public async Task JsonWebTokenWithX509PublicCertClaimTest() { var certificate = new X509Certificate2("valid_cert.pfx", TestConstants.DefaultPassword); var clientAssertion = new ClientAssertionCertificate(TestConstants.DefaultClientId, certificate); var context = new AuthenticationContext(TestConstants.TenantSpecificAuthority, new TokenCache()); var validCertClaim = "\"x5c\":\"" + Convert.ToBase64String(certificate.GetRawCertData()); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler(TestConstants.GetTokenEndpoint(TestConstants.TenantSpecificAuthority)) { Method = HttpMethod.Post, ResponseMessage = new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent("{\"token_type\":\"Bearer\",\"expires_in\":\"3599\",\"access_token\":\"some-access-token\"}") }, AdditionalRequestValidation = request => { var requestContent = request.Content.ReadAsStringAsync().GetAwaiter().GetResult(); var formsData = EncodingHelper.ParseKeyValueList(requestContent, '&', true, null); // Check presence of client_assertion in request string encodedJwt; Assert.IsTrue(formsData.TryGetValue("client_assertion", out encodedJwt), "Missing client_assertion from request"); // Check presence of x5c cert claim. It should not exist. var jwtHeader = EncodingHelper.UrlDecode(encodedJwt.Split('.')[0]); Assert.IsTrue(!jwtHeader.Contains("\"x5c\":")); } }); AuthenticationResult result = await context.AcquireTokenAsync(TestConstants.DefaultResource, clientAssertion); Assert.IsNotNull(result.AccessToken); }
public void ResponseSizeOverLimitTest() { var chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; var stringChars = new char[1048577]; var random = new Random(); for (int i = 0; i < stringChars.Length; i++) { stringChars[i] = chars[random.Next(chars.Length)]; } var finalString = new string(stringChars); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler(TestConstants.DefaultAuthorityCommonTenant) { Method = HttpMethod.Get, ResponseMessage = new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent(finalString) } }); var exc = AssertException.TaskThrows <HttpRequestException>(() => new HttpClientWrapper(TestConstants.DefaultAuthorityCommonTenant, null).GetResponseAsync()); Assert.AreEqual(exc.Message, "Cannot write more bytes to the buffer than the configured maximum buffer size: 1048576."); }
//292916 Ensure AcquireTokenSilent tests exist in ADAL.NET for public clients public async Task ExpiredATValidRTInCache_GetNewATRTFromService() { var context = new AuthenticationContext(TestConstants.DefaultAuthorityCommonTenant, new TokenCache()); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler(TestConstants.GetTokenEndpoint(TestConstants.DefaultAuthorityCommonTenant)) { Method = HttpMethod.Post, ResponseMessage = MockHelpers.CreateSuccessTokenResponseMessage(), PostData = new Dictionary <string, string>() { { "client_id", TestConstants.DefaultClientId }, { "grant_type", "refresh_token" }, { "refresh_token", "some_rt" } } }); TokenCacheKey key = new TokenCacheKey(TestConstants.DefaultAuthorityCommonTenant, TestConstants.DefaultResource, TestConstants.DefaultClientId, TokenSubjectType.User, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId); context.TokenCache.tokenCacheDictionary[key] = new AuthenticationResultEx { RefreshToken = "some_rt", ResourceInResponse = TestConstants.DefaultResource, Result = new AuthenticationResult("Bearer", "existing-access-token", DateTimeOffset.UtcNow) }; AuthenticationResult result = await context.AcquireTokenSilentAsync(TestConstants.DefaultResource, TestConstants.DefaultClientId, new UserIdentifier(TestConstants.DefaultDisplayableId, UserIdentifierType.RequiredDisplayableId)).ConfigureAwait(false); Assert.IsNotNull(result); }
public GitHubClient GetClient(Action <HttpProgressEventArgs> action = null) { var progress = new ProgressMessageHandler(); if (action != null) { progress.HttpSendProgress += (object sender, HttpProgressEventArgs e) => action(e); } progress.InnerHandler = HttpMessageHandlerFactory.CreateDefault(); var connection = new Connection ( productInformation: new ProductHeaderValue(repositoryName), baseAddress: new Uri(Url), credentialStore: new InMemoryCredentialStore(new Credentials(userName, password)), httpClient: new HttpClientAdapter(() => progress), serializer: new SimpleJsonSerializer() ); var client = new GitHubClient(connection); client.Connection.SetRequestTimeout(Timeout); return(client); }
