Search in sources :

Example 11 with Credential

use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.

the class MsalCppOAuth2TokenCache method saveCredentials.

/**
 * @param accountRecord : AccountRecord associated with the input credentials, can be null.
 * @param credentials   : list of Credential which can include AccessTokenRecord, IdTokenRecord and RefreshTokenRecord.
 * @throws ClientException : If the supplied Account or Credential are null or schema invalid.
 */
public synchronized void saveCredentials(@Nullable final AccountRecord accountRecord, @NonNull final Credential... credentials) throws ClientException {
    if (credentials == null || credentials.length == 0) {
        throw new ClientException("Credential array passed in is null or empty");
    }
    RefreshTokenRecord refreshTokenRecord = null;
    for (final Credential credential : credentials) {
        if (credential instanceof RefreshTokenRecord) {
            refreshTokenRecord = (RefreshTokenRecord) credential;
        }
        if (credential instanceof AccessTokenRecord && !isAccessTokenSchemaCompliant((AccessTokenRecord) credential)) {
            throw new ClientException(CREDENTIAL_IS_SCHEMA_NONCOMPLIANT, "AT is missing a required property.");
        }
    }
    if (accountRecord != null && refreshTokenRecord != null) {
        // MSAL C++ writes credentials first and then the account.
        // For a new account, this will not be true as the accountRecord will be null.
        // For existing accounts, we would remove the old refresh token if present.
        removeRefreshTokenIfNeeded(accountRecord, refreshTokenRecord);
    }
    saveCredentialsInternal(credentials);
}
Also used : Credential(com.microsoft.identity.common.internal.dto.Credential) RefreshTokenRecord(com.microsoft.identity.common.internal.dto.RefreshTokenRecord) ClientException(com.microsoft.identity.common.exception.ClientException) AccessTokenRecord(com.microsoft.identity.common.internal.dto.AccessTokenRecord)

Example 12 with Credential

use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.

the class MsalOAuth2TokenCache method getAccounts.

@Override
public List<AccountRecord> getAccounts(@Nullable final String environment, @NonNull final String clientId) {
    final String methodName = ":getAccounts";
    Logger.verbosePII(TAG + methodName, "Environment: [" + environment + "]" + "\n" + "ClientId: [" + clientId + "]");
    final List<AccountRecord> accountsForThisApp = new ArrayList<>();
    // Get all of the Accounts for this environment
    final List<AccountRecord> accountsForEnvironment = mAccountCredentialCache.getAccountsFilteredBy(// wildcard (*) homeAccountId
    null, environment, // wildcard (*) realm
    null);
    Logger.verbose(TAG + methodName, "Found " + accountsForEnvironment.size() + " accounts for this environment");
    final Set<CredentialType> credentialTypes = new HashSet<>(Arrays.asList(IdToken, V1IdToken, RefreshToken));
    final List<Credential> appCredentials = mAccountCredentialCache.getCredentialsFilteredBy(// homeAccountId
    null, environment, credentialTypes, clientId, // realm
    null, // target
    null, // authScheme
    null, // requestedClaims
    null);
    // For each Account with an associated RT, add it to the result List...
    for (final AccountRecord account : accountsForEnvironment) {
        if (accountHasCredential(account, appCredentials)) {
            accountsForThisApp.add(account);
        }
    }
    Logger.verbose(TAG + methodName, "Found " + accountsForThisApp.size() + " accounts for this clientId");
    return Collections.unmodifiableList(accountsForThisApp);
}
Also used : Credential(com.microsoft.identity.common.internal.dto.Credential) AccountRecord(com.microsoft.identity.common.internal.dto.AccountRecord) ArrayList(java.util.ArrayList) CredentialType(com.microsoft.identity.common.internal.dto.CredentialType) HashSet(java.util.HashSet)

Example 13 with Credential

use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.

the class AbstractAccountCredentialCache method getCredentialsFilteredByInternal.

