Exemplo n.º 1
0
        private async Task <TokenResponse> WindowsIntegratedAuthExchangeAsync(CancellationToken cancellationToken)
        {
            // todo: throw if not on a windows system
            // todo: even better, implement capabilities check system...

            string username = _systemUtils.GetCurrentUsername();

            if (string.IsNullOrWhiteSpace(username))
            {
                throw new InvalidOperationException("failed to retrieve current user name");
            }

            _authParameters.UserName = username;

            var userRealm = await _webRequestManager.GetUserRealmAsync(cancellationToken).ConfigureAwait(false);

            if (!userRealm.IsFederated)
            {
                throw new InvalidOperationException("wia only supports federated users");
            }

            var mexDoc = await _webRequestManager.GetMexAsync(userRealm.FederationMetadataUrl, cancellationToken)
                         .ConfigureAwait(false);

            var wsTrustResponse = await _webRequestManager.GetWsTrustResponseAsync(
                userRealm.CloudAudienceUrn,
                mexDoc.GetWsTrustWindowsTransportEndpoint(),
                cancellationToken).ConfigureAwait(false);

            var samlGrant = wsTrustResponse.GetSamlAssertion(mexDoc.GetWsTrustWindowsTransportEndpoint());

            return(await _webRequestManager.GetAccessTokenFromSamlGrantAsync(samlGrant, cancellationToken)
                   .ConfigureAwait(false));
        }