public static void WriteAdalRefreshToken( ILegacyCachePersistence legacyCachePersistence, MsalRefreshTokenCacheItem rtItem, MsalIdTokenCacheItem idItem, string authority, string uniqueId, string scope) { try { if (rtItem == null) { MsalLogger.Default.Info("No refresh token available. Skipping MSAL refresh token cache write"); return; } //Using scope instead of resource because that value does not exist. STS should return it. AdalTokenCacheKey key = new AdalTokenCacheKey(authority, scope, rtItem.ClientId, TokenSubjectType.User, uniqueId, idItem.IdToken.PreferredUsername); AdalResultWrapper wrapper = new AdalResultWrapper() { Result = new AdalResult(null, null, DateTimeOffset.MinValue) { UserInfo = new AdalUserInfo() { UniqueId = uniqueId, DisplayableId = idItem.IdToken.PreferredUsername } }, RefreshToken = rtItem.Secret, RawClientInfo = rtItem.RawClientInfo, //ResourceInResponse is needed to treat RT as an MRRT. See IsMultipleResourceRefreshToken //property in AdalResultWrapper and its usage. Stronger design would be for the STS to return resource //for which the token was issued as well on v2 endpoint. ResourceInResponse = scope }; IDictionary <AdalTokenCacheKey, AdalResultWrapper> dictionary = AdalCacheOperations.Deserialize(legacyCachePersistence.LoadCache()); dictionary[key] = wrapper; legacyCachePersistence.WriteCache(AdalCacheOperations.Serialize(dictionary)); } catch (Exception ex) { if (!string.Equals(rtItem?.Environment, idItem?.Environment, StringComparison.OrdinalIgnoreCase)) { MsalLogger.Default.Error(DifferentEnvError); } if (!string.Equals(rtItem?.Environment, new Uri(authority).Host, StringComparison.OrdinalIgnoreCase)) { MsalLogger.Default.Error(DifferentAuthorityError); } MsalLogger.Default.WarningPiiWithPrefix(ex, "An error occurred while writing MSAL refresh token to the cache in ADAL format. " + "For details please see https://aka.ms/net-cache-persistence-errors. "); } }
/// <summary> /// Determines whether the specified TokenCacheKey is equal to the current object. /// </summary> /// <returns> /// true if the specified TokenCacheKey is equal to the current object; otherwise, false. /// </returns> /// <param name="other">The TokenCacheKey to compare with the current object. </param><filterpriority>2</filterpriority> public bool Equals(AdalTokenCacheKey other) { if (ReferenceEquals(this, other)) { return(true); } return(other != null && other.Authority == Authority && ResourceEquals(other.Resource) && ClientIdEquals(other.ClientId) && other.UniqueId == UniqueId && DisplayableIdEquals(other.DisplayableId) && other.TokenSubjectType == TokenSubjectType); }
public static IDictionary <AdalTokenCacheKey, AdalResultWrapper> Deserialize(ICoreLogger logger, byte[] state) { IDictionary <AdalTokenCacheKey, AdalResultWrapper> dictionary = new Dictionary <AdalTokenCacheKey, AdalResultWrapper>(); if (state == null || state.Length == 0) { return(dictionary); } using (Stream stream = new MemoryStream()) { BinaryWriter writer = new BinaryWriter(stream); writer.Write(state); writer.Flush(); stream.Position = 0; BinaryReader reader = new BinaryReader(stream); int blobSchemaVersion = reader.ReadInt32(); if (blobSchemaVersion != SchemaVersion) { logger.Warning("The version of the persistent state of the cache does not match the current schema, so skipping deserialization."); return(dictionary); } int count = reader.ReadInt32(); for (int n = 0; n < count; n++) { string keyString = reader.ReadString(); string[] kvpElements = keyString.Split(new[] { Delimiter }, StringSplitOptions.None); AdalResultWrapper resultEx = AdalResultWrapper.Deserialize(reader.ReadString()); AdalTokenCacheKey key = new AdalTokenCacheKey(kvpElements[0], kvpElements[1], kvpElements[2], (TokenSubjectType)int.Parse(kvpElements[3], CultureInfo.CurrentCulture), resultEx.Result.UserInfo); dictionary.Add(key, resultEx); } logger.Info(string.Format(CultureInfo.CurrentCulture, "Deserialized {0} items to token cache.", count)); } return(dictionary); }