public void Validate(LabRequest request, out LabResponse response)
{
bool isHavePrivilege = true;
response = new LabResponse();
try
{
if (request.Data.FormMedicalID == 0)
{
errorFields.Add("Form Medical ID");
}
if (request.Data.LabItemsId.Count == 0)
{
errorFields.Add("Lab Item");
}
if (errorFields.Any())
{
response.Status = false;
response.Message = string.Format(Messages.ValidationErrorFields, String.Join(",", errorFields));
}
//cek is lab item inside form nedical Id already filled
var _qryFormExamineLab = _unitOfWork.RegistrationRepository.GetFirstOrDefault(x => x.FormMedicalID == request.Data.FormMedicalID);
if (_qryFormExamineLab != null)
{
if (_qryFormExamineLab.Status == (int)RegistrationStatusEnum.Finish)
{
response.Status = false;
response.Message = Messages.LabItemCannotChange;
}
}
isHavePrivilege = IsHaveAuthorization(ADD_PRIVILEGE_NAME, request.Data.Account.Privileges.PrivilegeIDs);
if (!isHavePrivilege)
{
response.Status = false;
response.Message = Messages.UnauthorizedAccess;
}
}
catch (Exception ex)
{
response.Status = false;
response.Message = ex.Message;
}
if (response.Status)
{
response = new LabHandler(_unitOfWork, _context).CreateOrEdit(request);
}
}
/// <summary>
/// Runs through the B2C acquire token silent flow with local account
/// </summary>
/// <param name="controller">The test framework that will execute the test interaction</param>
public void B2CLocalAccountAcquireTokenSilentTest(
ITestController controller,
LabResponse labResponse,
string testToRun)
{
B2CLocalAccountAcquireTokenInteractiveTestHelper(
controller,
labResponse,
testToRun);
VerifyResult(controller);
}
public static async Task <IAccount> AssertSingleAccountAsync(
LabResponse labResponse,
IPublicClientApplication pca,
AuthenticationResult result)
{
Assert.IsFalse(string.IsNullOrWhiteSpace(result.AccessToken));
var account = (await pca.GetAccountsAsync().ConfigureAwait(false)).Single();
Assert.AreEqual(labResponse.User.HomeUPN, account.Username);
return(account);
}
/// <summary>
/// Runs through the standard acquire token flow, using the login prompt behavior. The ui behavior of "login" is used by default.
/// </summary>
/// <param name="controller">The test framework that will execute the test interaction</param>
public void AcquireTokenTestHelper(
ITestController controller,
LabResponse labResponse,
string testToRun)
{
PerformSignInFlow(
controller,
labResponse.User,
testToRun);
VerifyResult(controller);
}
public async Task MultiUserCacheCompatabilityTestAsync()
{
// Arrange
//Acquire AT for default lab account
LabResponse labResponseDefault = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false);
AuthenticationResult defaultAccountResult = await RunTestForUserAsync(labResponseDefault).ConfigureAwait(false);
//Acquire AT for ADFS 2019 account
LabResponse labResponseFederated = await LabUserHelper.GetAdfsUserAsync(FederationProvider.ADFSv2019, true).ConfigureAwait(false);
var federatedAccountResult = await RunTestForUserAsync(labResponseFederated, false).ConfigureAwait(false);
//Acquire AT for MSA account
LabResponse labResponseMsa = await LabUserHelper.GetMsaUserAsync().ConfigureAwait(false);
labResponseMsa.App.AppId = LabApiConstants.MSAOutlookAccountClientID;
var msaAccountResult = await RunTestForUserAsync(labResponseMsa).ConfigureAwait(false);
PublicClientApplication pca = PublicClientApplicationBuilder.Create(labResponseDefault.App.AppId).BuildConcrete();
AuthenticationResult authResult = await pca.AcquireTokenSilent(new[] { CoreUiTestConstants.DefaultScope }, defaultAccountResult.Account)
