Search in sources :

Example 1 with Credential

use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.

the class BrokerOAuth2TokenCacheTest method testCanSaveIntoAppUidCache.

@Test
@SuppressWarnings("unchecked")
public void testCanSaveIntoAppUidCache() throws ClientException {
    configureMocksForAppUid();
    mBrokerOAuth2TokenCache.save(mockStrategy, mockRequest, mockResponse);
    final List<AccountRecord> accounts = mAppUidCredentialCache.getAccounts();
    assertEquals(1, accounts.size());
    assertEquals(mDefaultAppUidTestBundle.mGeneratedAccount, accounts.get(0));
    final List<Credential> credentials = mAppUidCredentialCache.getCredentials();
    assertEquals(3, credentials.size());
    final List<Credential> rts = new ArrayList<>();
    final List<Credential> ats = new ArrayList<>();
    final List<Credential> ids = new ArrayList<>();
    for (final Credential credential : credentials) {
        if (credential.getCredentialType().equalsIgnoreCase(CredentialType.AccessToken.name())) {
            ats.add(credential);
        } else if (credential.getCredentialType().equalsIgnoreCase(CredentialType.RefreshToken.name())) {
            rts.add(credential);
        } else if (credential.getCredentialType().equalsIgnoreCase(CredentialType.IdToken.name())) {
            ids.add(credential);
        } else {
            fail();
        }
    }
    assertEquals(mDefaultAppUidTestBundle.mGeneratedAccessToken, ats.get(0));
    assertEquals(mDefaultAppUidTestBundle.mGeneratedRefreshToken, rts.get(0));
    assertEquals(mDefaultAppUidTestBundle.mGeneratedIdToken, ids.get(0));
}
Also used : Credential(com.microsoft.identity.common.internal.dto.Credential) AccountRecord(com.microsoft.identity.common.internal.dto.AccountRecord) ArrayList(java.util.ArrayList) Test(org.junit.Test)

Example 2 with Credential

use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.

the class MsalCppOAuth2TokenCacheTest method saveCredentialsWithoutAccountTest.

@Test
public void saveCredentialsWithoutAccountTest() throws ClientException {
    final AccountRecord generatedAccount = mTestBundle.mGeneratedAccount;
    mCppCache.saveCredentials(null, mTestBundle.mGeneratedAccessToken, mTestBundle.mGeneratedIdToken, mTestBundle.mGeneratedRefreshToken);
    // Restore it
    final AccountRecord restoredAccount = mCppCache.getAccount(generatedAccount.getHomeAccountId(), generatedAccount.getEnvironment(), generatedAccount.getRealm());
    // Account doesn't exist
    Assert.assertNull(restoredAccount);
    // Inspect the contents of the cache
    final List<Credential> credentials = mCppCache.getCredentials();
    Assert.assertTrue(credentials.contains(mTestBundle.mGeneratedAccessToken));
    Assert.assertTrue(credentials.contains(mTestBundle.mGeneratedIdToken));
    Assert.assertTrue(credentials.contains(mTestBundle.mGeneratedRefreshToken));
}
Also used : Credential(com.microsoft.identity.common.internal.dto.Credential) AccountRecord(com.microsoft.identity.common.internal.dto.AccountRecord) Test(org.junit.Test)

Example 3 with Credential

use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.

the class MsalCppOAuth2TokenCacheTest method saveCredentialsWithoutAccountForPRTTest.

