public void PopulateProviderCredentials_AzureActiveDirectory_CreatesExpectedCredentials()
{
const string UserIdClaimValue = "AadId";
AzureActiveDirectoryCredentials credentials = new AzureActiveDirectoryCredentials();
TokenEntry tokenEntry = new TokenEntry("aad");
tokenEntry.AccessToken = "TestAccessToken";
tokenEntry.ExpiresOn = DateTime.Parse("2015-03-12T16:49:28.504Z");
List <ClaimSlim> claims = new List <ClaimSlim>
{
new ClaimSlim("Claim1", "Value1"),
new ClaimSlim("Claim2", "Value2"),
new ClaimSlim("Claim3", "Value3"),
new ClaimSlim(TenantIdClaimType, "TestTenantId"),
new ClaimSlim(ObjectIdentifierClaimType, "TestObjectId"),
};
tokenEntry.UserClaims = claims;
tokenEntry.UserId = UserIdClaimValue;
IPrincipalExtensions.PopulateProviderCredentials(tokenEntry, credentials);
Assert.Equal("TestAccessToken", credentials.AccessToken);
Assert.Equal("TestTenantId", credentials.Claims.GetValueOrDefault(TenantIdClaimType));
Assert.Equal("TestObjectId", credentials.Claims.GetValueOrDefault(ObjectIdentifierClaimType));
Assert.Equal(UserIdClaimValue, credentials.UserId);
Assert.Equal(claims.Count, credentials.Claims.Count);
}
public void PopulateProviderCredentials_AzureActiveDirectory_CreatesExpectedCredentials()
{
const string UserIdClaimValue = "AadId";
AzureActiveDirectoryCredentials credentials = new AzureActiveDirectoryCredentials();
TokenEntry tokenEntry = new TokenEntry("aad");
tokenEntry.AccessToken = "TestAccessToken";
tokenEntry.IdToken = "TestIdToken";
tokenEntry.ExpiresOn = DateTime.Parse("2015-03-12T16:49:28.504Z");
List <ClaimSlim> claims = new List <ClaimSlim>
{
new ClaimSlim("Claim1", "Value1"),
new ClaimSlim("Claim2", "Value2"),
new ClaimSlim("Claim3", "Value3"),
new ClaimSlim(TenantIdClaimType, "TestTenantId"),
new ClaimSlim(ObjectIdentifierClaimType, "TestObjectId"),
};
tokenEntry.UserClaims = claims;
tokenEntry.UserId = UserIdClaimValue;
IPrincipalExtensions.PopulateProviderCredentials(tokenEntry, credentials);
// For AAD, the id_token value needs to get copied to AccessToken, not the access_token value.
Assert.Equal("TestIdToken", credentials.AccessToken);
Assert.Equal("TestTenantId", credentials.Claims.GetValueOrDefault(TenantIdClaimType));
Assert.Equal("TestObjectId", credentials.Claims.GetValueOrDefault(ObjectIdentifierClaimType));
Assert.Equal("TestTenantId", credentials.UserClaims.Single(c => string.Equals(c.Type, TenantIdClaimType, StringComparison.Ordinal)).Value);
Assert.Equal("TestObjectId", credentials.UserClaims.Single(c => string.Equals(c.Type, ObjectIdentifierClaimType, StringComparison.Ordinal)).Value);
Assert.Equal(UserIdClaimValue, credentials.UserId);
Assert.Equal(claims.Count, credentials.Claims.Count);
Assert.Equal(claims.Count, credentials.UserClaims.Count());
}
public void PopulateProviderCredentials_AzureActiveDirectory_CreatesExpectedCredentials()
{
const string UserIdClaimValue = "AadId";
AzureActiveDirectoryCredentials credentials = new AzureActiveDirectoryCredentials();
TokenResult tokenResult = new TokenResult();
tokenResult.Properties.Add(TokenResult.Authentication.AccessTokenName, "TestAccessToken");
tokenResult.Properties.Add("TenantId", "TestTenantId");
tokenResult.Properties.Add("ObjectId", "TestObjectId");
Dictionary <string, string> claims = new Dictionary <string, string>
{
{ "Claim1", "Value1" },
{ "Claim2", "Value1" },
{ "Claim3", "Value1" },
{ ClaimTypes.NameIdentifier, UserIdClaimValue }
};
tokenResult.Claims = claims;
MobileAppUser.PopulateProviderCredentials(tokenResult, credentials);
Assert.Equal("TestAccessToken", credentials.AccessToken);
Assert.Equal("TestTenantId", credentials.TenantId);
Assert.Equal("TestObjectId", credentials.ObjectId);
Assert.Equal(UserIdClaimValue, credentials.UserId);
Assert.Equal(claims.Count, credentials.Claims.Count);
}
private async Task <string> GetAadObjectId()
{
ServiceUser mobileServiceUser = (ServiceUser)this.User;
AzureActiveDirectoryCredentials aadCreds = (await mobileServiceUser.GetIdentitiesAsync()).OfType <AzureActiveDirectoryCredentials>().First();
return(aadCreds.ObjectId);
}