.ExecuteAsync()
.ConfigureAwait(false);
Assert.IsNotNull(authResult);
Assert.IsNotNull(authResult.AccessToken);
Assert.IsNotNull(authResult.IdToken);
TestCommon.ValidateNoKerberosTicketFromAuthenticationResult(authResult);
pca = PublicClientApplicationBuilder.Create(labResponseFederated.App.AppId).BuildConcrete();
authResult = await pca.AcquireTokenSilent(new[] { CoreUiTestConstants.DefaultScope }, federatedAccountResult.Account)
.ExecuteAsync()
.ConfigureAwait(false);
Assert.IsNotNull(authResult);
Assert.IsNotNull(authResult.AccessToken);
Assert.IsNull(authResult.IdToken);
TestCommon.ValidateNoKerberosTicketFromAuthenticationResult(authResult);
pca = PublicClientApplicationBuilder.Create(LabApiConstants.MSAOutlookAccountClientID).BuildConcrete();
authResult = await pca.AcquireTokenSilent(new[] { CoreUiTestConstants.DefaultScope }, msaAccountResult.Account)
.ExecuteAsync()
.ConfigureAwait(false);
Assert.IsNotNull(authResult);
Assert.IsNotNull(authResult.AccessToken);
Assert.IsNull(authResult.IdToken);
TestCommon.ValidateNoKerberosTicketFromAuthenticationResult(authResult);
}
public async Task Interactive_Arlington_MultiCloudSupport_AADAsync()
{
// Arrange
LabResponse labResponse = await LabUserHelper.GetArlingtonUserAsync().ConfigureAwait(false);
IPublicClientApplication pca = PublicClientApplicationBuilder
.Create(labResponse.App.AppId)
.WithRedirectUri(SeleniumWebUI.FindFreeLocalhostRedirectUri())
.WithAuthority("https://login.microsoftonline.com/common")
.WithMultiCloudSupport(true)
.WithTestLogging()
.Build();
Trace.WriteLine("Part 1 - Acquire a token interactively");
AuthenticationResult result = await pca
.AcquireTokenInteractive(s_scopes)
.WithCustomWebUi(CreateSeleniumCustomWebUI(labResponse.User, Prompt.SelectAccount, false))
.ExecuteAsync(new CancellationTokenSource(_interactiveAuthTimeout).Token)
.ConfigureAwait(false);
Assert.IsNotNull(result);
Assert.IsNotNull(result.Account);
Assert.IsNotNull(result.Account.GetTenantProfiles());
Assert.IsTrue(result.Account.GetTenantProfiles().Any());
Assert.AreEqual(labResponse.User.Upn, result.Account.Username);
Assert.IsTrue(labResponse.Lab.Authority.Contains(result.Account.Environment));
Trace.WriteLine("Part 2 - Get Accounts");
var accounts = await pca.GetAccountsAsync().ConfigureAwait(false);
Assert.IsNotNull(accounts);
Assert.IsNotNull(accounts.Single());
var account = accounts.Single();
Assert.IsNotNull(account.GetTenantProfiles());
Assert.IsTrue(account.GetTenantProfiles().Any());
Assert.AreEqual(labResponse.User.Upn, account.Username);
Assert.AreEqual("login.microsoftonline.us", account.Environment);
Trace.WriteLine("Part 3 - Acquire a token silently");
result = await pca
.AcquireTokenSilent(s_scopes, result.Account)
.ExecuteAsync(CancellationToken.None)
.ConfigureAwait(false);
Assert.IsNotNull(result);
Assert.IsNotNull(result.Account);
Assert.IsNotNull(result.Account.GetTenantProfiles());
Assert.IsTrue(result.Account.GetTenantProfiles().Any());
Assert.IsTrue(labResponse.Lab.Authority.Contains(result.Account.Environment));
}
private async Task CreateSSHCertTestAsync(LabResponse labResponse)
{
IPublicClientApplication pca = PublicClientApplicationBuilder
.Create(labResponse.App.AppId)
.WithRedirectUri(SeleniumWebUI.FindFreeLocalhostRedirectUri())
.Build();
TokenCacheAccessRecorder userCacheAccess = pca.UserTokenCache.RecordAccess();
Trace.WriteLine("Part 1 - Acquire an SSH cert interactively ");
string jwk = CreateJwk();
