Skip to content
This repository has been archived by the owner on Jan 19, 2021. It is now read-only.

Commit

Permalink
Code cleanup and clarified method names
Browse files Browse the repository at this point in the history
  • Loading branch information
tmeckel committed Aug 19, 2019
1 parent 56ac430 commit 8b21b0c
Show file tree
Hide file tree
Showing 2 changed files with 57 additions and 28 deletions.
2 changes: 1 addition & 1 deletion Core/OfficeDevPnP.Core/AuthenticationManager.cs
Original file line number Diff line number Diff line change
Expand Up @@ -613,7 +613,7 @@ public ClientContext GetHighTrustCertificateAppAuthenticatedContext(string siteU
// Configure the handler to generate the Bearer Access Token on each request and add it to the request
clientContext.ExecutingWebRequest += (sender, args) =>
{
var accessToken = TokenHelper.GetS2SAccessTokenWithUserName(siteUri, loginName);
var accessToken = TokenHelper.GetS2SAccessTokenWithWindowsUserName(siteUri, loginName);
args.WebRequestExecutor.RequestHeaders["Authorization"] = "Bearer " + accessToken;
};

Expand Down
83 changes: 56 additions & 27 deletions Core/OfficeDevPnP.Core/Utilities/TokenHelper.cs
Original file line number Diff line number Diff line change
Expand Up @@ -523,13 +523,15 @@ public static string GetAppContextTokenRequestUrl(string contextUrl, string redi
/// <param name="targetApplicationUri">Url of the target SharePoint site</param>
/// <param name="identity">Windows identity of the user on whose behalf to create the access token</param>
/// <returns>An access token with an audience of the target principal</returns>
public static string GetS2SAccessTokenWithWindowsIdentity(
Uri targetApplicationUri,
WindowsIdentity identity)
public static string GetS2SAccessTokenWithWindowsIdentity(Uri targetApplicationUri, WindowsIdentity identity)
{
string realm = string.IsNullOrEmpty(Realm) ? GetRealmFromTargetUrl(targetApplicationUri) : Realm;
string realm = string.IsNullOrWhiteSpace(Realm)
? GetRealmFromTargetUrl(targetApplicationUri)
: Realm;

JsonWebTokenClaim[] claims = identity != null ? GetClaimsWithWindowsIdentity(identity) : null;
JsonWebTokenClaim[] claims = identity != null
? GetClaimsWithWindowsIdentity(identity)
: null;

return GetS2SAccessTokenWithClaims(targetApplicationUri.Authority, realm, claims);
}
Expand All @@ -540,18 +542,41 @@ public static string GetS2SAccessTokenWithWindowsIdentity(
/// web.config, an auth challenge will be issued to the targetApplicationUri to discover it.
/// </summary>
/// <param name="targetApplicationUri">Url of the target SharePoint site</param>
/// <param name="identity">Name of the user (login name) on whose behalf to create the access token</param>
/// <param name="identity">Name of the user (login name) on whose behalf to create the access token. Supported name formats are SID and User Principal Name (UPN)</param>
/// <returns>An access token with an audience of the target principal</returns>
public static string GetS2SAccessTokenWithUserName(
Uri targetApplicationUri,
string identity)
public static string GetS2SAccessTokenWithWindowsUserName(Uri targetApplicationUri, string identity)
{
string realm = string.IsNullOrEmpty(Realm) ? GetRealmFromTargetUrl(targetApplicationUri) : Realm;
string realm = string.IsNullOrWhiteSpace(Realm)
? GetRealmFromTargetUrl(targetApplicationUri)
: Realm;

JsonWebTokenClaim[] claims = string.IsNullOrWhiteSpace(identity)
? GetClaimsWithUserName(identity)
? null
: GetClaimsWithWindowsUserName(identity);

return GetS2SAccessTokenWithClaims(targetApplicationUri.Authority, realm, claims);
}

/// <summary>
/// Retrieves an S2S access token signed by the application's private certificate on behalf of the specified
/// user name and intended for the SharePoint at the targetApplicationUri. If no Realm is specified in
/// web.config, an auth challenge will be issued to the targetApplicationUri to discover it.
/// </summary>
/// <param name="targetApplicationUri">Url of the target SharePoint site</param>
/// <param name="identity">Claims identity of the user on whose behalf to create the access token</param>
/// <returns>An access token with an audience of the target principal</returns>
public static string GetS2SAccessTokenWithClaimsIdentity(Uri targetApplicationUri, System.Security.Claims.ClaimsIdentity identity)
{
string realm = string.IsNullOrWhiteSpace(Realm)
? GetRealmFromTargetUrl(targetApplicationUri)
: Realm;