public async Task <string> GetFieldAgentDisplayName()
{
this.Services.Log.Info("In Get FieldAgentDisplayName");
string accessToken = this.aadHelperProvider.GetAccessToken();
ServiceUser mobileServiceUser = (ServiceUser)this.User;
AzureActiveDirectoryCredentials aadCreds = (await mobileServiceUser.GetIdentitiesAsync()).OfType <AzureActiveDirectoryCredentials>().First();
return(this.aadHelperProvider.GetUserDisplayName(aadCreds.ObjectId, accessToken));
}
public async Task Register(ApiServices services, HttpRequestContext context, NotificationRegistration registration)
{
//Register Tag: UserId to push to users
ServiceUser user = (ServiceUser)context.Principal;
AzureActiveDirectoryCredentials creds = (await user.GetIdentitiesAsync()).OfType <AzureActiveDirectoryCredentials>().FirstOrDefault();
registration.Tags.Add(creds.ObjectId);
services.Log.Info("Registered tag for userId: " + creds.ObjectId);
}
// GET api/LoggedUser
public async Task <Doctor> Get(int tenantId)
{
credentials =
await User.GetAppServiceIdentityAsync <AzureActiveDirectoryCredentials>(Request);
string name = GetName();
Doctor doctor = GetDoctor(tenantId, name);
if (doctor != null)
{
doctor.Name = name;
doctor.Picture = await GetPhoto(doctor);
}
return(doctor);
}
/// <summary>
/// GET api/UserProfile/UserName/<provider>
/// </summary>
/// <param name="provider">The MobileServiceAuthenticationProvider value that specifies which provider to access</param>
/// <returns>Returns the user's display name</returns>
/// <remarks>
/// If you need other properties from the provider then add additional API to this controller
/// </remarks>
async public Task <string> GetUserName(string provider)
{
string userName = null;
try
{
if (provider == "MicrosoftAccount")
{
MicrosoftAccountCredentials credential = await User.GetAppServiceIdentityAsync <MicrosoftAccountCredentials>(Request);
userName = credential.Claims["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"];
}
else if (provider == "Google")
{
GoogleCredentials credential = await User.GetAppServiceIdentityAsync <GoogleCredentials>(Request);
userName = credential.Claims["name"];
}
else if (provider == "Twitter")
{
TwitterCredentials credential = await User.GetAppServiceIdentityAsync <TwitterCredentials>(Request);
userName = credential.Claims["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"];
}
else if (provider == "Facebook")
{
FacebookCredentials credential = await User.GetAppServiceIdentityAsync <FacebookCredentials>(Request);
userName = credential.Claims["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"];
}
else if (provider == "WindowsAzureActiveDirectory")
{
AzureActiveDirectoryCredentials credential = await User.GetAppServiceIdentityAsync <AzureActiveDirectoryCredentials>(Request);
userName = credential.Claims["name"];
}
}
catch (Exception e)
{
System.Diagnostics.Debug.WriteLine("Exception in UserProfileController.GetUserName(): " + e.Message);
userName = "******";
}
return(userName);
}
public async Task <object> Get()
{
FacebookCredentials fbCreds = await this.User.GetAppServiceIdentityAsync <FacebookCredentials>(this.Request);
TwitterCredentials twitterCreds = await this.User.GetAppServiceIdentityAsync <TwitterCredentials>(this.Request);
GoogleCredentials googCreds = await this.User.GetAppServiceIdentityAsync <GoogleCredentials>(this.Request);
MicrosoftAccountCredentials msCreds = await this.User.GetAppServiceIdentityAsync <MicrosoftAccountCredentials>(this.Request);
AzureActiveDirectoryCredentials aadCreds = await this.User.GetAppServiceIdentityAsync <AzureActiveDirectoryCredentials>(this.Request);
return(new
{
FacebookCreds = fbCreds,
TwitterCreds = twitterCreds,
GoogleCreds = googCreds,
MicrosoftAccountCreds = msCreds,
AadCreds = aadCreds,
Claims = (this.User as ClaimsPrincipal).Claims.Select(c => new { Type = c.Type, Value = c.Value })
});
}
internal static void PopulateProviderCredentials(TokenEntry tokenEntry, ProviderCredentials credentials)
{
if (tokenEntry.UserClaims != null)
{
Collection <Claim> userClaims = new Collection <Claim>();
foreach (ClaimSlim claim in tokenEntry.UserClaims)