AuthenticationResult result = await pca
.AcquireTokenInteractive(s_scopes)
.WithCustomWebUi(CreateSeleniumCustomWebUI(labResponse.User, Prompt.ForceLogin))
.WithSSHCertificateAuthenticationScheme(jwk, "key1")
.WithExtraQueryParameters(GetTestSliceParams()) // TODO: remove this once feature is in PROD
.ExecuteAsync(new CancellationTokenSource(_interactiveAuthTimeout).Token)
.ConfigureAwait(false);
userCacheAccess.AssertAccessCounts(0, 1);
Assert.AreEqual("ssh-cert", result.TokenType);
IAccount account = await MsalAssert.AssertSingleAccountAsync(labResponse, pca, result).ConfigureAwait(false);
userCacheAccess.AssertAccessCounts(1, 1); // the assert calls GetAccounts
Trace.WriteLine("Part 2 - Acquire a token silent with the same keyID - should be served from the cache");
result = await pca
.AcquireTokenSilent(s_scopes, account)
.WithSSHCertificateAuthenticationScheme(jwk, "key1")
.WithExtraQueryParameters(GetTestSliceParams()) // TODO: remove this once feature is in PROD
.ExecuteAsync(new CancellationTokenSource(_interactiveAuthTimeout).Token)
.ConfigureAwait(false);
userCacheAccess.AssertAccessCounts(2, 1);
account = await MsalAssert.AssertSingleAccountAsync(labResponse, pca, result).ConfigureAwait(false);
userCacheAccess.AssertAccessCounts(3, 1);
Trace.WriteLine("Part 3 - Acquire a token silent with a different keyID - should not sbe served from the cache");
result = await pca
.AcquireTokenSilent(s_scopes, account)
.WithSSHCertificateAuthenticationScheme(jwk, "key2")
.WithExtraQueryParameters(GetTestSliceParams()) // TODO: remove this once feature is in PROD
.ExecuteAsync(new CancellationTokenSource(_interactiveAuthTimeout).Token)
.ConfigureAwait(false);
Assert.AreEqual("ssh-cert", result.TokenType);
userCacheAccess.AssertAccessCounts(4, 2);
await MsalAssert.AssertSingleAccountAsync(labResponse, pca, result).ConfigureAwait(false);
}
/// <summary>
/// Runs through the B2C acquire token silent flow with Facebook identity provider
/// </summary>
/// <param name="controller">The test framework that will execute the test interaction</param>
public void B2CFacebookAcquireTokenSilentTest(
ITestController controller,
LabResponse labResponse,
string testToRun)
{
PerformB2CSignInFlow(
controller,
labResponse.User,
B2CIdentityProvider.Facebook,
testToRun);
VerifyResult(controller);
}
/// <summary>
/// Runs through the B2C acquire token flow with Google Provider
/// </summary>
public void B2CGoogleAcquireTokenInteractiveTestHelper(
ITestController controller,
LabResponse labResponse,
string testToRun)
{
PerformB2CSignInFlow(
controller,
labResponse.User,
B2CIdentityProvider.Google,
testToRun);
VerifyResult(controller);
}
/// <summary>
/// Runs through the B2C acquire token ROPC flow with local acount
/// </summary>
/// <param name="controller">The test framework that will execute the test interaction</param>
public void B2CAcquireTokenROPCTest(ITestController controller, LabResponse labResponse)
{
SetB2CInputDataForROPC(controller);
controller.Tap(_acquirePageId);
controller.Tap(CoreUiTestConstants.ROPCUsernameId, XamarinSelector.ByAutomationId);
controller.EnterText(CoreUiTestConstants.ROPCUsernameId, labResponse.User.Upn, XamarinSelector.ByAutomationId);
controller.Tap(CoreUiTestConstants.ROPCPasswordId, XamarinSelector.ByAutomationId);
controller.EnterText(CoreUiTestConstants.ROPCPasswordId, labResponse.User.GetOrFetchPassword(), XamarinSelector.ByAutomationId);
controller.Tap(CoreUiTestConstants.AcquireTokenByRopcButtonId, XamarinSelector.ByAutomationId);
VerifyResult(controller);
