Skip to content

Commit

Permalink
Take reference on new TokenRequestContext (Azure#18440)
Browse files Browse the repository at this point in the history
  • Loading branch information
christothes authored and jongio committed Feb 9, 2021
1 parent a80563a commit db94912
Show file tree
Hide file tree
Showing 9 changed files with 59 additions and 32 deletions.
4 changes: 4 additions & 0 deletions sdk/identity/Azure.Identity/CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,10 @@

- The `IDisposable` interface has been removed from `TokenCache`.

### New Features

- All credentials added support to handle the `Claims` property on `TokenRequestContext`

## 1.4.0-beta.2 (2021-01-29)

### Fixes and improvements
Expand Down
6 changes: 4 additions & 2 deletions sdk/identity/Azure.Identity/src/Azure.Identity.csproj
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
<AllowUnsafeBlocks>true</AllowUnsafeBlocks>
</PropertyGroup>
<ItemGroup>
<ProjectReference Include="$(MSBuildThisFileDirectory)..\..\..\core\Azure.Core\src\Azure.Core.csproj" />
<PackageReference Include="System.Memory" />
<PackageReference Include="System.Text.Json" />
<PackageReference Include="System.Threading.Tasks.Extensions" />
Expand All @@ -30,5 +31,6 @@
<Compile Include="$(AzureCoreSharedSources)Base64Url.cs" />
</ItemGroup>
<!-- Import the Azure.Base project -->
<Import Project="$(MSBuildThisFileDirectory)..\..\..\core\Azure.Core\src\Azure.Core.props" />
</Project>
<!-- TODO: Revert after TokenRequestContext changes ship in Azure.Core -->
<!-- <Import Project="$(MSBuildThisFileDirectory)..\..\..\core\Azure.Core\src\Azure.Core.props" /> -->
</Project>
10 changes: 5 additions & 5 deletions sdk/identity/Azure.Identity/src/DeviceCodeCredential.cs
Original file line number Diff line number Diff line change
Expand Up @@ -172,7 +172,7 @@ private async Task<AuthenticationRecord> AuthenticateImplAsync(bool async, Token

try
{
AccessToken token = await GetTokenViaDeviceCodeAsync(requestContext.Scopes, async, cancellationToken).ConfigureAwait(false);
AccessToken token = await GetTokenViaDeviceCodeAsync(requestContext, async, cancellationToken).ConfigureAwait(false);

scope.Succeeded(token);

Expand All @@ -196,7 +196,7 @@ private async ValueTask<AccessToken> GetTokenImplAsync(bool async, TokenRequestC
{
try
{
AuthenticationResult result = await Client.AcquireTokenSilentAsync(requestContext.Scopes, Record, async, cancellationToken).ConfigureAwait(false);
AuthenticationResult result = await Client.AcquireTokenSilentAsync(requestContext.Scopes, requestContext.Claims, Record, async, cancellationToken).ConfigureAwait(false);

return scope.Succeeded(new AccessToken(result.AccessToken, result.ExpiresOn));
}
Expand All @@ -211,17 +211,17 @@ private async ValueTask<AccessToken> GetTokenImplAsync(bool async, TokenRequestC
throw new AuthenticationRequiredException(AuthenticationRequiredMessage, requestContext, inner);
}

return scope.Succeeded(await GetTokenViaDeviceCodeAsync(requestContext.Scopes, async, cancellationToken).ConfigureAwait(false));
return scope.Succeeded(await GetTokenViaDeviceCodeAsync(requestContext, async, cancellationToken).ConfigureAwait(false));
}
catch (Exception e)
{
throw scope.FailWrapAndThrow(e);
}
}

private async Task<AccessToken> GetTokenViaDeviceCodeAsync(string[] scopes, bool async, CancellationToken cancellationToken)
private async Task<AccessToken> GetTokenViaDeviceCodeAsync(TokenRequestContext context, bool async, CancellationToken cancellationToken)
{
AuthenticationResult result = await Client.AcquireTokenWithDeviceCodeAsync(scopes, code => DeviceCodeCallbackImpl(code, cancellationToken), async, cancellationToken).ConfigureAwait(false);
AuthenticationResult result = await Client.AcquireTokenWithDeviceCodeAsync(context.Scopes, context.Claims, code => DeviceCodeCallbackImpl(code, cancellationToken), async, cancellationToken).ConfigureAwait(false);

Record = new AuthenticationRecord(result, ClientId);