{
userClaims.Add(new Claim(claim.Type, claim.Value));
}
credentials.UserClaims = userClaims;
}
FacebookCredentials facebookCredentials = credentials as FacebookCredentials;
if (facebookCredentials != null)
{
facebookCredentials.AccessToken = tokenEntry.AccessToken;
facebookCredentials.UserId = tokenEntry.UserId;
return;
}
GoogleCredentials googleCredentials = credentials as GoogleCredentials;
if (googleCredentials != null)
{
googleCredentials.AccessToken = tokenEntry.AccessToken;
googleCredentials.RefreshToken = tokenEntry.RefreshToken;
googleCredentials.UserId = tokenEntry.UserId;
googleCredentials.AccessTokenExpiration = tokenEntry.ExpiresOn;
return;
}
AzureActiveDirectoryCredentials aadCredentials = credentials as AzureActiveDirectoryCredentials;
if (aadCredentials != null)
{
aadCredentials.AccessToken = tokenEntry.IdToken;
Claim objectIdClaim = credentials.UserClaims.FirstOrDefault(c => string.Equals(c.Type, ObjectIdentifierClaimType, StringComparison.OrdinalIgnoreCase));
if (objectIdClaim != null)
{
aadCredentials.ObjectId = objectIdClaim.Value;
}
Claim tenantIdClaim = credentials.UserClaims.FirstOrDefault(c => string.Equals(c.Type, TenantIdClaimType, StringComparison.OrdinalIgnoreCase));
if (tenantIdClaim != null)
{
aadCredentials.TenantId = tenantIdClaim.Value;
}
aadCredentials.UserId = tokenEntry.UserId;
return;
}
MicrosoftAccountCredentials microsoftAccountCredentials = credentials as MicrosoftAccountCredentials;
if (microsoftAccountCredentials != null)
{
microsoftAccountCredentials.AccessToken = tokenEntry.AccessToken;
microsoftAccountCredentials.RefreshToken = tokenEntry.RefreshToken;
microsoftAccountCredentials.UserId = tokenEntry.UserId;
microsoftAccountCredentials.AccessTokenExpiration = tokenEntry.ExpiresOn;
return;
}
TwitterCredentials twitterCredentials = credentials as TwitterCredentials;
if (twitterCredentials != null)
{
twitterCredentials.AccessToken = tokenEntry.AccessToken;
twitterCredentials.AccessTokenSecret = tokenEntry.AccessTokenSecret;
twitterCredentials.UserId = tokenEntry.UserId;
return;
}
}
internal static void PopulateProviderCredentials(TokenEntry tokenEntry, ProviderCredentials credentials)
{
if (tokenEntry.UserClaims != null)
{
credentials.Claims = new Dictionary <string, string>();
foreach (ClaimSlim claim in tokenEntry.UserClaims)
{
credentials.Claims[claim.Type] = claim.Value;
}
}
FacebookCredentials facebookCredentials = credentials as FacebookCredentials;
if (facebookCredentials != null)
{
facebookCredentials.AccessToken = tokenEntry.AccessToken;
facebookCredentials.UserId = tokenEntry.UserId;
return;
}
GoogleCredentials googleCredentials = credentials as GoogleCredentials;
if (googleCredentials != null)
{
googleCredentials.AccessToken = tokenEntry.AccessToken;
googleCredentials.RefreshToken = tokenEntry.RefreshToken;
googleCredentials.UserId = tokenEntry.UserId;
googleCredentials.AccessTokenExpiration = tokenEntry.ExpiresOn;
return;
}
AzureActiveDirectoryCredentials aadCredentials = credentials as AzureActiveDirectoryCredentials;
if (aadCredentials != null)
{
aadCredentials.AccessToken = tokenEntry.IdToken;
aadCredentials.ObjectId = credentials.Claims.GetValueOrDefault(ObjectIdentifierClaimType);
aadCredentials.TenantId = credentials.Claims.GetValueOrDefault(TenantIdClaimType);
aadCredentials.UserId = tokenEntry.UserId;
return;
}
MicrosoftAccountCredentials microsoftAccountCredentials = credentials as MicrosoftAccountCredentials;
if (microsoftAccountCredentials != null)
{
microsoftAccountCredentials.AccessToken = tokenEntry.AccessToken;
microsoftAccountCredentials.RefreshToken = tokenEntry.RefreshToken;
microsoftAccountCredentials.UserId = tokenEntry.UserId;
microsoftAccountCredentials.AccessTokenExpiration = tokenEntry.ExpiresOn;
return;
}
TwitterCredentials twitterCredentials = credentials as TwitterCredentials;
if (twitterCredentials != null)
{
twitterCredentials.AccessToken = tokenEntry.AccessToken;
twitterCredentials.AccessTokenSecret = tokenEntry.AccessTokenSecret;
twitterCredentials.UserId = tokenEntry.UserId;
return;
}
}
