public async Task NoMatchingAccountsUsernameOnly() { string expToken = Guid.NewGuid().ToString(); DateTimeOffset expExpiresOn = DateTimeOffset.UtcNow.AddMinutes(5); string fakeuserTenantId = Guid.NewGuid().ToString(); string madeupuserTenantId = Guid.NewGuid().ToString(); var mockMsalClient = new MockMsalPublicClient { Accounts = new IAccount[] { new MockAccount("*****@*****.**", fakeuserTenantId), new MockAccount("*****@*****.**", madeupuserTenantId) }, SilentAuthFactory = (_) => { return(AuthenticationResultFactory.Create(accessToken: expToken, expiresOn: expExpiresOn)); } }; // with username var credential = InstrumentClient(new SharedTokenCacheCredential(null, "*****@*****.**", CredentialPipeline.GetInstance(null), mockMsalClient)); var ex = Assert.ThrowsAsync <CredentialUnavailableException>(async() => await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); Assert.AreEqual(ex.Message, "SharedTokenCacheCredential authentication unavailable. No account matching the specified username: [email protected] was found in the cache."); await Task.CompletedTask; }
public async Task UiRequiredException() { string expToken = Guid.NewGuid().ToString(); DateTimeOffset expExpiresOn = DateTimeOffset.UtcNow.AddMinutes(5); var mockMsalClient = new MockMsalPublicClient { Accounts = new IAccount[] { new MockAccount("*****@*****.**") }, SilentAuthFactory = (_) => { throw new MsalUiRequiredException("code", "message"); } }; // with username var credential = InstrumentClient(new SharedTokenCacheCredential(null, "*****@*****.**", CredentialPipeline.GetInstance(null), mockMsalClient)); var ex = Assert.ThrowsAsync <CredentialUnavailableException>(async() => await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); var expErrorMessage = "Token acquisition failed for user [email protected]. To fix, re-authenticate through developer tooling supporting Azure single sign on."; Assert.AreEqual(expErrorMessage, ex.Message); await Task.CompletedTask; }
public async Task VerifyAuthenticationRecordOption() { var expectedHomeId = $"{Guid.NewGuid()}.{Guid.NewGuid()}"; var expectedEnvironment = AzureAuthorityHosts.AzurePublicCloud.ToString(); var acquireTokenSilentCalled = false; var options = new SharedTokenCacheCredentialOptions { AuthenticationRecord = new AuthenticationRecord(expectedUsername, expectedEnvironment, expectedHomeId, Guid.NewGuid().ToString(), Guid.NewGuid().ToString()) }; var mockMsalClient = new MockMsalPublicClient { Accounts = new List <IAccount> { new MockAccount("*****@*****.**") }, ExtendedSilentAuthFactory = (_, account, __, ___) => { Assert.AreEqual(expectedUsername, account.Username); Assert.AreEqual(expectedEnvironment, account.Environment); Assert.AreEqual(expectedHomeId, account.HomeAccountId.Identifier); acquireTokenSilentCalled = true; return(AuthenticationResultFactory.Create()); } }; var credential = InstrumentClient(new SharedTokenCacheCredential(null, null, options, null, mockMsalClient)); AccessToken token = await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default)); Assert.IsTrue(acquireTokenSilentCalled); }
public async Task MatchAnyTenantIdWithEnableGuestTenantAuthenticationAndUsername() { string expToken = Guid.NewGuid().ToString(); DateTimeOffset expExpiresOn = DateTimeOffset.UtcNow.AddMinutes(5); string tenantId = Guid.NewGuid().ToString(); var mockMsalClient = new MockMsalPublicClient { Accounts = new List <IAccount> { new MockAccount("*****@*****.**", Guid.NewGuid().ToString()), new MockAccount("*****@*****.**", Guid.NewGuid().ToString()) }, SilentAuthFactory = (_) => { return(AuthenticationResultFactory.Create(accessToken: expToken, expiresOn: expExpiresOn)); } }; var credential = InstrumentClient(new SharedTokenCacheCredential(tenantId, "*****@*****.**", new SharedTokenCacheCredentialOptions { EnableGuestTenantAuthentication = true }, null, mockMsalClient)); AccessToken token = await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default)); Assert.AreEqual(expToken, token.Token); Assert.AreEqual(expExpiresOn, token.ExpiresOn); }
