Search in sources :

Example 6 with Credential

use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.

the class MsalOAuth2TokenCache method getAllClientIds.

@Override
protected Set<String> getAllClientIds() {
    final String methodName = ":getAllClientIds";
    final Set<String> result = new HashSet<>();
    for (final Credential credential : mAccountCredentialCache.getCredentials()) {
        result.add(credential.getClientId());
    }
    Logger.verbose(TAG + methodName, "Found [" + result.size() + "] clientIds/");
    return result;
}
Also used : Credential(com.microsoft.identity.common.internal.dto.Credential) HashSet(java.util.HashSet)

Example 7 with Credential

use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.

the class MsalOAuth2TokenCache method removeCredentialsOfTypeForAccount.

/**
 * Removes Credentials of the supplied type for the supplied Account.
 *
 * @param environment    Entity which issued the token represented as a host.
 * @param clientId       The clientId of the target app.
 * @param credentialType The type of Credential to remove.
 * @param targetAccount  The target Account whose Credentials should be removed.
 * @param realmAgnostic  True if the specified action should be completed irrespective of realm.
 * @return The number of Credentials removed.
 */
private int removeCredentialsOfTypeForAccount(// 'authority host'
@NonNull final String environment, @Nullable final String clientId, @NonNull final CredentialType credentialType, @NonNull final AccountRecord targetAccount, boolean realmAgnostic) {
    int credentialsRemoved = 0;
    // Query it for Credentials matching the supplied targetAccount
    final List<Credential> credentialsToRemove = mAccountCredentialCache.getCredentialsFilteredBy(targetAccount.getHomeAccountId(), environment, credentialType, clientId, realmAgnostic ? // wildcard (*) realm
    null : targetAccount.getRealm(), // wildcard (*) target,
    null, null);
    for (final Credential credentialToRemove : credentialsToRemove) {
        if (mAccountCredentialCache.removeCredential(credentialToRemove)) {
            credentialsRemoved++;
        }
    }
    return credentialsRemoved;
}
Also used : Credential(com.microsoft.identity.common.internal.dto.Credential)

Example 8 with Credential

use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.

the class MsalOAuth2TokenCache method accountHasCredential.

/**
 * Evaluates the supplied list of Credentials. Returns true if the provided Account
 * 'owns' any one of these tokens.
 *
 * @param account        The Account whose credential ownership should be evaluated.
 * @param appCredentials The Credentials to evaluate.
 * @return True, if this Account has Credentials. False otherwise.
 */
private boolean accountHasCredential(@NonNull final AccountRecord account, @NonNull final List<Credential> appCredentials) {
    final String methodName = ":accountHasCredential";
    final String accountHomeId = account.getHomeAccountId();
    final String accountEnvironment = account.getEnvironment();
    Logger.verbosePII(TAG + methodName, "HomeAccountId: [" + accountHomeId + "]" + "\n" + "Environment: [" + accountEnvironment + "]");
    for (final Credential credential : appCredentials) {
        if (accountHomeId.equals(credential.getHomeAccountId()) && accountEnvironment.equals(credential.getEnvironment())) {
            Logger.verbose(TAG + methodName, "Credentials located for account.");
            return true;
        }
    }
    return false;
}
Also used : Credential(com.microsoft.identity.common.internal.dto.Credential)

Example 9 with Credential

use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.

the class SharedPreferencesAccountCredentialCache method getCredentialsFilteredBy.

@Override
public List<Credential> getCredentialsFilteredBy(@Nullable final String homeAccountId, @Nullable final String environment, @NonNull final Set<CredentialType> credentialTypes, @Nullable final String clientId, @Nullable final String realm, @Nullable final String target, @Nullable final String authScheme, @Nullable final String requestedClaims) {
    final List<Credential> allCredentials = getCredentials();
    final List<Credential> result = new ArrayList<>();
    for (final CredentialType type : credentialTypes) {
        result.addAll(getCredentialsFilteredByInternal(homeAccountId, environment, type, clientId, realm, target, authScheme, requestedClaims, allCredentials));
    }
    return result;
}
Also used : Credential(com.microsoft.identity.common.internal.dto.Credential) ArrayList(java.util.ArrayList) CredentialType(com.microsoft.identity.common.internal.dto.CredentialType)

Example 10 with Credential

use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.

the class MicrosoftFamilyOAuth2TokenCache method loadByFamilyId.

