public static void WriteAdalRefreshToken(
ILegacyCachePersistence legacyCachePersistence,
MsalRefreshTokenCacheItem rtItem,
MsalIdTokenCacheItem idItem,
string authority,
string uniqueId,
string scope)
{
try
{
if (rtItem == null)
{
MsalLogger.Default.Info("No refresh token available. Skipping MSAL refresh token cache write");
return;
}
//Using scope instead of resource because that value does not exist. STS should return it.
AdalTokenCacheKey key = new AdalTokenCacheKey(authority, scope, rtItem.ClientId, TokenSubjectType.User,
uniqueId, idItem.IdToken.PreferredUsername);
AdalResultWrapper wrapper = new AdalResultWrapper()
{
Result = new AdalResult(null, null, DateTimeOffset.MinValue)
{
UserInfo = new AdalUserInfo()
{
UniqueId = uniqueId,
DisplayableId = idItem.IdToken.PreferredUsername
}
},
RefreshToken = rtItem.Secret,
RawClientInfo = rtItem.RawClientInfo,
//ResourceInResponse is needed to treat RT as an MRRT. See IsMultipleResourceRefreshToken
//property in AdalResultWrapper and its usage. Stronger design would be for the STS to return resource
//for which the token was issued as well on v2 endpoint.
ResourceInResponse = scope
};
IDictionary <AdalTokenCacheKey, AdalResultWrapper> dictionary = AdalCacheOperations.Deserialize(legacyCachePersistence.LoadCache());
dictionary[key] = wrapper;
legacyCachePersistence.WriteCache(AdalCacheOperations.Serialize(dictionary));
}
catch (Exception ex)
{
if (!string.Equals(rtItem?.Environment, idItem?.Environment, StringComparison.OrdinalIgnoreCase))
{
MsalLogger.Default.Error(DifferentEnvError);
}
if (!string.Equals(rtItem?.Environment, new Uri(authority).Host, StringComparison.OrdinalIgnoreCase))
{
MsalLogger.Default.Error(DifferentAuthorityError);
}
MsalLogger.Default.WarningPiiWithPrefix(ex, "An error occurred while writing MSAL refresh token to the cache in ADAL format. " +
"For details please see https://aka.ms/net-cache-persistence-errors. ");
}
}
/// <summary>
/// Determines whether the specified TokenCacheKey is equal to the current object.
/// </summary>
/// <returns>
/// true if the specified TokenCacheKey is equal to the current object; otherwise, false.
/// </returns>
/// <param name="other">The TokenCacheKey to compare with the current object. </param><filterpriority>2</filterpriority>
public bool Equals(AdalTokenCacheKey other)
{
if (ReferenceEquals(this, other))
{
return(true);
}
return(other != null &&
other.Authority == Authority &&
ResourceEquals(other.Resource) &&
ClientIdEquals(other.ClientId) &&
other.UniqueId == UniqueId &&
DisplayableIdEquals(other.DisplayableId) &&
other.TokenSubjectType == TokenSubjectType);
}
public static IDictionary <AdalTokenCacheKey, AdalResultWrapper> Deserialize(ICoreLogger logger, byte[] state)
{
IDictionary <AdalTokenCacheKey, AdalResultWrapper> dictionary =
new Dictionary <AdalTokenCacheKey, AdalResultWrapper>();
if (state == null || state.Length == 0)
{
return(dictionary);
}
using (Stream stream = new MemoryStream())
{
BinaryWriter writer = new BinaryWriter(stream);
writer.Write(state);
writer.Flush();
stream.Position = 0;
BinaryReader reader = new BinaryReader(stream);
int blobSchemaVersion = reader.ReadInt32();
if (blobSchemaVersion != SchemaVersion)
{
logger.Warning("The version of the persistent state of the cache does not match the current schema, so skipping deserialization.");
return(dictionary);
}
int count = reader.ReadInt32();
for (int n = 0; n < count; n++)
{
string keyString = reader.ReadString();
string[] kvpElements = keyString.Split(new[] { Delimiter }, StringSplitOptions.None);
AdalResultWrapper resultEx = AdalResultWrapper.Deserialize(reader.ReadString());
AdalTokenCacheKey key = new AdalTokenCacheKey(kvpElements[0], kvpElements[1], kvpElements[2],
(TokenSubjectType)int.Parse(kvpElements[3], CultureInfo.CurrentCulture),
resultEx.Result.UserInfo);
dictionary.Add(key, resultEx);
}
logger.Info(string.Format(CultureInfo.CurrentCulture, "Deserialized {0} items to token cache.", count));
}
return(dictionary);
}