@Test
public void saveCredentialsWithoutAccountForPRTTest() throws ClientException {
    final AccountRecord generatedAccount = mTestBundle.mGeneratedAccount;
    mCppCache.saveCredentials(null, mTestBundle.mGeneratedAccessToken, mTestBundle.mGeneratedIdToken, mTestBundle.mGeneratedPrimaryRefreshToken);
    // Restore it
    final AccountRecord restoredAccount = mCppCache.getAccount(generatedAccount.getHomeAccountId(), generatedAccount.getEnvironment(), generatedAccount.getRealm());
    // Account doesn't exist
    Assert.assertNull(restoredAccount);
    // Inspect the contents of the cache
    final List<Credential> credentials = mCppCache.getCredentials();
    Assert.assertTrue(credentials.contains(mTestBundle.mGeneratedAccessToken));
    Assert.assertTrue(credentials.contains(mTestBundle.mGeneratedIdToken));
    Assert.assertTrue(credentials.contains(mTestBundle.mGeneratedPrimaryRefreshToken));
}
Also used : Credential(com.microsoft.identity.common.internal.dto.Credential) AccountRecord(com.microsoft.identity.common.internal.dto.AccountRecord) Test(org.junit.Test)

Example 4 with Credential

use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.

the class BrokerOAuth2TokenCache method getFociCacheRecords.

/**
 * Returns the List of FoCI users in the cache. This API is provided so that the broker may
 * **internally** query the cache for known users, such that the broker may verify an
 * unknown clientId is a part of the FoCI family.
 * <p>
 * Please note, the ICacheRecords returned by this query are NOT fully populated. Only the
 * {@link GenericAccount} and {@link GenericRefreshToken} will be returned.
 * will be resutned.
 *
 * @return A List of ICacheRecords for the FoCI accounts.
 */
@SuppressWarnings(UNCHECKED)
public List<ICacheRecord> getFociCacheRecords() {
    final String methodName = ":getFociCacheRecords";
    final List<ICacheRecord> result = new ArrayList<>();
    final List<BrokerApplicationMetadata> allFociApplicationMetadata = mApplicationMetadataCache.getAllFociApplicationMetadata();
    for (final BrokerApplicationMetadata fociAppMetadata : allFociApplicationMetadata) {
        // Load all the accounts
        final List<AccountRecord> accounts = mFociCache.getAccounts(fociAppMetadata.getEnvironment(), fociAppMetadata.getClientId());
        // For each account, load the RT
        for (final AccountRecord account : accounts) {
            final String homeAccountId = account.getHomeAccountId();
            final String environment = account.getEnvironment();
            final String clientId = fociAppMetadata.getClientId();
            final String realm = account.getRealm();
            // Load the refresh token (1 per user per environment)
            final List<Credential> refreshTokens = mFociCache.getAccountCredentialCache().getCredentialsFilteredBy(homeAccountId, environment, CredentialType.RefreshToken, clientId, // wildcard (*)
            null, // wildcard (*)
            null, // Not applicable
            null);
            // Load the V1IdToken (v1 if adal used)
            final List<Credential> v1IdTokens = mFociCache.getAccountCredentialCache().getCredentialsFilteredBy(homeAccountId, environment, CredentialType.V1IdToken, clientId, realm, null, // Not applicable
            null);
            // Load the IdToken
            final List<Credential> idTokens = mFociCache.getAccountCredentialCache().getCredentialsFilteredBy(homeAccountId, environment, CredentialType.IdToken, clientId, realm, null, // not applicable
            null);
            // Construct the ICacheRecord
            if (!refreshTokens.isEmpty()) {
                final CacheRecord.CacheRecordBuilder cacheRecord = CacheRecord.builder();
                cacheRecord.account(account);
                cacheRecord.refreshToken((RefreshTokenRecord) refreshTokens.get(0));
                // Add the V1IdToken (if exists, should have 1 if ADAL used)
                if (!v1IdTokens.isEmpty()) {
                    Logger.verbose(TAG + methodName, "Found [" + v1IdTokens.size() + "] V1IdTokens");
                    cacheRecord.v1IdToken((IdTokenRecord) v1IdTokens.get(0));
                } else {
                    Logger.warn(TAG + methodName, "No V1IdTokens exist for this account.");
                }
                // Add the IdTokens (if exists, should have 1 if MSAL used)
                if (!idTokens.isEmpty()) {
                    Logger.verbose(TAG + methodName, "Found [" + idTokens.size() + "] IdTokens");
                    cacheRecord.idToken((IdTokenRecord) idTokens.get(0));
                } else {
                    Logger.warn(TAG + methodName, "No IdTokens exist for this account.");
                }
                // Add it to the result
                result.add(cacheRecord.build());
            }
        }
    }
    return result;
}
Also used : Credential(com.microsoft.identity.common.internal.dto.Credential) ArrayList(java.util.ArrayList) AccountRecord(com.microsoft.identity.common.internal.dto.AccountRecord)

Example 5 with Credential

use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.

the class MsalOAuth2TokenCache method getFamilyRefreshTokenForAccount.

