState) { returnedUriReady = new SemaphoreSlim(0); Authenticate(authorizationUri, redirectUri, callState); await returnedUriReady.WaitAsync().ConfigureAwait(false); this.parameters = null; return(authorizationResult); }
public async Task<AuthenticationResult> Authenticate(string authority, string resource, string clientId, string returnUri) { var authContext = new AuthenticationContext(authority); if (authContext.TokenCache.ReadItems().Any()) authContext = new AuthenticationContext(authContext.TokenCache.ReadItems().First().Authority); var uri = new Uri(returnUri); var platformParams = new PlatformParameters((Activity)Forms.Context); var authResult = await authContext.AcquireTokenAsync(resource, clientId, uri, platformParams); return authResult; }
public async Task<AuthenticationResult> Authenticate(string authority, string resource, string clientId, string returnUri) { authContext = new AuthenticationContext(authority); if (authContext.TokenCache.ReadItems().Any()) authContext = new AuthenticationContext(authContext.TokenCache.ReadItems().First().Authority); var controller = UIApplication.SharedApplication.KeyWindow.RootViewController; var uri = new Uri(returnUri); var platformParams = new PlatformParameters(controller); var authResult = await authContext.AcquireTokenAsync(resource, clientId, uri, platformParams); return authResult; }
private bool WillUseBroker() { PlatformParameters pp = PlatformParameters as PlatformParameters; if (pp != null) { return(pp.UseBroker); } return(false); }
public override bool GetCacheLoadPolicy(IPlatformParameters parameters) { PlatformParameters authorizationParameters = (parameters as PlatformParameters); if (authorizationParameters == null) { throw new ArgumentException("parameters should be of type PlatformParameters", "parameters"); } PromptBehavior promptBehavior = authorizationParameters.PromptBehavior; return(promptBehavior != PromptBehavior.Always && promptBehavior != PromptBehavior.RefreshSession); }
public async Task <IAdalResult> AcquireTokenAsync( string authorityHostUrl, string resource, string clientId, Uri redirectUri, string extraQueryParameters) { if (authorityHostUrl is null) { throw new ArgumentNullException(nameof(authorityHostUrl)); } if (resource is null) { throw new ArgumentNullException(nameof(resource)); } if (clientId is null) { throw new ArgumentNullException(nameof(clientId)); } if (redirectUri is null) { throw new ArgumentNullException(nameof(redirectUri)); } if (extraQueryParameters is null) { throw new ArgumentNullException(nameof(extraQueryParameters)); } try { var authenticationContext = new ActiveDirectory.AuthenticationContext(authorityHostUrl, _cache); var platformParameters = new ActiveDirectory.PlatformParameters(ActiveDirectory.PromptBehavior.SelectAccount); var userIdentifier = ActiveDirectory.UserIdentifier.AnyUser; ActiveDirectory.AuthenticationResult result = await authenticationContext.AcquireTokenAsync(resource, clientId, redirectUri, platformParameters, userIdentifier, extraQueryParameters); return(new Result(result)); } // We should just be able to catch AdalException here but due to an ADAL bug an HttpRequestException can be leaked: // https://github.com/AzureAD/azure-activedirectory-library-for-dotnet/issues/1285 // Until we update to ADAL 4.x or MSAL, we should just workaround this problem. catch (Exception exception) { throw new AuthenticationException(exception); } }
public async Task <IAdalResult> AcquireTokenAsync( string authorityHostUrl, string resource, string clientId, Uri redirectUri, string extraQueryParameters) { if (authorityHostUrl is null) { throw new ArgumentNullException(nameof(authorityHostUrl)); } if (resource is null) { throw new ArgumentNullException(nameof(resource)); } if (clientId is null) { throw new ArgumentNullException(nameof(clientId)); } if (redirectUri is null) { throw new ArgumentNullException(nameof(redirectUri)); } if (extraQueryParameters is null) { throw new ArgumentNullException(nameof(extraQueryParameters)); } try { var authenticationContext = new ActiveDirectory.AuthenticationContext(authorityHostUrl, _cache); var platformParameters = new ActiveDirectory.PlatformParameters(ActiveDirectory.PromptBehavior.SelectAccount); var userIdentifier = ActiveDirectory.UserIdentifier.AnyUser; ActiveDirectory.AuthenticationResult result = await authenticationContext.AcquireTokenAsync(resource, clientId, redirectUri, platformParameters, userIdentifier, extraQueryParameters); return(new Result(result)); } catch (ActiveDirectory.AdalException exception) { throw new AuthenticationException(exception); } }
