private async Task ValidateOathClientAsync(
HttpResponseMessage httpResponseMessage,
Action <Exception> validationHandler)
{
using (MockHttpAndServiceBundle harness = CreateTestHarness())
{
var requestUri = new Uri("http://some.url.com");
harness.HttpManager.AddMockHandler(
new MockHttpMessageHandler
{
ExpectedUrl = requestUri.AbsoluteUri,
ExpectedMethod = HttpMethod.Post,
ResponseMessage = httpResponseMessage
});
OAuth2Client client = new OAuth2Client(
harness.ServiceBundle.DefaultLogger,
harness.HttpManager,
harness.ServiceBundle.MatsTelemetryManager);
Exception ex = await AssertException.TaskThrowsAsync <Exception>(
() => client.ExecuteRequestAsync <OAuth2ResponseBase>(
requestUri,
HttpMethod.Post,
new RequestContext(harness.ServiceBundle, Guid.NewGuid())),
allowDerived : true)
.ConfigureAwait(false);
validationHandler(ex);
}
}
protected override async Task <AuthenticationResult> ExecuteAsync(CancellationToken cancellationToken)
{
await ResolveAuthorityAsync().ConfigureAwait(false);
var client = new OAuth2Client(ServiceBundle.ApplicationLogger, ServiceBundle.HttpManager);
var deviceCodeScopes = new HashSet <string>();
deviceCodeScopes.UnionWith(AuthenticationRequestParameters.Scope);
deviceCodeScopes.Add(OAuth2Value.ScopeOfflineAccess);
deviceCodeScopes.Add(OAuth2Value.ScopeProfile);
deviceCodeScopes.Add(OAuth2Value.ScopeOpenId);
client.AddBodyParameter(OAuth2Parameter.ClientId, AuthenticationRequestParameters.AppConfig.ClientId);
client.AddBodyParameter(OAuth2Parameter.Scope, deviceCodeScopes.AsSingleString());
client.AddBodyParameter(OAuth2Parameter.Claims, AuthenticationRequestParameters.ClaimsAndClientCapabilities);
var builder = new UriBuilder(AuthenticationRequestParameters.Authority.GetDeviceCodeEndpoint());
builder.AppendQueryParameters(AuthenticationRequestParameters.ExtraQueryParameters);
var response = await client.ExecuteRequestAsync <DeviceCodeResponse>(
builder.Uri,
HttpMethod.Post,
AuthenticationRequestParameters.RequestContext,
// Normally AAD responds with an error HTTP code, but /devicecode endpoint sends errors on 200OK
expectErrorsOn200OK : true).ConfigureAwait(false);
var deviceCodeResult = response.GetResult(AuthenticationRequestParameters.AppConfig.ClientId, deviceCodeScopes);
await _deviceCodeParameters.DeviceCodeResultCallback(deviceCodeResult).ConfigureAwait(false);
var msalTokenResponse = await WaitForTokenResponseAsync(deviceCodeResult, cancellationToken).ConfigureAwait(false);
return(await CacheTokenResponseAndCreateAuthenticationResultAsync(msalTokenResponse).ConfigureAwait(false));
}
private async Task <DrsMetadataResponse> QueryEnrollmentServerEndpointAsync(string endpoint, RequestContext requestContext)
{
OAuth2Client client = new OAuth2Client();
client.AddQueryParameter("api-version", "1.0");
return(await client.ExecuteRequestAsync <DrsMetadataResponse>(new Uri(endpoint), HttpMethod.Get, requestContext).ConfigureAwait(false));
}
private async Task <TenantDiscoveryResponse> DiscoverEndpointsAsync(string openIdConfigurationEndpoint,
RequestContext requestContext)
{
OAuth2Client client = new OAuth2Client();
return
(await
client.ExecuteRequestAsync <TenantDiscoveryResponse>(new Uri(openIdConfigurationEndpoint),
HttpMethod.Get, requestContext).ConfigureAwait(false));
}
private async Task <TenantDiscoveryResponse> DiscoverEndpointsAsync(
string openIdConfigurationEndpoint,
RequestContext requestContext)
{
var client = new OAuth2Client(requestContext.Logger, _serviceBundle.HttpManager, _serviceBundle.TelemetryManager);
return(await client.ExecuteRequestAsync <TenantDiscoveryResponse>(
new Uri(openIdConfigurationEndpoint),
HttpMethod.Get,
requestContext).ConfigureAwait(false));
}
internal override async Task <AuthenticationResult> ExecuteAsync(CancellationToken cancellationToken)
{
//Adfs device code flow not currently supported
if (ServiceBundle.Config.AuthorityInfo.AuthorityType == AuthorityType.Adfs)
{
throw new InvalidOperationException(MsalErrorMessage.AdfsDeviceFlowNotSupported);
}
await ResolveAuthorityEndpointsAsync().ConfigureAwait(false);
var client = new OAuth2Client(ServiceBundle.DefaultLogger, ServiceBundle.HttpManager, ServiceBundle.TelemetryManager);
var deviceCodeScopes = new HashSet <string>();
deviceCodeScopes.UnionWith(AuthenticationRequestParameters.Scope);
deviceCodeScopes.Add(OAuth2Value.ScopeOfflineAccess);
deviceCodeScopes.Add(OAuth2Value.ScopeProfile);
deviceCodeScopes.Add(OAuth2Value.ScopeOpenId);
client.AddBodyParameter(OAuth2Parameter.ClientId, AuthenticationRequestParameters.ClientId);
client.AddBodyParameter(OAuth2Parameter.Scope, deviceCodeScopes.AsSingleString());
client.AddQueryParameter(OAuth2Parameter.Claims, AuthenticationRequestParameters.Claims);
// Talked with Shiung, devicecode will be added to the discovery endpoint "soon".
