Search in sources :

Example 1 with IdToken

use of com.google.auth.oauth2.IdToken in project microsoft-authentication-library-common-for-android by AzureAD.

the class MicrosoftStsOAuth2Strategy method createAccount.

@Override
public MicrosoftStsAccount createAccount(@NonNull final MicrosoftStsTokenResponse response) {
    final String methodName = ":createAccount";
    Logger.verbose(TAG + methodName, "Creating account from TokenResponse...");
    IDToken idToken = null;
    ClientInfo clientInfo = null;
    try {
        idToken = new IDToken(response.getIdToken());
        clientInfo = new ClientInfo(response.getClientInfo());
    } catch (ServiceException ccse) {
        Logger.error(TAG + methodName, "Failed to construct IDToken or ClientInfo", null);
        Logger.errorPII(TAG + methodName, "Failed with Exception", ccse);
        throw new RuntimeException();
    }
    MicrosoftStsAccount account = new MicrosoftStsAccount(idToken, clientInfo);
    account.setEnvironment(getIssuerCacheIdentifierFromTokenEndpoint());
    return account;
}
Also used : ServiceException(com.microsoft.identity.common.exception.ServiceException) IDToken(com.microsoft.identity.common.internal.providers.oauth2.IDToken) ClientInfo(com.microsoft.identity.common.internal.providers.microsoft.azureactivedirectory.ClientInfo)

Example 2 with IdToken

use of com.google.auth.oauth2.IdToken in project microsoft-authentication-library-common-for-android by AzureAD.

the class SchemaUtil method getTenantId.

/**
 * Get tenant id claim from Id token , if not present returns the tenant id from client info
 *
 * @param clientInfoString : ClientInfo
 * @param idTokenString    : Id Token
 * @return tenantId
 */
@Nullable
public static String getTenantId(@Nullable final String clientInfoString, @Nullable final String idTokenString) {
    String tenantId = null;
    try {
        if (!TextUtils.isEmpty(idTokenString) && !TextUtils.isEmpty(clientInfoString)) {
            final IDToken idToken = new IDToken(idTokenString);
            final ClientInfo clientInfo = new ClientInfo(clientInfoString);
            final Map<String, ?> claims = idToken.getTokenClaims();
            if (!TextUtils.isEmpty((CharSequence) claims.get(AzureActiveDirectoryIdToken.TENANT_ID))) {
                tenantId = (String) claims.get(AzureActiveDirectoryIdToken.TENANT_ID);
            } else if (!TextUtils.isEmpty(clientInfo.getUtid())) {
                Logger.warn(TAG, "realm is not returned from server. Use utid as realm.");
                tenantId = clientInfo.getUtid();
            } else {
                Logger.warn(TAG, "realm and utid is not returned from server. " + "Using empty string as default tid.");
            }
        }
    } catch (final ServiceException e) {
        Logger.errorPII(TAG, "Failed to construct IDToken or ClientInfo", e);
    }
    return tenantId;
}
Also used : ServiceException(com.microsoft.identity.common.exception.ServiceException) IDToken(com.microsoft.identity.common.internal.providers.oauth2.IDToken) ClientInfo(com.microsoft.identity.common.internal.providers.microsoft.azureactivedirectory.ClientInfo) Nullable(androidx.annotation.Nullable)

Example 3 with IdToken

use of com.google.auth.oauth2.IdToken in project microsoft-authentication-library-common-for-android by AzureAD.

the class MicrosoftStsAccountCredentialAdapter method asIdToken.