public static AuthenticationResult GetAzureAdToken(AuthenticationContext authContext, String resourceHostUri, string clientId, string redirectUri, UserCredential uc) { AuthenticationResult authenticationResult = null; Console.WriteLine("Performing GetAzureAdToken"); try { Console.WriteLine("Passed resource host URI is " + resourceHostUri); if (resourceHostUri.StartsWith("http")) { resourceHostUri = Helpers.ReduceUriToProtoAndHost(resourceHostUri); Console.WriteLine("Normalized the resourceHostUri to just the protocol and hostname " + resourceHostUri); } // check if there's a user credential - i.e. a username and password if(uc != null) { authenticationResult = authContext.AcquireTokenAsync(resourceHostUri, clientId, uc).Result; } else { PlatformParameters platformParams = new PlatformParameters(PromptBehavior.Auto); authenticationResult = authContext.AcquireTokenAsync(resourceHostUri, clientId, new Uri(redirectUri), platformParams).Result; } //Console.WriteLine("Bearer token from Azure AD is " + authenticationResult.AccessToken); } catch (Exception ex) { Console.ForegroundColor = ConsoleColor.Red; Console.WriteLine("An unexpected error occurred."); string message = ex.Message; if (ex.InnerException != null) { message += Environment.NewLine + "Inner Exception : " + ex.InnerException.Message; } Console.WriteLine("Message: {0}", message); Console.ForegroundColor = ConsoleColor.White; } return authenticationResult; }
public async Task<AuthenticationResult> Authenticate(string authority, string resource, string clientId, string returnUri) { var authContext = new AuthenticationContext(authority); if (authContext.TokenCache.ReadItems().Any()) authContext = new AuthenticationContext(authContext.TokenCache.ReadItems().First().Authority); var topController = UIApplication.SharedApplication.KeyWindow.RootViewController; // ensures that the currently presented viewcontroller is acquired, even a modally presented one while (topController.PresentedViewController != null) { topController = topController.PresentedViewController; } var platformParams = new PlatformParameters(topController); var authResult = await authContext.AcquireTokenAsync(resource, clientId, new Uri(returnUri), platformParams); return authResult; }
public IWebUI CreateAuthenticationDialog(IPlatformParameters inputParameters) { this.parameters = inputParameters as PlatformParameters; if (this.parameters == null) { throw new ArgumentException("parameters should be of type PlatformParameters", "parameters"); } switch (this.parameters.PromptBehavior) { case PromptBehavior.Auto: return new InteractiveWebUI { OwnerWindow = this.parameters.OwnerWindow }; case PromptBehavior.Always: case PromptBehavior.RefreshSession: return new InteractiveWebUI { OwnerWindow = this.parameters.OwnerWindow }; case PromptBehavior.Never: return new SilentWebUI { OwnerWindow = this.parameters.OwnerWindow }; default: throw new InvalidOperationException("Unexpected PromptBehavior value"); } }
public void Authenticate(Uri authorizationUri, Uri redirectUri, CallState callState) { try { this.parameters.CallerViewController.InvokeOnMainThread(() => { var navigationController = new AuthenticationAgentUINavigationController(authorizationUri.AbsoluteUri, redirectUri.OriginalString, CallbackMethod, this.parameters.PreferredStatusBarStyle); navigationController.ModalPresentationStyle = this.parameters.ModalPresentationStyle; navigationController.ModalTransitionStyle = this.parameters.ModalTransitionStyle; navigationController.TransitioningDelegate = this.parameters.TransitioningDelegate; this.parameters.CallerViewController.PresentViewController(navigationController, true, null); }); } catch (Exception ex) { this.parameters = null; throw new AdalException(AdalError.AuthenticationUiFailed, ex); } }
