use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.
the class BrokerOAuth2TokenCacheTest method testCanSaveIntoAppUidCache.
@Test
@SuppressWarnings("unchecked")
public void testCanSaveIntoAppUidCache() throws ClientException {
configureMocksForAppUid();
mBrokerOAuth2TokenCache.save(mockStrategy, mockRequest, mockResponse);
final List<AccountRecord> accounts = mAppUidCredentialCache.getAccounts();
assertEquals(1, accounts.size());
assertEquals(mDefaultAppUidTestBundle.mGeneratedAccount, accounts.get(0));
final List<Credential> credentials = mAppUidCredentialCache.getCredentials();
assertEquals(3, credentials.size());
final List<Credential> rts = new ArrayList<>();
final List<Credential> ats = new ArrayList<>();
final List<Credential> ids = new ArrayList<>();
for (final Credential credential : credentials) {
if (credential.getCredentialType().equalsIgnoreCase(CredentialType.AccessToken.name())) {
ats.add(credential);
} else if (credential.getCredentialType().equalsIgnoreCase(CredentialType.RefreshToken.name())) {
rts.add(credential);
} else if (credential.getCredentialType().equalsIgnoreCase(CredentialType.IdToken.name())) {
ids.add(credential);
} else {
fail();
}
}
assertEquals(mDefaultAppUidTestBundle.mGeneratedAccessToken, ats.get(0));
assertEquals(mDefaultAppUidTestBundle.mGeneratedRefreshToken, rts.get(0));
assertEquals(mDefaultAppUidTestBundle.mGeneratedIdToken, ids.get(0));
}
use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.
the class MsalCppOAuth2TokenCacheTest method saveCredentialsWithoutAccountTest.
@Test
public void saveCredentialsWithoutAccountTest() throws ClientException {
final AccountRecord generatedAccount = mTestBundle.mGeneratedAccount;
mCppCache.saveCredentials(null, mTestBundle.mGeneratedAccessToken, mTestBundle.mGeneratedIdToken, mTestBundle.mGeneratedRefreshToken);
// Restore it
final AccountRecord restoredAccount = mCppCache.getAccount(generatedAccount.getHomeAccountId(), generatedAccount.getEnvironment(), generatedAccount.getRealm());
// Account doesn't exist
Assert.assertNull(restoredAccount);
// Inspect the contents of the cache
final List<Credential> credentials = mCppCache.getCredentials();
Assert.assertTrue(credentials.contains(mTestBundle.mGeneratedAccessToken));
Assert.assertTrue(credentials.contains(mTestBundle.mGeneratedIdToken));
Assert.assertTrue(credentials.contains(mTestBundle.mGeneratedRefreshToken));
}
use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.
the class MsalCppOAuth2TokenCacheTest method saveCredentialsWithoutAccountForPRTTest.
@Test
public void saveCredentialsWithoutAccountForPRTTest() throws ClientException {
final AccountRecord generatedAccount = mTestBundle.mGeneratedAccount;
mCppCache.saveCredentials(null, mTestBundle.mGeneratedAccessToken, mTestBundle.mGeneratedIdToken, mTestBundle.mGeneratedPrimaryRefreshToken);
// Restore it
final AccountRecord restoredAccount = mCppCache.getAccount(generatedAccount.getHomeAccountId(), generatedAccount.getEnvironment(), generatedAccount.getRealm());
// Account doesn't exist
Assert.assertNull(restoredAccount);
// Inspect the contents of the cache
final List<Credential> credentials = mCppCache.getCredentials();
Assert.assertTrue(credentials.contains(mTestBundle.mGeneratedAccessToken));
Assert.assertTrue(credentials.contains(mTestBundle.mGeneratedIdToken));
Assert.assertTrue(credentials.contains(mTestBundle.mGeneratedPrimaryRefreshToken));
}
use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.
the class BrokerOAuth2TokenCache method getFociCacheRecords.
/**
* Returns the List of FoCI users in the cache. This API is provided so that the broker may
* **internally** query the cache for known users, such that the broker may verify an
* unknown clientId is a part of the FoCI family.
* <p>
* Please note, the ICacheRecords returned by this query are NOT fully populated. Only the
* {@link GenericAccount} and {@link GenericRefreshToken} will be returned.
* will be resutned.
*
* @return A List of ICacheRecords for the FoCI accounts.