public void FailedValidationMissingFieldsInDrsResponseTest() { //add mock failure response for on-premise DRS request HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler { Method = HttpMethod.Get, Url = "https://enterpriseregistration.fabrikam.com/enrollmentserver/contract", QueryParams = new Dictionary <string, string> { { "api-version", "1.0" } }, ResponseMessage = MockHelpers.CreateSuccessResponseMessage(File.ReadAllText("drs-response-missing-field.json")) }); Authority instance = Authority.CreateAuthority(TestConstants.OnPremiseAuthority, true); Assert.IsNotNull(instance); Assert.AreEqual(instance.AuthorityType, AuthorityType.Adfs); try { Task.Run(async() => { await instance.ResolveEndpointsAsync(TestConstants.FabrikamDisplayableId, new RequestContext(Guid.NewGuid(), null)).ConfigureAwait(false); }).GetAwaiter().GetResult(); Assert.Fail("ResolveEndpointsAsync should have failed here"); } catch (Exception exc) { Assert.IsNotNull(exc); } Assert.AreEqual(0, HttpMessageHandlerFactory.MockCount); }
public async Task AcquireTokenWithInvalidResourceTestAsync() { var context = new AuthenticationContext(TestConstants.DefaultAuthorityCommonTenant, new TokenCache()); TokenCacheKey key = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultResource, TestConstants.DefaultClientId, TokenSubjectType.User, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId); context.TokenCache.tokenCacheDictionary[key] = new AuthenticationResultEx { RefreshToken = "some-rt", ResourceInResponse = TestConstants.DefaultResource, Result = new AuthenticationResult("Bearer", "some-access-token", DateTimeOffset.UtcNow) }; HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler() { Method = HttpMethod.Post, ResponseMessage = MockHelpers.CreateInvalidRequestTokenResponseMessage() }); try { await context.AcquireTokenSilentAsync("random-resource", TestConstants.DefaultClientId); } catch (AdalServiceException exc) { Assert.AreEqual(AdalError.FailedToRefreshToken, exc.ErrorCode); } }
public async Task WsTrustRequestGenericCloudUrnTest() { WsTrustAddress address = new WsTrustAddress() { Uri = new Uri("https://some/address/usernamemixed"), Version = WsTrustVersion.WsTrust13 }; HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler() { Method = HttpMethod.Post, ResponseMessage = new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent(File.ReadAllText("WsTrustResponse.xml")) } }); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler() { Method = HttpMethod.Post, ResponseMessage = new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent(File.ReadAllText("WsTrustResponse.xml")) } }); WsTrustResponse wstResponse = await WsTrustRequest.SendRequestAsync(address, new UserPasswordCredential(TestConstants.DefaultDisplayableId, TestConstants.DefaultPassword), null, TestConstants.CloudAudienceUrn); Assert.IsNotNull(wstResponse.Token); wstResponse = await WsTrustRequest.SendRequestAsync(address, new UserCredential(TestConstants.DefaultDisplayableId), null, TestConstants.CloudAudienceUrn); Assert.IsNotNull(wstResponse.Token); }
public void AcquireTokenSilentServiceErrorTestAsync() { TokenCache cache = new TokenCache(); TokenCacheKey key = new TokenCacheKey(TestConstants.DefaultAuthorityCommonTenant, TestConstants.DefaultResource, TestConstants.DefaultClientId, TokenSubjectType.User, "unique_id", "*****@*****.**"); cache.tokenCacheDictionary[key] = new AuthenticationResultEx { RefreshToken = "something-invalid", ResourceInResponse = TestConstants.DefaultResource, Result = new AuthenticationResult("Bearer", "some-access-token", DateTimeOffset.UtcNow) }; AuthenticationContext context = new AuthenticationContext(TestConstants.DefaultAuthorityCommonTenant, cache); var ex = AssertException.TaskThrows <AdalSilentTokenAcquisitionException>(async() => { HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler(TestConstants.GetTokenEndpoint(TestConstants.DefaultAuthorityCommonTenant)) { Method = HttpMethod.Post, ResponseMessage = MockHelpers.CreateInvalidGrantTokenResponseMessage() }); await context.AcquireTokenSilentAsync(TestConstants.DefaultResource, TestConstants.DefaultClientId, new UserIdentifier("unique_id", UserIdentifierType.UniqueId)); }); Assert.AreEqual(AdalError.FailedToAcquireTokenSilently, ex.ErrorCode); Assert.AreEqual(AdalErrorMessage.FailedToRefreshToken, ex.Message); Assert.IsNotNull(ex.InnerException); Assert.IsTrue(ex.InnerException is AdalException); Assert.AreEqual(((AdalException)ex.InnerException).ErrorCode, "invalid_grant"); // There should be one cached entry. Assert.AreEqual(1, context.TokenCache.Count); }
public void TestInitialize() { cache = new TokenCache(); Authority.ValidatedAuthorities.Clear(); HttpClientFactory.ReturnHttpClientForMocks = true; HttpMessageHandlerFactory.ClearMockHandlers(); }
public void Initialize() { HttpMessageHandlerFactory.InitializeMockProvider(); InstanceDiscovery.InstanceCache.Clear(); HttpMessageHandlerFactory.AddMockHandler(MockHelpers.CreateInstanceDiscoveryMockHandler(TestConstants.GetDiscoveryEndpoint(TestConstants.DefaultAuthorityCommonTenant))); platformParameters = new PlatformParameters(PromptBehavior.Auto); }
