use of com.microsoft.identity.common.internal.dto.CredentialType in project microsoft-authentication-library-common-for-android by AzureAD.
the class MsalOAuth2TokenCache method removeAccount.
/**
* Removes the specified Account or Accounts from the cache.
* <p>
* Note: if realm is passed as null, all tokens and AccountRecords associated to the
* provided homeAccountId will be deleted. If a realm is provided, then the deletion is
* restricted to only those AccountRecords and Credentials in that realm (tenant).
* <p>
* clientId, and home_account_id are nullable parameters. However, it should be
* noted that if these params are null, this method will have no effect.
*
* @param environment The environment to which the targeted Account is associated.
* @param clientId The clientId of this current app.
* @param homeAccountId The homeAccountId of the Account targeted for deletion.
* @param realm The tenant id of the targeted Account (if applicable).
* @param typesToRemove The CredentialTypes to delete for the targeted Account.
* @return An {@link AccountDeletionRecord}, containing the deleted {@link AccountDeletionRecord}s.
*/
@Override
public AccountDeletionRecord removeAccount(@Nullable final String environment, @Nullable final String clientId, @Nullable final String homeAccountId, @Nullable final String realm, @Nullable final CredentialType... typesToRemove) {
final String methodName = ":removeAccount";
Logger.verbosePII(TAG + methodName, "Environment: [" + environment + "]" + "\n" + "ClientId: [" + clientId + "]" + "\n" + "HomeAccountId: [" + homeAccountId + "]" + "\n" + "Realm: [" + realm + "]" + "\n" + "CredentialTypes to delete: [" + Arrays.toString(typesToRemove) + "]");
final AccountRecord targetAccount;
if (null == clientId || null == homeAccountId || null == (targetAccount = getAccount(environment, clientId, homeAccountId, realm))) {
Logger.warn(TAG + methodName, "Insufficient filtering provided for account removal - preserving Account.");
return new AccountDeletionRecord(null);
}
// If no realm is provided, remove the Account/Credentials from all realms.
final boolean isRealmAgnostic = (null == realm);
Logger.verbose(TAG + methodName, "IsRealmAgnostic? " + isRealmAgnostic);
if (null != typesToRemove && typesToRemove.length > 0) {
for (final CredentialType type : typesToRemove) {
// A count of the deleted creds...
int deletedCredentialsOfTypeCount = removeCredentialsOfTypeForAccount(environment, clientId, type, targetAccount, isRealmAgnostic);
com.microsoft.identity.common.internal.logging.Logger.info(TAG + methodName, "Removed " + deletedCredentialsOfTypeCount + " credentials of type: " + type);
}
} else {
com.microsoft.identity.common.internal.logging.Logger.warn(TAG + methodName, "removeAccount called, but no CredentialTypes to remove specified");
}
final List<AccountRecord> deletedAccounts = new ArrayList<>();
if (isRealmAgnostic) {
// Remove all Accounts associated with this home_account_id...
final List<AccountRecord> accountsToRemove = mAccountCredentialCache.getAccountsFilteredBy(homeAccountId, environment, // wildcard (*) realm
null);
for (final AccountRecord accountToRemove : accountsToRemove) {
if (mAccountCredentialCache.removeAccount(accountToRemove)) {
deletedAccounts.add(accountToRemove);
}
}
} else {
// Remove only the target Account
if (mAccountCredentialCache.removeAccount(targetAccount)) {
deletedAccounts.add(targetAccount);
}
}
return new AccountDeletionRecord(deletedAccounts);
}
use of com.microsoft.identity.common.internal.dto.CredentialType in project microsoft-authentication-library-common-for-android by AzureAD.
the class SharedPreferencesAccountCredentialCache method getCredentialsFilteredBy.
@Override
public List<Credential> getCredentialsFilteredBy(@Nullable final String homeAccountId, @Nullable final String environment, @NonNull final Set<CredentialType> credentialTypes, @Nullable final String clientId, @Nullable final String realm, @Nullable final String target, @Nullable final String authScheme, @Nullable final String requestedClaims) {
final List<Credential> allCredentials = getCredentials();
final List<Credential> result = new ArrayList<>();
for (final CredentialType type : credentialTypes) {
result.addAll(getCredentialsFilteredByInternal(homeAccountId, environment, type, clientId, realm, target, authScheme, requestedClaims, allCredentials));
}
return result;
}
use of com.microsoft.identity.common.internal.dto.CredentialType in project microsoft-authentication-library-common-for-android by AzureAD.
the class MsalOAuth2TokenCache method getAccounts.
