protected override async Task PreRunAsync()
        {
            await base.PreRunAsync();

            // We cannot move the following lines to UserCredential as one of these calls in async.
            // It cannot be moved to constructor or property or a pure sync or async call. This is why we moved it here which is an async call already.
            if (string.IsNullOrWhiteSpace(this.userCredential.UserName))
            {
#if ADAL_NET
                this.userCredential.UserName = PlatformSpecificHelper.GetUserPrincipalName();
#else
                this.userCredential.UserName = await PlatformSpecificHelper.GetUserPrincipalNameAsync();
#endif
                if (string.IsNullOrWhiteSpace(userCredential.UserName))
                {
                    Logger.Information(this.CallState, "Could not find UPN for logged in user");
                    var ex = new AdalException(AdalError.UnknownUser);
                    Logger.LogException(this.CallState, ex);
                    throw ex;
                }

                Logger.Information(this.CallState, "Logged in user '{0}' detected", userCredential.UserName);
            }

            this.DisplayableId = userCredential.UserName;
        }
        public static string CheckForExtraQueryParameter(string url)
        {
            string extraQueryParameter = PlatformSpecificHelper.GetEnvironmentVariable("ExtraQueryParameter");
            string delimiter           = (url.IndexOf('?') > 0) ? "&" : "?";

            if (!string.IsNullOrWhiteSpace(extraQueryParameter))
            {
                url += string.Concat(delimiter, extraQueryParameter);
            }

            return(url);
        }
예제 #3
0
        public void AddAdalIdParameters(IDictionary <string, string> parameters)
        {
            parameters[AdalIdParameter.Product] = PlatformSpecificHelper.GetProductName();
            parameters[AdalIdParameter.Version] = AdalIdHelper.GetAdalVersion();

#if !ADAL_WINPHONE
            parameters[AdalIdParameter.CpuPlatform] = AdalIdHelper.GetProcessorArchitecture();
#endif

#if ADAL_NET
            parameters[AdalIdParameter.OS] = Environment.OSVersion.ToString();
#endif
        }
        public AcquireTokenOnBehalfHandler(Authenticator authenticator, TokenCache tokenCache, string resource, ClientKey clientKey, UserAssertion userAssertion, bool callSync)
            : base(authenticator, tokenCache, resource, clientKey, TokenSubjectType.UserPlusClient, callSync)
        {
            if (userAssertion == null)
            {
                throw new ArgumentNullException("userAssertion");
            }

            this.userAssertion = userAssertion;
            this.DisplayableId = userAssertion.UserName;
            this.assertionHash = PlatformSpecificHelper.CreateSha256Hash(userAssertion.Assertion);

            this.SupportADFS = true;
        }
        public AuthenticatorTemplateList()
        {
            string[] trustedHostList = { "login.windows.net", "login.chinacloudapi.cn", "login.cloudgovapi.us", "login.microsoftonline.com" };

            string customAuthorityHost = PlatformSpecificHelper.GetEnvironmentVariable("customTrustedHost");

            if (string.IsNullOrWhiteSpace(customAuthorityHost))
            {
                foreach (string host in trustedHostList)
                {
                    this.Add(AuthenticatorTemplate.CreateFromHost(host));
                }
            }
            else
            {
                this.Add(AuthenticatorTemplate.CreateFromHost(customAuthorityHost));
            }
        }
        private void LogReturnedToken(AuthenticationResult result)
        {
            if (result.AccessToken != null)
            {
                string accessTokenHash = PlatformSpecificHelper.CreateSha256Hash(result.AccessToken);
                string logMessage;
                if (result.RefreshToken != null)
                {
                    string refreshTokenHash = PlatformSpecificHelper.CreateSha256Hash(result.RefreshToken);
                    logMessage = string.Format("Access Token with hash '{0}' and Refresh Token with hash '{1}' returned", accessTokenHash, refreshTokenHash);
                }
                else
                {
                    logMessage = string.Format("Access Token with hash '{0}' returned", accessTokenHash);
                }

                Logger.Verbose(this.CallState, logMessage);
            }
        }
예제 #7
0
        private void LogReturnedToken(AuthenticationResult result)
        {
            if (result.AccessToken != null)
            {
                string accessTokenHash = PlatformSpecificHelper.CreateSha256Hash(result.AccessToken);
                string refreshTokenHash;
                if (result.RefreshToken != null)
                {
                    refreshTokenHash = PlatformSpecificHelper.CreateSha256Hash(result.RefreshToken);
                }
                else
                {
                    refreshTokenHash = "[No Refresh Token]";
                }

