onedrive-sdk-dotnet-msa-auth-adapter/src/OneDrive.Sdk.Authentication.Desktop/Business/AdalDaemonAuthenticationProvider.cs at 9a2751167dfa819e2fff2c010d4dd7666007257b · OneDrive/onedrive-sdk-dotnet-msa-auth-adapter · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
// ------------------------------------------------------------------------------
//  Copyright (c) Microsoft Corporation.  All Rights Reserved.
//  Licensed under the MIT License.
//  See License in the project root for license information.
// ------------------------------------------------------------------------------
using System;
using System.Threading.Tasks;
using Microsoft.Graph;
using Microsoft.IdentityModel.Clients.ActiveDirectory;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Globalization;
using System.Threading;

namespace Microsoft.OneDrive.Sdk.Authentication.Business
{
    public class AdalDaemonAuthenticationProvider : AdalAuthenticationProviderBase
    {
        private const int _retryCount = 3;
        private const int _retrySleepDuration = 3000;
        protected string _clientId;
        protected string _clientKey;

        public IAuthenticationContextWrapper authContextWrapper;
        protected ClientCredential clientCredential;

        protected override AuthenticateUserDelegate AuthenticateUser { get; set; }
        protected override AuthenticateUserSilentlyDelegate AuthenticateUserSilently { get; set; }

        /// <summary>
        /// Authenticates the user silently
        /// </summary>
        /// <param name="clientId">Your Application ID</param>
        /// <param name="clientSecret">Your Application Key</param>
        /// <param name="tenant">is usually a domain name for your Office365 service. Like 'yourcompany.onmicrosoft.com'</param>
        public AdalDaemonAuthenticationProvider(
            string clientId,
            string returnUrl,
            string clientSecret,
            string tenant,
            IAuthenticationContextWrapper authenticationContextWrapper) : base(clientId, returnUrl, authenticationContextWrapper)
        {
            _clientId = clientId;
            _clientKey = clientSecret;

            string authority = String.Format(CultureInfo.InvariantCulture, "https://login.microsoftonline.com/{0}", tenant);
            this.authContextWrapper = authenticationContextWrapper;
            this.clientCredential = new ClientCredential(_clientId, _clientKey);

            this.AuthenticateUser = this.PromptUserForAuthenticationAsync;
            this.AuthenticateUserSilently = this.SilentlyAuthenticateUserAsync;
        }

        public async Task AuthenticateUserAsync(string serviceResourceId)
        {
            IAuthenticationResult result = null;
            result = null;
            int retryCount = 0;
            bool retry = false;
            currentServiceResourceId = serviceResourceId;
            do
            {
                retry = false;
                try
                {
                    result = await this.authContextWrapper.AcquireTokenSilentAsync(
                        serviceResourceId,
                        clientCredential);
                }
                catch (AdalException ex)
                {
                    if (ex.ErrorCode == "temporarily_unavailable")
                    {
                        retry = true;
                        retryCount++;
                        await Task.Delay(_retrySleepDuration);
                    }
                }

            } while ((retry == true) && (retryCount < _retryCount));

            this.CurrentAccountSession = this.ConvertAuthenticationResultToAccountSession(result);
        }

        public override Task AuthenticateUserWithRefreshTokenAsync(string refreshToken)
        {
            return this.AuthenticateUserWithRefreshTokenAsync(refreshToken, /* serviceResourceId */ null);
        }

        public override async Task AuthenticateUserWithRefreshTokenAsync(string refreshToken, string serviceResourceId)
        {
            // Daemon App doesn't have refresh token.
            // So we do the authentication again.
            await this.AuthenticateUserAsync(this.currentServiceResourceId);
        }

        private async Task<IAuthenticationResult> SilentlyAuthenticateUserAsync(
            string serviceResourceId,
            string userId,
            bool throwOnError)
        {
            var result = await this.authContextWrapper.AcquireTokenSilentAsync(
                        serviceResourceId,
                        clientCredential);
            return result;
        }

        private Task<IAuthenticationResult> PromptUserForAuthenticationAsync(string serviceResourceId, string userId)
        {
            return this.SilentlyAuthenticateUserAsync(
                        serviceResourceId,
                        userId,
                        true);
        }
    }
}