Expand Down
10 changes: 5 additions & 5 deletions sdk/identity/Azure.Identity/src/InteractiveBrowserCredential.cs
Original file line number Diff line number Diff line change
Expand Up @@ -160,7 +160,7 @@ private async Task<AuthenticationRecord> AuthenticateImplAsync(bool async, Token

try
{
scope.Succeeded(await GetTokenViaBrowserLoginAsync(requestContext.Scopes, async, cancellationToken).ConfigureAwait(false));
scope.Succeeded(await GetTokenViaBrowserLoginAsync(requestContext, async, cancellationToken).ConfigureAwait(false));

return Record;
}
Expand All @@ -182,7 +182,7 @@ private async ValueTask<AccessToken> GetTokenImplAsync(bool async, TokenRequestC
{
try
{
AuthenticationResult result = await Client.AcquireTokenSilentAsync(requestContext.Scopes, Record, async, cancellationToken).ConfigureAwait(false);
AuthenticationResult result = await Client.AcquireTokenSilentAsync(requestContext.Scopes, requestContext.Claims, Record, async, cancellationToken).ConfigureAwait(false);

return scope.Succeeded(new AccessToken(result.AccessToken, result.ExpiresOn));
}
Expand All @@ -197,17 +197,17 @@ private async ValueTask<AccessToken> GetTokenImplAsync(bool async, TokenRequestC
throw new AuthenticationRequiredException(AuthenticationRequiredMessage, requestContext, inner);
}

return scope.Succeeded(await GetTokenViaBrowserLoginAsync(requestContext.Scopes, async, cancellationToken).ConfigureAwait(false));
return scope.Succeeded(await GetTokenViaBrowserLoginAsync(requestContext, async, cancellationToken).ConfigureAwait(false));
}
catch (Exception e)
{
throw scope.FailWrapAndThrow(e);
}
}

private async Task<AccessToken> GetTokenViaBrowserLoginAsync(string[] scopes, bool async, CancellationToken cancellationToken)
private async Task<AccessToken> GetTokenViaBrowserLoginAsync(TokenRequestContext context, bool async, CancellationToken cancellationToken)
{
AuthenticationResult result = await Client.AcquireTokenInteractiveAsync(scopes, Prompt.SelectAccount, async, cancellationToken).ConfigureAwait(false);
AuthenticationResult result = await Client.AcquireTokenInteractiveAsync(context.Scopes, context.Claims, Prompt.SelectAccount, async, cancellationToken).ConfigureAwait(false);

Record = new AuthenticationRecord(result, ClientId);

Expand Down
45 changes: 33 additions & 12 deletions sdk/identity/Azure.Identity/src/MsalPublicClient.cs
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,8 @@ protected override ValueTask<IPublicClientApplication> CreateClientAsync(bool as
pubAppBuilder = pubAppBuilder.WithRedirectUri(RedirectUrl);
}

pubAppBuilder.WithClientCapabilities(new string[] { "CP1" });

return new ValueTask<IPublicClientApplication>(pubAppBuilder.Build());
}

Expand All @@ -47,12 +49,15 @@ public virtual async ValueTask<List<IAccount>> GetAccountsAsync(bool async, Canc
return await GetAccountsAsync(client, async).ConfigureAwait(false);
}

public virtual async ValueTask<AuthenticationResult> AcquireTokenSilentAsync(string[] scopes, IAccount account, bool async, CancellationToken cancellationToken)
public virtual async ValueTask<AuthenticationResult> AcquireTokenSilentAsync(string[] scopes, string claims, IAccount account, bool async, CancellationToken cancellationToken)
{
IPublicClientApplication client = await GetClientAsync(async, cancellationToken).ConfigureAwait(false);
return await client.AcquireTokenSilent(scopes, account).ExecuteAsync(async, cancellationToken).ConfigureAwait(false);
return await client.AcquireTokenSilent(scopes, account)
.WithClaims(claims)
.ExecuteAsync(async, cancellationToken)
.ConfigureAwait(false);
}
public virtual async ValueTask<AuthenticationResult> AcquireTokenSilentAsync(string[] scopes, AuthenticationRecord record, bool async, CancellationToken cancellationToken)
public virtual async ValueTask<AuthenticationResult> AcquireTokenSilentAsync(string[] scopes, string claims, AuthenticationRecord record, bool async, CancellationToken cancellationToken)
{
IPublicClientApplication client = await GetClientAsync(async, cancellationToken).ConfigureAwait(false);

