in CredentialProvider.Microsoft/CredentialProviders/Vsts/VstsSessionTokenClient.cs [61:114]
public async Task<string> CreateSessionTokenAsync(VstsTokenType tokenType, DateTime validTo, CancellationToken cancellationToken)
{
var spsEndpoint = await authUtil.GetAuthorizationEndpoint(vstsUri, cancellationToken);
if (spsEndpoint == null)
{
return null;
}
var uriBuilder = new UriBuilder(spsEndpoint)
{
Query = $"tokenType={tokenType}&api-version=5.0-preview.1"
};
uriBuilder.Path = uriBuilder.Path.TrimEnd('/') + "/_apis/Token/SessionTokens";
var httpClient = HttpClientFactory.Default.GetHttpClient();
using (var request = CreateRequest(uriBuilder.Uri, validTo))
using (var response = await httpClient.SendAsync(request, cancellationToken))
{
logger.LogResponse(NuGet.Common.LogLevel.Verbose, true, response);
string serializedResponse;
if (response.StatusCode == System.Net.HttpStatusCode.BadRequest)
{
request.Dispose();
response.Dispose();
logger.Log(NuGet.Common.LogLevel.Verbose, true, "Re-trying with service-defined valid-time.");
using (var request2 = CreateRequest(uriBuilder.Uri, validTo: null))
using(var response2 = await httpClient.SendAsync(request2, cancellationToken))
{
response2.EnsureSuccessStatusCode();
logger.LogResponse(NuGet.Common.LogLevel.Verbose, true, response2);
serializedResponse = await response2.Content.ReadAsStringAsync();
}
}
else
{
response.EnsureSuccessStatusCode();
serializedResponse = await response.Content.ReadAsStringAsync();
}
var responseToken = JsonSerializer.Deserialize<VstsSessionToken>(serializedResponse, options);
if (validTo.Subtract(responseToken.ValidTo.Value).TotalHours > 1.0)
{
logger.Log(NuGet.Common.LogLevel.Information, true, $"Requested {validTo} but received {responseToken.ValidTo}");
}
return responseToken.Token;
}
}