}
public async Task Interactive_AdfsV3_FederatedAsync()
{
// Arrange
UserQuery query = new UserQuery
{
FederationProvider = FederationProvider.AdfsV4,
IsMamUser = false,
IsMfaUser = false,
IsFederatedUser = true
};
LabResponse labResponse = await LabUserHelper.GetLabUserDataAsync(query).ConfigureAwait(false);
await RunTestForUserAsync(labResponse).ConfigureAwait(false);
}
public async Task AcquireTokenFromAdfsUsernamePasswordAsync()
{
LabResponse labResponse = await LabUserHelper.GetAdfsUserAsync(FederationProvider.ADFSv2019, true).ConfigureAwait(false);
var user = labResponse.User;
SecureString securePassword = new NetworkCredential("", user.GetOrFetchPassword()).SecurePassword;
var msalPublicClient = PublicClientApplicationBuilder.Create(Adfs2019LabConstants.PublicClientId).WithAdfsAuthority(Adfs2019LabConstants.Authority).Build();
AuthenticationResult authResult = await msalPublicClient.AcquireTokenByUsernamePassword(s_scopes, user.Upn, securePassword).ExecuteAsync().ConfigureAwait(false);
Assert.IsNotNull(authResult);
Assert.IsNotNull(authResult.AccessToken);
Assert.IsNotNull(authResult.IdToken);
}
public static async Task <IAccount> AssertSingleAccountAsync(
LabResponse labResponse,
IPublicClientApplication pca,
AuthenticationResult result)
{
Assert.IsFalse(string.IsNullOrWhiteSpace(result.AccessToken));
var account = (await pca.GetAccountsAsync().ConfigureAwait(false)).Single();
Assert.IsTrue(
string.Equals(
labResponse.User.Upn,
result.Account.Username,
System.StringComparison.InvariantCultureIgnoreCase));
return(account);
}
private async Task <AuthenticationResult> RunTestForUserAsync(LabResponse labResponse, string authority)
{
var cert = await s_secretProvider.GetCertificateWithPrivateMaterialAsync(
CertificateName, KeyVaultInstance.MsalTeam).ConfigureAwait(false);
IConfidentialClientApplication cca;
string redirectUri = SeleniumWebUI.FindFreeLocalhostRedirectUri();
cca = ConfidentialClientApplicationBuilder
.Create(ConfidentialClientID)
.WithAuthority(authority)
.WithCertificate(cert)
.WithRedirectUri(redirectUri)
.WithTestLogging()
.Build();
Trace.WriteLine("Part 1 - Call GetAuthorizationRequestUrl to figure out where to go ");
var startUri = await cca
.GetAuthorizationRequestUrl(s_scopes)
.ExecuteAsync()
.ConfigureAwait(false);
Trace.WriteLine("Part 2 - Use a browser to login and to capture the authorization code ");
var seleniumUi = new SeleniumWebUI((driver) =>
{
Trace.WriteLine("Starting Selenium automation");
driver.PerformLogin(labResponse.User, Prompt.SelectAccount, false, false);
}, TestContext);
CancellationTokenSource cts = new CancellationTokenSource(s_timeout);
Uri authCodeUri = await seleniumUi.AcquireAuthorizationCodeAsync(
startUri,
new Uri(redirectUri),
cts.Token)
.ConfigureAwait(false);
var authorizationResult = AuthorizationResult.FromUri(authCodeUri.AbsoluteUri);
Assert.AreEqual(AuthorizationStatus.Success, authorizationResult.Status);
Trace.WriteLine("Part 3 - Get a token using the auth code, just like a website");
var result = await cca.AcquireTokenByAuthorizationCode(s_scopes, authorizationResult.Code)
.ExecuteAsync()
.ConfigureAwait(false);
return(result);
}
/// <summary>
/// Runs through the standard acquire token silent flow
/// </summary>
/// <param name="controller">The test framework that will execute the test interaction</param>
public void AcquireTokenSilentTestHelper(ITestController controller, LabResponse labResponse)
{
//acquire token for 1st resource
