/// <summary> /// Authenticates the user. /// </summary> /// <param name="behavior">The ADAL prompt behavior.</param> /// <returns>The authentication result.</returns> public async Task <AuthenticationResult> Authenticate(PromptBehavior behavior) { // Check initial authentication values. if (_clientID.Equals(_placeholderClientID) || _redirectURI.Equals(_placeholderRedirectURI)) { Toast.MakeText(Android.App.Application.Context, "Please update the authentication values for your application.", ToastLength.Long).Show(); Log.Info(_logTagAuth, "Authentication cancelled. Authentication values need to be updated with user provided values." + " Client ID = " + _clientID + " Redirect URI = " + _redirectURI); return(null); } if (!Uri.IsWellFormedUriString(_redirectURI, UriKind.RelativeOrAbsolute)) { Toast.MakeText(Android.App.Application.Context, "Please correct the redirect URI for your application.", ToastLength.Long).Show(); Log.Info(_logTagAuth, "Authentication cancelled. Redirect URI needs to be corrected with a well-formed value." + " Redirect URI = " + _redirectURI); return(null); } AuthenticationResult result = null; // Register the callback to capture ADAL logs. LoggerCallbackHandler.LogCallback = ADALLog; LoggerCallbackHandler.PiiLoggingEnabled = true; // Attempt to sign the user in silently. result = await SignInSilent(_resourceID, null); // If the user cannot be signed in silently, prompt the user to manually sign in. if (result == null) { result = await SignInWithPrompt(new PlatformParameters((Activity)Forms.Context, false, behavior)); } // If auth was successful, cache the values and log the success. if (result != null && result.AccessToken != null) { _cachedUPN = result.UserInfo.DisplayableId; _cachedAADID = result.UserInfo.UniqueId; Log.Info(_logTagAuth, "Authentication succeeded. UPN = " + _cachedUPN); // Register the account for MAM // See: https://docs.microsoft.com/en-us/intune/app-sdk-android#account-authentication // This app requires ADAL authentication prior to MAM enrollment so we delay the registration // until after the sign in flow. IMAMEnrollmentManager mgr = MAMComponents.Get <IMAMEnrollmentManager>(); mgr.RegisterAccountForMAM(_cachedUPN, _cachedAADID, result.TenantId); } return(result); }
public EnrollmentService(ILoggingService loggingService) { _loggingService = loggingService; _enrollmentManager = MAMComponents.Get <IMAMEnrollmentManager>(); _notificationRegistery = MAMComponents.Get <IMAMNotificationReceiverRegistry>(); _authenticationResult = null; _registerError = null; Endpoint = null; RegisteredAccounts = new List <string>(); _notificationRegistery.RegisterReceiver(this, MAMNotificationType.MamEnrollmentResult); _notificationRegistery.RegisterReceiver(this, MAMNotificationType.RefreshPolicy); _enrollmentManager.RegisterAuthenticationCallback(new MAMWEAuthCallback()); }
/// <summary> /// Attempt to get a token from the cache without prompting the user for authentication. /// </summary> /// <returns> A token on success, null otherwise </returns> public async void UpdateAccessTokenForMAM() { if (string.IsNullOrWhiteSpace(_cachedResourceID)) { Log.Warn(_logTagAuth, "Resource ID is not set, cannot update access token for MAM."); return; } string token = await GetAccessTokenForMAM(_cachedAADID, _cachedResourceID); if (!string.IsNullOrWhiteSpace(token)) { IMAMEnrollmentManager mgr = MAMComponents.Get <IMAMEnrollmentManager>(); mgr.UpdateToken(_cachedUPN, _cachedAADID, _cachedResourceID, token); } }
/// <summary> /// Signs the user out of the application and unenrolls from MAM. /// </summary> public void SignOut() { // Clear the app's token cache so the user will be prompted to sign in again. authContext.TokenCache.Clear(); string user = User; if (user != null) { // Remove the user's MAM policy from the app IMAMEnrollmentManager mgr = MAMComponents.Get <IMAMEnrollmentManager>(); mgr.UnregisterAccountForMAM(user); } Toast.MakeText(Android.App.Application.Context, Resource.String.auth_out_success, ToastLength.Short).Show(); }
