-
Notifications
You must be signed in to change notification settings - Fork 125
/
IMultipleAccountPublicClientApplication.java
200 lines (181 loc) · 10.1 KB
/
IMultipleAccountPublicClientApplication.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
// Copyright (c) Microsoft Corporation.
// All rights reserved.
//
// This code is licensed under the MIT License.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files(the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions :
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
package com.microsoft.identity.client;
import android.app.Activity;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import androidx.annotation.WorkerThread;
import com.microsoft.identity.client.exception.MsalException;
import com.microsoft.identity.common.internal.controllers.TaskCompletedCallbackWithError;
import java.util.List;
/**
* An interface that contains list of operations that are available when MSAL is in 'multiple account' mode.
* - This mode allows an application to make API calls with more than one accounts.
* - The application will only be able to retrieve/remove accounts that have been used to acquire token interactively in this application
* - API calls' scope is limited to 'the calling app'. (i.e. removeAccount() will not remove credentials of the same account in other apps).
* <p>
* This is MSAL's default mode.
*/
public interface IMultipleAccountPublicClientApplication extends IPublicClientApplication {
/**
* Asynchronously returns a List of {@link IAccount} objects for which this application has RefreshTokens.
*
* @param callback The callback to notify once this action has finished.
*/
void getAccounts(@NonNull final LoadAccountsCallback callback);
/**
* Returns a List of {@link IAccount} objects for which this application has RefreshTokens.
*/
@WorkerThread
List<IAccount> getAccounts() throws InterruptedException, MsalException;
/**
* Retrieve the IAccount object matching the identifier.
* The identifier could be homeAccountIdentifier, localAccountIdentifier or username.
*
* @param identifier String of the identifier
* @param callback The callback to notify once this action has finished.
*/
void getAccount(@NonNull final String identifier,
@NonNull final GetAccountCallback callback
);
/**
* Retrieve the IAccount object matching the identifier.
* The identifier could be homeAccountIdentifier, localAccountIdentifier or username.
*
* @param identifier String of the identifier
*/
@WorkerThread
IAccount getAccount(@NonNull final String identifier) throws InterruptedException, MsalException;
/**
* Removes the Account and Credentials (tokens) for the supplied IAccount.
*
* @param account The IAccount whose entry and associated tokens should be removed.
*/
void removeAccount(@Nullable final IAccount account,
@NonNull final RemoveAccountCallback callback
);
/**
* Removes the Account and Credentials (tokens) for the supplied IAccount.
*
* @param account The IAccount whose entry and associated tokens should be removed.
* @return True, if the account was removed. False otherwise.
*/
@WorkerThread
boolean removeAccount(@Nullable final IAccount account) throws MsalException, InterruptedException;
/**
* Acquire token interactively, will pop-up webUI. Interactive flow will skip the cache lookup.
* Default value for {@link UiBehavior} is {@link UiBehavior#SELECT_ACCOUNT}.
*
* @param activity Non-null {@link Activity} that will be used as the parent activity for launching the {@link AuthenticationActivity}.
* @param scopes The non-null array of scopes to be requested for the access token.
* MSAL always sends the scopes 'openid profile offline_access'. Do not include any of these scopes in the scope parameter.
* @param loginHint Optional. If provided, will be used as the query parameter sent for authenticating the user,
* which will have the UPN pre-populated.
* @param callback The Non-null {@link AuthenticationCallback} to receive the result back.
* 1) If user cancels the flow by pressing the device back button, the result will be sent
* back via {@link AuthenticationCallback#onCancel()}.
* 2) If the sdk successfully receives the token back, result will be sent back via
* {@link AuthenticationCallback#onSuccess(IAuthenticationResult)}
* 3) All the other errors will be sent back via
* {@link AuthenticationCallback#onError(MsalException)}.
*/
void acquireToken(@NonNull final Activity activity,
@NonNull final String[] scopes,
@Nullable final String loginHint,
@NonNull final AuthenticationCallback callback
);
/**
* Perform acquire token silent call. If there is a valid access token in the cache, the sdk will return the access token; If
* no valid access token exists, the sdk will try to find a refresh token and use the refresh token to get a new access token. If refresh token does not exist
* or it fails the refresh, exception will be sent back via callback.
*
* @param scopes The non-null array of scopes to be requested for the access token.
* MSAL always sends the scopes 'openid profile offline_access'. Do not include any of these scopes in the scope parameter.
* @param account {@link IAccount} represents the account to silently request tokens for.
* @param callback {@link SilentAuthenticationCallback} that is used to send the result back. The success result will be
* sent back via {@link SilentAuthenticationCallback#onSuccess(IAuthenticationResult)}.
* Failure case will be sent back via {
* @link AuthenticationCallback#onError(MsalException)}.
*/
void acquireTokenSilentAsync(@NonNull final String[] scopes,
@NonNull final IAccount account,
@NonNull final SilentAuthenticationCallback callback);
/**
* Perform acquire token silent call. If there is a valid access token in the cache, the sdk will return the access token; If
* no valid access token exists, the sdk will try to find a refresh token and use the refresh token to get a new access token. If refresh token does not exist
* or it fails the refresh, exception will be sent back via callback.
*
* @param scopes The non-null array of scopes to be requested for the access token.
* MSAL always sends the scopes 'openid profile offline_access'. Do not include any of these scopes in the scope parameter.
* @param account {@link IAccount} represents the account to silently request tokens for.
* @param authority Authority to issue the token.
*/
@WorkerThread
IAuthenticationResult acquireTokenSilent(@NonNull final String[] scopes,
@NonNull final IAccount account,
@NonNull final String authority) throws MsalException, InterruptedException;
/**
* Perform acquire token silent call. If there is a valid access token in the cache, the sdk will return the access token; If
* no valid access token exists, the sdk will try to find a refresh token and use the refresh token to get a new access token. If refresh token does not exist
* or it fails the refresh, exception will be sent back via callback.
*
* @param scopes The non-null array of scopes to be requested for the access token.
* MSAL always sends the scopes 'openid profile offline_access'. Do not include any of these scopes in the scope parameter.
* @param account {@link IAccount} represents the account to silently request tokens for.
* @param authority Authority to issue the token.
* @param callback {@link SilentAuthenticationCallback} that is used to send the result back. The success result will be
* sent back via {@link SilentAuthenticationCallback#onSuccess(IAuthenticationResult)}.
* Failure case will be sent back via {
* @link AuthenticationCallback#onError(MsalException)}.
*/
void acquireTokenSilentAsync(@NonNull final String[] scopes,
@NonNull final IAccount account,
@NonNull final String authority,
@NonNull final SilentAuthenticationCallback callback);
interface GetAccountCallback extends TaskCompletedCallbackWithError<IAccount, MsalException> {
/**
* Called once succeed and pass the result object.
*
* @param result the success result.
*/
void onTaskCompleted(IAccount result);
/**
* Called once exception thrown.
*
* @param exception
*/
void onError(MsalException exception);
}
interface RemoveAccountCallback {
/**
* Invoked when account successfully removed
*/
void onRemoved();
/**
* Invoked when the account failed to load.
*
* @param exception the exception object.
*/
void onError(@NonNull final MsalException exception);
}
}