Examples with RefreshTokenRecord com.microsoft.identity.common.internal.dto.RefreshTokenRecord used on opensource projects

Example 51 with RefreshTokenRecord

use of com.microsoft.identity.common.internal.dto.RefreshTokenRecord in project microsoft-authentication-library-common-for-android by AzureAD.

the class SharedPreferencesAccountCredentialCacheTest method getCredentialsWhenRequestedClaimsAreNotSpecified.

@Test
public void getCredentialsWhenRequestedClaimsAreNotSpecified() {
    final RefreshTokenRecord refreshToken = new RefreshTokenRecord();
    refreshToken.setSecret(SECRET);
    refreshToken.setHomeAccountId(HOME_ACCOUNT_ID);
    refreshToken.setEnvironment(ENVIRONMENT);
    refreshToken.setCredentialType(CredentialType.RefreshToken.name());
    refreshToken.setClientId(CLIENT_ID);
    refreshToken.setTarget(TARGET);
    final AccessTokenRecord accessToken = new AccessTokenRecord();
    accessToken.setCachedAt(CACHED_AT);
    accessToken.setExpiresOn(EXPIRES_ON);
    accessToken.setSecret(SECRET);
    accessToken.setHomeAccountId(HOME_ACCOUNT_ID);
    accessToken.setRealm(REALM);
    accessToken.setEnvironment(ENVIRONMENT);
    accessToken.setCredentialType(CredentialType.AccessToken.name());
    accessToken.setClientId(CLIENT_ID);
    accessToken.setTarget(TARGET);
    final AccessTokenRecord accessToken2 = new AccessTokenRecord();
    accessToken2.setCachedAt(CACHED_AT);
    accessToken2.setExpiresOn(EXPIRES_ON);
    accessToken2.setSecret(SECRET);
    accessToken2.setHomeAccountId(HOME_ACCOUNT_ID);
    accessToken2.setRealm(REALM);
    accessToken2.setEnvironment(ENVIRONMENT);
    accessToken2.setCredentialType(CredentialType.AccessToken.name());
    accessToken2.setClientId(CLIENT_ID);
    accessToken2.setTarget(TARGET);
    accessToken2.setRequestedClaims("{\"access_token\":{\"deviceid\":{\"essential\":true}}}");
    // Save the Credentials
    mSharedPreferencesAccountCredentialCache.saveCredential(refreshToken);
    mSharedPreferencesAccountCredentialCache.saveCredential(accessToken);
    mSharedPreferencesAccountCredentialCache.saveCredential(accessToken2);
    List<Credential> credentials = mSharedPreferencesAccountCredentialCache.getCredentialsFilteredBy(HOME_ACCOUNT_ID, ENVIRONMENT, CredentialType.AccessToken, CLIENT_ID, REALM, null, BEARER_AUTHENTICATION_SCHEME.getName());
    assertEquals(2, credentials.size());
}

Example 52 with RefreshTokenRecord

use of com.microsoft.identity.common.internal.dto.RefreshTokenRecord in project microsoft-authentication-library-common-for-android by AzureAD.

the class SharedPreferencesAccountCredentialCacheTest method malformedCacheValueForRefreshToken.

@Test
public void malformedCacheValueForRefreshToken() {
    final RefreshTokenRecord refreshToken = new RefreshTokenRecord();
    refreshToken.setHomeAccountId(HOME_ACCOUNT_ID);
    refreshToken.setEnvironment(ENVIRONMENT);
    refreshToken.setCredentialType(CredentialType.AccessToken.name());
    refreshToken.setClientId(CLIENT_ID);
    // Generate a cache key
    final String cacheKey = mDelegate.generateCacheKey(refreshToken);
    mSharedPreferencesFileManager.putString(cacheKey, "{\"thing\" : \"not a refreshToken\"}");
    final RefreshTokenRecord malformedRefreshToken = (RefreshTokenRecord) mSharedPreferencesAccountCredentialCache.getCredential(cacheKey);
    assertNull(malformedRefreshToken);
    assertNull(mSharedPreferencesFileManager.getString(cacheKey));
}

Example 53 with RefreshTokenRecord

use of com.microsoft.identity.common.internal.dto.RefreshTokenRecord in project microsoft-authentication-library-common-for-android by AzureAD.

the class SharedPreferencesAccountCredentialCacheTest method testLatestMergedPropertyWins.