public override void OnMAMCreate() { // as per Intune SDK doc, callback registration must be done here. // https://docs.microsoft.com/en-us/mem/intune/developer/app-sdk-android IMAMEnrollmentManager mgr = MAMComponents.Get <IMAMEnrollmentManager>(); mgr.RegisterAuthenticationCallback(new MAMWEAuthCallback()); // Register the notification receivers to receive MAM notifications. // Along with other, this will receive notification that the device has been enrolled. IMAMNotificationReceiverRegistry registry = MAMComponents.Get <IMAMNotificationReceiverRegistry>(); registry.RegisterReceiver(new EnrollmentNotificationReceiver(), MAMNotificationType.MamEnrollmentResult); base.OnMAMCreate(); }
/// <summary> /// Attempts to register the account for MAM using the given access token before moving on /// to the main view /// </summary> /// <param name="result"> the AuthenticationResult containing a valid access token</param> public void OnSignedIn(AuthenticationResult result) { string upn = result.UserInfo.DisplayableId; string aadId = result.UserInfo.UniqueId; string tenantId = result.TenantId; // Register the account for MAM // See: https://docs.microsoft.com/en-us/intune/app-sdk-android#account-authentication // This app requires ADAL authentication prior to MAM enrollment so we delay the registration // until after the sign in flow. IMAMEnrollmentManager mgr = MAMComponents.Get <IMAMEnrollmentManager>(); mgr.RegisterAccountForMAM(upn, aadId, tenantId); //Must be run on the UI thread because it is modifying the UI RunOnUiThread(OpenMainview); }
/// <summary> /// Signs the user out of the application and unenrolls from MAM. /// </summary> /// <param name="listener"></param> public void SignOut(IAuthListener listener) { // Clear the app's token cache so the user will be prompted to sign in again. authContext.TokenCache.Clear(); string user = User; if (user != null) { // Remove the user's MAM policy from the app IMAMEnrollmentManager mgr = MAMComponents.Get <IMAMEnrollmentManager>(); mgr.UnregisterAccountForMAM(user); } isAuthenticated = false; listener.OnSignedOut(); }
/// <summary> /// Signs the user out of the application and unenrolls from MAM. /// </summary> public async void SignOut() { // Clear the app's token cache so the user will be prompted to sign in again. var currentAccounts = await PCA.GetAccountsAsync(); if (currentAccounts.Count() > 0) { await PCA.RemoveAsync(currentAccounts.FirstOrDefault()); } string user = User; if (user != null) { // Remove the user's MAM policy from the app IMAMEnrollmentManager mgr = MAMComponents.Get <IMAMEnrollmentManager>(); mgr.UnregisterAccountForMAM(user); } Toast.MakeText(Android.App.Application.Context, Resource.String.auth_out_success, ToastLength.Short).Show(); }
public override void OnMAMCreate() { // Register the MAMAuthenticationCallback as soon as possible. // This will handle acquiring the necessary access token for MAM. IMAMEnrollmentManager mgr = MAMComponents.Get <IMAMEnrollmentManager>(); mgr.RegisterAuthenticationCallback(new MAMWEAuthCallback()); // Register the notification receivers to receive MAM notifications. // Applications can receive notifications from the MAM SDK at any time. // More information can be found here: https://docs.microsoft.com/en-us/intune/app-sdk-android#register-for-notifications-from-the-sdk IMAMNotificationReceiverRegistry registry = MAMComponents.Get <IMAMNotificationReceiverRegistry>(); foreach (MAMNotificationType notification in MAMNotificationType.Values()) { registry.RegisterReceiver(new ToastNotificationReceiver(this), notification); } registry.RegisterReceiver(new EnrollmentNotificationReceiver(this), MAMNotificationType.MamEnrollmentResult); registry.RegisterReceiver(new WipeNotificationReceiver(this), MAMNotificationType.WipeUserData); base.OnMAMCreate(); }
/// <summary> /// Signs the user out of the application and unenrolls from MAM. /// </summary> /// <param name="listener"></param> public async void SignOut(IAuthListener listener) { // Clear the app's token cache so the user will be prompted to sign in again. var currentAccounts = await PCA.GetAccountsAsync(); if (currentAccounts.Count() > 0) { await PCA.RemoveAsync(currentAccounts.FirstOrDefault()); } string user = User; if (user != null) { // Remove the user's MAM policy from the app IMAMEnrollmentManager mgr = MAMComponents.Get <IMAMEnrollmentManager>(); mgr.UnregisterAccountForMAM(user); } isAuthenticated = false; listener.OnSignedOut(); }