JsonWebTokenClaim[] claims = identity != null
? GetClaimsWithClaimsIdentity(identity, IdentityClaimType, TrustedIdentityTokenIssuerName)
: null;

string accessToken = GetS2SAccessTokenWithClaims(targetApplicationUri.Authority, realm, claims);

return GetS2SAccessTokenWithClaims(targetApplicationUri.Authority, realm, claims);
}

Expand All @@ -564,20 +589,28 @@ public static string GetS2SAccessTokenWithUserName(
/// <param name="targetApplicationUri">Url of the target SharePoint site</param>
/// <param name="identity">Windows identity of the user on whose behalf to create the access token</param>
/// <returns>A ClientContext using an access token with an audience of the target application</returns>
public static ClientContext GetS2SClientContextWithWindowsIdentity(
Uri targetApplicationUri,
WindowsIdentity identity)
public static ClientContext GetS2SClientContextWithWindowsIdentity(Uri targetApplicationUri, WindowsIdentity identity)
{
string realm = string.IsNullOrEmpty(Realm) ? GetRealmFromTargetUrl(targetApplicationUri) : Realm;
string accessToken = GetS2SAccessTokenWithWindowsIdentity(targetApplicationUri, identity);

JsonWebTokenClaim[] claims = identity != null
? GetClaimsWithWindowsIdentity(identity)
: null;
return GetClientContextWithAccessToken(targetApplicationUri.ToString(), accessToken);
}

string accessToken = GetS2SAccessTokenWithClaims(targetApplicationUri.Authority, realm, claims);
/// <summary>
/// Retrieves an S2S client context with an access token signed by the application's private certificate on
/// behalf of the specified WindowsIdentity and intended for application at the targetApplicationUri using the
/// targetRealm. If no Realm is specified in web.config, an auth challenge will be issued to the
/// targetApplicationUri to discover it.
/// </summary>
/// <param name="targetApplicationUri">Url of the target SharePoint site</param>
/// <param name="identity">Name of the user (login name) on whose behalf to create the access token. Supported name formats are SID and User Principal Name (UPN)</param>
/// <returns>A ClientContext using an access token with an audience of the target application</returns>
public static ClientContext GetS2SClientContextWithWindowsUserName(Uri targetApplicationUri, string identity)
{
string accessToken = GetS2SAccessTokenWithWindowsUserName(targetApplicationUri, identity);

return GetClientContextWithAccessToken(targetApplicationUri.ToString(), accessToken);
}
}

/// <summary>
/// Retrieves an S2S client context with an access token signed by the application's private certificate on
Expand All @@ -597,11 +630,7 @@ public static ClientContext GetS2SClientContextWithWindowsIdentity(
/// <returns>A ClientContext using an access token with an audience of the target application</returns>
public static ClientContext GetS2SClientContextWithClaimsIdentity(Uri targetApplicationUri, System.Security.Claims.ClaimsIdentity identity)
{
string realm = string.IsNullOrEmpty(Realm) ? GetRealmFromTargetUrl(targetApplicationUri) : Realm;

JsonWebTokenClaim[] claims = identity != null ? GetClaimsWithClaimsIdentity(identity, IdentityClaimType, TrustedIdentityTokenIssuerName) : null;

string accessToken = GetS2SAccessTokenWithClaims(targetApplicationUri.Authority, realm, claims);
string accessToken = GetS2SAccessTokenWithClaimsIdentity(targetApplicationUri, identity);

return GetClientContextWithAccessToken(targetApplicationUri.ToString(), accessToken);
}
Expand Down Expand Up @@ -1074,10 +1103,10 @@ private static JsonWebTokenClaim[] GetClaimsWithWindowsIdentity(WindowsIdentity
throw new ArgumentNullException("identity");
}
#endif
return GetClaimsWithUserName(identity.User.Value);
return GetClaimsWithWindowsUserName(identity.User.Value);
}

private static JsonWebTokenClaim[] GetClaimsWithUserName(string identity)
private static JsonWebTokenClaim[] GetClaimsWithWindowsUserName(string identity)
{
#if DEBUG
if (string.IsNullOrWhiteSpace(identity))
Expand Down

0 comments on commit 8b21b0c

Please sign in to comment.