Expand All @@ -61,31 +66,47 @@ public virtual async ValueTask<AuthenticationResult> AcquireTokenSilentAsync(str
// user authenticated to originally.
return await client.AcquireTokenSilent(scopes, (AuthenticationAccount)record)
.WithAuthority(Pipeline.AuthorityHost.AbsoluteUri, TenantId ?? record.TenantId)
.ExecuteAsync(async, cancellationToken).ConfigureAwait(false);
.WithClaims(claims)
.ExecuteAsync(async, cancellationToken)
.ConfigureAwait(false);
}

public virtual async ValueTask<AuthenticationResult> AcquireTokenInteractiveAsync(string[] scopes, Prompt prompt, bool async, CancellationToken cancellationToken)
public virtual async ValueTask<AuthenticationResult> AcquireTokenInteractiveAsync(string[] scopes, string claims, Prompt prompt, bool async, CancellationToken cancellationToken)
{
IPublicClientApplication client = await GetClientAsync(async, cancellationToken).ConfigureAwait(false);
return await client.AcquireTokenInteractive(scopes).WithPrompt(prompt).ExecuteAsync(async, cancellationToken).ConfigureAwait(false);
return await client.AcquireTokenInteractive(scopes)
.WithPrompt(prompt)
.WithClaims(claims)
.ExecuteAsync(async, cancellationToken)
.ConfigureAwait(false);
}

public virtual async ValueTask<AuthenticationResult> AcquireTokenByUsernamePasswordAsync(string[] scopes, string username, SecureString password, bool async, CancellationToken cancellationToken)
public virtual async ValueTask<AuthenticationResult> AcquireTokenByUsernamePasswordAsync(string[] scopes, string claims, string username, SecureString password, bool async, CancellationToken cancellationToken)
{
IPublicClientApplication client = await GetClientAsync(async, cancellationToken).ConfigureAwait(false);
return await client.AcquireTokenByUsernamePassword(scopes, username, password).ExecuteAsync(async, cancellationToken).ConfigureAwait(false);
return await client.AcquireTokenByUsernamePassword(scopes, username, password)
.WithClaims(claims)
.ExecuteAsync(async, cancellationToken)
.ConfigureAwait(false);
}

public virtual async ValueTask<AuthenticationResult> AcquireTokenWithDeviceCodeAsync(string[] scopes, Func<DeviceCodeResult, Task> deviceCodeCallback, bool async, CancellationToken cancellationToken)
public virtual async ValueTask<AuthenticationResult> AcquireTokenWithDeviceCodeAsync(string[] scopes, string claims, Func<DeviceCodeResult, Task> deviceCodeCallback, bool async, CancellationToken cancellationToken)
{
IPublicClientApplication client = await GetClientAsync(async, cancellationToken).ConfigureAwait(false);
return await client.AcquireTokenWithDeviceCode(scopes, deviceCodeCallback).ExecuteAsync(async, cancellationToken).ConfigureAwait(false);
return await client.AcquireTokenWithDeviceCode(scopes, deviceCodeCallback)
.WithClaims(claims)
.ExecuteAsync(async, cancellationToken)
.ConfigureAwait(false);
}

public virtual async ValueTask<AuthenticationResult> AcquireTokenByRefreshToken(string[] scopes, string refreshToken, AzureCloudInstance azureCloudInstance, string tenant, bool async, CancellationToken cancellationToken)
public virtual async ValueTask<AuthenticationResult> AcquireTokenByRefreshToken(string[] scopes, string claims, string refreshToken, AzureCloudInstance azureCloudInstance, string tenant, bool async, CancellationToken cancellationToken)
{
IPublicClientApplication client = await GetClientAsync(async, cancellationToken).ConfigureAwait(false);
return await ((IByRefreshToken)client).AcquireTokenByRefreshToken(scopes, refreshToken).WithAuthority(azureCloudInstance, tenant).ExecuteAsync(async, cancellationToken).ConfigureAwait(false);
return await ((IByRefreshToken)client).AcquireTokenByRefreshToken(scopes, refreshToken)
.WithAuthority(azureCloudInstance, tenant)
.WithClaims(claims)
.ExecuteAsync(async, cancellationToken)
.ConfigureAwait(false);
}

private static async ValueTask<List<IAccount>> GetAccountsAsync(IPublicClientApplication client, bool async)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -113,7 +113,7 @@ private async ValueTask<AccessToken> GetTokenImplAsync(bool async, TokenRequestC
try
{
IAccount account = await GetAccountAsync(async, cancellationToken).ConfigureAwait(false);
AuthenticationResult result = await Client.AcquireTokenSilentAsync(requestContext.Scopes, account, async, cancellationToken).ConfigureAwait(false);
AuthenticationResult result = await Client.AcquireTokenSilentAsync(requestContext.Scopes, requestContext.Claims, account, async, cancellationToken).ConfigureAwait(false);
return scope.Succeeded(new AccessToken(result.AccessToken, result.ExpiresOn));
}
catch (MsalUiRequiredException)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -185,7 +185,7 @@ private async Task<AccessToken> GetTokenImplAsync(bool async, TokenRequestContex
try
{
AuthenticationResult result = await _client
.AcquireTokenByUsernamePasswordAsync(requestContext.Scopes, _username, _password, async, cancellationToken)
.AcquireTokenByUsernamePasswordAsync(requestContext.Scopes, requestContext.Claims, _username, _password, async, cancellationToken)
.ConfigureAwait(false);