/**
 * Load an FRTs from the cache which may be used by this account.
 *
 * @param account The account for which an FRT is sought.
 * @return A matching FRT credential, if exists. May be null.
 */
@Nullable
private RefreshTokenRecord getFamilyRefreshTokenForAccount(@NonNull final AccountRecord account) {
    final String methodName = ":getFamilyRefreshTokensForAccount";
    // Our eventual result - init to null, will assign if valid FRT is found
    RefreshTokenRecord result = null;
    // Look for an arbitrary RT matching the current user.
    // If we find one, check that it is FoCI, if it is, assume it works.
    final List<Credential> fallbackRts = mAccountCredentialCache.getCredentialsFilteredBy(account.getHomeAccountId(), account.getEnvironment(), CredentialType.RefreshToken, // wildcard (*)
    null, // wildcard (*) -- all FRTs are MRRTs by definition
    null, // wildcard (*) -- all FRTs are MRRTs by definition
    null, // not applicable
    null);
    if (!fallbackRts.isEmpty()) {
        Logger.verbose(TAG + methodName, "Inspecting fallback RTs for a FoCI match.");
        // they're either "all FoCI" or none are.
        for (final Credential rt : fallbackRts) {
            if (rt instanceof RefreshTokenRecord) {
                final RefreshTokenRecord refreshTokenRecord = (RefreshTokenRecord) rt;
                final boolean isFamilyRefreshToken = !StringExtensions.isNullOrBlank(refreshTokenRecord.getFamilyId());
                if (isFamilyRefreshToken) {
                    Logger.verbose(TAG + methodName, "Fallback RT found.");
                    result = refreshTokenRecord;
                    break;
                }
            }
        }
    }
    return result;
}
Also used : Credential(com.microsoft.identity.common.internal.dto.Credential) RefreshTokenRecord(com.microsoft.identity.common.internal.dto.RefreshTokenRecord) Nullable(androidx.annotation.Nullable)

Aggregations

Credential (com.microsoft.identity.common.internal.dto.Credential)64 Test (org.junit.Test)45 RefreshTokenRecord (com.microsoft.identity.common.internal.dto.RefreshTokenRecord)33 PrimaryRefreshTokenRecord (com.microsoft.identity.common.internal.dto.PrimaryRefreshTokenRecord)31 AccessTokenRecord (com.microsoft.identity.common.internal.dto.AccessTokenRecord)30 AccountRecord (com.microsoft.identity.common.internal.dto.AccountRecord)10 ArrayList (java.util.ArrayList)9 HashMap (java.util.HashMap)9 JsonElement (com.google.gson.JsonElement)7 JsonPrimitive (com.google.gson.JsonPrimitive)7 IdTokenRecord (com.microsoft.identity.common.internal.dto.IdTokenRecord)7 CredentialType (com.microsoft.identity.common.internal.dto.CredentialType)3 Map (java.util.Map)3 Nullable (androidx.annotation.Nullable)2 HashSet (java.util.HashSet)2 NonNull (androidx.annotation.NonNull)1 ClientException (com.microsoft.identity.common.exception.ClientException)1 SharedPreferencesFileManager (com.microsoft.identity.common.internal.cache.SharedPreferencesFileManager)1 CacheEndEvent (com.microsoft.identity.common.internal.telemetry.events.CacheEndEvent)1 CacheStartEvent (com.microsoft.identity.common.internal.telemetry.events.CacheStartEvent)1