@Test
public void testLatestMergedPropertyWins() {
    final RefreshTokenRecord refreshTokenFirst = new RefreshTokenRecord();
    refreshTokenFirst.setCredentialType(CredentialType.RefreshToken.name());
    refreshTokenFirst.setHomeAccountId(HOME_ACCOUNT_ID);
    refreshTokenFirst.setEnvironment(ENVIRONMENT);
    refreshTokenFirst.setClientId(CLIENT_ID);
    refreshTokenFirst.setCachedAt(CACHED_AT);
    refreshTokenFirst.setSecret(SECRET);
    // Create and set some additional field data...
    final String additionalKey = "extra-prop-1";
    final String additionalValue = "extra-value-1";
    final JsonElement additionalValueElement = new JsonPrimitive(additionalValue);
    final Map<String, JsonElement> additionalFields = new HashMap<>();
    additionalFields.put(additionalKey, additionalValueElement);
    refreshTokenFirst.setAdditionalFields(additionalFields);
    // Save the Credential
    mSharedPreferencesAccountCredentialCache.saveCredential(refreshTokenFirst);
    final RefreshTokenRecord refreshTokenSecond = new RefreshTokenRecord();
    refreshTokenSecond.setCredentialType(CredentialType.RefreshToken.name());
    refreshTokenSecond.setHomeAccountId(HOME_ACCOUNT_ID);
    refreshTokenSecond.setEnvironment(ENVIRONMENT);
    refreshTokenSecond.setClientId(CLIENT_ID);
    refreshTokenSecond.setCachedAt(CACHED_AT);
    refreshTokenSecond.setSecret(SECRET);
    // Create and set some additional field data...
    final String additionalKey2 = "extra-prop-1";
    final String additionalValue2 = "extra-value-2";
    final JsonElement additionalValueElement2 = new JsonPrimitive(additionalValue2);
    final Map<String, JsonElement> additionalFields2 = new HashMap<>();
    additionalFields2.put(additionalKey2, additionalValueElement2);
    refreshTokenSecond.setAdditionalFields(additionalFields2);
    // Save the Credential
    mSharedPreferencesAccountCredentialCache.saveCredential(refreshTokenSecond);
    // Synthesize a cache key for it
    final String credentialCacheKey = mDelegate.generateCacheKey(refreshTokenFirst);
    // Resurrect the Credential
    final Credential restoredIdToken = mSharedPreferencesAccountCredentialCache.getCredential(credentialCacheKey);
    assertTrue(refreshTokenFirst.equals(restoredIdToken));
    assertEquals(additionalValue2, restoredIdToken.getAdditionalFields().get(additionalKey).getAsString());
}

Example 54 with RefreshTokenRecord

use of com.microsoft.identity.common.internal.dto.RefreshTokenRecord in project microsoft-authentication-library-common-for-android by AzureAD.

the class SharedPreferencesAccountCredentialCacheTest method saveCredentialNoHomeAccountId.

@Test
public void saveCredentialNoHomeAccountId() {
    final RefreshTokenRecord refreshToken = new RefreshTokenRecord();
    refreshToken.setCredentialType(CredentialType.RefreshToken.name());
    refreshToken.setEnvironment(ENVIRONMENT);
    refreshToken.setClientId(CLIENT_ID);
    refreshToken.setSecret(SECRET);
    refreshToken.setTarget(TARGET);
    // Save the Credential
    mSharedPreferencesAccountCredentialCache.saveCredential(refreshToken);
    // Synthesize a cache key for it
    final String credentialCacheKey = mDelegate.generateCacheKey(refreshToken);
    // Resurrect the Credential
    final Credential restoredRefreshToken = mSharedPreferencesAccountCredentialCache.getCredential(credentialCacheKey);
    assertTrue(refreshToken.equals(restoredRefreshToken));
}

Example 55 with RefreshTokenRecord

use of com.microsoft.identity.common.internal.dto.RefreshTokenRecord in project microsoft-authentication-library-common-for-android by AzureAD.

the class MsalOAuth2TokenCache method load.

