public void GetIdentityTest()
{
// Arrange
var amqpValue = new AmqpValue
{
Value = TokenHelper.CreateSasToken("edgehubtest1.azure-devices.net/devices/device1/modules/mod1")
};
AmqpMessage validAmqpMessage = AmqpMessage.Create(amqpValue);
validAmqpMessage.ApplicationProperties.Map[CbsConstants.PutToken.Type] = "azure-devices.net:sastoken";
validAmqpMessage.ApplicationProperties.Map[CbsConstants.PutToken.Audience] = "iothub";
validAmqpMessage.ApplicationProperties.Map[CbsConstants.Operation] = CbsConstants.PutToken.OperationValue;
var clientCredentials = Mock.Of <IClientCredentials>();
var identityFactory = new Mock <IClientCredentialsFactory>();
identityFactory.Setup(i => i.GetWithSasToken(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <string>(), It.IsAny <string>()))
.Returns(clientCredentials);
string iotHubHostName = "edgehubtest1.azure-devices.net";
var authenticator = new Mock <IAuthenticator>();
var cbsNode = new CbsNode(identityFactory.Object, iotHubHostName, authenticator.Object, new NullCredentialsStore());
// Act
IClientCredentials receivedClientCredentials = cbsNode.GetClientCredentials(validAmqpMessage);
// Assert
Assert.NotNull(receivedClientCredentials);
Assert.Equal(clientCredentials, receivedClientCredentials);
}
public void ParseIdsTest()
{
string deviceId;
string moduleId;
// Arrange
string audience = "edgehubtest1.azure-devices.net/devices/device1";
// Act
(deviceId, moduleId) = CbsNode.ParseIds(audience);
// Assert
Assert.Equal("device1", deviceId);
Assert.Null(moduleId);
// Arrange
audience = "edgehubtest1.azure-devices.net/devices/device1/modules/mod1";
// Act
(deviceId, moduleId) = CbsNode.ParseIds(audience);
// Assert
Assert.Equal("device1", deviceId);
Assert.Equal("mod1", moduleId);
// Arrange
audience = "edgehubtest1.azure-devices.net/device/device1/module/mod1";
// Act/Assert
Assert.Throws <InvalidOperationException>(() => CbsNode.ParseIds(audience));
}
public void GetClientTokenTest()
{
// Arrange
var amqpValue = new AmqpValue
{
Value = TokenHelper.CreateSasToken("edgehubtest1.azure-devices.net/devices/device1/modules/mod1")
};
AmqpMessage validAmqpMessage = AmqpMessage.Create(amqpValue);
validAmqpMessage.ApplicationProperties.Map[CbsConstants.PutToken.Type] = "azure-devices.net:sastoken";
validAmqpMessage.ApplicationProperties.Map[CbsConstants.PutToken.Audience] = "edgehubtest1.azure-devices.net/devices/device1/modules/mod1";
validAmqpMessage.ApplicationProperties.Map[CbsConstants.Operation] = CbsConstants.PutToken.OperationValue;
var identityFactory = new Mock <IClientCredentialsFactory>();
string iotHubHostName = "edgehubtest1.azure-devices.net";
var authenticator = new Mock <IAuthenticator>();
var cbsNode = new CbsNode(identityFactory.Object, iotHubHostName, authenticator.Object, new NullCredentialsCache());
// Act
CbsNode.ClientToken clientToken = cbsNode.GetClientToken(validAmqpMessage);
// Assert
Assert.NotNull(clientToken);
Assert.Equal("device1/mod1", clientToken.Id);
Assert.Equal(amqpValue.Value, clientToken.Token);
}
public void ValidateTestThrowsOnInvalidContents()
{
// Arrange
AmqpMessage invalidAmqpMessage4 = AmqpMessage.Create(new AmqpValue {
Value = "azure-devices.net:sastoken"
});
invalidAmqpMessage4.ApplicationProperties.Map[CbsConstants.PutToken.Type] = "azure-devices.net:sastoken";
invalidAmqpMessage4.ApplicationProperties.Map[CbsConstants.PutToken.Audience] = "iothub";
invalidAmqpMessage4.ApplicationProperties.Map[CbsConstants.Operation] = CbsConstants.PutToken.OperationValue;
// Act/Assert
Assert.Throws <InvalidOperationException>(() => CbsNode.ValidateAndParseMessage(IoTHubHostName, invalidAmqpMessage4));
}
public void ValidateTestThrowsOnInvalidOperation()
{
// Arrange
var amqpValue = new AmqpValue
{
Value = TokenHelper.CreateSasToken(IoTHubHostName)
};
AmqpMessage invalidAmqpMessage3 = AmqpMessage.Create(amqpValue);
invalidAmqpMessage3.ApplicationProperties.Map[CbsConstants.PutToken.Type] = "azure-devices.net:sastoken";
invalidAmqpMessage3.ApplicationProperties.Map[CbsConstants.PutToken.Audience] = "iothub";
invalidAmqpMessage3.ApplicationProperties.Map[CbsConstants.Operation] = "foobar";
// Act/Assert
Assert.Throws <InvalidOperationException>(() => CbsNode.ValidateAndParseMessage(IoTHubHostName, invalidAmqpMessage3));
}
public async Task OnBehalfOfAuthTest()
{
// Arrange
var amqpValue = new AmqpValue
{
Value = TokenHelper.CreateSasToken("edgehubtest1.azure-devices.net/devices/edge1/modules/$edgeHub")
};
AmqpMessage validAmqpMessage = AmqpMessage.Create(amqpValue);
validAmqpMessage.ApplicationProperties.Map[CbsConstants.PutToken.Type] = "azure-devices.net:sastoken";
