Examples with BearerAuthenticationSchemeInternal com.microsoft.identity.common.internal.authscheme.BearerAuthenticationSchemeInternal used on opensource projects

Example 1 with BearerAuthenticationSchemeInternal

use of com.microsoft.identity.common.internal.authscheme.BearerAuthenticationSchemeInternal in project microsoft-authentication-library-common-for-android by AzureAD.

the class MsalCppOAuth2TokenCacheTest method saveCredentialsWithAccountTest.

@Test
public void saveCredentialsWithAccountTest() throws ClientException {
    final AccountRecord generatedAccount = mTestBundle.mGeneratedAccount;
    mCppCache.saveAccountRecord(generatedAccount);
    mCppCache.saveCredentials(generatedAccount, mTestBundle.mGeneratedAccessToken, mTestBundle.mGeneratedIdToken, mTestBundle.mGeneratedRefreshToken);
    // Restore it
    final AccountRecord restoredAccount = mCppCache.getAccount(generatedAccount.getHomeAccountId(), generatedAccount.getEnvironment(), generatedAccount.getRealm());
    Assert.assertNotNull(restoredAccount);
    Assert.assertEquals(generatedAccount, restoredAccount);
    final ICacheRecord cacheRecord = mCppCache.load(mTestBundle.mGeneratedIdToken.getClientId(), mTestBundle.mGeneratedAccessToken.getTarget(), generatedAccount, new BearerAuthenticationSchemeInternal());
    Assert.assertEquals(mTestBundle.mGeneratedAccessToken, cacheRecord.getAccessToken());
}

Example 2 with BearerAuthenticationSchemeInternal

use of com.microsoft.identity.common.internal.authscheme.BearerAuthenticationSchemeInternal in project microsoft-authentication-library-common-for-android by AzureAD.

the class MsalCppOAuth2TokenCacheTest method saveCredentialsWithAccountForPRTTest.

@Test
public void saveCredentialsWithAccountForPRTTest() throws ClientException {
    final AccountRecord generatedAccount = mTestBundle.mGeneratedAccount;
    mCppCache.saveAccountRecord(generatedAccount);
    mCppCache.saveCredentials(generatedAccount, mTestBundle.mGeneratedAccessToken, mTestBundle.mGeneratedIdToken, mTestBundle.mGeneratedRefreshToken, mTestBundle.mGeneratedPrimaryRefreshToken);
    // Restore it
    final AccountRecord restoredAccount = mCppCache.getAccount(generatedAccount.getHomeAccountId(), generatedAccount.getEnvironment(), generatedAccount.getRealm());
    Assert.assertNotNull(restoredAccount);
    Assert.assertEquals(generatedAccount, restoredAccount);
    final ICacheRecord cacheRecord = mCppCache.load(mTestBundle.mGeneratedIdToken.getClientId(), mTestBundle.mGeneratedAccessToken.getTarget(), generatedAccount, new BearerAuthenticationSchemeInternal());
    Assert.assertEquals(mTestBundle.mGeneratedAccessToken, cacheRecord.getAccessToken());
}

Example 3 with BearerAuthenticationSchemeInternal

use of com.microsoft.identity.common.internal.authscheme.BearerAuthenticationSchemeInternal in project microsoft-authentication-library-common-for-android by AzureAD.

the class TokenCacheItemMigrationAdapter method createTokenRequest.

/**
 * Create the token request used to refresh the cache RTs.
 *
 * @param clientId      The clientId of the app which "owns" this token.
 * @param scopes        The scopes to include in the request.
 * @param refreshToken  The token to refresh/
 * @param redirectUri   The redirect uri for this request.
 * @param strategy      The strategy to create the TokenRequest.
 * @param correlationId The correlation id to send in the request.
 * @return The fully-formed TokenRequest.
 */
@NonNull
public static MicrosoftStsTokenRequest createTokenRequest(@NonNull final String clientId, @NonNull final String scopes, @NonNull final String refreshToken, @NonNull final String redirectUri, @NonNull final MicrosoftStsOAuth2Strategy strategy, @Nullable final UUID correlationId, @NonNull final String idTokenVersion) throws ClientException {
    final MicrosoftStsTokenRequest tokenRequest = strategy.createRefreshTokenRequest(new BearerAuthenticationSchemeInternal());
    // Set the request properties
    tokenRequest.setClientId(clientId);
    tokenRequest.setScope(scopes);
    tokenRequest.setCorrelationId(correlationId);
    tokenRequest.setRefreshToken(refreshToken);
    tokenRequest.setRedirectUri(redirectUri);
    tokenRequest.setIdTokenVersion(idTokenVersion);
    return tokenRequest;
}

Example 4 with BearerAuthenticationSchemeInternal

use of com.microsoft.identity.common.internal.authscheme.BearerAuthenticationSchemeInternal in project microsoft-authentication-library-common-for-android by AzureAD.

the class AdalBrokerRequestAdapter method brokerInteractiveParametersFromActivity.