public async Task TestInstanceDiscovery_WhenMetadataIsReturned_ShouldUsePreferredNetworkForUserRealmDiscoveryAsync() { string host = "login.windows.net"; string preferredNetwork = "login.microsoftonline.com"; var authenticator = new Authenticator($"https://{host}/contoso.com/", false); AddMockInstanceDiscovery(host); await authenticator.UpdateFromTemplateAsync(new CallState(Guid.NewGuid())).ConfigureAwait(false); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler() { Method = HttpMethod.Get, Url = $"https://{preferredNetwork}/common/userrealm/[email protected]", // This validates the token request is sending to expected host ResponseMessage = new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent("{\"account_type\":\"managed\"}") } }); var requestData = new RequestData { Authenticator = authenticator, Resource = "resource1", ClientKey = new ClientKey(new ClientCredential("client1", "something")), SubjectType = TokenSubjectType.Client, ExtendedLifeTimeEnabled = false }; var privateObject = new PrivateObject(new AcquireTokenNonInteractiveHandler( requestData, new UserPasswordCredential("*****@*****.**", "fakepassword"))); await((Task)privateObject.Invoke("PreTokenRequestAsync")).ConfigureAwait(false); Assert.AreEqual(0, HttpMessageHandlerFactory.MockHandlersCount()); // This validates that all the mock handlers have been consumed }
public void ForcePromptForNeverPromptBehaviorTestAsync() { var context = new AuthenticationContext(TestConstants.DefaultAuthorityHomeTenant, new TokenCache()); TokenCacheKey key = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultResource, TestConstants.DefaultClientId, TokenSubjectType.User, TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId); context.TokenCache.tokenCacheDictionary[key] = new AuthenticationResultEx { RefreshToken = "some-rt", ResourceInResponse = TestConstants.DefaultResource, Result = new AuthenticationResult("Bearer", "existing-access-token", DateTimeOffset.UtcNow) }; HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler(TestConstants.GetTokenEndpoint(TestConstants.DefaultAuthorityHomeTenant)) { Method = HttpMethod.Post, ResponseMessage = MockHelpers.CreateInvalidRequestTokenResponseMessage() }); var exc = AssertException.TaskThrows <AdalServiceException>(() => context.AcquireTokenAsync(TestConstants.DefaultResource, TestConstants.DefaultClientId, TestConstants.DefaultRedirectUri, new PlatformParameters(PromptBehavior.Never))); Assert.AreEqual(AdalError.FailedToRefreshToken, exc.ErrorCode); // There should be only one cache entry. Assert.AreEqual(1, context.TokenCache.Count); }
public void FailedTenantDiscoveryMissingEndpointsTest() { //add mock response for tenant endpoint discovery HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler { Method = HttpMethod.Get, Url = "https://fs.contoso.com/adfs/.well-known/openid-configuration", ResponseMessage = MockHelpers.CreateSuccessResponseMessage(File.ReadAllText("OpenidConfiguration-MissingFields-OnPremise.json")) }); Authority instance = Authority.CreateAuthority(TestConstants.OnPremiseAuthority, false); Assert.IsNotNull(instance); Assert.AreEqual(instance.AuthorityType, AuthorityType.Adfs); try { Task.Run(async() => { await instance.ResolveEndpointsAsync(TestConstants.FabrikamDisplayableId, new RequestContext(Guid.NewGuid(), null)).ConfigureAwait(false); }).GetAwaiter().GetResult(); Assert.Fail("validation should have failed here"); } catch (MsalClientException exc) { Assert.AreEqual(MsalClientException.TenantDiscoveryFailedError, exc.ErrorCode); } Assert.AreEqual(0, HttpMessageHandlerFactory.MockCount); }
public bool Create_DecompressionAlwaysOn(HttpRequestInfo value) { var handler = new HttpMessageHandlerFactory().Create(value) as HttpClientHandler; return(((handler.AutomaticDecompression & DecompressionMethods.Deflate) == DecompressionMethods.Deflate) | ((handler.AutomaticDecompression & DecompressionMethods.GZip) == DecompressionMethods.GZip)); }
public async Task AutoPromptBehaviorTestAsync() { MockHelpers.ConfigureMockWebUI(new AuthorizationResult(AuthorizationStatus.Success, TestConstants.DefaultRedirectUri + "?code=some-code")); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler(TestConstants.GetTokenEndpoint(TestConstants.DefaultAuthorityHomeTenant)) { Method = HttpMethod.Post, ResponseMessage = MockHelpers.CreateSuccessTokenResponseMessage(), PostData = new Dictionary <string, string>() { { "grant_type", "authorization_code" } } }); var context = new AuthenticationContext(TestConstants.DefaultAuthorityHomeTenant, true, new TokenCache()); AuthenticationResult result = await context.AcquireTokenAsync(TestConstants.DefaultResource, TestConstants.DefaultClientId, TestConstants.DefaultRedirectUri, new PlatformParameters(PromptBehavior.Auto)); Assert.IsNotNull(result); Assert.AreEqual(TestConstants.DefaultAuthorityHomeTenant, context.Authenticator.Authority); Assert.AreEqual("some-access-token", result.AccessToken); Assert.IsNotNull(result.UserInfo); Assert.AreEqual(TestConstants.DefaultDisplayableId, result.UserInfo.DisplayableId); Assert.AreEqual(TestConstants.DefaultUniqueId, result.UserInfo.UniqueId); // There should be one cached entry. Assert.AreEqual(1, context.TokenCache.Count); }
