/// <summary> /// Get a Microsoft Graph access token using the v2.0 Endpoint. /// </summary> /// <param name="appClientId">Application client ID</param> /// <param name="uiParent">UiParent instance - required for Android</param> /// <param name="redirectUri">Redirect Uri - required for Android</param> /// <param name="loginHint">UPN</param> /// <returns>An oauth2 access token.</returns> internal async Task <string> GetUserTokenV2Async(string appClientId, UIParent uiParent = null, string redirectUri = null, string loginHint = null) { if (_identityClient == null) { _identityClient = new MSAL.PublicClientApplication(appClientId); } if (!string.IsNullOrEmpty(redirectUri)) { _identityClient.RedirectUri = redirectUri; } var upnLoginHint = string.Empty; if (!string.IsNullOrEmpty(loginHint)) { upnLoginHint = loginHint; } MSAL.AuthenticationResult authenticationResult = null; var user = _identityClient.Users.FirstOrDefault(); authenticationResult = user != null ? await _identityClient.AcquireTokenSilentAsync(DelegatedPermissionScopes, user) : await _identityClient.AcquireTokenAsync(DelegatedPermissionScopes, upnLoginHint, uiParent); return(authenticationResult?.AccessToken); }
public async Task<string> GetTokenSilentAsync(IPlatformParameters parameters) { try { app = new PublicClientApplication("https://login.windows.net/common", "CLIENT_ID"); var result = await app.AcquireTokenSilentAsync(Sts.ValidScope, Sts.ValidUserName); return result.Token; } catch (Exception ex) { string msg = ex.Message + "\n" + ex.StackTrace; return msg; } }
/// <summary> /// Get Token for User. /// </summary> /// <returns>Token for user.</returns> public static async Task <string> GetTokenForUserAsync() { AuthenticationResult authResult; IEnumerable <IAccount> accounts = await IdentityClientApp.GetAccountsAsync(); IAccount firstAccount = accounts.FirstOrDefault(); try { authResult = await IdentityClientApp.AcquireTokenSilentAsync(Scopes, firstAccount); } catch (MsalUiRequiredException) { authResult = await IdentityClientApp.AcquireTokenAsync(Scopes); } return(authResult.AccessToken); }
public static async Task<AuthenticationResult> GetTokenSilentAsync(User user) { TokenBroker brkr = new TokenBroker(); PublicClientApplication app = new PublicClientApplication("7c7a2f70-caef-45c8-9a6c-091633501de4"); try { return await app.AcquireTokenSilentAsync(brkr.Sts.ValidScope); } catch (Exception ex) { string msg = ex.Message + "\n" + ex.StackTrace; Console.WriteLine(msg); return await app.AcquireTokenAsync(brkr.Sts.ValidScope, user.DisplayableId, UiOptions.ActAsCurrentUser, null); } }
/// <summary> /// Get a Microsoft Graph access token from Azure AD V2. /// </summary> /// <param name="scopes">Scopes represent various permission levels that an app can request from a user</param> /// <returns>An oauth2 access token.</returns> internal static async Task <string> AuthenticateMsalUserAsync(string[] scopes) { if (_identityClient == null) { _identityClient = new MSAL.PublicClientApplication(_appClientId); } MSAL.AuthenticationResult authenticationResult = null; try { authenticationResult = await _identityClient.AcquireTokenSilentAsync(scopes, _identityClient.Users.First()); } catch (Exception) { authenticationResult = await _identityClient.AcquireTokenAsync(scopes); } return(authenticationResult.AccessToken); }
