From bc240a0cb364c1be0016694c025cd07f27f35a96 Mon Sep 17 00:00:00 2001 From: Richasy Date: Fri, 14 Apr 2023 14:11:14 +0800 Subject: [PATCH 1/5] Add V2 model for Uwp authorization --- .../WebAccountProviderConfig.cs | 14 +++++++++++++- .../WindowsProvider.cs | 4 ++++ 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/CommunityToolkit.Authentication.Uwp/WebAccountProviderConfig.cs b/CommunityToolkit.Authentication.Uwp/WebAccountProviderConfig.cs index 9747d97..d36256a 100644 --- a/CommunityToolkit.Authentication.Uwp/WebAccountProviderConfig.cs +++ b/CommunityToolkit.Authentication.Uwp/WebAccountProviderConfig.cs @@ -19,15 +19,27 @@ public struct WebAccountProviderConfig /// public WebAccountProviderType WebAccountProviderType { get; set; } + /// + /// Gets or sets a value indicating whether to use Version 2 model, the default value is False. + /// + /// + /// This option is configured for pre-authorization applications. + /// If the application is configured with pre-authorization, + /// this option can be set to True to skip consent page. + /// + public bool UseApiVersion2 { get; set; } + /// /// Initializes a new instance of the struct. /// /// The types of accounts providers that should be available to the user. /// The registered ClientId. Required for AAD login and admin consent. - public WebAccountProviderConfig(WebAccountProviderType webAccountProviderType, string clientId = null) + /// Whether to enable the version 2 model for the application. + public WebAccountProviderConfig(WebAccountProviderType webAccountProviderType, string clientId = null, bool useApiVersion2 = false) { WebAccountProviderType = webAccountProviderType; ClientId = clientId; + UseApiVersion2 = useApiVersion2; } } } diff --git a/CommunityToolkit.Authentication.Uwp/WindowsProvider.cs b/CommunityToolkit.Authentication.Uwp/WindowsProvider.cs index 234521f..1bd0cfb 100644 --- a/CommunityToolkit.Authentication.Uwp/WindowsProvider.cs +++ b/CommunityToolkit.Authentication.Uwp/WindowsProvider.cs @@ -550,6 +550,10 @@ private WebTokenRequest GetWebTokenRequest(WebAccountProvider provider, string c : new WebTokenRequest(provider, scopesString, clientId); webTokenRequest.Properties.Add(GraphResourcePropertyKey, GraphResourcePropertyValue); + if (_webAccountProviderConfig.UseApiVersion2) + { + webTokenRequest.Properties.Add("api-version", "2.0"); + } return webTokenRequest; } From 6f34c3bee612796ddaf668fd05db57f6924a8ee0 Mon Sep 17 00:00:00 2001 From: Richasy Date: Sat, 15 Apr 2023 05:38:24 +0800 Subject: [PATCH 2/5] Make v2 model only for MSA --- .../WebAccountProviderConfig.cs | 6 +++--- CommunityToolkit.Authentication.Uwp/WindowsProvider.cs | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/CommunityToolkit.Authentication.Uwp/WebAccountProviderConfig.cs b/CommunityToolkit.Authentication.Uwp/WebAccountProviderConfig.cs index d36256a..b265c95 100644 --- a/CommunityToolkit.Authentication.Uwp/WebAccountProviderConfig.cs +++ b/CommunityToolkit.Authentication.Uwp/WebAccountProviderConfig.cs @@ -20,11 +20,11 @@ public struct WebAccountProviderConfig public WebAccountProviderType WebAccountProviderType { get; set; } /// - /// Gets or sets a value indicating whether to use Version 2 model, the default value is False. + /// Gets or sets a value indicating whether to use Version 2 model, only for MSA, the default value is False. /// /// /// This option is configured for pre-authorization applications. - /// If the application is configured with pre-authorization, + /// If the application is configured with MSA pre-authorization, /// this option can be set to True to skip consent page. /// public bool UseApiVersion2 { get; set; } @@ -34,7 +34,7 @@ public struct WebAccountProviderConfig /// /// The types of accounts providers that should be available to the user. /// The registered ClientId. Required for AAD login and admin consent. - /// Whether to enable the version 2 model for the application. + /// Whether to enable the version 2 model for the MSA validate. public WebAccountProviderConfig(WebAccountProviderType webAccountProviderType, string clientId = null, bool useApiVersion2 = false) { WebAccountProviderType = webAccountProviderType; diff --git a/CommunityToolkit.Authentication.Uwp/WindowsProvider.cs b/CommunityToolkit.Authentication.Uwp/WindowsProvider.cs index 