@Override
public ICacheRecord load(@NonNull final String clientId, @Nullable final String target, @NonNull final AccountRecord account, @NonNull final AbstractAuthenticationScheme authScheme) {
    Telemetry.emit(new CacheStartEvent());
    final boolean isMultiResourceCapable = MicrosoftAccount.AUTHORITY_TYPE_V1_V2.equals(account.getAuthorityType());
    // 'Preloading' our credentials to avoid repeated expensive cache hits
    final List<Credential> allCredentials = mAccountCredentialCache.getCredentials();
    // Load the AccessTokens
    final List<Credential> accessTokens = mAccountCredentialCache.getCredentialsFilteredBy(account.getHomeAccountId(), account.getEnvironment(), getAccessTokenCredentialTypeForAuthenticationScheme(authScheme), clientId, account.getRealm(), target, authScheme.getName(), allCredentials);
    // Load the RefreshTokens
    List<Credential> refreshTokens = mAccountCredentialCache.getCredentialsFilteredBy(account.getHomeAccountId(), account.getEnvironment(), CredentialType.RefreshToken, clientId, isMultiResourceCapable ? // wildcard (*)
    null : account.getRealm(), isMultiResourceCapable ? // wildcard (*)
    null : target, // not applicable
    null, allCredentials);
    if (refreshTokens.isEmpty()) {
        // If we didn't find an RT in the cache, this could be a "TSL-seed" or "dual-client stack"
        // scenario
        // 
        // Defining these terms:
        // TSL-seed: another 1P TSL integrated app has put a token into our cache so we can
        // pick it up
        // 
        // Dual-Client stack: two FoCI-enabled app registrations are sharing a single binary
        // and accordingly, can share RTs.
        // Examples for this might be TFL/TFW - which uses multiple client ids to enable
        // different scenarios depending on enterprise vs. consumer usage
        // Unlike the broker, where we check if an app is FoCI prior to making a network call
        // with an arbitrary FoCI RT we find in the cache, if we're in standalone mode and find
        // a FoCI RT in the cache, the current app must also be FoCI (!!!)
        // 
        // Making the assumption that the current client id can use any FoCI RT we find in the
        // cache is strictly contingent that app developers NOT mix FoCI/non-FoCI registrations
        // into same binary. If you do this, you'll get confusing errors that the RT used doesn't
        // match the client app registration. This assumption means we don't need to implement
        // "FoCI probing" and/or track FoCI app meta
        final Credential fallbackFrt = getFamilyRefreshTokenForAccount(account);
        if (null != fallbackFrt) {
            refreshTokens = new ArrayList<>();
            refreshTokens.add(fallbackFrt);
        }
    }
    // Load the IdTokens
    final List<Credential> idTokens = mAccountCredentialCache.getCredentialsFilteredBy(account.getHomeAccountId(), account.getEnvironment(), IdToken, clientId, account.getRealm(), // wildcard (*),
    null, // not applicable
    null, allCredentials);
    // Load the v1 IdTokens
    final List<Credential> v1IdTokens = mAccountCredentialCache.getCredentialsFilteredBy(account.getHomeAccountId(), account.getEnvironment(), CredentialType.V1IdToken, clientId, account.getRealm(), // wildcard (*)
    null, // not applicable
    null, allCredentials);
    final CacheRecord.CacheRecordBuilder result = CacheRecord.builder();
    result.account(account);
    result.accessToken(accessTokens.isEmpty() ? null : (AccessTokenRecord) accessTokens.get(0));
    result.refreshToken(refreshTokens.isEmpty() ? null : (RefreshTokenRecord) refreshTokens.get(0));
    result.idToken(idTokens.isEmpty() ? null : (IdTokenRecord) idTokens.get(0));
    result.v1IdToken(v1IdTokens.isEmpty() ? null : (IdTokenRecord) v1IdTokens.get(0));
    Telemetry.emit(new CacheEndEvent().putCacheRecordStatus(result.build()));
    return result.build();
}