public async Task JsonWebTokenWithX509PublicCertSendX5CTestAsync() { var certificate = new X509Certificate2("valid_cert.pfx", TestConstants.DefaultPassword); var clientAssertion = new ClientAssertionCertificate(TestConstants.DefaultClientId, certificate); var context = new AuthenticationContext(TestConstants.TenantSpecificAuthority, new TokenCache()); var validCertClaim = "\"x5c\":\"" + Convert.ToBase64String(certificate.GetRawCertData()); //Check for x5c claim HttpMessageHandlerFactory.AddMockHandler(X5CMockHandler); AuthenticationResult result = await context.AcquireTokenAsync(TestConstants.DefaultResource, clientAssertion, true).ConfigureAwait(false); Assert.IsNotNull(result.AccessToken); HttpMessageHandlerFactory.AddMockHandler(X5CMockHandler); result = await context.AcquireTokenByAuthorizationCodeAsync(TestConstants.DefaultAuthorizationCode, TestConstants.DefaultRedirectUri, clientAssertion, TestConstants.DefaultResource, true).ConfigureAwait(false); Assert.IsNotNull(result.AccessToken); //Check for empty x5c claim HttpMessageHandlerFactory.AddMockHandler(EmptyX5CMockHandler); context.TokenCache.Clear(); result = await context.AcquireTokenAsync(TestConstants.DefaultResource, clientAssertion, false).ConfigureAwait(false); Assert.IsNotNull(result.AccessToken); HttpMessageHandlerFactory.AddMockHandler(EmptyX5CMockHandler); result = await context.AcquireTokenByAuthorizationCodeAsync(TestConstants.DefaultAuthorizationCode, TestConstants.DefaultRedirectUri, clientAssertion, TestConstants.DefaultResource, false).ConfigureAwait(false); Assert.IsNotNull(result.AccessToken); }
public void ValidationOffSuccessTest() { //add mock response for tenant endpoint discovery HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler { Method = HttpMethod.Get, Url = "https://login.microsoftonline.in/mytenant.com/v2.0/.well-known/openid-configuration", ResponseMessage = MockHelpers.CreateSuccessResponseMessage(File.ReadAllText("OpenidConfiguration.json")) }); Authority instance = Authority.CreateAuthority("https://login.microsoftonline.in/mytenant.com", false); Assert.IsNotNull(instance); Assert.AreEqual(instance.AuthorityType, AuthorityType.Aad); Task.Run(async() => { await instance.ResolveEndpointsAsync(null, new RequestContext(Guid.NewGuid(), null)).ConfigureAwait(false); }) .GetAwaiter() .GetResult(); Assert.AreEqual("https://login.microsoftonline.com/6babcaad-604b-40ac-a9d7-9fd97c0b779f/oauth2/v2.0/authorize", instance.AuthorizationEndpoint); Assert.AreEqual("https://login.microsoftonline.com/6babcaad-604b-40ac-a9d7-9fd97c0b779f/oauth2/v2.0/token", instance.TokenEndpoint); Assert.AreEqual("https://sts.windows.net/6babcaad-604b-40ac-a9d7-9fd97c0b779f/", instance.SelfSignedJwtAudience); Assert.AreEqual(0, HttpMessageHandlerFactory.MockCount); }
public void ValidationOffSuccessTest() { //add mock response for tenant endpoint discovery HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler { Method = HttpMethod.Get, Url = "https://fs.contoso.com/adfs/.well-known/openid-configuration", ResponseMessage = MockHelpers.CreateSuccessResponseMessage(File.ReadAllText("OpenidConfiguration-OnPremise.json")) }); Authority instance = Authority.CreateAuthority(TestConstants.OnPremiseAuthority, false); Assert.IsNotNull(instance); Assert.AreEqual(instance.AuthorityType, AuthorityType.Adfs); Task.Run(async() => { await instance.ResolveEndpointsAsync(TestConstants.FabrikamDisplayableId, new RequestContext(Guid.NewGuid(), null)).ConfigureAwait(false); }).GetAwaiter().GetResult(); Assert.AreEqual("https://fs.contoso.com/adfs/oauth2/authorize/", instance.AuthorizationEndpoint); Assert.AreEqual("https://fs.contoso.com/adfs/oauth2/token/", instance.TokenEndpoint); Assert.AreEqual("https://fs.contoso.com/adfs", instance.SelfSignedJwtAudience); Assert.AreEqual(0, HttpMessageHandlerFactory.MockCount); }