/// <summary> /// Get a Microsoft Graph access token using the v2.0 Endpoint. /// </summary> /// <param name="appClientId">Application client ID</param> /// <param name="uiParent">UiParent instance - required for Android</param> /// <param name="redirectUri">Redirect Uri - required for Android</param> /// <param name="loginHint">UPN</param> /// <returns>An oauth2 access token.</returns> public async Task <string> GetUserTokenV2Async(string appClientId, UIParent uiParent = null, string redirectUri = null, string loginHint = null) { if (_identityClient == null) { _identityClient = new MSAL.PublicClientApplication(appClientId); } if (!string.IsNullOrEmpty(redirectUri)) { _identityClient.RedirectUri = redirectUri; } var upnLoginHint = string.Empty; if (!string.IsNullOrEmpty(loginHint)) { upnLoginHint = loginHint; } MSAL.AuthenticationResult authenticationResult = null; try { IAccount account = (await _identityClient.GetAccountsAsync()).FirstOrDefault(); authenticationResult = await _identityClient.AcquireTokenSilentAsync(DelegatedPermissionScopes, account); } catch (MsalUiRequiredException) { try { authenticationResult = await _identityClient.AcquireTokenAsync(DelegatedPermissionScopes, upnLoginHint, uiParent); } catch (MsalException) { throw; } } return(authenticationResult?.AccessToken); }
/// <summary> /// Get Token for User. /// </summary> /// <returns>Token for user.</returns> public static async Task <string> GetTokenForUserAsync() { AuthenticationResult authResult = null; try { IEnumerable <IAccount> accounts = await IdentityClientApp.GetAccountsAsync(); IAccount firstAccount = accounts.FirstOrDefault(); authResult = await IdentityClientApp.AcquireTokenSilentAsync(Scopes, firstAccount); return(authResult.AccessToken); } catch (MsalUiRequiredException ex) { // A MsalUiRequiredException happened on AcquireTokenSilentAsync. //This indicates you need to call AcquireTokenAsync to acquire a token authResult = await IdentityClientApp.AcquireTokenAsync(Scopes); return(authResult.AccessToken); } }
public void AcquireTokenSilentServiceErrorTest() { PublicClientApplication app = new PublicClientApplication(TestConstants.DefaultClientId); app.UserTokenCache = TokenCacheHelper.CreateCacheWithItems(); MockHttpMessageHandler mockHandler = new MockHttpMessageHandler(); mockHandler.Method = HttpMethod.Post; mockHandler.ResponseMessage = MockHelpers.CreateInvalidGrantTokenResponseMessage(); HttpMessageHandlerFactory.MockHandler = mockHandler; try { Task<AuthenticationResult> task =app.AcquireTokenSilentAsync(TestConstants.ScopeForAnotherResource.ToArray(), TestConstants.DefaultUniqueId); AuthenticationResult result = task.Result; Assert.Fail("AdalSilentTokenAcquisitionException was expected"); } catch (AggregateException ex) { Assert.IsNotNull(ex.InnerException); Assert.IsTrue(ex.InnerException is MsalSilentTokenAcquisitionException); var msalExc = (MsalSilentTokenAcquisitionException) ex.InnerException; Assert.AreEqual(MsalError.FailedToAcquireTokenSilently, msalExc.ErrorCode); Assert.IsNotNull(msalExc.InnerException, "MsalSilentTokenAcquisitionException inner exception is null"); Assert.AreEqual(((MsalException)msalExc.InnerException).ErrorCode, "invalid_grant"); } }
public void AcquireTokenSilentForceRefreshTest() { PublicClientApplication app = new PublicClientApplication(TestConstants.DefaultClientId); app.UserTokenCache = TokenCacheHelper.CreateCacheWithItems(); HttpMessageHandlerFactory.MockHandler = new MockHttpMessageHandler() { Method = HttpMethod.Post, ResponseMessage = MockHelpers.CreateSuccessTokenResponseMessage(TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultScope.Union(TestConstants.ScopeForAnotherResource).ToArray()) }; Task<AuthenticationResult> task = app.AcquireTokenSilentAsync(TestConstants.DefaultScope.ToArray(), TestConstants.DefaultUniqueId, app.Authority, null, true); AuthenticationResult result = task.Result; Assert.IsNotNull(result); Assert.AreEqual(TestConstants.DefaultDisplayableId, result.User.DisplayableId); Assert.AreEqual(TestConstants.DefaultUniqueId, result.User.UniqueId); Assert.AreEqual(TestConstants.DefaultScope.Union(TestConstants.ScopeForAnotherResource).ToArray().AsSingleString(), result.Scope.AsSingleString()); }
