Ejemplo n.º 1
0
        public async Task ValidateAzureKeyCredentialDirectModeUpdateAsync()
        {
            string authKey  = ConfigurationManager.AppSettings["MasterKey"];
            string endpoint = ConfigurationManager.AppSettings["GatewayEndpoint"];

            AzureKeyCredential masterKeyCredential = new AzureKeyCredential(authKey);

            using (CosmosClient client = new CosmosClient(
                       endpoint,
                       masterKeyCredential))
            {
                string databaseName = Guid.NewGuid().ToString();

                try
                {
                    Cosmos.Database database        = client.GetDatabase(databaseName);
                    ResponseMessage responseMessage = await database.ReadStreamAsync();

                    Assert.AreEqual(HttpStatusCode.NotFound, responseMessage.StatusCode);

                    {
                        // Random key: Next set of actions are expected to fail => 401 (UnAuthorized)
                        masterKeyCredential.Update(Convert.ToBase64String(Encoding.UTF8.GetBytes(Guid.NewGuid().ToString())));

                        responseMessage = await database.ReadStreamAsync();

                        Assert.AreEqual(HttpStatusCode.Unauthorized, responseMessage.StatusCode);

                        string diagnostics = responseMessage.Diagnostics.ToString();
                        Assert.IsTrue(diagnostics.Contains("AuthProvider LifeSpan InSec"), diagnostics.ToString());
                    }

                    {
                        // Resetting back to master key => 404 (NotFound)
                        masterKeyCredential.Update(authKey);
                        responseMessage = await database.ReadStreamAsync();

                        Assert.AreEqual(HttpStatusCode.NotFound, responseMessage.StatusCode);
                    }


                    // Test with resource token interchageability
                    masterKeyCredential.Update(authKey);
                    database = await client.CreateDatabaseAsync(databaseName);

                    string            containerId       = Guid.NewGuid().ToString();
                    ContainerResponse containerResponse = await database.CreateContainerAsync(containerId, "/id");

                    Assert.AreEqual(HttpStatusCode.Created, containerResponse.StatusCode);


                    {
                        // Resource token with ALL permissoin's
                        string       userId       = Guid.NewGuid().ToString();
                        UserResponse userResponse = await database.CreateUserAsync(userId);

                        Cosmos.User user = userResponse.User;
                        Assert.AreEqual(HttpStatusCode.Created, userResponse.StatusCode);
                        Assert.AreEqual(userId, user.Id);

                        string permissionId = Guid.NewGuid().ToString();
                        PermissionProperties permissionProperties = new PermissionProperties(permissionId, Cosmos.PermissionMode.All, client.GetContainer(databaseName, containerId));
                        PermissionResponse   permissionResponse   = await database.GetUser(userId).CreatePermissionAsync(permissionProperties);

                        Assert.AreEqual(HttpStatusCode.Created, permissionResponse.StatusCode);
                        Assert.AreEqual(permissionId, permissionResponse.Resource.Id);
                        Assert.AreEqual(Cosmos.PermissionMode.All, permissionResponse.Resource.PermissionMode);
                        Assert.IsNotNull(permissionResponse.Resource.Token);
                        SelflinkValidator.ValidatePermissionSelfLink(permissionResponse.Resource.SelfLink);

                        // Valdiate ALL on contianer
                        masterKeyCredential.Update(permissionResponse.Resource.Token);
                        ToDoActivity item = ToDoActivity.CreateRandomToDoActivity();

                        Cosmos.Container container = client.GetContainer(databaseName, containerId);

                        responseMessage = await container.ReadContainerStreamAsync();

                        Assert.AreEqual(HttpStatusCode.OK, responseMessage.StatusCode);

                        responseMessage = await container.CreateItemStreamAsync(TestCommon.SerializerCore.ToStream(item), new Cosmos.PartitionKey(item.id));

                        Assert.AreEqual(HttpStatusCode.Created, responseMessage.StatusCode); // Read Only resorce token
                    }

                    // Reset to master key for new permission creation
                    masterKeyCredential.Update(authKey);

                    {
                        // Resource token with Read-ONLY permissoin's
                        string       userId       = Guid.NewGuid().ToString();
                        UserResponse userResponse = await database.CreateUserAsync(userId);

                        Cosmos.User user = userResponse.User;
                        Assert.AreEqual(HttpStatusCode.Created, userResponse.StatusCode);
                        Assert.AreEqual(userId, user.Id);

                        string permissionId = Guid.NewGuid().ToString();
                        PermissionProperties permissionProperties = new PermissionProperties(permissionId, Cosmos.PermissionMode.Read, client.GetContainer(databaseName, containerId));
                        PermissionResponse   permissionResponse   = await database.GetUser(userId).CreatePermissionAsync(permissionProperties);

                        //Backend returns Created instead of OK
                        Assert.AreEqual(HttpStatusCode.Created, permissionResponse.StatusCode);
                        Assert.AreEqual(permissionId, permissionResponse.Resource.Id);
                        Assert.AreEqual(Cosmos.PermissionMode.Read, permissionResponse.Resource.PermissionMode);

                        // Valdiate read on contianer
                        masterKeyCredential.Update(permissionResponse.Resource.Token);
                        ToDoActivity item = ToDoActivity.CreateRandomToDoActivity();

                        Cosmos.Container container = client.GetContainer(databaseName, containerId);

                        responseMessage = await container.ReadContainerStreamAsync();

                        Assert.AreEqual(HttpStatusCode.OK, responseMessage.StatusCode);

                        responseMessage = await container.CreateItemStreamAsync(TestCommon.SerializerCore.ToStream(item), new Cosmos.PartitionKey(item.id));

                        Assert.AreEqual(HttpStatusCode.Forbidden, responseMessage.StatusCode); // Read Only resorce token
                    }

                    {
                        // Reset to master key for new permission creation
                        masterKeyCredential.Update(Convert.ToBase64String(Encoding.UTF8.GetBytes(Guid.NewGuid().ToString())));

                        ToDoActivity     item      = ToDoActivity.CreateRandomToDoActivity();
                        Cosmos.Container container = client.GetContainer(databaseName, containerId);

                        responseMessage = await container.CreateItemStreamAsync(TestCommon.SerializerCore.ToStream(item), new Cosmos.PartitionKey(item.id));

                        Assert.AreEqual(HttpStatusCode.Unauthorized, responseMessage.StatusCode); // Read Only resorce token

                        string diagnostics = responseMessage.Diagnostics.ToString();
                        Assert.IsTrue(diagnostics.Contains("AuthProvider LifeSpan InSec"), diagnostics.ToString());
                    }
                }
                finally
                {
                    // Reset to master key for clean-up
                    masterKeyCredential.Update(authKey);
                    await TestCommon.DeleteDatabaseAsync(client, client.GetDatabase(databaseName));
                }
            }
        }