public async Task VerifyCloudShellMsiRequestWithClientIdMockAsync()
        {
            using (new TestEnvVar("MSI_ENDPOINT", "https://mock.msi.endpoint/"))
                using (new TestEnvVar("MSI_SECRET", null))
                {
                    var response = new MockResponse(200);

                    var expectedToken = "mock-msi-access-token";

                    response.SetContent($"{{ \"access_token\": \"{expectedToken}\", \"expires_on\": {(DateTimeOffset.UtcNow + TimeSpan.FromSeconds(3600)).ToUnixTimeSeconds()} }}");

                    var mockTransport = new MockTransport(response);

                    var options = new AzureCredentialOptions()
                    {
                        Transport = mockTransport
                    };

                    ManagedIdentityClient client = InstrumentClient(new ManagedIdentityClient(options));

                    AccessToken actualToken = await client.AuthenticateAsync(MockScopes.Default, "mock-client-id");

                    Assert.AreEqual(expectedToken, actualToken.Token);

                    MockRequest request = mockTransport.Requests[0];

                    Assert.IsTrue(request.Uri.ToString().StartsWith("https://mock.msi.endpoint/"));

                    Assert.IsTrue(request.Content.TryComputeLength(out long contentLen));

                    var content = new byte[contentLen];

                    MemoryStream contentBuff = new MemoryStream(content);

                    request.Content.WriteTo(contentBuff, default);

                    string body = Encoding.UTF8.GetString(content);

                    Assert.IsTrue(body.Contains($"resource={Uri.EscapeDataString(ScopeUtilities.ScopesToResource(MockScopes.Default))}"));

                    Assert.IsTrue(body.Contains($"client_id=mock-client-id"));

                    Assert.IsTrue(request.Headers.TryGetValue("Metadata", out string actMetadata));

                    Assert.AreEqual("true", actMetadata);
                }
        }
        public async Task VerifyAppServiceMsiRequestWithClientIdMockAsync()
        {
            using (new TestEnvVar("MSI_ENDPOINT", "https://mock.msi.endpoint/"))
                using (new TestEnvVar("MSI_SECRET", "mock-msi-secret"))
                {
                    var response = new MockResponse(200);

                    var expectedToken = "mock-msi-access-token";

                    response.SetContent($"{{ \"access_token\": \"{expectedToken}\", \"expires_on\": \"{DateTimeOffset.UtcNow.ToString()}\" }}");

                    var mockTransport = new MockTransport(response);

                    var options = new AzureCredentialOptions()
                    {
                        Transport = mockTransport
                    };

                    ManagedIdentityClient client = InstrumentClient(new ManagedIdentityClient(options));

                    AccessToken actualToken = await client.AuthenticateAsync(MockScopes.Default, "mock-client-id");

                    Assert.AreEqual(expectedToken, actualToken.Token);

                    MockRequest request = mockTransport.Requests[0];

                    Assert.IsTrue(request.Uri.ToString().StartsWith("https://mock.msi.endpoint/"));

                    string query = request.Uri.Query;

                    Assert.IsTrue(query.Contains("api-version=2017-09-01"));

                    Assert.IsTrue(query.Contains($"resource={Uri.EscapeDataString(ScopeUtilities.ScopesToResource(MockScopes.Default))}"));

                    Assert.IsTrue(query.Contains($"client_id=mock-client-id"));

                    Assert.IsTrue(request.Headers.TryGetValue("secret", out string actSecretValue));

                    Assert.AreEqual("mock-msi-secret", actSecretValue);
                }
        }
        public async Task VerifyImdsRequestWithClientIdMockAsync()
        {
            using (new TestEnvVar("MSI_ENDPOINT", null))
                using (new TestEnvVar("MSI_SECRET", null))
                {
                    var response = new MockResponse(200);

                    var expectedToken = "mock-msi-access-token";

                    response.SetContent($"{{ \"access_token\": \"{expectedToken}\", \"expires_on\": \"3600\" }}");

                    var mockTransport = new MockTransport(response, response);

                    var options = new AzureCredentialOptions()
                    {
                        Transport = mockTransport
                    };

                    ManagedIdentityClient client = InstrumentClient(new ManagedIdentityClient(options));

                    AccessToken actualToken = await client.AuthenticateAsync(MockScopes.Default, clientId : "mock-client-id");

                    Assert.AreEqual(expectedToken, actualToken.Token);

                    MockRequest request = mockTransport.Requests[mockTransport.Requests.Count - 1];

                    string query = request.Uri.Query;

                    Assert.IsTrue(query.Contains("api-version=2018-02-01"));

                    Assert.IsTrue(query.Contains($"resource={Uri.EscapeDataString(ScopeUtilities.ScopesToResource(MockScopes.Default))}"));

                    Assert.IsTrue(query.Contains($"client_id=mock-client-id"));

                    Assert.IsTrue(request.Headers.TryGetValue("Metadata", out string metadataValue));

                    Assert.AreEqual("true", metadataValue);
                }
        }
Ejemplo n.º 4
0
 public static void _client(this ManagedIdentityCredential credential, ManagedIdentityClient client)
 {
     typeof(ManagedIdentityCredential).GetField("_client", BindingFlags.Instance | BindingFlags.NonPublic).SetValue(credential, client);
 }