use of com.google.auth.oauth2.IdToken in project microsoft-authentication-library-common-for-android by AzureAD.
the class MicrosoftStsOAuth2Strategy method createAccount.
@Override
public MicrosoftStsAccount createAccount(@NonNull final MicrosoftStsTokenResponse response) {
final String methodName = ":createAccount";
Logger.verbose(TAG + methodName, "Creating account from TokenResponse...");
IDToken idToken = null;
ClientInfo clientInfo = null;
try {
idToken = new IDToken(response.getIdToken());
clientInfo = new ClientInfo(response.getClientInfo());
} catch (ServiceException ccse) {
Logger.error(TAG + methodName, "Failed to construct IDToken or ClientInfo", null);
Logger.errorPII(TAG + methodName, "Failed with Exception", ccse);
throw new RuntimeException();
}
MicrosoftStsAccount account = new MicrosoftStsAccount(idToken, clientInfo);
account.setEnvironment(getIssuerCacheIdentifierFromTokenEndpoint());
return account;
}
use of com.google.auth.oauth2.IdToken in project microsoft-authentication-library-common-for-android by AzureAD.
the class SchemaUtil method getTenantId.
/**
* Get tenant id claim from Id token , if not present returns the tenant id from client info
*
* @param clientInfoString : ClientInfo
* @param idTokenString : Id Token
* @return tenantId
*/
@Nullable
public static String getTenantId(@Nullable final String clientInfoString, @Nullable final String idTokenString) {
String tenantId = null;
try {
if (!TextUtils.isEmpty(idTokenString) && !TextUtils.isEmpty(clientInfoString)) {
final IDToken idToken = new IDToken(idTokenString);
final ClientInfo clientInfo = new ClientInfo(clientInfoString);
final Map<String, ?> claims = idToken.getTokenClaims();
if (!TextUtils.isEmpty((CharSequence) claims.get(AzureActiveDirectoryIdToken.TENANT_ID))) {
tenantId = (String) claims.get(AzureActiveDirectoryIdToken.TENANT_ID);
} else if (!TextUtils.isEmpty(clientInfo.getUtid())) {
Logger.warn(TAG, "realm is not returned from server. Use utid as realm.");
tenantId = clientInfo.getUtid();
} else {
Logger.warn(TAG, "realm and utid is not returned from server. " + "Using empty string as default tid.");
}
}
} catch (final ServiceException e) {
Logger.errorPII(TAG, "Failed to construct IDToken or ClientInfo", e);
}
return tenantId;
}
use of com.google.auth.oauth2.IdToken in project microsoft-authentication-library-common-for-android by AzureAD.
the class MicrosoftStsAccountCredentialAdapter method asIdToken.
@Override
public IdTokenRecord asIdToken(MicrosoftAccount msAccount, MicrosoftRefreshToken refreshToken) {
final long cachedAt = getCachedAt();
IDToken msIdToken = msAccount.getIDToken();
final IdTokenRecord idToken = new IdTokenRecord();
// Required fields
idToken.setHomeAccountId(refreshToken.getHomeAccountId());
idToken.setEnvironment(refreshToken.getEnvironment());
idToken.setRealm(msAccount.getRealm());
idToken.setCredentialType(CredentialType.IdToken.name());
idToken.setClientId(refreshToken.getClientId());
idToken.setSecret(msIdToken.getRawIDToken());
idToken.setCachedAt(String.valueOf(cachedAt));
// Optional fields
idToken.setAuthority(SchemaUtil.getAuthority(msIdToken));
return idToken;
}
use of com.google.auth.oauth2.IdToken in project microsoft-authentication-library-common-for-android by AzureAD.
the class AdalMigrationAdapter method createAccount.
/**
* Creates a {@link MicrosoftAccount} from the supplied {@link ADALTokenCacheItem}.
*
* @param refreshToken The credential used to derive the new account.
* @return The newly created MicrosoftAccount.
*/
@Nullable
public static MicrosoftAccount createAccount(@NonNull final ADALTokenCacheItem refreshToken) {
final String methodName = ":createAccount";
try {
final String rawIdToken = refreshToken.getRawIdToken();
final String uid = refreshToken.getUserInfo().getUserId();
final String utid = refreshToken.getTenantId();
final String environment = new URL(refreshToken.getAuthority()).getHost();
final JsonObject clientInfo = new JsonObject();
clientInfo.addProperty("uid", uid);
clientInfo.addProperty("utid", utid);
final String clientInfoJson = clientInfo.toString();
final String base64EncodedClientInfo = new String(Base64.encode(clientInfoJson.getBytes(), 0));
final ClientInfo clientInfoObj = new ClientInfo(base64EncodedClientInfo);
final IDToken idToken = new IDToken(rawIdToken);
AzureActiveDirectoryAccount account = new AzureActiveDirectoryAccount(idToken, clientInfoObj);
account.setEnvironment(environment);
return account;
} catch (MalformedURLException | ServiceException e) {
final String errorMsg = "Failed to create Account";
Logger.error(TAG + methodName, errorMsg, null);
Logger.errorPII(TAG + methodName, errorMsg, e);
return null;
}
}
use of com.google.auth.oauth2.IdToken in project microsoft-authentication-library-common-for-android by AzureAD.
the class BrokerMsalController method saveMsaAccountToCache.
/**
* Checks if the account returns is a MSA Account and sets single on state in cache
*/
private void saveMsaAccountToCache(@NonNull final Bundle resultBundle, @SuppressWarnings(WarningType.rawtype_warning) @NonNull final MsalOAuth2TokenCache msalOAuth2TokenCache) throws BaseException {
final String methodName = ":saveMsaAccountToCache";
final BrokerResult brokerResult = new MsalBrokerResultAdapter().brokerResultFromBundle(resultBundle);
if (resultBundle.getBoolean(AuthenticationConstants.Broker.BROKER_REQUEST_V2_SUCCESS) && AzureActiveDirectoryAudience.MSA_MEGA_TENANT_ID.equalsIgnoreCase(brokerResult.getTenantId())) {
Logger.info(TAG + methodName, "Result returned for MSA Account, saving to cache");
if (StringUtil.isEmpty(brokerResult.getClientInfo())) {
Logger.error(TAG + methodName, "ClientInfo is empty.", null);
throw new ClientException(ErrorStrings.UNKNOWN_ERROR, "ClientInfo is empty.");
}
try {
final ClientInfo clientInfo = new ClientInfo(brokerResult.getClientInfo());
final MicrosoftStsAccount microsoftStsAccount = new MicrosoftStsAccount(new IDToken(brokerResult.getIdToken()), clientInfo);
microsoftStsAccount.setEnvironment(brokerResult.getEnvironment());
final MicrosoftRefreshToken microsoftRefreshToken = new MicrosoftRefreshToken(brokerResult.getRefreshToken(), clientInfo, brokerResult.getScope(), brokerResult.getClientId(), brokerResult.getEnvironment(), brokerResult.getFamilyId());
msalOAuth2TokenCacheSetSingleSignOnState(msalOAuth2TokenCache, microsoftStsAccount, microsoftRefreshToken);
} catch (ServiceException e) {
Logger.errorPII(TAG + methodName, "Exception while creating Idtoken or ClientInfo," + " cannot save MSA account tokens", e);
throw new ClientException(ErrorStrings.INVALID_JWT, e.getMessage(), e);
}
}
}
Aggregations