// Fow now, the string replace is correct.
// TODO: We should NOT be talking to common, need to work with henrik/bogdan on why /common is being set
// as default for msal.
string deviceCodeEndpoint = AuthenticationRequestParameters.Endpoints.TokenEndpoint
.Replace("token", "devicecode").Replace(
"common",
"organizations");
var builder = new UriBuilder(deviceCodeEndpoint);
builder.AppendQueryParameters(AuthenticationRequestParameters.ExtraQueryParameters);
var response = await client.ExecuteRequestAsync <DeviceCodeResponse>(
builder.Uri,
HttpMethod.Post,
AuthenticationRequestParameters.RequestContext).ConfigureAwait(false);
var deviceCodeResult = response.GetResult(AuthenticationRequestParameters.ClientId, deviceCodeScopes);
await _deviceCodeParameters.DeviceCodeResultCallback(deviceCodeResult).ConfigureAwait(false);
var msalTokenResponse = await WaitForTokenResponseAsync(deviceCodeResult, cancellationToken).ConfigureAwait(false);
return(await CacheTokenResponseAndCreateAuthenticationResultAsync(msalTokenResponse).ConfigureAwait(false));
}
internal override async Task <AuthenticationResult> ExecuteAsync(CancellationToken cancellationToken)
{
await ResolveAuthorityEndpointsAsync().ConfigureAwait(false);
var client = new OAuth2Client(ServiceBundle.HttpManager, ServiceBundle.TelemetryManager);
var deviceCodeScopes = new HashSet <string>();
deviceCodeScopes.UnionWith(AuthenticationRequestParameters.Scope);
deviceCodeScopes.Add(OAuth2Value.ScopeOfflineAccess);
deviceCodeScopes.Add(OAuth2Value.ScopeProfile);
deviceCodeScopes.Add(OAuth2Value.ScopeOpenId);
client.AddBodyParameter(OAuth2Parameter.ClientId, AuthenticationRequestParameters.ClientId);
client.AddBodyParameter(OAuth2Parameter.Scope, deviceCodeScopes.AsSingleString());
// Talked with Shiung, devicecode will be added to the discovery endpoint "soon".
// Fow now, the string replace is correct.
// TODO: We should NOT be talking to common, need to work with henrik/bogdan on why /common is being set
// as default for msal.
string deviceCodeEndpoint = AuthenticationRequestParameters.Authority.TokenEndpoint
.Replace("token", "devicecode").Replace(
"common",
"organizations");
AuthenticationRequestParameters.Authority.TokenEndpoint =
AuthenticationRequestParameters.Authority.TokenEndpoint.Replace("common", "organizations");
var response = await client.ExecuteRequestAsync <DeviceCodeResponse>(
new Uri(deviceCodeEndpoint),
HttpMethod.Post,
AuthenticationRequestParameters.RequestContext).ConfigureAwait(false);
var deviceCodeResult = response.GetResult(AuthenticationRequestParameters.ClientId, deviceCodeScopes);
await _deviceCodeResultCallback(deviceCodeResult).ConfigureAwait(false);
var msalTokenResponse = await WaitForTokenResponseAsync(deviceCodeResult, cancellationToken).ConfigureAwait(false);
return(CacheTokenResponseAndCreateAuthenticationResult(msalTokenResponse));
}
internal override async Task <AuthenticationResult> ExecuteAsync(CancellationToken cancellationToken)
{
await ResolveAuthorityEndpointsAsync().ConfigureAwait(false);
var client = new OAuth2Client(ServiceBundle.DefaultLogger, ServiceBundle.HttpManager, ServiceBundle.TelemetryManager);
var deviceCodeScopes = new HashSet <string>();
deviceCodeScopes.UnionWith(AuthenticationRequestParameters.Scope);
deviceCodeScopes.Add(OAuth2Value.ScopeOfflineAccess);
deviceCodeScopes.Add(OAuth2Value.ScopeProfile);
deviceCodeScopes.Add(OAuth2Value.ScopeOpenId);
client.AddBodyParameter(OAuth2Parameter.ClientId, AuthenticationRequestParameters.ClientId);
client.AddBodyParameter(OAuth2Parameter.Scope, deviceCodeScopes.AsSingleString());
client.AddQueryParameter(OAuth2Parameter.Claims, AuthenticationRequestParameters.Claims);
string deviceCodeEndpoint = AuthenticationRequestParameters.Endpoints.TokenEndpoint
.Replace("token", "devicecode");
var builder = new UriBuilder(deviceCodeEndpoint);
builder.AppendQueryParameters(AuthenticationRequestParameters.ExtraQueryParameters);
var response = await client.ExecuteRequestAsync <DeviceCodeResponse>(
builder.Uri,
HttpMethod.Post,
AuthenticationRequestParameters.RequestContext).ConfigureAwait(false);
var deviceCodeResult = response.GetResult(AuthenticationRequestParameters.ClientId, deviceCodeScopes);
await _deviceCodeParameters.DeviceCodeResultCallback(deviceCodeResult).ConfigureAwait(false);
var msalTokenResponse = await WaitForTokenResponseAsync(deviceCodeResult, cancellationToken).ConfigureAwait(false);
return(await CacheTokenResponseAndCreateAuthenticationResultAsync(msalTokenResponse).ConfigureAwait(false));
}