public async Task CloudAudienceUrnNullTest() { AuthenticationContext context = new AuthenticationContext(TestConstants.DefaultAuthorityCommonTenant); await context.Authenticator.UpdateFromTemplateAsync(null); UserRealmDiscoveryResponse userRealmResponse = await UserRealmDiscoveryResponse.CreateByDiscoveryAsync(context.Authenticator.UserRealmUri, TestConstants.DefaultDisplayableId, null); WsTrustAddress address = new WsTrustAddress() { Uri = new Uri("https://some/address/usernamemixed"), Version = WsTrustVersion.WsTrust13 }; HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler() { Method = HttpMethod.Post, ResponseMessage = new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent(File.ReadAllText("WsTrustResponse.xml")) } }); WsTrustResponse wsTrustResponse = await WsTrustRequest.SendRequestAsync(address, new UserCredential(TestConstants.DefaultDisplayableId), null, null); VerifyCloudInstanceUrnResponse(userRealmResponse.CloudAudienceUrn, "urn:federation:MicrosoftOnline"); }
public override void ApplyConfiguration(BindingElement bindingElement) { base.ApplyConfiguration(bindingElement); HttpTransportBindingElement binding = (HttpTransportBindingElement)bindingElement; binding.AllowCookies = this.AllowCookies; binding.AuthenticationScheme = this.AuthenticationScheme; binding.BypassProxyOnLocal = this.BypassProxyOnLocal; #if DESKTOP binding.DecompressionEnabled = this.DecompressionEnabled; binding.KeepAliveEnabled = this.KeepAliveEnabled; binding.HostNameComparisonMode = this.HostNameComparisonMode; binding.MaxPendingAccepts = this.MaxPendingAccepts; binding.Realm = this.Realm; binding.RequestInitializationTimeout = this.RequestInitializationTimeout; binding.UnsafeConnectionNtlmAuthentication = this.UnsafeConnectionNtlmAuthentication; binding.ExtendedProtectionPolicy = ChannelBindingUtility.BuildPolicy(this.ExtendedProtectionPolicy); if (this.MessageHandlerFactory != null) { binding.MessageHandlerFactory = HttpMessageHandlerFactory.CreateFromConfigurationElement(this.MessageHandlerFactory); } #endif PropertyInformationCollection propertyInfo = this.ElementInformation.Properties; if (propertyInfo[ConfigurationStrings.MaxBufferSize].ValueOrigin != PropertyValueOrigin.Default) { binding.MaxBufferSize = this.MaxBufferSize; } binding.ProxyAddress = this.ProxyAddress; binding.ProxyAuthenticationScheme = this.ProxyAuthenticationScheme; binding.TransferMode = this.TransferMode; binding.UseDefaultWebProxy = this.UseDefaultWebProxy; this.WebSocketSettings.ApplyConfiguration(binding.WebSocketSettings); }
public async Task TestInstanceDiscovery_WhenAuthorityIsAdfs_ShouldNotDoInstanceDiscovery() { HttpMessageHandlerFactory.AddMockHandler(MockHelpers.CreateInstanceDiscoveryMockHandler(TestConstants.GetDiscoveryEndpoint(TestConstants.DefaultAuthorityCommonTenant))); var authenticator = new Authenticator("https://login.contoso.com/adfs", false); await authenticator.UpdateFromTemplateAsync(new CallState(Guid.NewGuid())).ConfigureAwait(false); Assert.AreEqual(1, HttpMessageHandlerFactory.MockHandlersCount()); // mock is NOT consumed, so no new request was NOT attempted }
public void TestInitialize() { cache = new TokenCache(); Authority.ValidatedAuthorities.Clear(); HttpClientFactory.ReturnHttpClientForMocks = true; HttpMessageHandlerFactory.ClearMockHandlers(); Telemetry.GetInstance().RegisterReceiver(_myReceiver.OnEvents); }
public async Task AuthenticationContextAuthorityValidationTestAsync() { AuthenticationContext context = null; AuthenticationResult result = null; try { context = new AuthenticationContext("https://login.contoso.com/adfs"); await context.AcquireTokenAsync(TestConstants.DefaultResource, TestConstants.DefaultClientId, TestConstants.DefaultRedirectUri, platformParameters); } catch (ArgumentException ex) { Assert.AreEqual(ex.ParamName, "validateAuthority"); } MockHelpers.ConfigureMockWebUI(new AuthorizationResult(AuthorizationStatus.Success, TestConstants.DefaultRedirectUri + "?code=some-code")); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler() { Method = HttpMethod.Post, ResponseMessage = MockHelpers.CreateSuccessTokenResponseMessage() }); //whitelisted authority context = new AuthenticationContext(TestConstants.DefaultAuthorityCommonTenant, true); result = await context.AcquireTokenAsync(TestConstants.DefaultResource, TestConstants.DefaultClientId, TestConstants.DefaultRedirectUri, platformParameters, new UserIdentifier(TestConstants.DefaultDisplayableId, UserIdentifierType.RequiredDisplayableId)); Assert.IsNotNull(result); Assert.AreEqual(result.AccessToken, "some-access-token"); Assert.IsNotNull(result.UserInfo); //add handler to return failed discovery response HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler() { Method = HttpMethod.Get, ResponseMessage = MockHelpers.CreateFailureResponseMessage( "{\"error\":\"invalid_instance\",\"error_description\":\"AADSTS70002: Error in validating authority.\"}") }); try { context = new AuthenticationContext("https://login.microsoft0nline.com/common"); result = await context.AcquireTokenAsync(TestConstants.DefaultResource, TestConstants.DefaultClientId, TestConstants.DefaultRedirectUri, platformParameters); } catch (AdalException ex) { Assert.AreEqual(ex.ErrorCode, AdalError.AuthorityNotInValidList); } }