protected List<Credential> getCredentialsFilteredByInternal(@Nullable final String homeAccountId, @Nullable final String environment, @Nullable final CredentialType credentialType, @Nullable final String clientId, @Nullable final String realm, @Nullable final String target, @Nullable final String authScheme, @Nullable final String requestedClaims, @NonNull final List<Credential> allCredentials) {
    final boolean mustMatchOnEnvironment = !StringExtensions.isNullOrBlank(environment);
    final boolean mustMatchOnHomeAccountId = !StringExtensions.isNullOrBlank(homeAccountId);
    final boolean mustMatchOnRealm = !StringExtensions.isNullOrBlank(realm);
    final boolean mustMatchOnTarget = !StringExtensions.isNullOrBlank(target);
    final boolean mustMatchOnClientId = !StringExtensions.isNullOrBlank(clientId);
    final boolean mustMatchOnCredentialType = null != credentialType;
    final boolean mustMatchOnAuthScheme = mustMatchOnCredentialType && !StringExtensions.isNullOrBlank(authScheme) && credentialType == CredentialType.AccessToken_With_AuthScheme;
    final boolean mustMatchOnRequestedClaims = !StringExtensions.isNullOrBlank(requestedClaims);
    Logger.verbose(TAG, "Credential lookup filtered by home_account_id? [" + mustMatchOnHomeAccountId + "]" + NEW_LINE + "Credential lookup filtered by realm? [" + mustMatchOnRealm + "]" + NEW_LINE + "Credential lookup filtered by target? [" + mustMatchOnTarget + "]" + NEW_LINE + "Credential lookup filtered by clientId? [" + mustMatchOnClientId + "]" + NEW_LINE + "Credential lookup filtered by credential type? [" + mustMatchOnCredentialType + "]" + NEW_LINE + "Credential lookup filtered by auth scheme? [" + mustMatchOnAuthScheme + "]" + NEW_LINE + "Credential lookup filtered by requested claims? [" + mustMatchOnRequestedClaims + "]");
    final List<Credential> matchingCredentials = new ArrayList<>();
    for (final Credential credential : allCredentials) {
        boolean matches = true;
        if (mustMatchOnHomeAccountId) {
            matches = equalsIgnoreCaseTrimBoth(homeAccountId, credential.getHomeAccountId());
        }
        if (mustMatchOnEnvironment) {
            matches = matches && equalsIgnoreCaseTrimBoth(environment, credential.getEnvironment());
        }
        if (mustMatchOnCredentialType) {
            matches = matches && equalsIgnoreCaseTrimBoth(credentialType.name(), credential.getCredentialType());
        }
        if (mustMatchOnClientId) {
            matches = matches && equalsIgnoreCaseTrimBoth(clientId, credential.getClientId());
        }
        if (mustMatchOnRealm && credential instanceof AccessTokenRecord) {
            final AccessTokenRecord accessToken = (AccessTokenRecord) credential;
            matches = matches && equalsIgnoreCaseTrimBoth(realm, accessToken.getRealm());
        }
        if (mustMatchOnRealm && credential instanceof IdTokenRecord) {
            final IdTokenRecord idToken = (IdTokenRecord) credential;
            matches = matches && equalsIgnoreCaseTrimBoth(realm, idToken.getRealm());
        }
        if (mustMatchOnTarget) {
            if (credential instanceof AccessTokenRecord) {
                final AccessTokenRecord accessToken = (AccessTokenRecord) credential;
                matches = matches && targetsIntersect(target, accessToken.getTarget(), true);
            } else if (credential instanceof RefreshTokenRecord) {
                final RefreshTokenRecord refreshToken = (RefreshTokenRecord) credential;
                matches = matches && targetsIntersect(target, refreshToken.getTarget(), true);
            } else {
                Logger.verbose(TAG, "Query specified target-match, but no target to match.");
            }
        }
        if (mustMatchOnAuthScheme && credential instanceof AccessTokenRecord) {
            final AccessTokenRecord accessToken = (AccessTokenRecord) credential;
            String atType = accessToken.getAccessTokenType();
            if (null != atType) {
                atType = atType.trim();
            }
            matches = matches && authScheme.equalsIgnoreCase(atType);
        }
        if (mustMatchOnRequestedClaims) {
            if (credential instanceof AccessTokenRecord) {
                final AccessTokenRecord accessToken = (AccessTokenRecord) credential;
                matches = matches && equalsIgnoreCaseTrimBoth(requestedClaims, accessToken.getRequestedClaims());
            } else {
                Logger.verbose(TAG, "Query specified requested_claims-match, but attempted to match with non-AT credential type.");
            }
        }
        if (matches) {
            matchingCredentials.add(credential);
        }
    }
    return matchingCredentials;
}
Also used : IdTokenRecord(com.microsoft.identity.common.internal.dto.IdTokenRecord) Credential(com.microsoft.identity.common.internal.dto.Credential) ArrayList(java.util.ArrayList) PrimaryRefreshTokenRecord(com.microsoft.identity.common.internal.dto.PrimaryRefreshTokenRecord) RefreshTokenRecord(com.microsoft.identity.common.internal.dto.RefreshTokenRecord) AccessTokenRecord(com.microsoft.identity.common.internal.dto.AccessTokenRecord)

Example 14 with Credential

use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.

the class SharedPreferencesAccountCredentialCache method getCredentialsWithKeys.