1bd0cfb..b252e2d 100644 --- a/CommunityToolkit.Authentication.Uwp/WindowsProvider.cs +++ b/CommunityToolkit.Authentication.Uwp/WindowsProvider.cs @@ -33,7 +33,7 @@ public class WindowsProvider : BaseProvider private const string SettingsKeyProviderId = "WindowsProvider_ProviderId"; private const string SettingsKeyProviderAuthority = "WindowsProvider_Authority"; - private static readonly SemaphoreSlim SemaphoreSlim = new (1); + private static readonly SemaphoreSlim SemaphoreSlim = new(1); // Default/minimal scopes for authentication, if none are provided. private static readonly string[] DefaultScopes = { "User.Read" }; @@ -550,7 +550,7 @@ private WebTokenRequest GetWebTokenRequest(WebAccountProvider provider, string c : new WebTokenRequest(provider, scopesString, clientId); webTokenRequest.Properties.Add(GraphResourcePropertyKey, GraphResourcePropertyValue); - if (_webAccountProviderConfig.UseApiVersion2) + if (_webAccountProviderConfig.UseApiVersion2 && provider.Authority == MicrosoftAccountAuthority) { webTokenRequest.Properties.Add("api-version", "2.0"); } From 10232dd75313234a76e63b17a224983b75b1e1b7 Mon Sep 17 00:00:00 2001 From: Richasy Date: Sat, 15 Apr 2023 06:07:22 +0800 Subject: [PATCH 3/5] Replace with new properties --- .../WebAccountProviderConfig.cs | 28 ++++++++++++------- .../WindowsProvider.cs | 14 ++++++++-- 2 files changed, 30 insertions(+), 12 deletions(-) diff --git a/CommunityToolkit.Authentication.Uwp/WebAccountProviderConfig.cs b/CommunityToolkit.Authentication.Uwp/WebAccountProviderConfig.cs index b265c95..82dc87e 100644 --- a/CommunityToolkit.Authentication.Uwp/WebAccountProviderConfig.cs +++ b/CommunityToolkit.Authentication.Uwp/WebAccountProviderConfig.cs @@ -2,6 +2,8 @@ // The .NET Foundation licenses this file to you under the MIT license. // See the LICENSE file in the project root for more information. +using System.Collections.Generic; + namespace CommunityToolkit.Authentication { /// @@ -20,26 +22,32 @@ public struct WebAccountProviderConfig public WebAccountProviderType WebAccountProviderType { get; set; } /// - /// Gets or sets a value indicating whether to use Version 2 model, only for MSA, the default value is False. + /// Gets or sets the properties that need to be added when constructing WebTokenRequest (for MSA). + /// + public IDictionary MSATokenRequestProperties { get; set; } + + /// + /// Gets or sets the properties that need to be added when constructing WebTokenRequest (for AAD). /// - /// - /// This option is configured for pre-authorization applications. - /// If the application is configured with MSA pre-authorization, - /// this option can be set to True to skip consent page. - /// - public bool UseApiVersion2 { get; set; } + public IDictionary AADTokenRequestProperties { get; set; } /// /// Initializes a new instance of the struct. /// /// The types of accounts providers that should be available to the user. /// The registered ClientId. Required for AAD login and admin consent. - /// Whether to enable the version 2 model for the MSA validate. - public WebAccountProviderConfig(WebAccountProviderType webAccountProviderType, string clientId = null, bool useApiVersion2 = false) + /// Request properties for MSA. + /// Request properties for AAD. + public WebAccountProviderConfig( + WebAccountProviderType webAccountProviderType, + string clientId = null, + IDictionary msaTokenRequestProperties = null, + IDictionary aadTokenRequestProperties = null) { WebAccountProviderType = webAccountProviderType; ClientId = clientId; - UseApiVersion2 = useApiVersion2; + MSATokenRequestProperties = msaTokenRequestProperties; + AADTokenRequestProperties = aadTokenRequestProperties; } } } diff --git a/CommunityToolkit.Authentication.Uwp/WindowsProvider.cs b/CommunityToolkit.Authentication.Uwp/WindowsProvider.cs index b252e2d..eb71e0c 100644 --- a/CommunityToolkit.Authentication.Uwp/WindowsProvider.cs +++ b/CommunityToolkit.Authentication.Uwp/WindowsProvider.cs @@ -550,9 +550,19 @@ private WebTokenRequest GetWebTokenRequest(WebAccountProvider provider, string c : new WebTokenRequest(provider, scopesString, clientId); webTokenRequest.Properties.Add(GraphResourcePropertyKey, GraphResourcePropertyValue); - if (_webAccountProviderConfig.UseApiVersion2 && provider.Authority == MicrosoftAccountAuthority) + if (provider.Authority == MicrosoftAccountAuthority && _webAccountProviderConfig.MSATokenRequestProperties != null) { - webTokenRequest.Properties.Add("api-version", "2.0"); + foreach (var property in _webAccountProviderConfig.MSATokenRequestProperties) + { + webTokenRequest.Properties.Add(property); + } + } + else if (provider.Authority == AadAuthority && _webAccountProviderConfig.AADTokenRequestProperties != null) + { + foreach (var property in _webAccountProviderConfig.AADTokenRequestProperties) + { + webTokenRequest.Properties.Add(property); + } } return webTokenRequest; From c04aae506b60649c46f2333f7792f219c5d4f5d1 Mon Sep 17 00:00:00 2001 From: Richasy Date: Sat, 15 Apr 2023 06:09:19 +0800 Subject: [PATCH 4/5] Update comment --- .../WebAccountProviderConfig.cs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CommunityToolkit.Authentication.Uwp/WebAccountProviderConfig.cs b/CommunityToolkit.Authentication.Uwp/WebAccountProviderConfig.cs index 82dc87e..b90e848 100644 --- a/CommunityToolkit.Authentication.Uwp/WebAccountProviderConfig.cs +++ b/CommunityToolkit.Authentication.Uwp/WebAccountProviderConfig.cs @@ -22,12 +22,12 @@ public struct WebAccountProviderConfig public WebAccountProviderType WebAccountProviderType { get; set; } /// - /// Gets or sets the properties that need to be added when constructing WebTokenRequest (for MSA). + /// Gets or sets the properties that need to be added when constructing (for MSA). /// public IDictionary MSATokenRequestProperties { get; set; } /// - /// Gets or sets the properties that need to be added when constructing WebTokenRequest (for AAD). + /// Gets or sets the properties that need to be added when constructing (for AAD). /// public IDictionary AADTokenRequestProperties { get; set; } From 8c4c9db080b3cb6aed51e8ef5cab9c94bb0ad409 Mon Sep 17 00:00:00 2001 From: Richasy Date: Sat, 15 Apr 2023 06:36:06 +0800 Subject: [PATCH 5/5] Remove null check --- .../WebAccountProviderConfig.cs | 12 +++--------- .../WindowsProvider.cs | 4 ++-- 2 files changed, 5 insertions(+), 11 deletions(-) diff --git a/CommunityToolkit.Authentication.Uwp/WebAccountProviderConfig.cs b/CommunityToolkit.Authentication.Uwp/WebAccountProviderConfig.cs index b90e848..8acb939 100644 --- a/CommunityToolkit.Authentication.Uwp/WebAccountProviderConfig.cs +++ b/CommunityToolkit.Authentication.Uwp/WebAccountProviderConfig.cs @@ -36,18 +36,12 @@ public struct WebAccountProviderConfig /// /// The types of accounts providers that should be available to the user. /// The registered ClientId. Required for AAD login and admin consent. - /// Request properties for MSA. - /// Request properties for AAD. - public WebAccountProviderConfig( - WebAccountProviderType webAccountProviderType, - string clientId = null, - IDictionary msaTokenRequestProperties = null, - IDictionary aadTokenRequestProperties = null) + public WebAccountProviderConfig(WebAccountProviderType webAccountProviderType, string clientId = null) { WebAccountProviderType = webAccountProviderType; ClientId = clientId; - MSATokenRequestProperties = msaTokenRequestProperties; - AADTokenRequestProperties = aadTokenRequestProperties; + MSATokenRequestProperties = new Dictionary(); + AADTokenRequestProperties = new Dictionary(); } } } diff --git a/CommunityToolkit.Authentication.Uwp/WindowsProvider.cs b/CommunityToolkit.Authentication.Uwp/WindowsProvider.cs index eb71e0c..ed2d89b 100644 --- a/CommunityToolkit.Authentication.Uwp/WindowsProvider.cs +++ b/CommunityToolkit.Authentication.Uwp/WindowsProvider.cs @@ -550,14 +550,14 @@ private WebTokenRequest GetWebTokenRequest(WebAccountProvider provider, string c : new WebTokenRequest(provider, scopesString, clientId); webTokenRequest.Properties.Add(GraphResourcePropertyKey, GraphResourcePropertyValue); - if (provider.Authority == MicrosoftAccountAuthority && _webAccountProviderConfig.MSATokenRequestProperties != null) + if (provider.Authority == MicrosoftAccountAuthority) { foreach (var property in _webAccountProviderConfig.MSATokenRequestProperties) { webTokenRequest.Properties.Add(property); } } - else if (provider.Authority == AadAuthority && _webAccountProviderConfig.AADTokenRequestProperties != null) + else if (provider.Authority == AadAuthority) { foreach (var property in _webAccountProviderConfig.AADTokenRequestProperties) {