From 13b262de0c643579a767728455d93ceb5dc7e79e Mon Sep 17 00:00:00 2001 From: Nilesh Choudhary Date: Tue, 6 Aug 2024 15:10:07 +0100 Subject: [PATCH 1/4] Added a new variable in AuthRepsonse "IsFromCache" Added a new response "IsFromCache" This will be true only when we are reading the response from storage. --- apps/internal/base/base.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/apps/internal/base/base.go b/apps/internal/base/base.go index 09a0d92f..69d67330 100644 --- a/apps/internal/base/base.go +++ b/apps/internal/base/base.go @@ -89,6 +89,7 @@ type AuthResult struct { ExpiresOn time.Time GrantedScopes []string DeclinedScopes []string + IsFromCache bool } // AuthResultFromStorage creates an AuthResult from a storage token response (which is generated from the cache). @@ -109,7 +110,7 @@ func AuthResultFromStorage(storageTokenResponse storage.TokenResponse) (AuthResu return AuthResult{}, fmt.Errorf("problem decoding JWT token: %w", err) } } - return AuthResult{account, idToken, accessToken, storageTokenResponse.AccessToken.ExpiresOn.T, grantedScopes, nil}, nil + return AuthResult{account, idToken, accessToken, storageTokenResponse.AccessToken.ExpiresOn.T, grantedScopes, nil, true}, nil } // NewAuthResult creates an AuthResult. @@ -123,6 +124,7 @@ func NewAuthResult(tokenResponse accesstokens.TokenResponse, account shared.Acco AccessToken: tokenResponse.AccessToken, ExpiresOn: tokenResponse.ExpiresOn.T, GrantedScopes: tokenResponse.GrantedScopes.Slice, + IsFromCache: false, }, nil } From 99329176dc4d4e1c91e4623aa7fbc44dce6386a2 Mon Sep 17 00:00:00 2001 From: Nilesh Choudhary Date: Wed, 14 Aug 2024 15:13:20 +0100 Subject: [PATCH 2/4] Added "IsFromCache" into the unit test for testing Formatted some AuthResponse for more clearity --- apps/internal/base/base.go | 10 ++++++++-- apps/internal/base/base_test.go | 2 ++ 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/apps/internal/base/base.go b/apps/internal/base/base.go index 69d67330..082e3147 100644 --- a/apps/internal/base/base.go +++ b/apps/internal/base/base.go @@ -110,7 +110,14 @@ func AuthResultFromStorage(storageTokenResponse storage.TokenResponse) (AuthResu return AuthResult{}, fmt.Errorf("problem decoding JWT token: %w", err) } } - return AuthResult{account, idToken, accessToken, storageTokenResponse.AccessToken.ExpiresOn.T, grantedScopes, nil, true}, nil + return AuthResult{ + Account: account, + IDToken: idToken, + AccessToken: accessToken, + ExpiresOn: storageTokenResponse.AccessToken.ExpiresOn.T, + GrantedScopes: grantedScopes, + DeclinedScopes: nil, + IsFromCache: true}, nil } // NewAuthResult creates an AuthResult. @@ -124,7 +131,6 @@ func NewAuthResult(tokenResponse accesstokens.TokenResponse, account shared.Acco AccessToken: tokenResponse.AccessToken, ExpiresOn: tokenResponse.ExpiresOn.T, GrantedScopes: tokenResponse.GrantedScopes.Slice, - IsFromCache: false, }, nil } diff --git a/apps/internal/base/base_test.go b/apps/internal/base/base_test.go index 6ae5ba0f..9b0bbfd5 100644 --- a/apps/internal/base/base_test.go +++ b/apps/internal/base/base_test.go @@ -344,6 +344,7 @@ func TestCreateAuthenticationResult(t *testing.T) { ExpiresOn: future, GrantedScopes: []string{"user.read"}, DeclinedScopes: nil, + IsFromCache: false, }, }, { @@ -416,6 +417,7 @@ func TestAuthResultFromStorage(t *testing.T) { }, ExpiresOn: future, GrantedScopes: []string{"profile", "openid", "user.read"}, + IsFromCache: true, }, }, } From c42eb03c8c7167738d3cc3d84329b65e5bb29c6c Mon Sep 17 00:00:00 2001 From: Nilesh Choudhary Date: Wed, 21 Aug 2024 15:12:10 +0100 Subject: [PATCH 3/4] Updated the token source with the feedback Updated the token source, added it to AuthResultMetadata --- apps/internal/base/base.go | 35 +++++++++++++++++++++++++-------- apps/internal/base/base_test.go | 8 ++++++-- 2 files changed, 33 insertions(+), 10 deletions(-) diff --git a/apps/internal/base/base.go b/apps/internal/base/base.go index 082e3147..5eb44b3f 100644 --- a/apps/internal/base/base.go +++ b/apps/internal/base/base.go @@ -83,15 +83,28 @@ type AcquireTokenOnBehalfOfParameters struct { // AuthResult contains the results of one token acquisition operation in PublicClientApplication // or ConfidentialClientApplication. For details see https://aka.ms/msal-net-authenticationresult type AuthResult struct { - Account shared.Account - IDToken accesstokens.IDToken - AccessToken string - ExpiresOn time.Time - GrantedScopes []string - DeclinedScopes []string - IsFromCache bool + Account shared.Account + IDToken accesstokens.IDToken + AccessToken string + ExpiresOn time.Time + GrantedScopes []string + DeclinedScopes []string + AuthResultMetadata AuthResultMetadata } +// AuthResultMetadata which contains meta data for the AuthResult +type AuthResultMetadata struct { + TokenSource TokenSource +} + +type TokenSource int + +// These are all the types of token flows. +const ( + IdentityProvider TokenSource = 0 + Cache TokenSource = 1 +) + // AuthResultFromStorage creates an AuthResult from a storage token response (which is generated from the cache). func AuthResultFromStorage(storageTokenResponse storage.TokenResponse) (AuthResult, error) { if err := storageTokenResponse.AccessToken.Validate(); err != nil { @@ -117,7 +130,10 @@ func AuthResultFromStorage(storageTokenResponse storage.TokenResponse) (AuthResu ExpiresOn: storageTokenResponse.AccessToken.ExpiresOn.T, GrantedScopes: grantedScopes, DeclinedScopes: nil, - IsFromCache: true}, nil + AuthResultMetadata: AuthResultMetadata{ + TokenSource: Cache, + }, + }, nil } // NewAuthResult creates an AuthResult. @@ -131,6 +147,9 @@ func NewAuthResult(tokenResponse accesstokens.TokenResponse, account shared.Acco AccessToken: tokenResponse.AccessToken, ExpiresOn: tokenResponse.ExpiresOn.T, GrantedScopes: tokenResponse.GrantedScopes.Slice, + AuthResultMetadata: AuthResultMetadata{ + TokenSource: IdentityProvider, + }, }, nil } diff --git a/apps/internal/base/base_test.go b/apps/internal/base/base_test.go index 9b0bbfd5..f1e843a8 100644 --- a/apps/internal/base/base_test.go +++ b/apps/internal/base/base_test.go @@ -344,7 +344,9 @@ func TestCreateAuthenticationResult(t *testing.T) { ExpiresOn: future, GrantedScopes: []string{"user.read"}, DeclinedScopes: nil, - IsFromCache: false, + AuthResultMetadata: AuthResultMetadata{ + TokenSource: IdentityProvider, + }, }, }, { @@ -417,7 +419,9 @@ func TestAuthResultFromStorage(t *testing.T) { }, ExpiresOn: future, GrantedScopes: []string{"profile", "openid", "user.read"}, - IsFromCache: true, + AuthResultMetadata: AuthResultMetadata{ + TokenSource: Cache, + }, }, }, } From 74e29970e95295a3b9ef006d511ae25d8fbc7d06 Mon Sep 17 00:00:00 2001 From: Nilesh Choudhary Date: Thu, 22 Aug 2024 10:25:37 +0100 Subject: [PATCH 4/4] Updated with suggessions Updated the field name ti "Metadata" added a default value to "SourceUnknown" --- apps/internal/base/base.go | 23 ++++++++++++----------- apps/internal/base/base_test.go | 4 ++-- 2 files changed, 14 insertions(+), 13 deletions(-) diff --git a/apps/internal/base/base.go b/apps/internal/base/base.go index 5eb44b3f..e473d126 100644 --- a/apps/internal/base/base.go +++ b/apps/internal/base/base.go @@ -83,13 +83,13 @@ type AcquireTokenOnBehalfOfParameters struct { // AuthResult contains the results of one token acquisition operation in PublicClientApplication // or ConfidentialClientApplication. For details see https://aka.ms/msal-net-authenticationresult type AuthResult struct { - Account shared.Account - IDToken accesstokens.IDToken - AccessToken string - ExpiresOn time.Time - GrantedScopes []string - DeclinedScopes []string - AuthResultMetadata AuthResultMetadata + Account shared.Account + IDToken accesstokens.IDToken + AccessToken string + ExpiresOn time.Time + GrantedScopes []string + DeclinedScopes []string + Metadata AuthResultMetadata } // AuthResultMetadata which contains meta data for the AuthResult @@ -101,8 +101,9 @@ type TokenSource int // These are all the types of token flows. const ( - IdentityProvider TokenSource = 0 - Cache TokenSource = 1 + SourceUnknown TokenSource = 0 + IdentityProvider TokenSource = 1 + Cache TokenSource = 2 ) // AuthResultFromStorage creates an AuthResult from a storage token response (which is generated from the cache). @@ -130,7 +131,7 @@ func AuthResultFromStorage(storageTokenResponse storage.TokenResponse) (AuthResu ExpiresOn: storageTokenResponse.AccessToken.ExpiresOn.T, GrantedScopes: grantedScopes, DeclinedScopes: nil, - AuthResultMetadata: AuthResultMetadata{ + Metadata: AuthResultMetadata{ TokenSource: Cache, }, }, nil @@ -147,7 +148,7 @@ func NewAuthResult(tokenResponse accesstokens.TokenResponse, account shared.Acco AccessToken: tokenResponse.AccessToken, ExpiresOn: tokenResponse.ExpiresOn.T, GrantedScopes: tokenResponse.GrantedScopes.Slice, - AuthResultMetadata: AuthResultMetadata{ + Metadata: AuthResultMetadata{ TokenSource: IdentityProvider, }, }, nil diff --git a/apps/internal/base/base_test.go b/apps/internal/base/base_test.go index f1e843a8..09238780 100644 --- a/apps/internal/base/base_test.go +++ b/apps/internal/base/base_test.go @@ -344,7 +344,7 @@ func TestCreateAuthenticationResult(t *testing.T) { ExpiresOn: future, GrantedScopes: []string{"user.read"}, DeclinedScopes: nil, - AuthResultMetadata: AuthResultMetadata{ + Metadata: AuthResultMetadata{ TokenSource: IdentityProvider, }, }, @@ -419,7 +419,7 @@ func TestAuthResultFromStorage(t *testing.T) { }, ExpiresOn: future, GrantedScopes: []string{"profile", "openid", "user.read"}, - AuthResultMetadata: AuthResultMetadata{ + Metadata: AuthResultMetadata{ TokenSource: Cache, }, },