AcquireTokenInteractiveHelper(controller, labResponse, CoreUiTestConstants.UiBehaviorLogin);
VerifyResult(controller);
controller.Tap(CoreUiTestConstants.SelectUser, XamarinSelector.ByAutomationId);
controller.Tap(labResponse.User.Upn);
if (_platform == Xamarin.UITest.Platform.iOS)
{
controller.Tap("Done");
}
controller.Tap(CoreUiTestConstants.AcquireTokenSilentButtonId);
VerifyResult(controller);
}
public async Task GetTokenByAuthCode_HybridSPA_Async()
{
// Arrange
LabResponse labResponse = await LabUserHelper.GetHybridSpaAccontAsync().ConfigureAwait(false);
var result = await RunTestForUserAsync(labResponse.App.AppId, labResponse,
"https://login.microsoftonline.com/f645ad92-e38d-4d1a-b510-d1b09a74a8ca", false,
"http://localhost:3000/auth/implicit-redirect").ConfigureAwait(false);
Assert.IsNotNull(result.SpaAuthCode);
result = await RunTestForUserAsync(labResponse.App.AppId, labResponse,
"https://login.microsoftonline.com/f645ad92-e38d-4d1a-b510-d1b09a74a8ca", false,
"http://localhost:3000/auth/implicit-redirect", false).ConfigureAwait(false);
Assert.IsNull(result.SpaAuthCode);
}
private static async Task <LabUserData> GetPublicAadUserDataAsync()
{
var api = new LabServiceApi();
LabResponse labResponse = (await api.GetLabResponseFromApiAsync(UserQuery.PublicAadUserQuery).ConfigureAwait(false));
return(new LabUserData(
labResponse.User.Upn,
labResponse.User.GetOrFetchPassword(),
labResponse.User.AppId,
labResponse.User.TenantId));
//return new LabUserData(
// "user",
// "",
// "1d18b3b0-251b-4714-a02a-9956cec86c2d",
// "49f548d0-12b7-4169-a390-bb5304d24462");
}
[Timeout(1 * 60 * 1000)] // 1 min timeout
public async Task DeviceCodeFlowTestAsync()
{
LabResponse labResponse = LabUserHelper.GetDefaultUser();
Trace.WriteLine("Calling AcquireTokenWithDeviceCodeAsync");
PublicClientApplication pca = new PublicClientApplication(labResponse.AppId);
var result = await pca.AcquireTokenWithDeviceCodeAsync(Scopes, deviceCodeResult =>
{
RunAutomatedDeviceCodeFlow(deviceCodeResult, labResponse.User);
return(Task.FromResult(0));
}).ConfigureAwait(false);
Trace.WriteLine("Running asserts");
Assert.IsNotNull(result);
Assert.IsTrue(!string.IsNullOrEmpty(result.AccessToken));
}
[Timeout(1 * 60 * 1000)] // 1 min timeout
public async Task DeviceCodeFlowTestAsync()
{
LabResponse labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false);
Trace.WriteLine("Calling AcquireTokenWithDeviceCodeAsync");
var pca = PublicClientApplicationBuilder.Create(labResponse.AppId).Build();
var result = await pca.AcquireTokenWithDeviceCode(s_scopes, deviceCodeResult =>
{
RunAutomatedDeviceCodeFlow(deviceCodeResult, labResponse.User);
return(Task.FromResult(0));
}).ExecuteAsync(CancellationToken.None).ConfigureAwait(false);
Trace.WriteLine("Running asserts");
Assert.IsNotNull(result);
Assert.IsTrue(!string.IsNullOrEmpty(result.AccessToken));
}
public LabResponse GetDataExamine(long poliID)
{
var response = new LabResponse {
};
var _getformMedicalId = _unitOfWork.RegistrationRepository.GetById(poliID);
var _qry = _unitOfWork.FormExamineRepository.Get(x => x.FormMedicalID == _getformMedicalId.FormMedicalID).FirstOrDefault();
if (_qry != null)
{
if (response.Entity == null)
{
response.Entity = new FormExamineLabModel();
}
response.Entity.FormExamine = Mapper.Map <FormExamine, FormExamineModel>(_qry);
}
return(response);
}
public void ValidateAddResult(LabRequest request, out LabResponse response)
{
bool isHavePrivilege = true;
response = new LabResponse();
try
{
if (request.Data.FormMedicalID == 0)
{
errorFields.Add("Form Medical ID");