public async Task MultipleAccountsNoTenantIdOrUsername() { string expToken = Guid.NewGuid().ToString(); DateTimeOffset expExpiresOn = DateTimeOffset.UtcNow.AddMinutes(5); string fakeuserTenantId = Guid.NewGuid().ToString(); string madeupuserTenantId = Guid.NewGuid().ToString(); var mockMsalClient = new MockMsalPublicClient { Accounts = new List <IAccount> { new MockAccount("*****@*****.**", fakeuserTenantId), new MockAccount("*****@*****.**", madeupuserTenantId) }, SilentAuthFactory = (_) => { return(AuthenticationResultFactory.Create(accessToken: expToken, expiresOn: expExpiresOn)); } }; var credential = InstrumentClient(new SharedTokenCacheCredential(null, null, null, null, mockMsalClient)); var ex = Assert.ThrowsAsync <CredentialUnavailableException>(async() => await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); Assert.AreEqual(ex.Message, "SharedTokenCacheCredential authentication unavailable. Multiple accounts were found in the cache. Use username and tenant id to disambiguate."); await Task.CompletedTask; }
public async Task VerifyMsalClientExceptionAsync() { string expInnerExMessage = Guid.NewGuid().ToString(); var mockMsalClient = new MockMsalPublicClient() { UserPassAuthFactory = (_) => { throw new MockClientException(expInnerExMessage); } }; var username = Guid.NewGuid().ToString(); var password = Guid.NewGuid().ToString(); var credential = InstrumentClient(new UsernamePasswordCredential(username, password, CredentialPipeline.GetInstance(null), mockMsalClient)); var ex = Assert.ThrowsAsync <AuthenticationFailedException>(async() => await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); Assert.IsNotNull(ex.InnerException); Assert.IsInstanceOf(typeof(MockClientException), ex.InnerException); Assert.AreEqual(expInnerExMessage, ex.InnerException.Message); await Task.CompletedTask; }
public async Task UiRequiredException() { string expToken = Guid.NewGuid().ToString(); DateTimeOffset expExpiresOn = DateTimeOffset.UtcNow.AddMinutes(5); var mockMsalClient = new MockMsalPublicClient { Accounts = new List <IAccount> { new MockAccount(expectedUsername) }, SilentAuthFactory = (_) => { throw new MsalUiRequiredException("code", "message"); } }; // with username var credential = InstrumentClient(new SharedTokenCacheCredential(null, expectedUsername, null, null, mockMsalClient)); var ex = Assert.ThrowsAsync <CredentialUnavailableException>(async() => await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); var expErrorMessage = $"SharedTokenCacheCredential authentication unavailable. Token acquisition failed for user {expectedUsername}. Ensure that you have authenticated with a developer tool that supports Azure single sign on."; Assert.AreEqual(expErrorMessage, ex.Message); await Task.CompletedTask; }