public void AcquireTokenSilentCacheOnlyLookupTest() { PublicClientApplication app = new PublicClientApplication(TestConstants.DefaultClientId); app.UserTokenCache = TokenCacheHelper.CreateCacheWithItems(); app.UserTokenCache.tokenCacheDictionary.Remove(new TokenCacheKey(TestConstants.DefaultAuthorityGuestTenant, TestConstants.ScopeForAnotherResource, TestConstants.DefaultClientId, TestConstants.DefaultUniqueId + "more", TestConstants.DefaultDisplayableId, TestConstants.DefaultHomeObjectId, TestConstants.DefaultPolicy)); HttpMessageHandlerFactory.MockHandler = new MockHttpMessageHandler() { Method = HttpMethod.Post, ResponseMessage = new HttpResponseMessage(HttpStatusCode.Forbidden) //fail the request if it goes to http client due to any error }; Task<AuthenticationResult> task = app.AcquireTokenSilentAsync(TestConstants.DefaultScope.ToArray()); AuthenticationResult result = task.Result; Assert.IsNotNull(result); Assert.AreEqual(TestConstants.DefaultDisplayableId, result.User.DisplayableId); Assert.AreEqual(TestConstants.DefaultUniqueId, result.User.UniqueId); Assert.AreEqual(TestConstants.DefaultScope.AsSingleString(), result.Scope.AsSingleString()); }
public void AcquireTokenIdTokenOnlyResponseTest() { MockWebUI webUi = new MockWebUI(); webUi.HeadersToValidate = new Dictionary<string, string>(); webUi.MockResult = new AuthorizationResult(AuthorizationStatus.Success, TestConstants.DefaultAuthorityHomeTenant + "?code=some-code"); IWebUIFactory mockFactory = Substitute.For<IWebUIFactory>(); mockFactory.CreateAuthenticationDialog(Arg.Any<IPlatformParameters>()).Returns(webUi); PlatformPlugin.WebUIFactory = mockFactory; HttpMessageHandlerFactory.MockHandler = new MockHttpMessageHandler() { Method = HttpMethod.Post, ResponseMessage = MockHelpers.CreateSuccessIdTokenResponseMessage() }; // this is a flow where we pass client id as a scope PublicClientApplication app = new PublicClientApplication(TestConstants.DefaultClientId); Task<AuthenticationResult> task = app.AcquireTokenAsync(new string[] {TestConstants.DefaultClientId}); AuthenticationResult result = task.Result; Assert.IsNotNull(result); Assert.AreEqual(result.Token, result.IdToken); Assert.AreEqual(1, app.UserTokenCache.Count); foreach (var item in app.UserTokenCache.ReadItems(TestConstants.DefaultClientId)) { Assert.AreEqual(1, item.Scope.Count); Assert.AreEqual(TestConstants.DefaultClientId, item.Scope.AsSingleString()); } //call AcquireTokenSilent to make sure we get same token back and no call goes over network HttpMessageHandlerFactory.MockHandler = new MockHttpMessageHandler() { Method = HttpMethod.Post, ResponseMessage = new HttpResponseMessage(HttpStatusCode.BadRequest) }; task = app.AcquireTokenSilentAsync(new string[] { TestConstants.DefaultClientId }); AuthenticationResult result1 = task.Result; Assert.IsNotNull(result1); Assert.AreEqual(result1.Token, result1.IdToken); Assert.AreEqual(result.Token, result1.Token); Assert.AreEqual(result.IdToken, result1.IdToken); Assert.AreEqual(1, app.UserTokenCache.Count); foreach (var item in app.UserTokenCache.ReadItems(TestConstants.DefaultClientId)) { Assert.AreEqual(1, item.Scope.Count); Assert.AreEqual(TestConstants.DefaultClientId, item.Scope.AsSingleString()); } }