in core/src/main/java/com/microsoft/alm/auth/BaseAuthenticator.java [223:275]
public E retrieve(final String key, final SecretStore<E> store,
final PromptBehavior promptBehavior) {
logger.debug("Retrieving secret with key: {}, and prompt behavior: {}.", key, promptBehavior.name());
E secret = null;
if (promptBehavior != PromptBehavior.ALWAYS) {
// Not ALWAYS prompt, so let's read from the store for any cached secret
logger.debug("Reading secret from store for key: {}", key);
secret = readFromStore(key, store);
if (secret != null) {
final AtomicReference<E> secretHolder = new AtomicReference<E>();
secretHolder.set(secret);
// Verify this secret is valid
if (tryGetValidated(secret, secretHolder)) {
final E validatedSecret = secretHolder.get();
// The secret maybe different now, e.g. we could use the refresh token to generate
// a new Access Token
if (!validatedSecret.equals(secret)) {
store.delete(key);
store.add(key, validatedSecret);
secret = validatedSecret;
}
} else {
secret = null;
// Remove the invalid secret from store
store.delete(key);
}
}
}
if (promptBehavior == PromptBehavior.NEVER) {
// NEVER prompt, return what we got from the store and call it done
logger.debug("Returning whatever we retrieved from the store, do not prompt.");
return secret;
}
if (promptBehavior == PromptBehavior.ALWAYS
|| (secret == null && promptBehavior == PromptBehavior.AUTO)) {
// Either ALWAYS prompt, or we don't have any secret cached for this key
// AUTO-retrieves when necessary
logger.debug("Retrieving secret.");
secret = doRetrieve();
// Store it so we don't have to retrieve again
store(key, store, secret);
}
return secret;
}