_record = new AuthenticationRecord(result, _clientId);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ private async ValueTask<AccessToken> GetTokenImplAsync(TokenRequestContext reque
var cloudInstance = GetAzureCloudInstance(environmentName);
string storedCredentials = GetStoredCredentials(environmentName);

var result = await _client.AcquireTokenByRefreshToken(requestContext.Scopes, storedCredentials, cloudInstance, tenant, async, cancellationToken).ConfigureAwait(false);
var result = await _client.AcquireTokenByRefreshToken(requestContext.Scopes, requestContext.Claims, storedCredentials, cloudInstance, tenant, async, cancellationToken).ConfigureAwait(false);
return scope.Succeeded(new AccessToken(result.AccessToken, result.ExpiresOn));
}
catch (MsalUiRequiredException e)
Expand Down
10 changes: 5 additions & 5 deletions sdk/identity/Azure.Identity/tests/Mock/MockMsalPublicClient.cs
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ public override ValueTask<List<IAccount>> GetAccountsAsync(bool async, Cancellat
return new ValueTask<List<IAccount>>(Accounts);
}

public override ValueTask<AuthenticationResult> AcquireTokenByUsernamePasswordAsync(string[] scopes, string username, SecureString password, bool async, CancellationToken cancellationToken)
public override ValueTask<AuthenticationResult> AcquireTokenByUsernamePasswordAsync(string[] scopes, string claims, string username, SecureString password, bool async, CancellationToken cancellationToken)
{
Func<string[], AuthenticationResult> factory = UserPassAuthFactory ?? AuthFactory;

Expand All @@ -44,7 +44,7 @@ public override ValueTask<AuthenticationResult> AcquireTokenByUsernamePasswordAs
throw new NotImplementedException();
}

public override ValueTask<AuthenticationResult> AcquireTokenInteractiveAsync(string[] scopes, Prompt prompt, bool async, CancellationToken cancellationToken)
public override ValueTask<AuthenticationResult> AcquireTokenInteractiveAsync(string[] scopes, string claims, Prompt prompt, bool async, CancellationToken cancellationToken)
{
Func<string[], AuthenticationResult> factory = InteractiveAuthFactory ?? AuthFactory;

Expand All @@ -56,7 +56,7 @@ public override ValueTask<AuthenticationResult> AcquireTokenInteractiveAsync(str
throw new NotImplementedException();
}

public override ValueTask<AuthenticationResult> AcquireTokenSilentAsync(string[] scopes, IAccount account, bool async, CancellationToken cancellationToken)
public override ValueTask<AuthenticationResult> AcquireTokenSilentAsync(string[] scopes, string claims, IAccount account, bool async, CancellationToken cancellationToken)
{
if (ExtendedSilentAuthFactory != null)
{
Expand All @@ -73,7 +73,7 @@ public override ValueTask<AuthenticationResult> AcquireTokenSilentAsync(string[]
throw new NotImplementedException();
}

public override ValueTask<AuthenticationResult> AcquireTokenSilentAsync(string[] scopes, AuthenticationRecord record, bool async, CancellationToken cancellationToken)
public override ValueTask<AuthenticationResult> AcquireTokenSilentAsync(string[] scopes, string claims, AuthenticationRecord record, bool async, CancellationToken cancellationToken)
{
Func<string[], AuthenticationResult> factory = SilentAuthFactory ?? AuthFactory;

Expand All @@ -85,7 +85,7 @@ public override ValueTask<AuthenticationResult> AcquireTokenSilentAsync(string[]
throw new NotImplementedException();
}

public override ValueTask<AuthenticationResult> AcquireTokenWithDeviceCodeAsync(string[] scopes, Func<DeviceCodeResult, Task> deviceCodeCallback, bool async, CancellationToken cancellationToken)
public override ValueTask<AuthenticationResult> AcquireTokenWithDeviceCodeAsync(string[] scopes, string claims, Func<DeviceCodeResult, Task> deviceCodeCallback, bool async, CancellationToken cancellationToken)
{
Func<string[], AuthenticationResult> factory = DeviceCodeAuthFactory ?? AuthFactory;

Expand Down

0 comments on commit db94912

Please sign in to comment.