@Override
public List<AccountRecord> getAccounts(@Nullable final String environment, @NonNull final String clientId) {
final String methodName = ":getAccounts";
Logger.verbosePII(TAG + methodName, "Environment: [" + environment + "]" + "\n" + "ClientId: [" + clientId + "]");
final List<AccountRecord> accountsForThisApp = new ArrayList<>();
// Get all of the Accounts for this environment
final List<AccountRecord> accountsForEnvironment = mAccountCredentialCache.getAccountsFilteredBy(// wildcard (*) homeAccountId
null, environment, // wildcard (*) realm
null);
Logger.verbose(TAG + methodName, "Found " + accountsForEnvironment.size() + " accounts for this environment");
final Set<CredentialType> credentialTypes = new HashSet<>(Arrays.asList(IdToken, V1IdToken, RefreshToken));
final List<Credential> appCredentials = mAccountCredentialCache.getCredentialsFilteredBy(// homeAccountId
null, environment, credentialTypes, clientId, // realm
null, // target
null, // authScheme
null, // requestedClaims
null);
// For each Account with an associated RT, add it to the result List...
for (final AccountRecord account : accountsForEnvironment) {
if (accountHasCredential(account, appCredentials)) {
accountsForThisApp.add(account);
}
}
Logger.verbose(TAG + methodName, "Found " + accountsForThisApp.size() + " accounts for this clientId");
return Collections.unmodifiableList(accountsForThisApp);
}
use of com.microsoft.identity.common.internal.dto.CredentialType in project microsoft-authentication-library-common-for-android by AzureAD.
the class MsalOAuth2TokenCache method setToCacheRecord.
/**
* Given a CacheRecord and IdTokenRecord, set the IdToken on the cache record in the field
* corresponding to the IdToken's version.
*
* @param target The CacheRecord into which said IdToken should be placed.
* @param idTokenRecord The IdToken to associate.
*/
private void setToCacheRecord(@NonNull final CacheRecord.CacheRecordBuilder target, @NonNull final IdTokenRecord idTokenRecord) {
final String methodName = ":setToCacheRecord";
final CredentialType type = CredentialType.fromString(idTokenRecord.getCredentialType());
if (null != type) {
if (CredentialType.V1IdToken == type) {
target.v1IdToken(idTokenRecord);
} else if (IdToken == type) {
target.idToken(idTokenRecord);
} else {
Logger.warn(TAG + methodName, "Unrecognized IdToken type: " + idTokenRecord.getCredentialType());
}
}
}
use of com.microsoft.identity.common.internal.dto.CredentialType in project microsoft-authentication-library-common-for-android by AzureAD.
the class SharedPreferencesAccountCredentialCache method getCredential.
@Override
@Nullable
public synchronized Credential getCredential(@NonNull final String cacheKey) {
// TODO add support for more Credential types...
Logger.verbose(TAG, "getCredential()");
Logger.verbosePII(TAG, "Using cache key: [" + cacheKey + "]");
final CredentialType type = getCredentialTypeForCredentialCacheKey(cacheKey);
Class<? extends Credential> clazz = null;
if (null != type) {
clazz = getTargetClassForCredentialType(cacheKey, type);
}
Credential credential = null;
if (null != clazz) {
credential = mCacheValueDelegate.fromCacheValue(mSharedPreferencesFileManager.getString(cacheKey), clazz);
}
if (null == credential) {
// We could not deserialize the target Credential...
// Maybe it was encrypted for another application?
Logger.warn(TAG, CREDENTIAL_DESERIALIZATION_FAILED);
} else if ((AccessTokenRecord.class == clazz && EMPTY_AT.equals(credential)) || (RefreshTokenRecord.class == clazz && EMPTY_RT.equals(credential)) || (IdTokenRecord.class == clazz) && EMPTY_ID.equals(credential)) {
// The returned credential came back uninitialized...
// Remove the entry and return null...
Logger.warn(TAG, "The returned Credential was uninitialized. Removing...");
mSharedPreferencesFileManager.remove(cacheKey);
credential = null;
}
return credential;
}
Aggregations