private static AadAuthParams ExtractAuthParamsFromIdentityProvider(string identityProvider)
{
if (string.IsNullOrEmpty(identityProvider))
{
return(null);
}
AadAuthParams aadAuthParams = new AadAuthParams();
if (identityProvider.Contains(","))
{
string[] array = identityProvider.Split(new char[]
{
','
});
aadAuthParams.Authority = array[0];
aadAuthParams.ApplicationId = array[1];
if (string.IsNullOrEmpty(aadAuthParams.ApplicationId))
{
aadAuthParams.ApplicationId = "cf710c6e-dfcc-4fa8-a093-d47294e44c66";
}
}
else
{
aadAuthParams.Authority = identityProvider;
aadAuthParams.ApplicationId = "cf710c6e-dfcc-4fa8-a093-d47294e44c66";
}
return(aadAuthParams);
}
private static void ValidateAuthority(string authority)
{
Uri uri;
if (!AadAuthParams.IsValidUrl(authority, out uri) || string.IsNullOrEmpty(uri.AbsolutePath) || !uri.AbsolutePath.StartsWith("/") || uri.AbsolutePath.Length == 1)
{
throw new ArgumentException(XmlaSR.Authentication_ClaimsToken_IdentityProviderFormatInvalid);
}
}
private static AadAuthParams[] ReadLocalSecurityAuthParams()
{
AadAuthParams[] result;
using (Stream resourceAsStream = AadAuthParams.GetResourceAsStream("ASAzureSecurityConfig.xml"))
{
result = AadAuthParams.DeserializeAuthParams(resourceAsStream);
}
return(result);
}
private static object CreateAuthenticationContextWithCache(AadAuthParams authParams, string dataSource)
{
AdalRuntimeLibrary instance = AdalRuntimeLibrary.Instance;
object obj = Activator.CreateInstance(instance.TokenCacheT);
new AdalRuntimeLibrary.CacheLocalStorage(obj, dataSource);
return(Activator.CreateInstance(instance.AuthenticationContextT, new object[]
{
authParams.Authority,
obj
}));
}
private static AadAuthParams FindAuthParams(Uri uri, AadAuthParams[] authParams)
{
string host = uri.Host;
AadAuthParams aadAuthParams = null;
for (int i = 0; i < authParams.Length; i++)
{
AadAuthParams aadAuthParams2 = authParams[i];
if (host.EndsWith(aadAuthParams2.DomainPostfix, StringComparison.InvariantCultureIgnoreCase) && (aadAuthParams == null || aadAuthParams2.DomainPostfix.Length > aadAuthParams.DomainPostfix.Length))
{
aadAuthParams = aadAuthParams2;
}
}
return(aadAuthParams);
}
private void SetValues(string accessToken, string refreshToken, DateTimeOffset expiresOn, AadAuthParams authParams, string dataSource, bool useAdalCache, bool refreshableToken)
{
this.accessToken = accessToken;
this.refreshToken = refreshToken;
this.authParams = authParams;
this.dataSource = dataSource;
this.useAdalCache = useAdalCache;
this.refreshableToken = refreshableToken;
this.expiresOn = expiresOn;
double totalSeconds = expiresOn.Subtract(DateTimeOffset.Now).TotalSeconds;
if (totalSeconds > 0.0)
{
double value = totalSeconds * 0.08;
this.reAcquireOn = expiresOn.Subtract(TimeSpan.FromSeconds(value));
return;
}
this.reAcquireOn = expiresOn;
}
private static AadAuthParams[] ReadRemoteSecurityAuthParams()
{
AadAuthParams[] result;
using (WebClient webClient = new WebClient())
{
try
{
byte[] buffer = webClient.DownloadData("https://global.asazure.windows.net/ASAzureSecurityConfig.xml");
using (MemoryStream memoryStream = new MemoryStream(buffer))
{
result = AadAuthParams.DeserializeAuthParams(memoryStream);
}
}
catch (WebException)
{
result = new AadAuthParams[0];
}
}
return(result);
}
public static AadAuthParams FindMatchingAuthParams(string identityProvider, Uri dataSourceUri)
{
AadAuthParams aadAuthParams = AadAuthParams.ExtractAuthParamsFromIdentityProvider(identityProvider);
if (aadAuthParams != null)
{
return(aadAuthParams);
}
aadAuthParams = AadAuthParams.FindAuthParams(dataSourceUri, AadAuthParams.LocalSecurityAuthParams);
if (aadAuthParams != null)
{
return(aadAuthParams);
}
aadAuthParams = AadAuthParams.FindAuthParams(dataSourceUri, AadAuthParams.RemoteSecurityAuthParams);
if (aadAuthParams != null)
{
return(aadAuthParams);
}
throw new ArgumentException(XmlaSR.Authentication_ClaimsToken_AuthorityNotFound);
}