public async Task<bool> InitializeAsync() { var tenant = _configurationReader["AAD_Tenant"]; var instance = _configurationReader["AAD_Instance"]; var resourceId = _configurationReader["AAD_ResourceId"]; var clientId = _configurationReader["AAD_ClientId"]; var callbackUrl = _configurationReader["AAD_CallbackUri"]; var callbackUri = new Uri(callbackUrl); var authority = String.Format(CultureInfo.InvariantCulture, instance, tenant); var redirectUri = Windows.Security.Authentication.Web.WebAuthenticationBroker.GetCurrentApplicationCallbackUri(); var authContext = new AuthenticationContext(authority); var platformParameters = new PlatformParameters(PromptBehavior.Auto, false); _authenticationResult = await authContext.AcquireTokenAsync(resourceId, clientId, callbackUri, platformParameters); if (_authenticationResult == null) return false; return true; }
public async Task<bool> EnsureAuthenticationContext(string authority, bool show) { if (this.AuthenticationContext == null) { var cache = _cachePersist.Read(); if (cache != null) { var t = new TokenCache(cache); this.AuthenticationContext = new AuthenticationContext(authority, t); } else { this.AuthenticationContext = new AuthenticationContext(authority); } } var p = new PlatformParameters(show ? PromptBehavior.Always : PromptBehavior.Never, _deviceService.WindowHandle); this.AuthenticationResult = await this.AuthenticationContext.AcquireTokenAsync( Office365ServicesUris.AADGraphAPIResourceId, ClientId, new Uri(RedirectUri), p); var tokenCache = AuthenticationContext.TokenCache.Serialize(); _cachePersist.Write(tokenCache); return !string.IsNullOrWhiteSpace(this.AuthenticationResult.AccessToken); }
public static async Task ForcePromptTestAsync(Sts sts) { SetCredential(sts); var context = new AuthenticationContextProxy(sts.Authority, sts.ValidateAuthority); AuthenticationResultProxy result = await context.AcquireTokenAsync(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, PlatformParameters, sts.ValidUserId); VerifySuccessResult(sts, result); AuthenticationContextProxy.SetCredentials(null, null); AuthenticationResultProxy result2 = await context.AcquireTokenAsync(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, PlatformParameters, (sts.Type == StsType.ADFS) ? null : sts.ValidUserId); VerifySuccessResult(sts, result2); Verify.AreEqual(result2.AccessToken, result.AccessToken); AuthenticationContextProxy.SetCredentials(sts.ValidUserName, sts.ValidPassword); var neverAuthorizationParameters = new PlatformParameters(PromptBehavior.Always, null); result = await context.AcquireTokenAsync(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, neverAuthorizationParameters); VerifySuccessResult(sts, result); Verify.AreNotEqual(result2.AccessToken, result.AccessToken); }
public static async Task AcquireTokenAndRefreshSessionTestAsync(Sts sts) { var userId = sts.ValidUserId; AuthenticationContextProxy.SetCredentials(userId.Id, sts.ValidPassword); var context = new AuthenticationContextProxy(sts.Authority, false, TokenCacheType.InMemory); AuthenticationResultProxy result = await context.AcquireTokenAsync(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, PlatformParameters, userId); VerifySuccessResult(sts, result); AuthenticationContextProxy.Delay(2000); var refreshSessionAuthorizationParameters = new PlatformParameters(PromptBehavior.RefreshSession, null); AuthenticationResultProxy result2 = await context.AcquireTokenAsync(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, refreshSessionAuthorizationParameters, userId); VerifySuccessResult(sts, result2); Verify.AreNotEqual(result.AccessToken, result2.AccessToken); }