validAmqpMessage.ApplicationProperties.Map[CbsConstants.PutToken.Audience] = "edgehubtest1.azure-devices.net/devices/edge1/modules/$edgeHub";
validAmqpMessage.ApplicationProperties.Map[CbsConstants.Operation] = CbsConstants.PutToken.OperationValue;
Option <string> authChain = Option.Some("device1;edge1");
var actorEdgeHubIdentity = Mock.Of <IIdentity>(i => i.Id == "edge1/$edgeHub");
var clientCredentials = Mock.Of <IClientCredentials>(c => c.Identity == actorEdgeHubIdentity && c.AuthChain == authChain);
var clientCredentialsFactory = new Mock <IClientCredentialsFactory>();
clientCredentialsFactory.Setup(i => i.GetWithSasToken(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <string>(), It.IsAny <string>(), true, It.IsAny <Option <string> >(), It.Is <Option <string> >(chain => chain == authChain)))
.Returns(clientCredentials);
string iotHubHostName = "edgehubtest1.azure-devices.net";
var authenticator = new Mock <IAuthenticator>();
authenticator.Setup(a => a.AuthenticateAsync(It.Is <IClientCredentials>(cred => cred == clientCredentials))).ReturnsAsync(true);
var cbsNode = new CbsNode(clientCredentialsFactory.Object, iotHubHostName, authenticator.Object, new NullCredentialsCache());
// Act
(AmqpResponseStatusCode statusCode, string description) = await cbsNode.UpdateCbsToken(validAmqpMessage);
bool isAuthenticated = await cbsNode.AuthenticateAsync("device1", Option.None <string>(), authChain);
// Auth again, we should still succeed even with the wrong credentials due to cached auth state
(statusCode, description) = await cbsNode.UpdateCbsToken(validAmqpMessage);
bool isReauthenticated = await cbsNode.AuthenticateAsync("device1", Option.None <string>(), Option.Some("not;valid;authchain"));
// Assert
Assert.True(isAuthenticated);
Assert.Equal(AmqpResponseStatusCode.OK, statusCode);
Assert.Equal(AmqpResponseStatusCode.OK.ToString(), description);
}
public void ValidateTestSucceeds()
{
// Arrange
string sasToken = TokenHelper.CreateSasToken(IoTHubHostName);
var amqpValue = new AmqpValue
{
Value = sasToken
};
AmqpMessage validAmqpMessage = AmqpMessage.Create(amqpValue);
validAmqpMessage.ApplicationProperties.Map[CbsConstants.PutToken.Type] = "azure-devices.net:sastoken";
validAmqpMessage.ApplicationProperties.Map[CbsConstants.PutToken.Audience] = "iothub";
validAmqpMessage.ApplicationProperties.Map[CbsConstants.Operation] = CbsConstants.PutToken.OperationValue;
// Act
(string token, string audience) = CbsNode.ValidateAndParseMessage(IoTHubHostName, validAmqpMessage);
// Assert
Assert.Equal(sasToken, token);
Assert.Equal(IoTHubHostName, audience);
}
public async Task UpdateCbsTokenTest()
{
// Arrange
var amqpValue = new AmqpValue
{
Value = TokenHelper.CreateSasToken("edgehubtest1.azure-devices.net/devices/device1/modules/mod1")
};
AmqpMessage validAmqpMessage = AmqpMessage.Create(amqpValue);
validAmqpMessage.ApplicationProperties.Map[CbsConstants.PutToken.Type] = "azure-devices.net:sastoken";
validAmqpMessage.ApplicationProperties.Map[CbsConstants.PutToken.Audience] = "iothub";
validAmqpMessage.ApplicationProperties.Map[CbsConstants.Operation] = CbsConstants.PutToken.OperationValue;
var identity = Mock.Of <IIdentity>(i => i.Id == "device1/mod1");
var clientCredentials = Mock.Of <IClientCredentials>(c => c.Identity == identity);
var clientCredentialsFactory = new Mock <IClientCredentialsFactory>();
clientCredentialsFactory.Setup(i => i.GetWithSasToken(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <string>(), It.IsAny <string>()))
.Returns(clientCredentials);
string iotHubHostName = "edgehubtest1.azure-devices.net";
var authenticator = new Mock <IAuthenticator>();
authenticator.Setup(a => a.AuthenticateAsync(It.IsAny <IClientCredentials>())).ReturnsAsync(true);
var cbsNode = new CbsNode(clientCredentialsFactory.Object, iotHubHostName, authenticator.Object, new NullCredentialsStore());
// Act
(AmqpAuthentication amqpAuthentication, AmqpResponseStatusCode statusCode, string description) = await cbsNode.UpdateCbsToken(validAmqpMessage);
// Assert
Assert.Equal(true, amqpAuthentication.IsAuthenticated);
Assert.True(amqpAuthentication.ClientCredentials.HasValue);
Assert.Equal(identity, amqpAuthentication.ClientCredentials.OrDefault().Identity);
Assert.Equal(AmqpResponseStatusCode.OK, statusCode);
Assert.Equal(AmqpResponseStatusCode.OK.ToString(), description);
}
public CbsCacheEntry(CbsNode cbsNode, int agentIndex)
{
this.cbsNode = cbsNode;
this.agentIndex = agentIndex;
Trace.Assert(cbsNode.cbs.mergeThreshold == -1, "When agents are merged it affects their paths without explicit constraints");
}