@Override
public IdTokenRecord asIdToken(MicrosoftAccount msAccount, MicrosoftRefreshToken refreshToken) {
    final long cachedAt = getCachedAt();
    IDToken msIdToken = msAccount.getIDToken();
    final IdTokenRecord idToken = new IdTokenRecord();
    // Required fields
    idToken.setHomeAccountId(refreshToken.getHomeAccountId());
    idToken.setEnvironment(refreshToken.getEnvironment());
    idToken.setRealm(msAccount.getRealm());
    idToken.setCredentialType(CredentialType.IdToken.name());
    idToken.setClientId(refreshToken.getClientId());
    idToken.setSecret(msIdToken.getRawIDToken());
    idToken.setCachedAt(String.valueOf(cachedAt));
    // Optional fields
    idToken.setAuthority(SchemaUtil.getAuthority(msIdToken));
    return idToken;
}
Also used : IdTokenRecord(com.microsoft.identity.common.internal.dto.IdTokenRecord) IDToken(com.microsoft.identity.common.internal.providers.oauth2.IDToken)

Example 4 with IdToken

use of com.google.auth.oauth2.IdToken in project microsoft-authentication-library-common-for-android by AzureAD.

the class AdalMigrationAdapter method createAccount.

/**
 * Creates a {@link MicrosoftAccount} from the supplied {@link ADALTokenCacheItem}.
 *
 * @param refreshToken The credential used to derive the new account.
 * @return The newly created MicrosoftAccount.
 */
@Nullable
public static MicrosoftAccount createAccount(@NonNull final ADALTokenCacheItem refreshToken) {
    final String methodName = ":createAccount";
    try {
        final String rawIdToken = refreshToken.getRawIdToken();
        final String uid = refreshToken.getUserInfo().getUserId();
        final String utid = refreshToken.getTenantId();
        final String environment = new URL(refreshToken.getAuthority()).getHost();
        final JsonObject clientInfo = new JsonObject();
        clientInfo.addProperty("uid", uid);
        clientInfo.addProperty("utid", utid);
        final String clientInfoJson = clientInfo.toString();
        final String base64EncodedClientInfo = new String(Base64.encode(clientInfoJson.getBytes(), 0));
        final ClientInfo clientInfoObj = new ClientInfo(base64EncodedClientInfo);
        final IDToken idToken = new IDToken(rawIdToken);
        AzureActiveDirectoryAccount account = new AzureActiveDirectoryAccount(idToken, clientInfoObj);
        account.setEnvironment(environment);
        return account;
    } catch (MalformedURLException | ServiceException e) {
        final String errorMsg = "Failed to create Account";
        Logger.error(TAG + methodName, errorMsg, null);
        Logger.errorPII(TAG + methodName, errorMsg, e);
        return null;
    }
}
Also used : AzureActiveDirectoryAccount(com.microsoft.identity.common.internal.providers.microsoft.azureactivedirectory.AzureActiveDirectoryAccount) MalformedURLException(java.net.MalformedURLException) ServiceException(com.microsoft.identity.common.exception.ServiceException) JsonObject(com.google.gson.JsonObject) IDToken(com.microsoft.identity.common.internal.providers.oauth2.IDToken) ClientInfo(com.microsoft.identity.common.internal.providers.microsoft.azureactivedirectory.ClientInfo) URL(java.net.URL) Nullable(androidx.annotation.Nullable)

Example 5 with IdToken

use of com.google.auth.oauth2.IdToken in project microsoft-authentication-library-common-for-android by AzureAD.

the class BrokerMsalController method saveMsaAccountToCache.

