Ensure cache is used for tokens

dotnet · Mar 1, 2021 · fa49e5e · fa49e5e
1 parent a49a3b1
commit fa49e5e
Showing 1 changed file with 36 additions and 3 deletions.
diff --git a/src/SignClient/SignCommand.cs b/src/SignClient/SignCommand.cs
@@ -170,7 +170,24 @@ void Log(string facility, LogLevel level, string message)
  {
  Log("RESTCLIENT", LogLevel.Info, "Obtaining access token for PublicClientApplication.");
 
- var tokenResult = await pca.AcquireTokenByUsernamePassword(new[] { $"{resourceId}/user_impersonation" }, username.Value(), secret).ExecuteAsync();
+ var accounts = await pca.GetAccountsAsync().ConfigureAwait(false);
+ var first = accounts.FirstOrDefault();
+
+ var scopes = new[] { $"{resourceId}/user_impersonation" };
+
+ if (first != null)
+ {
+ try
+ {
+ var result = await pca.AcquireTokenSilent(scopes, first).ExecuteAsync().ConfigureAwait(false);
+
+ Log("RESTCLIENT", LogLevel.Info, $"Obtained access token from cache for PublicClientApplication. Correlation ID = {result.CorrelationId}; Expires on = {result.ExpiresOn}.");
+ return result.AccessToken;
+ }
+ catch(MsalUiRequiredException) { } // eat it as we'll try to get via password next
+ }
+
+ var tokenResult = await pca.AcquireTokenByUsernamePassword(scopes, username.Value(), secret).ExecuteAsync();
 
  Log("RESTCLIENT", LogLevel.Info, $"Obtained access token for PublicClientApplication. Correlation ID = {tokenResult.CorrelationId}; Expires on = {tokenResult.ExpiresOn}.");
 
@@ -189,9 +206,25 @@ void Log(string facility, LogLevel level, string message)
  {
  Log("RESTCLIENT", LogLevel.Info, "Obtaining access token for ConfidentialClientApplication.");
 
- var tokenResult = await context.AcquireTokenForClient(new[] { $"{resourceId}/.default" }).ExecuteAsync();
+ var accounts = await context.GetAccountsAsync().ConfigureAwait(false);
+ var first = accounts.FirstOrDefault();
+ var scopes = new[] { $"{resourceId}/.default" };
 
- Log("RESTCLIENT", LogLevel.Info, $"Obtained access token for PublicClientApplication. Correlation ID = {tokenResult.CorrelationId}; Expires on = {tokenResult.ExpiresOn}.");
+ if (first != null)
+ {
+ try
+ {
+ var result = await context.AcquireTokenSilent(scopes, first).ExecuteAsync().ConfigureAwait(false);
+
+ Log("RESTCLIENT", LogLevel.Info, $"Obtained access token from cache for ConfidentialClientApplication. Correlation ID = {result.CorrelationId}; Expires on = {result.ExpiresOn}.");
+ return result.AccessToken;
+ }
+ catch (MsalUiRequiredException) { } // eat it as we'll try to get via password next
+ } 
+
+ var tokenResult = await context.AcquireTokenForClient(scopes).ExecuteAsync();
+
+ Log("RESTCLIENT", LogLevel.Info, $"Obtained access token for ConfidentialClientApplication. Correlation ID = {tokenResult.CorrelationId}; Expires on = {tokenResult.ExpiresOn}.");
 
  return tokenResult.AccessToken;
  };