use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.
the class MsalOAuth2TokenCache method getAllClientIds.
@Override
protected Set<String> getAllClientIds() {
final String methodName = ":getAllClientIds";
final Set<String> result = new HashSet<>();
for (final Credential credential : mAccountCredentialCache.getCredentials()) {
result.add(credential.getClientId());
}
Logger.verbose(TAG + methodName, "Found [" + result.size() + "] clientIds/");
return result;
}
use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.
the class MsalOAuth2TokenCache method removeCredentialsOfTypeForAccount.
/**
* Removes Credentials of the supplied type for the supplied Account.
*
* @param environment Entity which issued the token represented as a host.
* @param clientId The clientId of the target app.
* @param credentialType The type of Credential to remove.
* @param targetAccount The target Account whose Credentials should be removed.
* @param realmAgnostic True if the specified action should be completed irrespective of realm.
* @return The number of Credentials removed.
*/
private int removeCredentialsOfTypeForAccount(// 'authority host'
@NonNull final String environment, @Nullable final String clientId, @NonNull final CredentialType credentialType, @NonNull final AccountRecord targetAccount, boolean realmAgnostic) {
int credentialsRemoved = 0;
// Query it for Credentials matching the supplied targetAccount
final List<Credential> credentialsToRemove = mAccountCredentialCache.getCredentialsFilteredBy(targetAccount.getHomeAccountId(), environment, credentialType, clientId, realmAgnostic ? // wildcard (*) realm
null : targetAccount.getRealm(), // wildcard (*) target,
null, null);
for (final Credential credentialToRemove : credentialsToRemove) {
if (mAccountCredentialCache.removeCredential(credentialToRemove)) {
credentialsRemoved++;
}
}
return credentialsRemoved;
}
use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.
the class MsalOAuth2TokenCache method accountHasCredential.
/**
* Evaluates the supplied list of Credentials. Returns true if the provided Account
* 'owns' any one of these tokens.
*
* @param account The Account whose credential ownership should be evaluated.
* @param appCredentials The Credentials to evaluate.
* @return True, if this Account has Credentials. False otherwise.
*/
private boolean accountHasCredential(@NonNull final AccountRecord account, @NonNull final List<Credential> appCredentials) {
final String methodName = ":accountHasCredential";
final String accountHomeId = account.getHomeAccountId();
final String accountEnvironment = account.getEnvironment();
Logger.verbosePII(TAG + methodName, "HomeAccountId: [" + accountHomeId + "]" + "\n" + "Environment: [" + accountEnvironment + "]");
for (final Credential credential : appCredentials) {
if (accountHomeId.equals(credential.getHomeAccountId()) && accountEnvironment.equals(credential.getEnvironment())) {
Logger.verbose(TAG + methodName, "Credentials located for account.");
return true;
}
}
return false;
}
use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.
the class SharedPreferencesAccountCredentialCache method getCredentialsFilteredBy.
@Override
public List<Credential> getCredentialsFilteredBy(@Nullable final String homeAccountId, @Nullable final String environment, @NonNull final Set<CredentialType> credentialTypes, @Nullable final String clientId, @Nullable final String realm, @Nullable final String target, @Nullable final String authScheme, @Nullable final String requestedClaims) {
final List<Credential> allCredentials = getCredentials();
final List<Credential> result = new ArrayList<>();
for (final CredentialType type : credentialTypes) {
result.addAll(getCredentialsFilteredByInternal(homeAccountId, environment, type, clientId, realm, target, authScheme, requestedClaims, allCredentials));
}
return result;
}
use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.
the class MicrosoftFamilyOAuth2TokenCache method loadByFamilyId.
/**
* Loads the tokens available for the supplied client criteria.
*
* @param clientId The current client's id.
* @param accountRecord The current account.
* @return An ICacheRecord containing the account. If a matching refresh token is available
* it is returned.
*/
public ICacheRecord loadByFamilyId(@Nullable final String clientId, @Nullable final String target, @NonNull final AccountRecord accountRecord, @Nullable final AbstractAuthenticationScheme authenticationScheme) {
final String methodName = ":loadByFamilyId";
final String familyId = "1";
Logger.verbose(TAG + methodName, "ClientId[" + clientId + ", " + familyId + "]");
// The following fields must match when querying for RTs:
// - environment
// - home_account_id
// - credential_type == RT
//
// The following fields do not matter when querying for RTs:
// - clientId doesn't matter (FRT)
// - target doesn't matter (FRT) (but we will inspect it when looking for an AT)
// - realm doesn't matter (MRRT)
RefreshTokenRecord rtToReturn = null;
IdTokenRecord idTokenToReturn = null;
IdTokenRecord v1IdTokenToReturn = null;
AccessTokenRecord atRecordToReturn = null;
final List<Credential> allCredentials = getAccountCredentialCache().getCredentials();
// First, filter down to only the refresh tokens...
for (final Credential credential : allCredentials) {
if (credential instanceof RefreshTokenRecord) {
final RefreshTokenRecord rtRecord = (RefreshTokenRecord) credential;
if (familyId.equals(rtRecord.getFamilyId()) && accountRecord.getEnvironment().equals(rtRecord.getEnvironment()) && accountRecord.getHomeAccountId().equals(rtRecord.getHomeAccountId())) {
rtToReturn = rtRecord;
break;
}
}
}
// If there's a matching IdToken, pick that up too...
for (final Credential credential : allCredentials) {
if (credential instanceof IdTokenRecord) {
final IdTokenRecord idTokenRecord = (IdTokenRecord) credential;
if (null != clientId && clientId.equals(idTokenRecord.getClientId()) && accountRecord.getEnvironment().equals(idTokenRecord.getEnvironment()) && accountRecord.getHomeAccountId().equals(idTokenRecord.getHomeAccountId()) && accountRecord.getRealm().equals(idTokenRecord.getRealm())) {
if (CredentialType.V1IdToken.name().equalsIgnoreCase(idTokenRecord.getCredentialType())) {
v1IdTokenToReturn = idTokenRecord;
} else {
idTokenToReturn = idTokenRecord;
}
// Do not 'break' as there may still be more IdTokens to inspect
}
}
}
if (null != target && null != authenticationScheme) {
for (final Credential credential : allCredentials) {
if (credential instanceof AccessTokenRecord) {
final AccessTokenRecord atRecord = (AccessTokenRecord) credential;
if (null != clientId && clientId.equals(atRecord.getClientId()) && accountRecord.getEnvironment().equals(atRecord.getEnvironment()) && accountRecord.getHomeAccountId().equals(atRecord.getHomeAccountId()) && accountRecord.getRealm().equals(atRecord.getRealm()) && targetsIntersect(target, atRecord.getTarget(), true)) {
if (CredentialType.AccessToken.name().equalsIgnoreCase(atRecord.getCredentialType()) && BearerAuthenticationSchemeInternal.SCHEME_BEARER.equalsIgnoreCase(authenticationScheme.getName())) {
atRecordToReturn = atRecord;
break;
} else if (CredentialType.AccessToken_With_AuthScheme.name().equalsIgnoreCase(atRecord.getCredentialType()) && PopAuthenticationSchemeInternal.SCHEME_POP.equalsIgnoreCase(authenticationScheme.getName())) {
atRecordToReturn = atRecord;
break;
}
}
}
}
}
final CacheRecord.CacheRecordBuilder result = CacheRecord.builder();
result.mAccount(accountRecord);
result.refreshToken(rtToReturn);
result.accessToken(atRecordToReturn);
result.v1IdToken(v1IdTokenToReturn);
result.idToken(idTokenToReturn);
return result.build();
}
Aggregations