@Override
public BrokerInteractiveTokenCommandParameters brokerInteractiveParametersFromActivity(@NonNull final Activity callingActivity) {
    final String methodName = "brokerInteractiveParametersFromActivity";
    Logger.verbose(TAG + methodName, "Constructing BrokerAcquireTokenOperationParameters from activity ");
    final Intent intent = callingActivity.getIntent();
    final int callingAppUid = intent.getIntExtra(AuthenticationConstants.Broker.CALLER_INFO_UID, 0);
    // There are two constants that need to be checked for the presence of the caller pkg name:
    // 1. CALLER_INFO_PACKAGE
    // 2. APP_PACKAGE_NAME
    // 
    // But wait! There are also versions of the ADAL library (Android) that did not send this value
    // in those cases, we simply 'lie' and say that the request came from **current** execution
    // context. This will not always be correct. We'll set a flag here to signal when the param
    // is used.
    final boolean callerPackageNameProvided = packageNameWasProvidedInBundle(intent.getExtras());
    String redirectUri;
    // If the caller package name was provided, compute their redirect
    if (callerPackageNameProvided) {
        // V1 Broker would compute the redirect_uri for the calling package, rather than
        // 'trust' the provided value -- this had the unfortunate consequence of allowing
        // callers to pass non-URL-encoded signature hashes into the library despite the documentation
        // prescribing otherwise. The ADAL.NET implementation unfortunately RELIES on this behavior,
        // forcing customers to use non-encoded values in order to pass validation check inside of
        // ADAL.NET. In order to not regress this experience, the redirect URI must now be computed
        // meaning that the ACCOUNT_REDIRECT parameter is basically ignored.
        redirectUri = BrokerValidator.getBrokerRedirectUri(callingActivity, getPackageNameFromBundle(intent.getExtras(), callingActivity.getApplicationContext()));
    } else {
        // The caller's package name was not provided, so we cannot compute the redirect for them.
        // In this case, use the provided value...
        redirectUri = intent.getStringExtra(AuthenticationConstants.Broker.ACCOUNT_REDIRECT);
    }
    final List<Pair<String, String>> extraQP = getExtraQueryParamAsList(intent.getStringExtra(AuthenticationConstants.Broker.ACCOUNT_EXTRA_QUERY_PARAM));
    final AzureActiveDirectoryAuthority authority = getRequestAuthorityWithExtraQP(intent.getStringExtra(AuthenticationConstants.Broker.ACCOUNT_AUTHORITY), extraQP);
    // We need to explicitly add tenant id as organizations if we want similar behavior from V2 endpoint
    if (AzureActiveDirectoryAudience.ALL.equalsIgnoreCase(authority.getAudience().getTenantId())) {
        authority.getAudience().setTenantId(AzureActiveDirectoryAudience.ORGANIZATIONS);
    }
    final String resource = intent.getStringExtra(AuthenticationConstants.Broker.ACCOUNT_RESOURCE);
    final Set<String> scopes = new HashSet<>();
    scopes.add(TokenCacheItemMigrationAdapter.getScopeFromResource(resource));
    String correlationIdString = intent.getStringExtra(AuthenticationConstants.Broker.ACCOUNT_CORRELATIONID);
    if (TextUtils.isEmpty(correlationIdString)) {
        Logger.info(TAG, "Correlation id not set by Adal, creating a new one");
        UUID correlationId = UUID.randomUUID();
        correlationIdString = correlationId.toString();
    }
    final BrokerInteractiveTokenCommandParameters commandParameters = BrokerInteractiveTokenCommandParameters.builder().authenticationScheme(new BearerAuthenticationSchemeInternal()).activity(callingActivity).androidApplicationContext(callingActivity.getApplicationContext()).sdkType(SdkType.ADAL).sdkVersion(intent.getStringExtra(AuthenticationConstants.Broker.ADAL_VERSION_KEY)).callerUid(callingAppUid).callerPackageName(getPackageNameFromBundle(intent.getExtras(), callingActivity.getApplicationContext())).callerAppVersion(intent.getStringExtra(AuthenticationConstants.AAD.APP_VERSION)).extraQueryStringParameters(extraQP).authority(authority).scopes(scopes).clientId(intent.getStringExtra(AuthenticationConstants.Broker.ACCOUNT_CLIENTID_KEY)).redirectUri(redirectUri).loginHint(intent.getStringExtra(AuthenticationConstants.Broker.ACCOUNT_NAME)).correlationId(correlationIdString).claimsRequestJson(intent.getStringExtra(AuthenticationConstants.Broker.ACCOUNT_CLAIMS)).prompt(OpenIdConnectPromptParameter._fromPromptBehavior(intent.getStringExtra(AuthenticationConstants.Broker.ACCOUNT_PROMPT))).authorizationAgent(AuthorizationAgent.WEBVIEW).build();
    return commandParameters;
}

