This repository has been archived by the owner on May 17, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 19
/
MsalAuthenticationBase.cs
93 lines (83 loc) · 3.44 KB
/
MsalAuthenticationBase.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
// ------------------------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information.
// ------------------------------------------------------------------------------
namespace Microsoft.Graph.Auth
{
using Microsoft.Identity.Client;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using System;
/// <summary>
/// Abstract class containing common API methods and properties to retrieve an access token. All authentication providers extend this class
/// </summary>
public abstract class MsalAuthenticationBase
{
/// <summary>
/// A <see cref="ClientApplicationBase"/> property
/// </summary>
internal IClientApplicationBase ClientApplication { get; set; }
/// <summary>
/// A scopes property
/// </summary>
internal string[] Scopes { get; }
/// <summary>
/// A MaxRetry property.
/// </summary>
internal int MaxRetry { get; set; } = 1;
/// <summary>
/// Constructs a new <see cref="MsalAuthenticationBase"/>
/// </summary>
/// <param name="graphScopes">Scopes requested to access a protected API</param>
public MsalAuthenticationBase(string[] graphScopes = null)
{
Scopes = graphScopes ?? new string[] { AuthConstants.DefaultScopeUrl };
if (Scopes.Count() == 0)
{
throw new AuthenticationException(new Error { Code = ErrorConstants.Codes.InvalidRequest, Message = ErrorConstants.Message.EmptyScopes}, new ArgumentException());
}
}
/// <summary>
/// Attempts to acquire access token from the token cache silently by calling AcquireTokenSilentAsync
/// </summary>
internal async Task<AuthenticationResult> GetAccessTokenSilentAsync(MsalAuthenticationProviderOption msalAuthProviderOption)
{
IAccount account = null;
if(msalAuthProviderOption.UserAccount?.ObjectId != null)
{
// Parse GraphUserAccount to IAccount instance
account = new GraphAccount(msalAuthProviderOption.UserAccount);
}
else
{
// If no graph user account is passed, try get the one in cache.
IEnumerable<IAccount> accounts = await ClientApplication.GetAccountsAsync();
account = accounts.FirstOrDefault();
}
if (account == null)
return null;
try
{
return await ClientApplication.AcquireTokenSilentAsync(
msalAuthProviderOption.Scopes ?? Scopes,
account,
ClientApplication.Authority,
msalAuthProviderOption.ForceRefresh);
}
catch (MsalException msalEx)
{
return null;
}
catch (Exception exception)
{
throw new AuthenticationException(
new Error
{
Code = ErrorConstants.Codes.GeneralException,
Message = ErrorConstants.Message.UnexpectedException
},
exception);
}
}
}
}