Merge pull request #77 from AzureAD/dev

merge from dev

Author: weijjia

changelog.txt

@@ -1,3 +1,8 @@
+Version 0.1.16
+--------------
+Release Date: 3 Sep 2015
+	* Add support for device profile 
+
 Version 0.1.15
 --------------
 Release Date: 4 Aug 2015

lib/argument.js

@@ -21,6 +21,9 @@
 'use strict';
 
 var _ = require('underscore');
+var constants = require('./constants');
+
+var UserCodeResponseFields = constants.UserCodeResponseFields;
 
 var argumentValidation = {
   /**
@@ -47,6 +50,24 @@ var argumentValidation = {
     if (!callback || !_.isFunction(callback)) {
       throw new Error('acquireToken requires a function callback parameter.');
     }
+  }, 
+
+  validateUserCodeInfo : function(userCodeInfo) {
+     if (!userCodeInfo){
+        throw new Error('The userCodeInfo parameter is required');
+     }
+
+     if (!userCodeInfo.hasOwnProperty(UserCodeResponseFields.DEVICE_CODE)){
+        throw new Error('The userCodeInfo is missing device_code');
+     }
+
+     if (!userCodeInfo.hasOwnProperty(UserCodeResponseFields.INTERVAL)){
+        throw new Error('The userCodeInfo is missing interval');
+     }
+
+     if (!userCodeInfo.hasOwnProperty(UserCodeResponseFields.EXPIRES_IN)){
+        throw new Error('The userCodeInfo is missing expires_in');
+     }
   }
 };
 

lib/authentication-context.js

@@ -23,10 +23,11 @@
 var argument = require('./argument');
 var Authority = require('./authority').Authority;
 var TokenRequest = require('./token-request');
+var CodeRequest = require('./code-request');
 var createLogContext = require('./log').createLogContext;
 var MemoryCache = require('./memory-cache');
 var util = require('./util');
-
+var constants = require('./constants');
 
 var globalADALOptions = {};
 var globalCache = new MemoryCache();
@@ -93,6 +94,7 @@ function AuthenticationContext(authority, validateAuthority, cache) {
   this._correlationId = null;
   this._callContext = { options : globalADALOptions };
   this._cache = cache || globalCache;
+  this._tokenRequestWithUserCode = {};
 }
 
 /**
@@ -202,6 +204,19 @@ AuthenticationContext.prototype._acquireToken = function(callback, tokenFunction
   });
 };
 
+AuthenticationContext.prototype._acquireUserCode = function (callback, codeFunction) { 
+    var self = this;
+    this._callContext._logContext = createLogContext(this.correlationId);
+    this._authority.validate(this._callContext, function (err) { 
+        if (err) { 
+            callback(err);
+            return;
+        } 
+
+        codeFunction.call(self);
+    });
+};
+
 /**
  * Gets a token for a given resource.
  * @param {string}   resource                            A URI that identifies the resource for which the token is valid.
@@ -360,6 +375,80 @@ AuthenticationContext.prototype.acquireTokenWithClientCertificate = function(res
   });
 };
 
+/**
+ * Gets the userCodeInfo which contains user_code, device_code for authenticating user on device. 
+ * @param  {string}   resource                            A URI that identifies the resource for which the device_code and user_code is valid for.
+ * @param  {string}   clientId                            The OAuth client id of the calling application.
+ * @param  {string}   language                            The language code specifying how the message should be localized to. 
+ * @param  {AcquireTokenCallback}   callback              The callback function.
+ */
+AuthenticationContext.prototype.acquireUserCode = function(resource, clientId, language, callback) { 
+    argument.validateCallbackType(callback);
+    
+    try { 
+        argument.validateStringParameter(resource, 'resource');
+        argument.validateStringParameter(clientId, 'clientId');
+    } catch (err) { 
+        callback(err);
+        return;
+    }    
+
+    this._acquireUserCode(callback, function () { 
+        var codeRequest = new CodeRequest(this._callContext, this, clientId, resource);
+        codeRequest.getUserCodeInfo(language, callback);   
+    });
+};
+
+/**
+ * Gets a new access token using via a device code. 
+ * @param  {string}   clientId                            The OAuth client id of the calling application.
+ * @param  {object}   userCodeInfo                        Contains device_code, retry interval, and expire time for the request for get the token. 
+ * @param  {AcquireTokenCallback}   callback              The callback function.
+ */
+AuthenticationContext.prototype.acquireTokenWithDeviceCode = function(resource, clientId, userCodeInfo, callback){
+    argument.validateCallbackType(callback);
+
+    try{
+       argument.validateUserCodeInfo(userCodeInfo);
+    } catch (err) {
+       callback(err);
+       return;
+    }
+
+    var self = this;
+    this._acquireToken(callback, function() {
+        var tokenRequest = new TokenRequest(this._callContext, this, clientId, resource, null);
+        self._tokenRequestWithUserCode[userCodeInfo[constants.OAuth2.DeviceCodeResponseParameters.DEVICE_CODE]] = tokenRequest;
+        tokenRequest.getTokenWithDeviceCode(userCodeInfo, callback); 
+    })
+};
+
+/**
+ * Cancels the polling request to get token with device code. 
+ * @param  {object}   userCodeInfo                        Contains device_code, retry interval, and expire time for the request for get the token. 
+ * @param  {AcquireTokenCallback}   callback              The callback function.
+ */
+AuthenticationContext.prototype.cancelRequestToGetTokenWithDeviceCode = function (userCodeInfo, callback) {
+    argument.validateCallbackType(callback);
+
+    try {
+       argument.validateUserCodeInfo(userCodeInfo);
+    } catch (err) {
+       callback(err);
+       return;
+    }
+
+    if (!this._tokenRequestWithUserCode || !this._tokenRequestWithUserCode[userCodeInfo[constants.OAuth2.DeviceCodeResponseParameters.DEVICE_CODE]]) {
+       callback(new Error('No acquireTokenWithDeviceCodeRequest existed to be cancelled')); 
+       return;
+    }
+
+    var tokenRequestToBeCancelled = this._tokenRequestWithUserCode[userCodeInfo[constants.OAuth2.DeviceCodeResponseParameters.DEVICE_CODE]];
+    tokenRequestToBeCancelled.cancelTokenRequestWithDeviceCode();
+
+    delete this._tokenRequestWithUserCode[constants.OAuth2.DeviceCodeResponseParameters.DEVICE_CODE];
+};
+
 var exports = {
   AuthenticationContext : AuthenticationContext,
   setGlobalADALOptions : function(options) {

