示例#1
0
        public async Task <AuthorityEndpoints> ResolveEndpointsAsync(
            AuthorityInfo authorityInfo,
            string userPrincipalName,
            RequestContext requestContext)
        {
            if (TryGetCacheValue(authorityInfo, userPrincipalName, out var endpoints))
            {
                requestContext.Logger.Info("Resolving authority endpoints... Already resolved? - TRUE");
                return(endpoints);
            }

            requestContext.Logger.Info("Resolving authority endpoints... Already resolved? - FALSE");

            var    authorityUri = new Uri(authorityInfo.CanonicalAuthority);
            string path         = authorityUri.AbsolutePath.Substring(1);
            string tenant       = path.Substring(0, path.IndexOf("/", StringComparison.Ordinal));
            bool   isTenantless = Authority.TenantlessTenantNames.Contains(tenant);

            // TODO: where is the value in this log message?  we have a bunch of code supporting printing just this out...
            requestContext.Logger.Info("Is Authority tenantless? - " + isTenantless);

            var endpointManager = OpenIdConfigurationEndpointManagerFactory.Create(authorityInfo, _serviceBundle);

            string openIdConfigurationEndpoint = await endpointManager.ValidateAuthorityAndGetOpenIdDiscoveryEndpointAsync(
                authorityInfo,
                userPrincipalName,
                requestContext).ConfigureAwait(false);

            // Discover endpoints via openid-configuration
            var edr = await DiscoverEndpointsAsync(openIdConfigurationEndpoint, requestContext).ConfigureAwait(false);

            if (string.IsNullOrEmpty(edr.AuthorizationEndpoint))
            {
                throw new MsalClientException(
                          MsalError.TenantDiscoveryFailedError,
                          "Authorize endpoint was not found in the openid configuration");
            }

            if (string.IsNullOrEmpty(edr.TokenEndpoint))
            {
                throw new MsalClientException(
                          MsalError.TenantDiscoveryFailedError,
                          "Token endpoint was not found in the openid configuration");
            }

            if (string.IsNullOrEmpty(edr.Issuer))
            {
                throw new MsalClientException(
                          MsalError.TenantDiscoveryFailedError,
                          "Issuer was not found in the openid configuration");
            }

            endpoints = new AuthorityEndpoints(
                edr.AuthorizationEndpoint.Replace("{tenant}", tenant),
                edr.TokenEndpoint.Replace("{tenant}", tenant),
                edr.Issuer.Replace("{tenant}", tenant));

            Add(authorityInfo, userPrincipalName, endpoints);
            return(endpoints);
        }
        public async Task <AuthorityEndpoints> ResolveEndpointsAsync(
            AuthorityInfo authorityInfo,
            string userPrincipalName,
            RequestContext requestContext)
        {
            if (TryGetCacheValue(authorityInfo, userPrincipalName, out var endpoints))
            {
                requestContext.Logger.Info(LogMessages.ResolvingAuthorityEndpointsTrue);
                return(endpoints);
            }

            requestContext.Logger.Info(LogMessages.ResolvingAuthorityEndpointsFalse);

            var endpointManager = OpenIdConfigurationEndpointManagerFactory.Create(authorityInfo, _serviceBundle);

            string openIdConfigurationEndpoint = await endpointManager.ValidateAuthorityAndGetOpenIdDiscoveryEndpointAsync(
                authorityInfo,
                userPrincipalName,
                requestContext).ConfigureAwait(false);

            // Discover endpoints via openid-configuration
            var edr = await DiscoverEndpointsAsync(openIdConfigurationEndpoint, requestContext).ConfigureAwait(false);

            if (string.IsNullOrEmpty(edr.AuthorizationEndpoint))
            {
                throw new MsalClientException(
                          MsalError.TenantDiscoveryFailedError,
                          MsalErrorMessage.AuthorizeEndpointWasNotFoundInTheOpenIdConfiguration);
            }

            if (string.IsNullOrEmpty(edr.TokenEndpoint))
            {
                throw new MsalClientException(
                          MsalError.TenantDiscoveryFailedError,
                          MsalErrorMessage.TokenEndpointWasNotFoundInTheOpenIdConfiguration);
            }

            if (string.IsNullOrEmpty(edr.Issuer))
            {
                throw new MsalClientException(
                          MsalError.TenantDiscoveryFailedError,
                          MsalErrorMessage.IssuerWasNotFoundInTheOpenIdConfiguration);
            }

            var authority = Authority.CreateAuthority(authorityInfo);
            var tenantId  = authority.GetTenantId();

            string authorizationEndpoint = ReplaceTenantToken(edr.AuthorizationEndpoint, tenantId);
            string tokenEndpoint         = ReplaceTenantToken(edr.TokenEndpoint, tenantId);

            endpoints = new AuthorityEndpoints(
                authorizationEndpoint,
                tokenEndpoint,
                GetSelfSignedJwtAudience(edr.Issuer, tokenEndpoint, tenantId, authorityInfo.AuthorityType));

            Add(authorityInfo, userPrincipalName, endpoints);
            return(endpoints);
        }
        public async Task <AuthorityEndpoints> ResolveEndpointsAsync(
            AuthorityInfo authorityInfo,
            string userPrincipalName,
            RequestContext requestContext)
        {
            if (TryGetCacheValue(authorityInfo, userPrincipalName, out var endpoints))
            {
                requestContext.Logger.Info(LogMessages.ResolvingAuthorityEndpointsTrue);
                return(endpoints);
            }

            requestContext.Logger.Info(LogMessages.ResolvingAuthorityEndpointsFalse);

            var    authorityUri = new Uri(authorityInfo.CanonicalAuthority);
            string path         = authorityUri.AbsolutePath.Substring(1);
            string tenant       = path.Substring(0, path.IndexOf("/", StringComparison.Ordinal));

            var endpointManager = OpenIdConfigurationEndpointManagerFactory.Create(authorityInfo, _serviceBundle);

            string openIdConfigurationEndpoint = await endpointManager.ValidateAuthorityAndGetOpenIdDiscoveryEndpointAsync(
                authorityInfo,
                userPrincipalName,
                requestContext).ConfigureAwait(false);

            // Discover endpoints via openid-configuration
            var edr = await DiscoverEndpointsAsync(openIdConfigurationEndpoint, requestContext).ConfigureAwait(false);

            if (string.IsNullOrEmpty(edr.AuthorizationEndpoint))
            {
                throw new MsalClientException(
                          MsalError.TenantDiscoveryFailedError,
                          MsalErrorMessage.AuthorizeEndpointWasNotFoundInTheOpenIdConfiguration);
            }

            if (string.IsNullOrEmpty(edr.TokenEndpoint))
            {
                throw new MsalClientException(
                          MsalError.TenantDiscoveryFailedError,
                          MsalErrorMessage.TokenEndpointWasNotFoundInTheOpenIdConfiguration);
            }

            if (string.IsNullOrEmpty(edr.Issuer))
            {
                throw new MsalClientException(
                          MsalError.TenantDiscoveryFailedError,
                          MsalErrorMessage.IssuerWasNotFoundInTheOpenIdConfiguration);
            }

            endpoints = new AuthorityEndpoints(
                edr.AuthorizationEndpoint.Replace(Constants.Tenant, tenant),
                edr.TokenEndpoint.Replace(Constants.Tenant, tenant),
                ReplaceNonTenantSpecificValueWithTenant(edr, tenant));

            Add(authorityInfo, userPrincipalName, endpoints);
            return(endpoints);
        }