@NonNull
private Map<String, Credential> getCredentialsWithKeys() {
    Logger.verbose(TAG, "Loading Credentials with keys...");
    final Map<String, Credential> credentials = new HashMap<>();
    final Iterator<Map.Entry<String, String>> cacheValues = mSharedPreferencesFileManager.getAllFilteredByKey(new SharedPreferencesFileManager.Predicate<String>() {

        @Override
        public boolean test(String value) {
            return isCredential(value);
        }
    });
    while (cacheValues.hasNext()) {
        Map.Entry<String, ?> cacheValue = cacheValues.next();
        final String cacheKey = cacheValue.getKey();
        final Credential credential = mCacheValueDelegate.fromCacheValue(cacheValue.getValue().toString(), credentialClassForType(cacheKey));
        if (null == credential) {
            Logger.warn(TAG, CREDENTIAL_DESERIALIZATION_FAILED);
        } else {
            credentials.put(cacheKey, credential);
        }
    }
    Logger.verbose(TAG, "Loaded [" + credentials.size() + "] Credentials...");
    return credentials;
}
Also used : Credential(com.microsoft.identity.common.internal.dto.Credential) HashMap(java.util.HashMap) HashMap(java.util.HashMap) Map(java.util.Map) NonNull(androidx.annotation.NonNull)

Example 15 with Credential

use of com.microsoft.identity.common.internal.dto.Credential in project microsoft-authentication-library-common-for-android by AzureAD.

the class SharedPreferencesAccountCredentialCache method saveCredential.

@Override
public synchronized void saveCredential(@NonNull Credential credentialToSave) {
    Logger.verbose(TAG, "Saving credential...");
    final String cacheKey = mCacheValueDelegate.generateCacheKey(credentialToSave);
    Logger.verbosePII(TAG, "Generated cache key: [" + cacheKey + "]");
    // Perform any necessary field merging on the Credential to save...
    final Credential existingCredential = getCredential(cacheKey);
    if (null != existingCredential) {
        credentialToSave.mergeAdditionalFields(existingCredential);
    }
    final String cacheValue = mCacheValueDelegate.generateCacheValue(credentialToSave);
    mSharedPreferencesFileManager.putString(cacheKey, cacheValue);
}
Also used : Credential(com.microsoft.identity.common.internal.dto.Credential)

Aggregations

Credential (com.microsoft.identity.common.internal.dto.Credential)64 Test (org.junit.Test)45 RefreshTokenRecord (com.microsoft.identity.common.internal.dto.RefreshTokenRecord)33 PrimaryRefreshTokenRecord (com.microsoft.identity.common.internal.dto.PrimaryRefreshTokenRecord)31 AccessTokenRecord (com.microsoft.identity.common.internal.dto.AccessTokenRecord)30 AccountRecord (com.microsoft.identity.common.internal.dto.AccountRecord)10 ArrayList (java.util.ArrayList)9 HashMap (java.util.HashMap)9 JsonElement (com.google.gson.JsonElement)7 JsonPrimitive (com.google.gson.JsonPrimitive)7 IdTokenRecord (com.microsoft.identity.common.internal.dto.IdTokenRecord)7 CredentialType (com.microsoft.identity.common.internal.dto.CredentialType)3 Map (java.util.Map)3 Nullable (androidx.annotation.Nullable)2 HashSet (java.util.HashSet)2 NonNull (androidx.annotation.NonNull)1 ClientException (com.microsoft.identity.common.exception.ClientException)1 SharedPreferencesFileManager (com.microsoft.identity.common.internal.cache.SharedPreferencesFileManager)1 CacheEndEvent (com.microsoft.identity.common.internal.telemetry.events.CacheEndEvent)1 CacheStartEvent (com.microsoft.identity.common.internal.telemetry.events.CacheStartEvent)1