lib/authority.js

@@ -49,6 +49,7 @@ function Authority(authorityUrl, validateAuthority) {
 
   this._authorizationEndpoint = null;
   this._tokenEndpoint = null;
+  this._deviceCodeEndpoint = null;
 }
 
 /**
@@ -77,6 +78,12 @@ Object.defineProperty(Authority.prototype, 'tokenEndpoint', {
   }
 });
 
+Object.defineProperty(Authority.prototype, 'deviceCodeEndpoint', {
+    get: function() {
+        return this._deviceCodeEndpoint;
+    }
+});
+
 /**
  * Checks the authority url to ensure that it meets basic requirements such as being over SSL.  If it does not then
  * this method will throw if any of the checks fail.
@@ -214,12 +221,19 @@ Authority.prototype._validateViaInstanceDiscovery = function(callback) {
  * @param {Authority.GetOauthEndpointsCallback}  callback  The callback function.
  */
 Authority.prototype._getOAuthEndpoints = function(tenantDiscoveryEndpoint, callback) {
-  if (this._tokenEndpoint) {
+  if (this._tokenEndpoint && this._deviceCodeEndpoint) {
     callback();
     return;
   } else {
     // fallback to the well known token endpoint path.
-    this._tokenEndpoint = url.format(this._url) + AADConstants.TOKEN_ENDPOINT_PATH;
+    if (!this._tokenEndpoint){
+       this._tokenEndpoint = url.format(this._url) + AADConstants.TOKEN_ENDPOINT_PATH;
+    }
+
+    if (!this._deviceCodeEndpoint){
+       this._deviceCodeEndpoint = url.format(this._url) + AADConstants.DEVICE_ENDPOINT_PATH;
+    }
+    
     callback();
     return;
   }