public async Task ForcePromptForSelectAccountPromptBehaviorTestAsync() { MockHelpers.ConfigureMockWebUI(new AuthorizationResult(AuthorizationStatus.Success, TestConstants.DefaultRedirectUri + "?code=some-code"), // validate that authorizationUri passed to WebUi contains prompt=select_account query parameter new Dictionary <string, string> { { "prompt", "select_account" } }); var context = new AuthenticationContext(TestConstants.DefaultAuthorityHomeTenant, true, new TokenCache()); await context.TokenCache.StoreToCacheAsync(new AuthenticationResultEx { RefreshToken = "some-rt", ResourceInResponse = TestConstants.DefaultResource, Result = new AuthenticationResult("Bearer", "existing-access-token", DateTimeOffset.UtcNow + TimeSpan.FromMinutes(100)) { UserInfo = new UserInfo() { DisplayableId = TestConstants.DefaultDisplayableId, UniqueId = TestConstants.DefaultUniqueId } }, }, TestConstants.DefaultAuthorityHomeTenant, TestConstants.DefaultResource, TestConstants.DefaultClientId, TokenSubjectType.User, new CallState(new Guid())).ConfigureAwait(false); ResetInstanceDiscovery(); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler(TestConstants.GetTokenEndpoint(TestConstants.DefaultAuthorityHomeTenant)) { Method = HttpMethod.Post, ResponseMessage = MockHelpers.CreateSuccessTokenResponseMessage(), PostData = new Dictionary <string, string> { { "grant_type", "authorization_code" } } }); AuthenticationResult result = await context.AcquireTokenAsync(TestConstants.DefaultResource, TestConstants.DefaultClientId, TestConstants.DefaultRedirectUri, new PlatformParameters(PromptBehavior.SelectAccount)).ConfigureAwait(false); Assert.IsNotNull(result); Assert.AreEqual(TestConstants.DefaultAuthorityHomeTenant, context.Authenticator.Authority); Assert.AreEqual("some-access-token", result.AccessToken); Assert.IsNotNull(result.UserInfo); Assert.AreEqual(TestConstants.DefaultDisplayableId, result.UserInfo.DisplayableId); Assert.AreEqual(TestConstants.DefaultUniqueId, result.UserInfo.UniqueId); // There should be only one cache entry. Assert.AreEqual(1, context.TokenCache.Count); }
public AddinDiscoverer(Options options) { // Setup the Github client var proxy = string.IsNullOrEmpty(options.ProxyUrl) ? null : new WebProxy(options.ProxyUrl); var credentials = !string.IsNullOrEmpty(options.GithubToken) ? new Credentials(options.GithubToken) : new Credentials(options.GithubUsername, options.GithuPassword); var connection = new Connection(new ProductHeaderValue(Constants.PRODUCT_NAME), new HttpClientAdapter(() => HttpMessageHandlerFactory.CreateDefault(proxy))) { Credentials = credentials, }; // Setup nuget var providers = new List <Lazy <INuGetResourceProvider> >(); providers.AddRange(NuGet.Protocol.Core.Types.Repository.Provider.GetCoreV3()); // Add v3 API support var packageSource = new PackageSource("https://api.nuget.org/v3/index.json"); // Setup the context that will be passed to each step _context = new DiscoveryContext() { Addins = Array.Empty <AddinMetadata>(), GithubClient = new GitHubClient(connection), GithubHttpClient = new HttpClientAdapter(() => HttpMessageHandlerFactory.CreateDefault(proxy)), HttpClient = new HttpClient(new HttpClientHandler() { Proxy = proxy, UseProxy = proxy != null }), NugetRepository = new SourceRepository(packageSource, providers), Options = options, TempFolder = Path.Combine(options.TemporaryFolder, Constants.PRODUCT_NAME), Version = typeof(AddinDiscoverer).GetTypeInfo().Assembly.GetName().Version.ToString(3) }; // Using '.CodeBase' because it returns where the assembly is located when not executing (in other words, the 'permanent' path of the assembly). // '.Location' would seem more intuitive but in the case of shadow copied assemblies, it would return a path in a temp directory. var currentPath = new Uri(Assembly.GetExecutingAssembly().CodeBase).LocalPath; var currentFolder = Path.GetDirectoryName(currentPath); var exclusionFilePath = Path.Combine(currentFolder, "exclusionlist.json"); var inclusionFilePath = Path.Combine(currentFolder, "inclusionlist.json"); using (var sr = new StreamReader(exclusionFilePath)) { var json = sr.ReadToEnd(); var jObject = JObject.Parse(json); _context.ExcludedAddins = jObject.Property("packages")?.Value.ToObject <string[]>() ?? Array.Empty <string>(); _context.ExcludedTags = jObject.Property("labels")?.Value.ToObject <string[]>() ?? Array.Empty <string>(); } using (var sr = new StreamReader(inclusionFilePath)) { var json = sr.ReadToEnd(); var jObject = JObject.Parse(json); _context.IncludedAddins = jObject.Property("packages")?.Value.ToObject <string[]>() ?? Array.Empty <string>(); } }
