private AuthenticationResultEx GetResultFromBrokerResponse(Bundle bundleResult)
{
if (bundleResult == null)
{
throw new AdalException("bundleResult in broker response is null");
}
int errCode = bundleResult.GetInt(AccountManager.KeyErrorCode);
string msg = bundleResult.GetString(AccountManager.KeyErrorMessage);
if (!string.IsNullOrEmpty(msg))
{
throw new AdalException(errCode.ToString(CultureInfo.InvariantCulture), msg);
}
else
{
bool initialRequest = bundleResult.ContainsKey(BrokerConstants.AccountInitialRequest);
if (initialRequest)
{
// Initial request from app to Authenticator needs to launch
// prompt. null resultEx means initial request
return(null);
}
// IDtoken is not present in the current broker user model
UserInfo userinfo = GetUserInfoFromBrokerResult(bundleResult);
AuthenticationResult result =
new AuthenticationResult("Bearer", bundleResult.GetString(AccountManager.KeyAuthtoken),
ConvertFromTimeT(bundleResult.GetLong("account.expiredate", 0)))
{
UserInfo = userinfo
};
result.UpdateTenantAndUserInfo(bundleResult.GetString(BrokerConstants.AccountUserInfoTenantId), null,
userinfo);
return(new AuthenticationResultEx
{
Result = result,
RefreshToken = null,
ResourceInResponse = null,
});
}
}
public AuthenticationResultEx GetResult(DateTimeOffset expiresOn, DateTimeOffset extendedExpiresOn)
{
AuthenticationResultEx resultEx;
if (this.AccessToken != null)
{
var result = new AuthenticationResult(this.TokenType, this.AccessToken, expiresOn, extendedExpiresOn);
IdToken idToken = IdToken.Parse(this.IdTokenString);
if (idToken != null)
{
string tenantId = idToken.TenantId;
string uniqueId = null;
string displayableId = null;
if (!string.IsNullOrWhiteSpace(idToken.ObjectId))
{
uniqueId = idToken.ObjectId;
}
else if (!string.IsNullOrWhiteSpace(idToken.Subject))
{
uniqueId = idToken.Subject;
}
if (!string.IsNullOrWhiteSpace(idToken.UPN))
{
displayableId = idToken.UPN;
}
else if (!string.IsNullOrWhiteSpace(idToken.Email))
{
displayableId = idToken.Email;
}
string givenName = idToken.GivenName;
string familyName = idToken.FamilyName;
string identityProvider = idToken.IdentityProvider ?? idToken.Issuer;
DateTimeOffset?passwordExpiresOffest = null;
if (idToken.PasswordExpiration > 0)
{
passwordExpiresOffest = DateTime.UtcNow + TimeSpan.FromSeconds(idToken.PasswordExpiration);
}
Uri changePasswordUri = null;
if (!string.IsNullOrEmpty(idToken.PasswordChangeUrl))
{
changePasswordUri = new Uri(idToken.PasswordChangeUrl);
}
result.UpdateTenantAndUserInfo(tenantId, this.IdTokenString,
new UserInfo
{
UniqueId = uniqueId,
DisplayableId = displayableId,
GivenName = givenName,
FamilyName = familyName,
IdentityProvider = identityProvider,
PasswordExpiresOn = passwordExpiresOffest,
PasswordChangeUrl = changePasswordUri
});
result.Authority = Authority;
}
resultEx = new AuthenticationResultEx
{
Result = result,
RefreshToken = this.RefreshToken,
// This is only needed for AcquireTokenByAuthorizationCode in which parameter resource is optional and we need
// to get it from the STS response.
ResourceInResponse = this.Resource
};
}
else if (this.Error != null)
{
throw new AdalServiceException(this.Error, this.ErrorDescription);
}
else
{
throw new AdalServiceException(AdalError.Unknown, AdalErrorMessage.Unknown);
}
return(resultEx);
}