                Logger.Information(this.CallState, "=== Token Acquisition finished successfully. An access token was retuned:\n\tAccess Token Hash: {0}\n\tRefresh Token Hash: {1}\n\tExpiration Time: {2}\n\tUser Hash: {3}\n\t",
                                   accessTokenHash, refreshTokenHash, result.ExpiresOn,
                                   result.UserInfo != null ? PlatformSpecificHelper.CreateSha256Hash(result.UserInfo.UniqueId) : "null");
            }
        }
        public void AddAdalIdParameters(IDictionary <string, string> parameters)
        {
            parameters[AdalIdParameter.Product] = PlatformSpecificHelper.GetProductName();
            parameters[AdalIdParameter.Version] = AdalIdHelper.GetAdalVersion();

#if !ADAL_WINPHONE
            parameters[AdalIdParameter.CpuPlatform] = AdalIdHelper.GetProcessorArchitecture();
#endif

#if ADAL_NET
            parameters[AdalIdParameter.OS] = Environment.OSVersion.ToString();

            // Since ADAL .NET may be used on servers, for security reasons, we do not emit device type.
#else
            // In WinRT, there is no way to reliably get OS version. All can be done reliably is to check
            // for existence of specific features which does not help in this case, so we do not emit OS in WinRT.

            var deviceInformation = new Windows.Security.ExchangeActiveSyncProvisioning.EasClientDeviceInformation();
            parameters[AdalIdParameter.DeviceModel] = deviceInformation.SystemProductName;
#endif
        }
예제 #9
0
        public AuthenticatorTemplateList()
        {
            string[] trustedHostList =
            {
                "login.windows.net",                // Microsoft Azure Worldwide - Used in validation scenarios where host is not this list
                "login.chinacloudapi.cn",           // Microsoft Azure China
                "login-us.microsoftonline.com",     // Microsoft Azure US Government
                "login.microsoftonline.com"         // Microsoft Azure Worldwide
            };

            string customAuthorityHost = PlatformSpecificHelper.GetEnvironmentVariable("customTrustedHost");

            if (string.IsNullOrWhiteSpace(customAuthorityHost))
            {
                foreach (string host in trustedHostList)
                {
                    this.Add(AuthenticatorTemplate.CreateFromHost(host));
                }
            }
            else
            {
                this.Add(AuthenticatorTemplate.CreateFromHost(customAuthorityHost));
            }
        }
 public void Close()
 {
     PlatformSpecificHelper.CloseHttpWebResponse(this.response);
 }
예제 #11
0
 static AuthenticationContext()
 {
     Logger.Information(null, string.Format("ADAL {0} with assembly version '{1}', file version '{2}' and informational version '{3}' is running...",
                                            PlatformSpecificHelper.GetProductName(), AdalIdHelper.GetAdalVersion(), AdalIdHelper.GetAssemblyFileVersion(), AdalIdHelper.GetAssemblyInformationalVersion()));
 }
예제 #12
0
        protected override async Task PreTokenRequest()
        {
            await base.PreTokenRequest();

            if (this.userAssertion == null)
            {
                UserRealmDiscoveryResponse userRealmResponse = await UserRealmDiscoveryResponse.CreateByDiscoveryAsync(this.Authenticator.UserRealmUri, this.userCredential.UserName, this.CallState);

                Logger.Information(this.CallState, "User with hash '{0}' detected as '{1}'", PlatformSpecificHelper.CreateSha256Hash(this.userCredential.UserName), userRealmResponse.AccountType);

                if (string.Compare(userRealmResponse.AccountType, "federated", StringComparison.OrdinalIgnoreCase) == 0)
                {
                    if (string.IsNullOrWhiteSpace(userRealmResponse.FederationMetadataUrl))
                    {
                        throw new AdalException(AdalError.MissingFederationMetadataUrl);
                    }

                    WsTrustAddress wsTrustAddress = await MexParser.FetchWsTrustAddressFromMexAsync(userRealmResponse.FederationMetadataUrl, this.userCredential.UserAuthType, this.CallState);

                    Logger.Information(this.CallState, "WS-Trust endpoint '{0}' fetched from MEX at '{1}'", wsTrustAddress.Uri, userRealmResponse.FederationMetadataUrl);

                    WsTrustResponse wsTrustResponse = await WsTrustRequest.SendRequestAsync(wsTrustAddress, this.userCredential, this.CallState);

                    Logger.Information(this.CallState, "Token of type '{0}' acquired from WS-Trust endpoint", wsTrustResponse.TokenType);

                    // We assume that if the response token type is not SAML 1.1, it is SAML 2
                    this.userAssertion = new UserAssertion(wsTrustResponse.Token, (wsTrustResponse.TokenType == WsTrustResponse.Saml1Assertion) ? OAuthGrantType.Saml11Bearer : OAuthGrantType.Saml20Bearer);
                }
                else if (string.Compare(userRealmResponse.AccountType, "managed", StringComparison.OrdinalIgnoreCase) == 0)
                {
                    // handle password grant flow for the managed user
                    if (this.userCredential.PasswordToCharArray() == null)
                    {
                        throw new AdalException(AdalError.PasswordRequiredForManagedUserError);
                    }
                }
                else
                {
                    throw new AdalException(AdalError.UnknownUserType);
                }
            }
        }