lib/code-request.js

@@ -0,0 +1,99 @@
+/*
+ * @copyright
+ * Copyright © Microsoft Open Technologies, Inc.
+ *
+ * All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http: *www.apache.org/licenses/LICENSE-2.0
+ *
+ * THIS CODE IS PROVIDED *AS IS* BASIS, WITHOUT WARRANTIES OR CONDITIONS
+ * OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION
+ * ANY IMPLIED WARRANTIES OR CONDITIONS OF TITLE, FITNESS FOR A
+ * PARTICULAR PURPOSE, MERCHANTABILITY OR NON-INFRINGEMENT.
+ *
+ * See the Apache License, Version 2.0 for the specific language
+ * governing permissions and limitations under the License.
+ */
+'use strict';
+
+var constants = require('./constants');
+var Logger = require('./log').Logger;
+var Mex = require('./mex');
+var OAuth2Client = require('./oauth2client');
+
+var OAuth2Parameters = constants.OAuth2.Parameters;
+var TokenResponseFields = constants.TokenResponseFields;
+var OAuth2GrantType = constants.OAuth2.GrantType;
+var OAuth2Scope = constants.OAuth2.Scope;
+
+/**
+ * Constructs a new CodeRequest object.
+ * @constructor
+ * @private
+ * @param {object} callContext Contains any context information that applies to the request.
+ * @param {AuthenticationContext} authenticationContext
+ * @param {string} resource
+ * @param {string} clientId
+ */
+// TODO: probably need to modify the parameter list. 
+function CodeRequest(callContext, authenticationContext, clientId, resource) {
+    this._log = new Logger('DeviceCodeRequest', callContext._logContext);
+    this._callContext = callContext;
+    this._authenticationContext = authenticationContext;
+    this._resource = resource;
+    this._clientId = clientId;
+    
+    // This should be set at the beginning of getToken
+    // functions that have a userId.
+    this._userId = null;
+};
+
+/**
+ * Get user code info. 
+ * @private
+ * @param {object} oauthParameters containing all the parameters needed to get the user code info. 
+ * @param {callback} callback
+ */
+CodeRequest.prototype._getUserCodeInfo = function (oauthParameters, callback) {
+   var oauth2Client = this._createOAuth2Client();
+   oauth2Client.getUserCodeInfo(oauthParameters, callback);
+};
+
+CodeRequest.prototype._createOAuth2Client = function () {
+    return new OAuth2Client(this._callContext, this._authenticationContext._authority);
+};
+
+/**
+ * Creates a set of basic, common, OAuthParameters based on values that the CodeRequest was created with.
+ * @private
+ * @return {object} containing all the basic parameters. 
+ */
+CodeRequest.prototype._createOAuthParameters = function () {
+    var oauthParameters = {};
+    
+    oauthParameters[OAuth2Parameters.CLIENT_ID] = this._clientId;
+    oauthParameters[OAuth2Parameters.RESOURCE] = this._resource;
+
+    return oauthParameters;
+};
+
+/**
+ * Get the user code information. 
+ * @param {string} language optional parameter used to get the user code info. 
+ * @param {callback} callback
+ */
+CodeRequest.prototype.getUserCodeInfo = function(language, callback) {
+    this._log.info('Getting user code info.');
+
+    var oauthParameters = this._createOAuthParameters();
+    if (language){
+       oauthParameters[OAuth2Parameters.LANGUAGE] = language;
+    }
+
+    this._getUserCodeInfo(oauthParameters, callback);
+};
+module.exports = CodeRequest;

lib/constants.js

@@ -36,7 +36,9 @@ var Constants = {
         AAD_API_VERSION : 'api-version',
         USERNAME : 'username',
         PASSWORD : 'password',
-        REFRESH_TOKEN : 'refresh_token'
+        REFRESH_TOKEN : 'refresh_token', 
+        LANGUAGE : 'mkt', 
+        DEVICE_CODE : 'device_code', 
       },
 
       GrantType : {
@@ -46,7 +48,8 @@ var Constants = {
         JWT_BEARER : 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',
         PASSWORD : 'password',
         SAML1 : 'urn:ietf:params:oauth:grant-type:saml1_1-bearer',
-        SAML2 : 'urn:ietf:params:oauth:grant-type:saml2-bearer'
+        SAML2 : 'urn:ietf:params:oauth:grant-type:saml2-bearer',
+        DEVICE_CODE: 'device_code'
       },
 
       ResponseParameters : {
@@ -63,6 +66,17 @@ var Constants = {
         ERROR_DESCRIPTION : 'error_description'
       },
 
+      DeviceCodeResponseParameters : {
+         USER_CODE : 'user_code', 
+         DEVICE_CODE : 'device_code', 
+         VERIFICATION_URL : 'verification_url',
+         EXPIRES_IN : 'expires_in', 
+         INTERVAL: 'interval', 
+         MESSAGE: 'message', 
+         ERROR: 'error', 
+         ERROR_DESCRIPTION: 'error_description'
+      },
+
       Scope : {
         OPENID : 'openid'
       },
@@ -88,6 +102,17 @@ var Constants = {
       ERROR_DESCRIPTION : 'errorDescription'
     },
 
+    UserCodeResponseFields : {
+        USER_CODE : 'user_code', 
+        DEVICE_CODE: 'device_code', 
+        VERIFICATION_URL: 'verification_url',
+        EXPIRES_IN: 'expires_in', 
+        INTERVAL: 'interval', 
+        MESSAGE: 'message', 
+        ERROR: 'error', 
+        ERROR_DESCRIPTION: 'error_description'
+    },
+
     IdTokenFields : {
       USER_ID : 'userId',
       IS_USER_ID_DISPLAYABLE : 'isUserIdDisplayable',
@@ -117,7 +142,8 @@ var Constants = {
       WELL_KNOWN_AUTHORITY_HOSTS : ['login.windows.net', 'login.microsoftonline.com', 'login.chinacloudapi.cn', 'login.cloudgovapi.us'],
       INSTANCE_DISCOVERY_ENDPOINT_TEMPLATE : 'https://{authorize_host}/common/discovery/instance?authorization_endpoint={authorize_endpoint}&api-version=1.0',
       AUTHORIZE_ENDPOINT_PATH : '/oauth2/authorize',
-      TOKEN_ENDPOINT_PATH : '/oauth2/token'
+      TOKEN_ENDPOINT_PATH : '/oauth2/token', 
+      DEVICE_ENDPOINT_PATH : '/oauth2/devicecode'
     },
 
     UserRealm : {