Example 5 with BearerAuthenticationSchemeInternal

use of com.microsoft.identity.common.internal.authscheme.BearerAuthenticationSchemeInternal in project microsoft-authentication-library-common-for-android by AzureAD.

the class AdalBrokerRequestAdapter method brokerSilentParametersFromBundle.

@Override
public BrokerSilentTokenCommandParameters brokerSilentParametersFromBundle(Bundle bundle, Context context, Account account) {
    final String methodName = ":brokerSilentParametersFromBundle";
    Logger.verbose(TAG + methodName, "Constructing BrokerAcquireTokenOperationParameters from activity ");
    final int callingAppUid = bundle.getInt(AuthenticationConstants.Broker.CALLER_INFO_UID);
    final Authority authority = Authority.getAuthorityFromAuthorityUrl(bundle.getString(AuthenticationConstants.Broker.ACCOUNT_AUTHORITY));
    String correlationIdString = bundle.getString(AuthenticationConstants.Broker.ACCOUNT_CORRELATIONID);
    if (TextUtils.isEmpty(correlationIdString)) {
        Logger.info(TAG, "Correlation id not set by Adal, creating a new one");
        UUID correlationId = UUID.randomUUID();
        correlationIdString = correlationId.toString();
    }
    final String resource = bundle.getString(AuthenticationConstants.Broker.ACCOUNT_RESOURCE);
    final Set<String> scopes = new HashSet<>();
    scopes.add(TokenCacheItemMigrationAdapter.getScopeFromResource(resource));
    // There are two constants that need to be checked for the presence of the caller pkg name:
    // 1. CALLER_INFO_PACKAGE
    // 2. APP_PACKAGE_NAME
    // 
    // But wait! There are also versions of the ADAL library (Android) that did not send this value
    // in those cases, we simply 'lie' and say that the request came from **current** execution
    // context. This will not always be correct. We'll set a flag here to signal when the param
    // is used.
    final boolean callerPackageNameProvided = packageNameWasProvidedInBundle(bundle);
    final String packageName = getPackageNameFromBundle(bundle, context);
    String redirectUri = bundle.getString(AuthenticationConstants.Broker.ACCOUNT_REDIRECT);
    // Adal might not pass in the redirect uri, in that case calculate from broker validator
    if (callerPackageNameProvided || TextUtils.isEmpty(redirectUri)) {
        redirectUri = BrokerValidator.getBrokerRedirectUri(context, packageName);
    }
    final BrokerSilentTokenCommandParameters commandParameters = BrokerSilentTokenCommandParameters.builder().authenticationScheme(new BearerAuthenticationSchemeInternal()).androidApplicationContext(context).accountManagerAccount(account).sdkType(SdkType.ADAL).callerUid(callingAppUid).callerPackageName(packageName).callerAppVersion(bundle.getString(AuthenticationConstants.AAD.APP_VERSION)).authority(authority).correlationId(correlationIdString).scopes(scopes).clientId(bundle.getString(AuthenticationConstants.Broker.ACCOUNT_CLIENTID_KEY)).localAccountId(bundle.getString(AuthenticationConstants.Broker.ACCOUNT_USERINFO_USERID)).redirectUri(redirectUri).forceRefresh(Boolean.parseBoolean(bundle.getString(AuthenticationConstants.Broker.BROKER_FORCE_REFRESH))).claimsRequestJson(bundle.getString(AuthenticationConstants.Broker.ACCOUNT_CLAIMS)).loginHint(bundle.getString(AuthenticationConstants.Broker.ACCOUNT_NAME)).build();
    return commandParameters;
}