*/
@SuppressWarnings(UNCHECKED)
public List<ICacheRecord> getFociCacheRecords() {
final String methodName = ":getFociCacheRecords";
final List<ICacheRecord> result = new ArrayList<>();
final List<BrokerApplicationMetadata> allFociApplicationMetadata = mApplicationMetadataCache.getAllFociApplicationMetadata();
for (final BrokerApplicationMetadata fociAppMetadata : allFociApplicationMetadata) {
// Load all the accounts
final List<AccountRecord> accounts = mFociCache.getAccounts(fociAppMetadata.getEnvironment(), fociAppMetadata.getClientId());
// For each account, load the RT
for (final AccountRecord account : accounts) {
final String homeAccountId = account.getHomeAccountId();
final String environment = account.getEnvironment();
final String clientId = fociAppMetadata.getClientId();
final String realm = account.getRealm();
// Load the refresh token (1 per user per environment)
final List<Credential> refreshTokens = mFociCache.getAccountCredentialCache().getCredentialsFilteredBy(homeAccountId, environment, CredentialType.RefreshToken, clientId, // wildcard (*)
null, // wildcard (*)
null, // Not applicable
null);
// Load the V1IdToken (v1 if adal used)
final List<Credential> v1IdTokens = mFociCache.getAccountCredentialCache().getCredentialsFilteredBy(homeAccountId, environment, CredentialType.V1IdToken, clientId, realm, null, // Not applicable
null);
// Load the IdToken
final List<Credential> idTokens = mFociCache.getAccountCredentialCache().getCredentialsFilteredBy(homeAccountId, environment, CredentialType.IdToken, clientId, realm, null, // not applicable
null);
// Construct the ICacheRecord
if (!refreshTokens.isEmpty()) {
final CacheRecord.CacheRecordBuilder cacheRecord = CacheRecord.builder();
cacheRecord.account(account);
cacheRecord.refreshToken((RefreshTokenRecord) refreshTokens.get(0));
// Add the V1IdToken (if exists, should have 1 if ADAL used)
if (!v1IdTokens.isEmpty()) {
Logger.verbose(TAG + methodName, "Found [" + v1IdTokens.size() + "] V1IdTokens");
cacheRecord.v1IdToken((IdTokenRecord) v1IdTokens.get(0));
} else {
Logger.warn(TAG + methodName, "No V1IdTokens exist for this account.");
}
// Add the IdTokens (if exists, should have 1 if MSAL used)
if (!idTokens.isEmpty()) {
Logger.verbose(TAG + methodName, "Found [" + idTokens.size() + "] IdTokens");
cacheRecord.idToken((IdTokenRecord) idTokens.get(0));
} else {
Logger.warn(TAG + methodName, "No IdTokens exist for this account.");
}
// Add it to the result
result.add(cacheRecord.build());
}
}
}
return result;
}
use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.
the class MsalOAuth2TokenCache method getFamilyRefreshTokenForAccount.
/**
* Load an FRTs from the cache which may be used by this account.
*
* @param account The account for which an FRT is sought.
* @return A matching FRT credential, if exists. May be null.
*/
@Nullable
private RefreshTokenRecord getFamilyRefreshTokenForAccount(@NonNull final AccountRecord account) {
final String methodName = ":getFamilyRefreshTokensForAccount";
// Our eventual result - init to null, will assign if valid FRT is found
RefreshTokenRecord result = null;
// Look for an arbitrary RT matching the current user.
// If we find one, check that it is FoCI, if it is, assume it works.
final List<Credential> fallbackRts = mAccountCredentialCache.getCredentialsFilteredBy(account.getHomeAccountId(), account.getEnvironment(), CredentialType.RefreshToken, // wildcard (*)
null, // wildcard (*) -- all FRTs are MRRTs by definition
null, // wildcard (*) -- all FRTs are MRRTs by definition
null, // not applicable
null);
if (!fallbackRts.isEmpty()) {
Logger.verbose(TAG + methodName, "Inspecting fallback RTs for a FoCI match.");
// they're either "all FoCI" or none are.
for (final Credential rt : fallbackRts) {
if (rt instanceof RefreshTokenRecord) {
final RefreshTokenRecord refreshTokenRecord = (RefreshTokenRecord) rt;
final boolean isFamilyRefreshToken = !StringExtensions.isNullOrBlank(refreshTokenRecord.getFamilyId());
if (isFamilyRefreshToken) {
Logger.verbose(TAG + methodName, "Fallback RT found.");
result = refreshTokenRecord;
break;
}
}
}
}
return result;
}
Aggregations