}
if (request.Data.LabItemCollsJs.Count == 0)
{
errorFields.Add("Lab Result");
}
if (errorFields.Any())
{
response.Status = false;
response.Message = string.Format(Messages.ValidationErrorFields, String.Join(",", errorFields));
}
isHavePrivilege = IsHaveAuthorization(ADD_RESULT_PRIVILEGE_NAME, request.Data.Account.Privileges.PrivilegeIDs);
if (!isHavePrivilege)
{
response.Status = false;
response.Message = Messages.UnauthorizedAccess;
}
}
catch (Exception ex)
{
response.Status = false;
response.Message = ex.Message;
}
if (response.Status)
{
response = new LabHandler(_unitOfWork, _context).CreateLabResult(request);
}
}
private async Task KerberosAcquireTokenWithDeviceCodeFlowAsync(LabResponse labResponse, string userType, KerberosTicketContainer ticketContainer)
{
Trace.WriteLine($"Calling KerberosAcquireTokenWithDeviceCodeFlowAsync with {0}", userType);
var builder = PublicClientApplicationBuilder.Create(labResponse.App.AppId)
.WithTestLogging()
.WithTenantId(labResponse.Lab.TenantId)
.WithClientId(TestConstants.KerberosTestApplicationId)
.WithKerberosTicketClaim(TestConstants.KerberosServicePrincipalName, ticketContainer);
switch (labResponse.User.AzureEnvironment)
{
case AzureEnvironment.azureusgovernment:
builder.WithAuthority(labResponse.Lab.Authority + labResponse.Lab.TenantId);
break;
default:
break;
}
var pca = builder.Build();
var userCacheAccess = pca.UserTokenCache.RecordAccess();
var result = await pca.AcquireTokenWithDeviceCode(s_scopes, deviceCodeResult =>
{
SeleniumExtensions.PerformDeviceCodeLogin(deviceCodeResult, labResponse.User, TestContext, false);
return(Task.FromResult(0));
}).ExecuteAsync(CancellationToken.None).ConfigureAwait(false);
Trace.WriteLine("Running asserts");
userCacheAccess.AssertAccessCounts(0, 1);
Assert.IsFalse(userCacheAccess.LastAfterAccessNotificationArgs.IsApplicationCache);
Assert.IsNotNull(result);
Assert.IsTrue(!string.IsNullOrEmpty(result.AccessToken));
KerberosSupplementalTicket ticket = TestCommon.GetValidatedKerberosTicketFromAuthenticationResult(
result,
ticketContainer,
labResponse.User.Upn);
Assert.IsNotNull(ticket);
TestCommon.ValidateKerberosWindowsTicketCacheOperation(ticket);
}
private void AcquireTokenInteractiveHelper(
ITestController controller,
LabResponse labResponse,
string promptBehavior)
{
PrepareForAuthentication(controller);
SetInputData(controller, labResponse.AppId, CoreUiTestConstants.DefaultScope, promptBehavior);
PerformSignInFlow(controller, labResponse.User);
// on consent, also hit the accept button
if (promptBehavior == CoreUiTestConstants.UiBehaviorConsent)
{
AppWebResult consentHeader = controller.WaitForWebElementByCssId("consentHeader").FirstOrDefault();
Assert.IsNotNull(consentHeader);
Assert.IsTrue(consentHeader.TextContent.Contains("Permissions requested"));
controller.Tap(CoreUiTestConstants.WebSubmitId, XamarinSelector.ByHtmlIdAttribute);
}
}
[Timeout(2 * 60 * 1000)] // 2 min timeout
public async Task DeviceCodeFlowTestAsync()
{
LabResponse labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false);
Trace.WriteLine("Calling AcquireTokenWithDeviceCodeAsync");
var pca = PublicClientApplicationBuilder.Create(labResponse.AppId).Build();
var userCacheAccess = pca.UserTokenCache.RecordAccess();
var result = await pca.AcquireTokenWithDeviceCode(s_scopes, deviceCodeResult =>
{
SeleniumExtensions.PerformDeviceCodeLogin(deviceCodeResult, labResponse.User, TestContext, false);
return(Task.FromResult(0));
}).ExecuteAsync(CancellationToken.None).ConfigureAwait(false);
