msauth: abstract token cache init helpers

mjcheetham · mjcheetham · commit 89b099e17bd1 · 2023-08-15T15:17:10.000-07:00
Refactor the token cache helper methods to allow us to re-use the
existing cache registration logic with a different ITokenCache and
StorageCreationProperties.

This will be useful when we later introduce a confidential client
application (for service principals) that needs a different cache
location, and uses the AppTokenCache, rather than the User one.
diff --git a/src/shared/Core/Authentication/MicrosoftAuthentication.cs b/src/shared/Core/Authentication/MicrosoftAuthentication.cs
@@ -422,8 +422,8 @@ private async Task<IPublicClientApplication> CreatePublicClientApplicationAsync(
 
             IPublicClientApplication app = appBuilder.Build();
 
-            // Register the application token cache
-            await RegisterTokenCacheAsync(app, Context.Trace2);
+            // Register the user token cache
+            await RegisterTokenCacheAsync(app.UserTokenCache, CreateUserTokenCacheProps, Context.Trace2);
 
             return app;
         }
@@ -432,10 +432,11 @@ private async Task<IPublicClientApplication> CreatePublicClientApplicationAsync(
 
         #region Helpers
 
-        private async Task RegisterTokenCacheAsync(IPublicClientApplication app, ITrace2 trace2)
+        private delegate StorageCreationProperties StoragePropertiesBuilder(bool useLinuxFallback);
+
+        private async Task RegisterTokenCacheAsync(ITokenCache cache, StoragePropertiesBuilder propsBuilder, ITrace2 trace2)
         {
-            Context.Trace.WriteLine(
-                "Configuring Microsoft Authentication token cache to instance shared with Microsoft developer tools...");
+            Context.Trace.WriteLine("Configuring MSAL token cache...");
 
             if (!PlatformUtils.IsWindows() && !PlatformUtils.IsPosix())
             {
@@ -445,11 +446,11 @@ private async Task RegisterTokenCacheAsync(IPublicClientApplication app, ITrace2
             }
 
             // We use the MSAL extension library to provide us consistent cache file access semantics (synchronisation, etc)
-            // as other Microsoft developer tools such as the Azure PowerShell CLI.
+            // as other GCM processes, and other Microsoft developer tools such as the Azure PowerShell CLI.
             MsalCacheHelper helper = null;
             try
             {
-                var storageProps = CreateTokenCacheProps(useLinuxFallback: false);
+                StorageCreationProperties storageProps = propsBuilder(useLinuxFallback: false);
                 helper = await MsalCacheHelper.CreateAsync(storageProps);
 
                 // Test that cache access is working correctly
@@ -477,24 +478,31 @@ private async Task RegisterTokenCacheAsync(IPublicClientApplication app, ITrace2
                     // On Linux the SecretService/keyring might not be available so we must fall-back to a plaintext file.
                     Context.Streams.Error.WriteLine("warning: using plain-text fallback token cache");
                     Context.Trace.WriteLine("Using fall-back plaintext token cache on Linux.");
-                    var storageProps = CreateTokenCacheProps(useLinuxFallback: true);
+                    StorageCreationProperties storageProps = propsBuilder(useLinuxFallback: true);
                     helper = await MsalCacheHelper.CreateAsync(storageProps);
                 }
             }
 
             if (helper is null)
             {
-                Context.Streams.Error.WriteLine("error: failed to set up Microsoft Authentication token cache!");
-                Context.Trace.WriteLine("Failed to integrate with shared token cache!");
+                Context.Streams.Error.WriteLine("error: failed to set up token cache!");
+                Context.Trace.WriteLine("Failed to integrate with token cache!");
             }
             else
             {
-                helper.RegisterCache(app.UserTokenCache);
-                Context.Trace.WriteLine("Microsoft developer tools token cache configured.");
+                helper.RegisterCache(cache);
+                Context.Trace.WriteLine("Token cache configured.");
             }
         }
 
-        internal StorageCreationProperties CreateTokenCacheProps(bool useLinuxFallback)
+        /// <summary>
+        /// Create the properties for the user token cache. This is used by public client applications only.
+        /// This cache is shared between GCM processes, and also other Microsoft developer tools such as the Azure
+        /// PowerShell CLI.
+        /// </summary>
+        /// <param name="useLinuxFallback"></param>
+        /// <returns></returns>
+        internal StorageCreationProperties CreateUserTokenCacheProps(bool useLinuxFallback)
         {
             const string cacheFileName = "msal.cache";
             string cacheDirectory;
diff --git a/src/shared/Core/Diagnostics/MicrosoftAuthenticationDiagnostic.cs b/src/shared/Core/Diagnostics/MicrosoftAuthenticationDiagnostic.cs
@@ -20,7 +20,7 @@ protected override async Task<bool> RunInternalAsync(StringBuilder log, IList<st
             log.AppendLine($"Flow type is: {msAuth.GetFlowType()}");
 
             log.Append("Gathering MSAL token cache data...");
-            StorageCreationProperties cacheProps = msAuth.CreateTokenCacheProps(true);
+            StorageCreationProperties cacheProps = msAuth.CreateUserTokenCacheProps(true);
             log.AppendLine(" OK");
             log.AppendLine($"CacheDirectory: {cacheProps.CacheDirectory}");
             log.AppendLine($"CacheFileName: {cacheProps.CacheFileName}");