public bool Create_Proxy_PassedThrough(HttpRequestInfo info, IWebProxy value) { info.Proxy = value; var handler = new HttpMessageHandlerFactory().Create(info) as HttpClientHandler; return(value != null ? handler.UseProxy && ReferenceEquals(handler.Proxy, value) : !handler.UseProxy && ReferenceEquals(handler.Proxy, null)); }
public bool Create_Redirects_PassedThrough(HttpRequestInfo info, int value) { info.MaxRedirects = value; var handler = new HttpMessageHandlerFactory().Create(info) as HttpClientHandler; return(value > 0 ? handler.AllowAutoRedirect && handler.MaxAutomaticRedirections == value : !handler.AllowAutoRedirect); }
public async Task IntegratedAuthUsingUpn_MexDoesNotReturnAuthEndpointTestAsync() { AuthenticationContext context = new AuthenticationContext(TestConstants.DefaultAuthorityCommonTenant, new TokenCache()); await context.Authenticator.UpdateFromTemplateAsync(null).ConfigureAwait(false); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler() { Method = HttpMethod.Get, ResponseMessage = new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent("{\"ver\":\"1.0\",\"account_type\":\"federated\",\"domain_name\":\"microsoft.com\"," + "\"federation_protocol\":\"WSTrust\",\"federation_metadata_url\":" + "\"https://msft.sts.microsoft.com/adfs/services/trust/mex\"," + "\"federation_active_auth_url\":\"https://msft.sts.microsoft.com/adfs/services/trust/2005/usernamemixed\"" + ",\"cloud_instance_name\":\"login.microsoftonline.com\"}") }, QueryParams = new Dictionary <string, string>() { { "api-version", "1.0" } } }); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler("https://msft.sts.microsoft.com/adfs/services/trust/mex") { Method = HttpMethod.Get, ResponseMessage = new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent(File.ReadAllText("TestMex.xml")) } }); // Mex does not return integrated auth endpoint (.../13/windowstransport) HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler("https://msft.sts.microsoft.com/adfs/services/trust/13/windowstransport") { Method = HttpMethod.Post, ResponseMessage = new HttpResponseMessage(HttpStatusCode.NotFound) { Content = new StringContent("Not found") } }); // Call acquire token, endpoint not found var result = AssertException.TaskThrows <Exception>(() => context.AcquireTokenAsync(TestConstants.DefaultResource, TestConstants.DefaultClientId, new UserCredential(TestConstants.DefaultDisplayableId))); // Check exception message Assert.AreEqual("Federated service at https://msft.sts.microsoft.com/adfs/services/trust/13/windowstransport returned error: See inner exception for detail.", result.Message); Assert.AreEqual("Response status code does not indicate success: 404 (NotFound).", result.InnerException.Message); // There should be no cached entries. Assert.AreEqual(0, context.TokenCache.Count); // All mocks are consumed Assert.AreEqual(0, HttpMessageHandlerFactory.MockHandlersCount()); }
public void ConfidentialClientUsingSecretTest() { ConfidentialClientApplication app = new ConfidentialClientApplication(TestConstants.ClientId, TestConstants.RedirectUri, new ClientCredential(TestConstants.ClientSecret), new TokenCache(), new TokenCache()) { ValidateAuthority = false }; //add mock response for tenant endpoint discovery HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler { Method = HttpMethod.Get, ResponseMessage = MockHelpers.CreateOpenIdConfigurationResponse(app.Authority) }); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler() { Method = HttpMethod.Post, ResponseMessage = MockHelpers.CreateSuccessfulClientCredentialTokenResponseMessage() }); Task <AuthenticationResult> task = app.AcquireTokenForClientAsync(TestConstants.Scope.ToArray()); AuthenticationResult result = task.Result; Assert.IsNotNull(result); Assert.IsNotNull("header.payload.signature", result.AccessToken); Assert.AreEqual(TestConstants.Scope.AsSingleString(), result.Scopes.AsSingleString()); //make sure user token cache is empty Assert.AreEqual(0, app.UserTokenCache.TokenCacheAccessor.AccessTokenCacheDictionary.Count); Assert.AreEqual(0, app.UserTokenCache.TokenCacheAccessor.RefreshTokenCacheDictionary.Count); //check app token cache count to be 1 Assert.AreEqual(1, app.AppTokenCache.TokenCacheAccessor.AccessTokenCacheDictionary.Count); Assert.AreEqual(0, app.AppTokenCache.TokenCacheAccessor.RefreshTokenCacheDictionary.Count); //no refresh tokens are returned Assert.IsTrue(HttpMessageHandlerFactory.IsMocksQueueEmpty, "All mocks should have been consumed"); //call