// Get an access token for the given context and resourceId. An attempt is first made to // acquire the token silently. If that fails, then we try to acquire the token by prompting the user. private static async Task<string> GetTokenHelperAsync(AuthenticationContext context, string resourceId) { string accessToken = null; AuthenticationResult result = null; try { // can use this app inside a corporate intranet. If the value of UseCorporateNetwork // is true, you also need to add the Enterprise Authentication, Private Networks, and // Shared User Certificates capabilities in the Package.appxmanifest file. var platformParameters = new PlatformParameters(PromptBehavior.Auto, true); result = await context.AcquireTokenAsync(resourceId, ClientID, redirectUri, platformParameters); accessToken = result.AccessToken; //Store values for logged-in user, tenant id, and authority, so that //they can be re-used if the user re-opens the app without disconnecting. _settings.Values["LoggedInUser"] = result.UserInfo.GivenName; _settings.Values["LoggedInUserEmail"] = result.UserInfo.DisplayableId; _settings.Values["TenantId"] = result.TenantId; _settings.Values["LastAuthority"] = context.Authority; AccessToken = accessToken; return accessToken; } catch { return null; } }
internal static async Task AcquireTokenWithPromptBehaviorNeverTestAsync(Sts sts) { // Should not be able to get a token silently on first try. var context = new AuthenticationContextProxy(sts.Authority, sts.ValidateAuthority); var neverAuthorizationParameters = new PlatformParameters(PromptBehavior.Never, null); AuthenticationResultProxy result = await context.AcquireTokenAsync(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, neverAuthorizationParameters); VerifyErrorResult(result, Sts.UserInteractionRequired, null); AuthenticationContextProxy.SetCredentials(sts.ValidUserName, sts.ValidPassword); // Obtain a token interactively. result = await context.AcquireTokenAsync(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, PlatformParameters, sts.ValidUserId); VerifySuccessResult(sts, result); AuthenticationContextProxy.SetCredentials(null, null); // Now there should be a token available in the cache so token should be available silently. result = await context.AcquireTokenAsync(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, neverAuthorizationParameters); VerifySuccessResult(sts, result); // Clear the cache and silent auth should work via session cookies. AuthenticationContextProxy.ClearDefaultCache(); result = await context.AcquireTokenAsync(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, neverAuthorizationParameters); VerifySuccessResult(sts, result); // Clear the cache and cookies and silent auth should fail. AuthenticationContextProxy.ClearDefaultCache(); EndBrowserDialogSession(); result = await context.AcquireTokenAsync(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, neverAuthorizationParameters); VerifyErrorResult(result, Sts.UserInteractionRequired, null); }
internal static async Task SwitchUserTestAsync(Sts sts) { Log.Comment("Acquire token for user1 interactively"); AuthenticationContextProxy.SetCredentials(null, sts.ValidPassword); var context = new AuthenticationContextProxy(sts.Authority, sts.ValidateAuthority); AuthenticationResultProxy result = await context.AcquireTokenAsync(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, PlatformParameters, sts.ValidUserId); VerifySuccessResultAndTokenContent(sts, result); Verify.AreEqual(sts.ValidUserName, result.UserInfo.DisplayableId); Log.Comment("Acquire token via cookie for user1 without user"); AuthenticationResultProxy result2 = await context.AcquireTokenAsync(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, PlatformParameters); VerifySuccessResultAndTokenContent(sts, result2); Verify.AreEqual(sts.ValidUserName, result2.UserInfo.DisplayableId); Log.Comment("Acquire token for user2 via force prompt and user"); AuthenticationContextProxy.SetCredentials(sts.ValidUserName2, sts.ValidPassword2); var alwaysAuthorizationParameters = new PlatformParameters(PromptBehavior.Always, null); result2 = await context.AcquireTokenAsync(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, alwaysAuthorizationParameters, sts.ValidRequiredUserId2); VerifySuccessResultAndTokenContent(sts, result2); Verify.AreEqual(sts.ValidUserName2, result2.UserInfo.DisplayableId); Log.Comment("Acquire