/**
 * Loads the tokens available for the supplied client criteria.
 *
 * @param clientId      The current client's id.
 * @param accountRecord The current account.
 * @return An ICacheRecord containing the account. If a matching refresh token is available
 * it is returned.
 */
public ICacheRecord loadByFamilyId(@Nullable final String clientId, @Nullable final String target, @NonNull final AccountRecord accountRecord, @Nullable final AbstractAuthenticationScheme authenticationScheme) {
    final String methodName = ":loadByFamilyId";
    final String familyId = "1";
    Logger.verbose(TAG + methodName, "ClientId[" + clientId + ", " + familyId + "]");
    // The following fields must match when querying for RTs:
    // - environment
    // - home_account_id
    // - credential_type == RT
    // 
    // The following fields do not matter when querying for RTs:
    // - clientId doesn't matter (FRT)
    // - target doesn't matter (FRT) (but we will inspect it when looking for an AT)
    // - realm doesn't matter (MRRT)
    RefreshTokenRecord rtToReturn = null;
    IdTokenRecord idTokenToReturn = null;
    IdTokenRecord v1IdTokenToReturn = null;
    AccessTokenRecord atRecordToReturn = null;
    final List<Credential> allCredentials = getAccountCredentialCache().getCredentials();
    // First, filter down to only the refresh tokens...
    for (final Credential credential : allCredentials) {
        if (credential instanceof RefreshTokenRecord) {
            final RefreshTokenRecord rtRecord = (RefreshTokenRecord) credential;
            if (familyId.equals(rtRecord.getFamilyId()) && accountRecord.getEnvironment().equals(rtRecord.getEnvironment()) && accountRecord.getHomeAccountId().equals(rtRecord.getHomeAccountId())) {
                rtToReturn = rtRecord;
                break;
            }
        }
    }
    // If there's a matching IdToken, pick that up too...
    for (final Credential credential : allCredentials) {
        if (credential instanceof IdTokenRecord) {
            final IdTokenRecord idTokenRecord = (IdTokenRecord) credential;
            if (null != clientId && clientId.equals(idTokenRecord.getClientId()) && accountRecord.getEnvironment().equals(idTokenRecord.getEnvironment()) && accountRecord.getHomeAccountId().equals(idTokenRecord.getHomeAccountId()) && accountRecord.getRealm().equals(idTokenRecord.getRealm())) {
                if (CredentialType.V1IdToken.name().equalsIgnoreCase(idTokenRecord.getCredentialType())) {
                    v1IdTokenToReturn = idTokenRecord;
                } else {
                    idTokenToReturn = idTokenRecord;
                }
            // Do not 'break' as there may still be more IdTokens to inspect
            }
        }
    }
    if (null != target && null != authenticationScheme) {
        for (final Credential credential : allCredentials) {
            if (credential instanceof AccessTokenRecord) {
                final AccessTokenRecord atRecord = (AccessTokenRecord) credential;
                if (null != clientId && clientId.equals(atRecord.getClientId()) && accountRecord.getEnvironment().equals(atRecord.getEnvironment()) && accountRecord.getHomeAccountId().equals(atRecord.getHomeAccountId()) && accountRecord.getRealm().equals(atRecord.getRealm()) && targetsIntersect(target, atRecord.getTarget(), true)) {
                    if (CredentialType.AccessToken.name().equalsIgnoreCase(atRecord.getCredentialType()) && BearerAuthenticationSchemeInternal.SCHEME_BEARER.equalsIgnoreCase(authenticationScheme.getName())) {
                        atRecordToReturn = atRecord;
                        break;
                    } else if (CredentialType.AccessToken_With_AuthScheme.name().equalsIgnoreCase(atRecord.getCredentialType()) && PopAuthenticationSchemeInternal.SCHEME_POP.equalsIgnoreCase(authenticationScheme.getName())) {
                        atRecordToReturn = atRecord;
                        break;
                    }
                }
            }
        }
    }
    final CacheRecord.CacheRecordBuilder result = CacheRecord.builder();
    result.mAccount(accountRecord);
    result.refreshToken(rtToReturn);
    result.accessToken(atRecordToReturn);
    result.v1IdToken(v1IdTokenToReturn);
    result.idToken(idTokenToReturn);
    return result.build();
}
Also used : IdTokenRecord(com.microsoft.identity.common.internal.dto.IdTokenRecord) Credential(com.microsoft.identity.common.internal.dto.Credential) RefreshTokenRecord(com.microsoft.identity.common.internal.dto.RefreshTokenRecord) AccessTokenRecord(com.microsoft.identity.common.internal.dto.AccessTokenRecord)

Aggregations

Credential (com.microsoft.identity.common.internal.dto.Credential)64 Test (org.junit.Test)45 RefreshTokenRecord (com.microsoft.identity.common.internal.dto.RefreshTokenRecord)33 PrimaryRefreshTokenRecord (com.microsoft.identity.common.internal.dto.PrimaryRefreshTokenRecord)31 AccessTokenRecord (com.microsoft.identity.common.internal.dto.AccessTokenRecord)30 AccountRecord (com.microsoft.identity.common.internal.dto.AccountRecord)10 ArrayList (java.util.ArrayList)9 HashMap (java.util.HashMap)9 JsonElement (com.google.gson.JsonElement)7 JsonPrimitive (com.google.gson.JsonPrimitive)7 IdTokenRecord (com.microsoft.identity.common.internal.dto.IdTokenRecord)7 CredentialType (com.microsoft.identity.common.internal.dto.CredentialType)3 Map (java.util.Map)3 Nullable (androidx.annotation.Nullable)2 HashSet (java.util.HashSet)2 NonNull (androidx.annotation.NonNull)1 ClientException (com.microsoft.identity.common.exception.ClientException)1 SharedPreferencesFileManager (com.microsoft.identity.common.internal.cache.SharedPreferencesFileManager)1 CacheEndEvent (com.microsoft.identity.common.internal.telemetry.events.CacheEndEvent)1 CacheStartEvent (com.microsoft.identity.common.internal.telemetry.events.CacheStartEvent)1