Trace.WriteLine("Running asserts");
userCacheAccess.AssertAccessCounts(0, 1);
Assert.IsNotNull(result);
Assert.IsTrue(!string.IsNullOrEmpty(result.AccessToken));
}
private async Task AcquireTokenWithDeviceCodeFlowAsync(LabResponse labResponse, string userType)
{
Trace.WriteLine($"Calling AcquireTokenWithDeviceCodeAsync with {0}", userType);
var pca = PublicClientApplicationBuilder.Create(labResponse.App.AppId).Build();
var userCacheAccess = pca.UserTokenCache.RecordAccess();
var result = await pca.AcquireTokenWithDeviceCode(s_scopes, deviceCodeResult =>
{
SeleniumExtensions.PerformDeviceCodeLogin(deviceCodeResult, labResponse.User, TestContext, false);
return(Task.FromResult(0));
}).ExecuteAsync(CancellationToken.None).ConfigureAwait(false);
Trace.WriteLine("Running asserts");
userCacheAccess.AssertAccessCounts(0, 1);
Assert.IsFalse(userCacheAccess.LastNotificationArgs.IsApplicationCache);
Assert.IsNotNull(result);
Assert.IsTrue(!string.IsNullOrEmpty(result.AccessToken));
}
[Timeout(2 * 60 * 1000)] // 2 min timeout
public async Task DeviceCodeFlowAdfsTestAsync()
{
LabResponse labResponse = await LabUserHelper.GetAdfsUserAsync(FederationProvider.ADFSv2019, true).ConfigureAwait(false);
Trace.WriteLine("Calling AcquireTokenWithDeviceCodeAsync");
PublicClientApplication pca = PublicClientApplicationBuilder.Create(Adfs2019LabConstants.PublicClientId)
.WithRedirectUri(Adfs2019LabConstants.ClientRedirectUri)
.WithAdfsAuthority(Adfs2019LabConstants.Authority)
.BuildConcrete();
var result = await pca.AcquireTokenWithDeviceCode(s_scopes, deviceCodeResult =>
{
SeleniumExtensions.PerformDeviceCodeLogin(deviceCodeResult, labResponse.User, TestContext, true);
return(Task.FromResult(0));
}).ExecuteAsync().ConfigureAwait(false);
Trace.WriteLine("Running asserts");
Assert.IsNotNull(result);
Assert.IsTrue(!string.IsNullOrEmpty(result.AccessToken));
}
public void PromptBehaviorTestHelperWithConsent(ITestController controller, LabResponse labResponse)
{
// 1. Acquire token with uiBehavior set to consent
AcquireTokenInteractiveTestHelper(
controller,
labResponse,
CoreUiTestConstants.UiBehaviorConsent);
// 2. Switch ui behavior to "select account"
SetUiBehavior(controller, CoreUiTestConstants.UiBehaviorSelectAccount);
// 3. Hit Acquire Token directly since we are not changing any other setting
controller.Tap(CoreUiTestConstants.AcquireTokenButtonId);
// 4. The web UI should display all users, so click on the current user
controller.Tap(labResponse.User.Upn, XamarinSelector.ByHtmlValue);
// 5. Validate token again
VerifyResult(controller);
}
private async Task ValidateAuthResultAsync(
AuthenticationResult authResult,
LabResponse labResponse)
{
MsalAssert.AssertAuthResult(authResult, labResponse.User);
var at1 = authResult.AccessToken;
// If test fails with "user needs to consent to the application, do an interactive request" error - see UsernamePassword tests
Trace.WriteLine("Part 2 - Acquire a token silently, with forceRefresh = true");
IAccount account = await MsalAssert.AssertSingleAccountAsync(labResponse, pca, authResult).ConfigureAwait(false);
authResult = await pca.AcquireTokenSilent(s_scopes, account)
.WithForceRefresh(true)
.ExecuteAsync()
.ConfigureAwait(false);
MsalAssert.AssertAuthResult(authResult, labResponse.User);
var at2 = authResult.AccessToken;
Assert.AreEqual(
$"https://login.microsoftonline.com/{labResponse.User.TenantId}/oauth2/v2.0/token",
authResult.AuthenticationResultMetadata.TokenEndpoint);