token for user2 via force prompt"); AuthenticationContextProxy.SetCredentials(sts.ValidUserName2, sts.ValidPassword2); result2 = await context.AcquireTokenAsync(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, alwaysAuthorizationParameters); VerifySuccessResultAndTokenContent(sts, result2); Verify.AreEqual(sts.ValidUserName2, result2.UserInfo.DisplayableId); Log.Comment("Fail to acquire token without user while tokens for two users in the cache"); result2 = await context.AcquireTokenAsync(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, PlatformParameters); VerifyErrorResult(result2, "multiple_matching_tokens_detected", null); }
public void AcquireToken(IDictionary <string, string> brokerPayload) { if (brokerPayload.ContainsKey("broker_install_url")) { string url = brokerPayload["broker_install_url"]; Uri uri = new Uri(url); string query = uri.Query; if (query.StartsWith("?")) { query = query.Substring(1); } Dictionary <string, string> keyPair = EncodingHelper.ParseKeyValueList(query, '&', true, false, null); PlatformParameters pp = PlatformParameters as PlatformParameters; pp.CallerActivity.StartActivity(new Intent(Intent.ActionView, Android.Net.Uri.Parse(keyPair["app_link"]))); throw new AdalException(AdalErrorAndroidEx.BrokerApplicationRequired, AdalErrorMessageAndroidEx.BrokerApplicationRequired); } Context mContext = Application.Context; AuthenticationRequest request = new AuthenticationRequest(brokerPayload); PlatformParameters platformParams = PlatformParameters as PlatformParameters; // BROKER flow intercepts here // cache and refresh call happens through the authenticator service if (mBrokerProxy.VerifyUser(request.LoginHint, request.UserId)) { CallState.Logger.Verbose(null, "It switched to broker for context: " + mContext.PackageName); request.BrokerAccountName = request.LoginHint; // Don't send background request, if prompt flag is always or // refresh_session bool hasAccountNameOrUserId = !string.IsNullOrEmpty(request.BrokerAccountName) || !string.IsNullOrEmpty(request.UserId); if (string.IsNullOrEmpty(request.Claims) && hasAccountNameOrUserId) { CallState.Logger.Verbose(null, "User is specified for background token request"); resultEx = mBrokerProxy.GetAuthTokenInBackground(request, platformParams.CallerActivity); } else { CallState.Logger.Verbose(null, "User is not specified for background token request"); } if (resultEx != null && resultEx.Result != null && !string.IsNullOrEmpty(resultEx.Result.AccessToken)) { CallState.Logger.Verbose(null, "Token is returned from background call "); readyForResponse.Release(); return; } // Launch broker activity // if cache and refresh request is not handled. // Initial request to authenticator needs to launch activity to // record calling uid for the account. This happens for Prompt auto // or always behavior. CallState.Logger.Verbose(null, "Token is not returned from backgroud call"); // Only happens with callback since silent call does not show UI CallState.Logger.Verbose(null, "Launch activity for Authenticator"); CallState.Logger.Verbose(null, "Starting Authentication Activity"); if (resultEx == null) { CallState.Logger.Verbose(null, "Initial request to authenticator"); // Log the initial request but not force a prompt } if (brokerPayload.ContainsKey("silent_broker_flow")) { throw new AdalSilentTokenAcquisitionException(); } // onActivityResult will receive the response // Activity needs to launch to record calling app for this // account Intent brokerIntent = mBrokerProxy.GetIntentForBrokerActivity(request, platformParams.CallerActivity); if (brokerIntent != null) { try { CallState.Logger.Verbose(null, "Calling activity pid:" + Android.OS.Process.MyPid() + " tid:" + Android.OS.Process.MyTid() + "uid:" + Android.OS.Process.MyUid()); platformParams.CallerActivity.StartActivityForResult(brokerIntent, 1001); } catch (ActivityNotFoundException e) { CallState.Logger.Error(null, e); } } } else { throw new AdalException(AdalErrorAndroidEx.NoBrokerAccountFound, "Add requested account as a Workplace account via Settings->Accounts or set UseBroker=true."); } }