Skip to content

Commit

Permalink
Adding PKey Auth bypass to interactive auth flows (#2052)
Browse files Browse the repository at this point in the history 
Approved
  • Loading branch information
@trwalke
trwalke committed Sep 24, 2020
1 parent b7f5e13 commit fe6c87c
Showing 1 changed file with 20 additions and 0 deletions.
20 changes: 20 additions & 0 deletions ...icrosoft.Identity.Client/Platforms/Android/EmbeddedWebview/AuthenticationAgentActivity.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,15 @@
// Licensed under the MIT License.

using System;
using System.Collections.Generic;
using System.Globalization;
using Android.App;
using Android.Content;
using Android.Content.PM;
using Android.OS;
using Android.Webkit;
using Android.Widget;
using Microsoft.Identity.Client.PlatformsCommon;
using Microsoft.Identity.Client.Utils;

namespace Microsoft.Identity.Client.Platforms.Android.EmbeddedWebview
Expand Down Expand Up @@ -111,6 +113,24 @@ public override bool ShouldOverrideUrlLoading(WebView view, string url)
return true;
}

if (url.StartsWith(BrokerConstants.ClientTlsRedirect, StringComparison.OrdinalIgnoreCase))
{
string query = uri.Query;
if (query.StartsWith("?", StringComparison.OrdinalIgnoreCase))
{
query = query.Substring(1);
}

Dictionary<string, string> keyPair = CoreHelpers.ParseKeyValueList(query, '&', true, false, null);
string responseHeader = DeviceAuthHelper.GetBypassChallengeResponse(keyPair);
Dictionary<string, string> pkeyAuthEmptyResponse = new Dictionary<string, string>();
pkeyAuthEmptyResponse[BrokerConstants.ChallangeResponseHeader] = responseHeader;

view.LoadUrl(keyPair["SubmitUrl"], pkeyAuthEmptyResponse);

return true;
}

if (!url.Equals(AboutBlankUri, StringComparison.OrdinalIgnoreCase) &&
!uri.Scheme.Equals(Uri.UriSchemeHttps, StringComparison.OrdinalIgnoreCase))
{
Expand Down

0 comments on commit fe6c87c

Please sign in to comment.