Merge pull request #498 from AzureAD/4gust/auth-response-isfromcache

Added a new variable in AuthRepsonse "AuthResultMetadata" and "TokenSouce"
AzureAD · Aug 22, 2024 · 4961ef9 · 4961ef9
2 parents 004301c + 74e2997
commit 4961ef9
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 1 deletion.
diff --git a/apps/internal/base/base.go b/apps/internal/base/base.go
@@ -89,8 +89,23 @@ type AuthResult struct {
 	ExpiresOn      time.Time
 	GrantedScopes  []string
 	DeclinedScopes []string
+	Metadata       AuthResultMetadata
 }
 
+// AuthResultMetadata which contains meta data for the AuthResult
+type AuthResultMetadata struct {
+	TokenSource TokenSource
+}
+
+type TokenSource int
+
+// These are all the types of token flows.
+const (
+	SourceUnknown    TokenSource = 0
+	IdentityProvider TokenSource = 1
+	Cache            TokenSource = 2
+)
+
 // AuthResultFromStorage creates an AuthResult from a storage token response (which is generated from the cache).
 func AuthResultFromStorage(storageTokenResponse storage.TokenResponse) (AuthResult, error) {
 	if err := storageTokenResponse.AccessToken.Validate(); err != nil {
@@ -109,7 +124,17 @@ func AuthResultFromStorage(storageTokenResponse storage.TokenResponse) (AuthResu
 			return AuthResult{}, fmt.Errorf("problem decoding JWT token: %w", err)
 		}
 	}
-	return AuthResult{account, idToken, accessToken, storageTokenResponse.AccessToken.ExpiresOn.T, grantedScopes, nil}, nil
+	return AuthResult{
+		Account:        account,
+		IDToken:        idToken,
+		AccessToken:    accessToken,
+		ExpiresOn:      storageTokenResponse.AccessToken.ExpiresOn.T,
+		GrantedScopes:  grantedScopes,
+		DeclinedScopes: nil,
+		Metadata: AuthResultMetadata{
+			TokenSource: Cache,
+		},
+	}, nil
 }
 
 // NewAuthResult creates an AuthResult.
@@ -123,6 +148,9 @@ func NewAuthResult(tokenResponse accesstokens.TokenResponse, account shared.Acco
 		AccessToken:   tokenResponse.AccessToken,
 		ExpiresOn:     tokenResponse.ExpiresOn.T,
 		GrantedScopes: tokenResponse.GrantedScopes.Slice,
+		Metadata: AuthResultMetadata{
+			TokenSource: IdentityProvider,
+		},
 	}, nil
 }
 

diff --git a/apps/internal/base/base_test.go b/apps/internal/base/base_test.go
@@ -344,6 +344,9 @@ func TestCreateAuthenticationResult(t *testing.T) {
 				ExpiresOn:      future,
 				GrantedScopes:  []string{"user.read"},
 				DeclinedScopes: nil,
+				Metadata: AuthResultMetadata{
+					TokenSource: IdentityProvider,
+				},
 			},
 		},
 		{
@@ -416,6 +419,9 @@ func TestAuthResultFromStorage(t *testing.T) {
 				},
 				ExpiresOn:     future,
 				GrantedScopes: []string{"profile", "openid", "user.read"},
+				Metadata: AuthResultMetadata{
+					TokenSource: Cache,
+				},
 			},
 		},
 	}