Trace.WriteLine("Part 3 - Acquire a token silently with a login hint, with forceRefresh = true");
authResult = await pca.AcquireTokenSilent(s_scopes, labResponse.User.Upn)
.WithForceRefresh(true)
.ExecuteAsync()
.ConfigureAwait(false);
MsalAssert.AssertAuthResult(authResult, labResponse.User);
var at3 = authResult.AccessToken;
Assert.IsFalse(at1.Equals(at2, System.StringComparison.InvariantCultureIgnoreCase));
Assert.IsFalse(at1.Equals(at3, System.StringComparison.InvariantCultureIgnoreCase));
Assert.IsFalse(at2.Equals(at3, System.StringComparison.InvariantCultureIgnoreCase));
Assert.AreEqual(TokenSource.IdentityProvider, authResult.AuthenticationResultMetadata.TokenSource);
Assert.AreEqual(
$"https://login.microsoftonline.com/{labResponse.User.TenantId}/oauth2/v2.0/token",
authResult.AuthenticationResultMetadata.TokenEndpoint);
}
public JsonResult AddLabResult()
{
LabResponse response = new LabResponse();
FormExamineLabModel _model = new FormExamineLabModel();
if (Request.Form["FormMedicalID"] != null)
{
_model.FormMedicalID = Convert.ToInt64(Request.Form["FormMedicalId"].ToString());
}
if (Request.Form["LabResults"] != null)
{
_model.LabItemCollsJs = JsonConvert.DeserializeObject <List <LabItemResultJS> >(Request.Form["LabResults"]);
}
if (Session["UserLogon"] != null)
{
_model.Account = (AccountModel)Session["UserLogon"];
}
_model.FormExamine = new FormExamineModel
{
DoctorID = Request.Form["Doctor"] == null ? 0 : Convert.ToInt32(Request.Form["Doctor"].ToString()),
Result = Request.Form["Conclusion"]
};
if (Session["QueuePoliId"] != null)
{
if (_model.LoketData == null)
{
_model.LoketData = new LoketModel();
}
_model.LoketData.Id = Convert.ToInt64(Session["QueuePoliId"].ToString());
}
var request = new LabRequest
{
Data = _model
};
new LabValidator(_unitOfWork, _context).ValidateAddResult(request, out response);
return(Json(new { Status = response.Status, Message = response.Message }, JsonRequestBehavior.AllowGet));
}
private async Task RunTestForUserAsync(LabResponse labResponse)
{
var pca = PublicClientApplicationBuilder
.Create(labResponse.AppId)
.WithRedirectUri(SeleniumWebUI.FindFreeLocalhostRedirectUri())
.Build();
Trace.WriteLine("Part 1 - Acquire a token interactively, no login hint");
AuthenticationResult result = await pca
.AcquireTokenInteractive(s_scopes)
.WithCustomWebUi(CreateSeleniumCustomWebUI(labResponse.User, Prompt.SelectAccount, false))
.ExecuteAsync(new CancellationTokenSource(_interactiveAuthTimeout).Token)
.ConfigureAwait(false);
IAccount account = await MsalAssert.AssertSingleAccountAsync(labResponse, pca, result).ConfigureAwait(false);
Trace.WriteLine("Part 2 - Clear the cache");
await pca.RemoveAsync(account).ConfigureAwait(false);
Assert.IsFalse((await pca.GetAccountsAsync().ConfigureAwait(false)).Any());
Trace.WriteLine("Part 3 - Acquire a token interactively again, with login hint");
result = await pca
.AcquireTokenInteractive(s_scopes)
.WithCustomWebUi(CreateSeleniumCustomWebUI(labResponse.User, Prompt.ForceLogin, true))
.WithPrompt(Prompt.ForceLogin)
.WithLoginHint(labResponse.User.HomeUPN)
.ExecuteAsync(new CancellationTokenSource(_interactiveAuthTimeout).Token)
.ConfigureAwait(false);
account = await MsalAssert.AssertSingleAccountAsync(labResponse, pca, result).ConfigureAwait(false);
Trace.WriteLine("Part 4 - Acquire a token silently");
result = await pca
.AcquireTokenSilent(s_scopes, account)
.ExecuteAsync(CancellationToken.None)
.ConfigureAwait(false);
await MsalAssert.AssertSingleAccountAsync(labResponse, pca, result).ConfigureAwait(false);
}