AcquireTokenForClientAsync again to get result back from the cache task = app.AcquireTokenForClientAsync(TestConstants.Scope.ToArray()); result = task.Result; Assert.IsNotNull(result); Assert.IsNotNull("header.payload.signature", result.AccessToken); Assert.AreEqual(TestConstants.Scope.AsSingleString(), result.Scopes.AsSingleString()); //make sure user token cache is empty Assert.AreEqual(0, app.UserTokenCache.TokenCacheAccessor.AccessTokenCacheDictionary.Count); Assert.AreEqual(0, app.UserTokenCache.TokenCacheAccessor.RefreshTokenCacheDictionary.Count); //check app token cache count to be 1 Assert.AreEqual(1, app.AppTokenCache.TokenCacheAccessor.AccessTokenCacheDictionary.Count); Assert.AreEqual(0, app.AppTokenCache.TokenCacheAccessor.RefreshTokenCacheDictionary.Count); //no refresh tokens are returned }
public async Task UserRealmDiscoveryTest() { AuthenticationContext context = new AuthenticationContext(TestConstants.DefaultAuthorityCommonTenant); await context.Authenticator.UpdateFromTemplateAsync(null); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler() { Method = HttpMethod.Get, ResponseMessage = new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent("{\"ver\":\"1.0\",\"account_type\":\"Federated\",\"domain_name\":\"microsoft.com\"," + "\"federation_protocol\":\"WSTrust\",\"federation_metadata_url\":" + "\"https://msft.sts.microsoft.com/adfs/services/trust/mex\"," + "\"federation_active_auth_url\":\"https://msft.sts.microsoft.com/adfs/services/trust/2005/usernamemixed\"" + ",\"cloudinstancename\":\"login.microsoftonline.com\"}") }, QueryParams = new Dictionary <string, string>() { { "api-version", "1.0" } } }); UserRealmDiscoveryResponse userRealmResponse = await UserRealmDiscoveryResponse.CreateByDiscoveryAsync(context.Authenticator.UserRealmUri, TestConstants.DefaultDisplayableId, null); VerifyUserRealmResponse(userRealmResponse, "Federated"); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler() { Method = HttpMethod.Get, ResponseMessage = new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent("{\"ver\":\"1.0\",\"account_type\":\"Unknown\",\"cloudinstancename\":\"login.microsoftonline.com\"}") }, QueryParams = new Dictionary <string, string>() { { "api-version", "1.0" } } }); userRealmResponse = await UserRealmDiscoveryResponse.CreateByDiscoveryAsync(context.Authenticator.UserRealmUri, TestConstants.DefaultDisplayableId, null); VerifyUserRealmResponse(userRealmResponse, "Unknown"); try { await UserRealmDiscoveryResponse.CreateByDiscoveryAsync(context.Authenticator.UserRealmUri, null, null); Assert.Fail("Exception expected"); } catch (AdalException ex) { Assert.IsNotNull(ex.ErrorCode, AdalError.UnknownUser); } }
public void DefaultHttpMessagePluginFactory_Method1() { var be = new HttpMessageHandlerFactory(); be.Create(null); }
public void DefaultHttpMessagePluginFactory_Constructor1() { var be = new HttpMessageHandlerFactory(null); }
public void DefaultHttpMessagePluginFactory_Constructor3() { var plugins = new Type[] { typeof(int) }; var be = new HttpMessageHandlerFactory(plugins); }
public void DefaultHttpMessagePluginFactory_Constructor2() { var be = new HttpMessageHandlerFactory(); Assert.IsNotNull(be); Assert.IsTrue(typeof(HttpMessageHandlerFactory).IsAssignableFrom(be.GetType())); }
public HttpQueryMessageHandlerFactory(int queryLimit, HttpMessageHandlerFactory innerFactory = null) { this.queryLimit = queryLimit; this.innerFactory = innerFactory; }
public void DefaultHttpMessagePluginFactory_Constructor4() { var plugins = new Type[] { typeof(DelegatingChannel) }; var be = new HttpMessageHandlerFactory(plugins); }
public void HttpMessageHandlerFactory_Constructor2() { HttpMessageHandlerFactory factory = new HttpMessageHandlerFactory(); Assert.IsNotNull(factory); }
public void Create_Throww_With_Null_Parameter() { HttpMessageHandlerFactory factory = new HttpMessageHandlerFactory(typeof(MockValidMessageHandler)); ExceptionAssert.ThrowsArgumentNull("innerChannel", () => factory.Create(null)); }
public void HttpMessageHandlers_Returns_Handler_Types() { HttpMessageHandlerFactory factory = new HttpMessageHandlerFactory(typeof(MockValidMessageHandler)); ReadOnlyCollection<Type> handlers = factory.HttpMessageHandlers; Assert.IsNotNull(handlers); Assert.AreEqual(1, handlers.Count()); }
public void DefaultHttpMessagePluginFactory_Constructor7() { var plugins = new Type[] { typeof(ValidConstructorHandler), typeof(InvalidConstructorHandler) }; var be = new HttpMessageHandlerFactory(plugins); }
public void DefaultHttpMessagePluginFactory_Property1() { var be = new HttpMessageHandlerFactory(); var plugins = be.HttpMessageHandlers; Assert.IsNotNull(plugins); Assert.AreEqual(0, plugins.Count()); }