Original file line number	Diff line number	Diff line change
`@@ -422,8 +422,8 @@ private async Task<IPublicClientApplication> CreatePublicClientApplicationAsync(`
`422`	`422`
`423`	`423`	`IPublicClientApplication app = appBuilder.Build();`
`424`	`424`
`425`		`- // Register the application token cache`
`426`		`- await RegisterTokenCacheAsync(app, Context.Trace2);`
	`425`	`+ // Register the user token cache`
	`426`	`+ await RegisterTokenCacheAsync(app.UserTokenCache, CreateUserTokenCacheProps, Context.Trace2);`
`427`	`427`
`428`	`428`	`return app;`
`429`	`429`	`}`
`@@ -432,10 +432,11 @@ private async Task<IPublicClientApplication> CreatePublicClientApplicationAsync(`
`432`	`432`
`433`	`433`	`#region Helpers`
`434`	`434`
`435`		`- private async Task RegisterTokenCacheAsync(IPublicClientApplication app, ITrace2 trace2)`
	`435`	`+ private delegate StorageCreationProperties StoragePropertiesBuilder(bool useLinuxFallback);`
	`436`	`+`
	`437`	`+ private async Task RegisterTokenCacheAsync(ITokenCache cache, StoragePropertiesBuilder propsBuilder, ITrace2 trace2)`
`436`	`438`	`{`
`437`		`- Context.Trace.WriteLine(`
`438`		`- "Configuring Microsoft Authentication token cache to instance shared with Microsoft developer tools...");`
	`439`	`+ Context.Trace.WriteLine("Configuring MSAL token cache...");`
`439`	`440`
`440`	`441`	`if (!PlatformUtils.IsWindows() && !PlatformUtils.IsPosix())`
`441`	`442`	`{`
`@@ -445,11 +446,11 @@ private async Task RegisterTokenCacheAsync(IPublicClientApplication app, ITrace2`
`445`	`446`	`}`
`446`	`447`
`447`	`448`	`// We use the MSAL extension library to provide us consistent cache file access semantics (synchronisation, etc)`
`448`		`- // as other Microsoft developer tools such as the Azure PowerShell CLI.`
	`449`	`+ // as other GCM processes, and other Microsoft developer tools such as the Azure PowerShell CLI.`
`449`	`450`	`MsalCacheHelper helper = null;`
`450`	`451`	`try`
`451`	`452`	`{`
`452`		`- var storageProps = CreateTokenCacheProps(useLinuxFallback: false);`
	`453`	`+ StorageCreationProperties storageProps = propsBuilder(useLinuxFallback: false);`
`453`	`454`	`helper = await MsalCacheHelper.CreateAsync(storageProps);`
`454`	`455`
`455`	`456`	`// Test that cache access is working correctly`
`@@ -477,24 +478,31 @@ private async Task RegisterTokenCacheAsync(IPublicClientApplication app, ITrace2`
`477`	`478`	`// On Linux the SecretService/keyring might not be available so we must fall-back to a plaintext file.`
`478`	`479`	`Context.Streams.Error.WriteLine("warning: using plain-text fallback token cache");`
`479`	`480`	`Context.Trace.WriteLine("Using fall-back plaintext token cache on Linux.");`
`480`		`- var storageProps = CreateTokenCacheProps(useLinuxFallback: true);`
	`481`	`+ StorageCreationProperties storageProps = propsBuilder(useLinuxFallback: true);`
`481`	`482`	`helper = await MsalCacheHelper.CreateAsync(storageProps);`
`482`	`483`	`}`
`483`	`484`	`}`
`484`	`485`
`485`	`486`	`if (helper is null)`
`486`	`487`	`{`
`487`		`- Context.Streams.Error.WriteLine("error: failed to set up Microsoft Authentication token cache!");`
`488`		`- Context.Trace.WriteLine("Failed to integrate with shared token cache!");`
	`488`	`+ Context.Streams.Error.WriteLine("error: failed to set up token cache!");`
	`489`	`+ Context.Trace.WriteLine("Failed to integrate with token cache!");`
`489`	`490`	`}`
`490`	`491`	`else`
`491`	`492`	`{`
`492`		`- helper.RegisterCache(app.UserTokenCache);`
`493`		`- Context.Trace.WriteLine("Microsoft developer tools token cache configured.");`
	`493`	`+ helper.RegisterCache(cache);`
	`494`	`+ Context.Trace.WriteLine("Token cache configured.");`
`494`	`495`	`}`
`495`	`496`	`}`
`496`	`497`
`497`		`- internal StorageCreationProperties CreateTokenCacheProps(bool useLinuxFallback)`
	`498`	`+ /// <summary>`
	`499`	`+ /// Create the properties for the user token cache. This is used by public client applications only.`
	`500`	`+ /// This cache is shared between GCM processes, and also other Microsoft developer tools such as the Azure`
	`501`	`+ /// PowerShell CLI.`
	`502`	`+ /// </summary>`
	`503`	`+ /// <param name="useLinuxFallback"></param>`
	`504`	`+ /// <returns></returns>`
	`505`	`+ internal StorageCreationProperties CreateUserTokenCacheProps(bool useLinuxFallback)`
`498`	`506`	`{`
`499`	`507`	`const string cacheFileName = "msal.cache";`
`500`	`508`	`string cacheDirectory;`