internal static AadTokenHolder ReAcquireToken(string refreshToken, AadAuthParams authParams, string dataSource, bool useAdalCache)
{
AadTokenHolder result;
using (new AdalRuntimeLibrary.Usage())
{
AdalRuntimeLibrary instance = AdalRuntimeLibrary.Instance;
object obj = useAdalCache ? AadAuthenticator.CreateAuthenticationContextWithCache(authParams, dataSource) : Activator.CreateInstance(instance.AuthenticationContextT, new object[]
{
authParams.Authority
});
object obj2 = instance.AcquireTokenByRefreshTokenM.Invoke(obj, new string[]
{
refreshToken,
authParams.ApplicationId
});
result = new AadTokenHolder((string)instance.AccessTokenP.GetValue(obj2, null), (string)instance.RefreshTokenP.GetValue(obj2, null), (DateTimeOffset)instance.ExpiresOnP.GetValue(obj2, null), authParams, dataSource, useAdalCache);
}
return(result);
}
private static bool TryToUpdateTenant(AadAuthParams authParams, object authContext, string userId, out AadAuthParams authParamsUpdated)
{
AdalRuntimeLibrary instance = AdalRuntimeLibrary.Instance;
object value = instance.TokenCacheP.GetValue(authContext, null);
foreach (object current in ((IEnumerable)instance.ReadItemsM.Invoke(value, null)))
{
string text = (string)instance.AuthorityP.GetValue(current, null);
string b = (string)instance.ClientIdP.GetValue(current, null);
string b2 = (string)instance.DisplayableIdP.GetValue(current, null);
if (authParams.ApplicationId == b && AadAuthParams.IsSameInstance(authParams.Authority, text) && (userId == null || userId == b2))
{
authParamsUpdated = new AadAuthParams
{
Authority = text,
ApplicationId = authParams.ApplicationId,
DomainPostfix = authParams.DomainPostfix
};
return(true);
}
}
authParamsUpdated = null;
return(false);
}
internal static AadTokenHolder AcquireToken(Uri dataSourceUri, string dataSource, string identityProvider, string userId, string password, bool useAdalCache)
{
if (userId == null && password != null)
{
return(new AadTokenHolder(password));
}
AadAuthParams aadAuthParams = AadAuthParams.FindMatchingAuthParams(identityProvider, dataSourceUri);
string text = string.Format("https://{0}", dataSourceUri.Host);
AadTokenHolder result;
using (new AdalRuntimeLibrary.Usage())
{
AdalRuntimeLibrary instance = AdalRuntimeLibrary.Instance;
object obj;
if (useAdalCache)
{
obj = AadAuthenticator.CreateAuthenticationContextWithCache(aadAuthParams, dataSource);
AadAuthParams aadAuthParams2;
if (aadAuthParams.IsCommonTenant && AadAuthenticator.TryToUpdateTenant(aadAuthParams, obj, userId, out aadAuthParams2))
{
aadAuthParams = aadAuthParams2;
obj = AadAuthenticator.CreateAuthenticationContextWithCache(aadAuthParams, dataSource);
}
}
else
{
obj = Activator.CreateInstance(instance.AuthenticationContextT, new object[]
{
aadAuthParams.Authority
});
}
object obj3;
if (userId != null && password != null)
{
object obj2 = Activator.CreateInstance(instance.UserCredentialT, new object[]
{
userId,
password
});
obj3 = instance.AcquireTokenCredentialsM.Invoke(obj, new object[]
{
text,
aadAuthParams.ApplicationId,
obj2
});
}
else if (userId != null)
{
object obj4 = Activator.CreateInstance(instance.UserIdentifierT, new object[]
{
userId,
instance.OptionalDisplayableIdV
});
obj3 = instance.AcquireTokenUserIdM.Invoke(obj, new object[]
{
text,
aadAuthParams.ApplicationId,
AadAuthenticator.RedirectUri,
instance.PromptBehaviorAutoV,
obj4
});
}
else
{
obj3 = instance.AcquireTokenM.Invoke(obj, new object[]
{
text,
aadAuthParams.ApplicationId,
AadAuthenticator.RedirectUri,
instance.PromptBehaviorAutoV
});
}
result = new AadTokenHolder((string)instance.AccessTokenP.GetValue(obj3, null), (string)instance.RefreshTokenP.GetValue(obj3, null), (DateTimeOffset)instance.ExpiresOnP.GetValue(obj3, null), aadAuthParams, dataSource, useAdalCache);
}
return(result);
}
internal AadTokenHolder(string accessToken, string refreshToken, DateTimeOffset expiresOn, AadAuthParams authParams, string dataSource, bool useAdalCache)
{
this.SetValues(accessToken, refreshToken, expiresOn, authParams, dataSource, useAdalCache, true);
}