public async Task MultipleMatchingAccountsUsernameAndTenantId() { string expToken = Guid.NewGuid().ToString(); DateTimeOffset expExpiresOn = DateTimeOffset.UtcNow.AddMinutes(5); string fakeuserTenantId = Guid.NewGuid().ToString(); string mockuserTenantId = Guid.NewGuid().ToString(); string mockuserGuestTenantId = fakeuserTenantId; var mockMsalClient = new MockMsalPublicClient { Accounts = new List <IAccount> { new MockAccount("*****@*****.**", fakeuserTenantId), new MockAccount(expectedUsername, mockuserTenantId), new MockAccount(expectedUsername, mockuserTenantId) }, SilentAuthFactory = (_) => { return(AuthenticationResultFactory.Create(accessToken: expToken, expiresOn: expExpiresOn)); } }; var credential = InstrumentClient(new SharedTokenCacheCredential(mockuserTenantId, expectedUsername, null, null, mockMsalClient)); var ex = Assert.ThrowsAsync <CredentialUnavailableException>(async() => await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); Assert.AreEqual(ex.Message, $"SharedTokenCacheCredential authentication unavailable. Multiple accounts matching the specified username: {expectedUsername} tenantId: {mockuserTenantId} were found in the cache."); await Task.CompletedTask; }
public void TestSetup() { expectedTenantId = null; expectedReplyUri = null; authCode = Guid.NewGuid().ToString(); options = new TokenCredentialOptions(); expectedToken = Guid.NewGuid().ToString(); expectedUserAssertion = Guid.NewGuid().ToString(); expiresOn = DateTimeOffset.Now.AddHours(1); result = new AuthenticationResult( expectedToken, false, null, expiresOn, expiresOn, TenantId, new MockAccount("username"), null, new[] { Scope }, Guid.NewGuid(), null, "Bearer"); mockConfidentialMsalClient = new MockMsalConfidentialClient() .WithSilentFactory( (_, _tenantId, _replyUri, _) => { Assert.AreEqual(expectedTenantId, _tenantId); Assert.AreEqual(expectedReplyUri, _replyUri); return(new ValueTask <AuthenticationResult>(result)); }) .WithAuthCodeFactory( (_, _tenantId, _replyUri, _) => { Assert.AreEqual(expectedTenantId, _tenantId); Assert.AreEqual(expectedReplyUri, _replyUri); return(result); }) .WithOnBehalfOfFactory( (_, _, userAssertion, _, _) => { Assert.AreEqual(expectedUserAssertion, userAssertion.Assertion); return(new ValueTask <AuthenticationResult>(result)); }) .WithClientFactory( (_, _tenantId) => { Assert.AreEqual(expectedTenantId, _tenantId); return(result); }); expectedCode = Guid.NewGuid().ToString(); mockPublicMsalClient = new MockMsalPublicClient(); deviceCodeResult = MockMsalPublicClient.GetDeviceCodeResult(deviceCode: expectedCode); mockPublicMsalClient.DeviceCodeResult = deviceCodeResult; var publicResult = new AuthenticationResult( expectedToken, false, null, expiresOn, expiresOn, TenantId, new MockAccount("username"), null, new[] { Scope }, Guid.NewGuid(), null, "Bearer"); mockPublicMsalClient.SilentAuthFactory = (_, tId) => { Assert.AreEqual(expectedTenantId, tId); return(publicResult); }; mockPublicMsalClient.DeviceCodeAuthFactory = (_, _) => { // Assert.AreEqual(tenantId, tId); return(publicResult); }; mockPublicMsalClient.InteractiveAuthFactory = (_, _, _, _, tenant, _, _) => { Assert.AreEqual(expectedTenantId, tenant, "TenantId passed to msal should match"); return(result); }; mockPublicMsalClient.SilentAuthFactory = (_, tenant) => { Assert.AreEqual(expectedTenantId, tenant, "TenantId passed to msal should match"); return(result); }; mockPublicMsalClient.ExtendedSilentAuthFactory = (_, _, _, tenant, _, _) => { Assert.AreEqual(expectedTenantId, tenant, "TenantId passed to msal should match"); return(result); }; mockPublicMsalClient.UserPassAuthFactory = (_, tenant) => { Assert.AreEqual(expectedTenantId, tenant, "TenantId passed to msal should match"); return(result); }; mockPublicMsalClient.RefreshTokenFactory = (_, _, _, _, tenant, _, _) => { Assert.AreEqual(expectedTenantId, tenant, "TenantId passed to msal should match"); return(result); }; }