/**
 * Checks if the account returns is a MSA Account and sets single on state in cache
 */
private void saveMsaAccountToCache(@NonNull final Bundle resultBundle, @SuppressWarnings(WarningType.rawtype_warning) @NonNull final MsalOAuth2TokenCache msalOAuth2TokenCache) throws BaseException {
    final String methodName = ":saveMsaAccountToCache";
    final BrokerResult brokerResult = new MsalBrokerResultAdapter().brokerResultFromBundle(resultBundle);
    if (resultBundle.getBoolean(AuthenticationConstants.Broker.BROKER_REQUEST_V2_SUCCESS) && AzureActiveDirectoryAudience.MSA_MEGA_TENANT_ID.equalsIgnoreCase(brokerResult.getTenantId())) {
        Logger.info(TAG + methodName, "Result returned for MSA Account, saving to cache");
        if (StringUtil.isEmpty(brokerResult.getClientInfo())) {
            Logger.error(TAG + methodName, "ClientInfo is empty.", null);
            throw new ClientException(ErrorStrings.UNKNOWN_ERROR, "ClientInfo is empty.");
        }
        try {
            final ClientInfo clientInfo = new ClientInfo(brokerResult.getClientInfo());
            final MicrosoftStsAccount microsoftStsAccount = new MicrosoftStsAccount(new IDToken(brokerResult.getIdToken()), clientInfo);
            microsoftStsAccount.setEnvironment(brokerResult.getEnvironment());
            final MicrosoftRefreshToken microsoftRefreshToken = new MicrosoftRefreshToken(brokerResult.getRefreshToken(), clientInfo, brokerResult.getScope(), brokerResult.getClientId(), brokerResult.getEnvironment(), brokerResult.getFamilyId());
            msalOAuth2TokenCacheSetSingleSignOnState(msalOAuth2TokenCache, microsoftStsAccount, microsoftRefreshToken);
        } catch (ServiceException e) {
            Logger.errorPII(TAG + methodName, "Exception while creating Idtoken or ClientInfo," + " cannot save MSA account tokens", e);
            throw new ClientException(ErrorStrings.INVALID_JWT, e.getMessage(), e);
        }
    }
}
Also used : BrokerResult(com.microsoft.identity.common.internal.broker.BrokerResult) MsalBrokerResultAdapter(com.microsoft.identity.common.internal.result.MsalBrokerResultAdapter) MicrosoftStsAccount(com.microsoft.identity.common.internal.providers.microsoft.microsoftsts.MicrosoftStsAccount) MicrosoftRefreshToken(com.microsoft.identity.common.internal.providers.microsoft.MicrosoftRefreshToken) ServiceException(com.microsoft.identity.common.exception.ServiceException) IDToken(com.microsoft.identity.common.internal.providers.oauth2.IDToken) ClientException(com.microsoft.identity.common.exception.ClientException) ClientInfo(com.microsoft.identity.common.internal.providers.microsoft.azureactivedirectory.ClientInfo)

Aggregations

IDToken (com.microsoft.identity.common.internal.providers.oauth2.IDToken)8 ServiceException (com.microsoft.identity.common.exception.ServiceException)7 IdToken (com.google.auth.oauth2.IdToken)4 ClientInfo (com.microsoft.identity.common.internal.providers.microsoft.azureactivedirectory.ClientInfo)4 IdTokenCredentials (com.google.auth.oauth2.IdTokenCredentials)3 Nullable (androidx.annotation.Nullable)2 JsonWebSignature (com.google.api.client.json.webtoken.JsonWebSignature)2 GoogleCredentials (com.google.auth.oauth2.GoogleCredentials)2 IOException (java.io.IOException)2 Test (org.junit.jupiter.api.Test)2 JsonObject (com.google.gson.JsonObject)1 ClientException (com.microsoft.identity.common.exception.ClientException)1 BrokerResult (com.microsoft.identity.common.internal.broker.BrokerResult)1 IdTokenRecord (com.microsoft.identity.common.internal.dto.IdTokenRecord)1 MicrosoftRefreshToken (com.microsoft.identity.common.internal.providers.microsoft.MicrosoftRefreshToken)1 AzureActiveDirectoryAccount (com.microsoft.identity.common.internal.providers.microsoft.azureactivedirectory.AzureActiveDirectoryAccount)1 MicrosoftStsAccount (com.microsoft.identity.common.internal.providers.microsoft.microsoftsts.MicrosoftStsAccount)1 MsalBrokerResultAdapter (com.microsoft.identity.common.internal.result.MsalBrokerResultAdapter)1 MalformedURLException (java.net.MalformedURLException)1 URL (java.net.URL)1