public async Task DefaultAzureCredential_UseAzureCliCredential()
{
var options = Recording.InstrumentClientOptions(new DefaultAzureCredentialOptions
{
ExcludeEnvironmentCredential = true,
ExcludeInteractiveBrowserCredential = true,
ExcludeSharedTokenCacheCredential = true,
VisualStudioCodeTenantId = TestEnvironment.TestTenantId
});
var(expectedToken, expectedExpiresOn, processOutput) = CredentialTestHelpers.CreateTokenForAzureCli();
var testProcess = new TestProcess {
Output = processOutput
};
var vscAdapter = new TestVscAdapter(ExpectedServiceName, "Azure", null);
var fileSystem = CredentialTestHelpers.CreateFileSystemForVisualStudioCode(TestEnvironment);
var factory = new TestDefaultAzureCredentialFactory(options, fileSystem, new TestProcessService(testProcess), vscAdapter);
var credential = InstrumentClient(new DefaultAzureCredential(factory, options));
AccessToken token = await credential.GetTokenAsync(new TokenRequestContext(new[] { "https://vault.azure.net/.default" }), CancellationToken.None);
Assert.AreEqual(token.Token, expectedToken);
Assert.AreEqual(token.ExpiresOn, expectedExpiresOn);
}
[RunOnlyOnPlatforms(Windows = true, OSX = true)] // Comment this attribute to run this tests on Linux with Libsecret enabled
public async Task DefaultAzureCredential_UseVisualStudioCodeCredential()
{
var options = Recording.InstrumentClientOptions(new DefaultAzureCredentialOptions
{
ExcludeEnvironmentCredential = true,
ExcludeInteractiveBrowserCredential = true,
ExcludeSharedTokenCacheCredential = true,
VisualStudioCodeTenantId = TestEnvironment.TestTenantId
});
var cloudName = Guid.NewGuid().ToString();
var fileSystem = CredentialTestHelpers.CreateFileSystemForVisualStudioCode(TestEnvironment, cloudName);
var process = new TestProcess {
Error = "Error"
};
var factory = new TestDefaultAzureCredentialFactory(options, fileSystem, new TestProcessService(process), default);
var credential = InstrumentClient(new DefaultAzureCredential(factory, options));
AccessToken token;
using (await CredentialTestHelpers.CreateRefreshTokenFixtureAsync(TestEnvironment, Mode, ExpectedServiceName, cloudName))
{
token = await credential.GetTokenAsync(new TokenRequestContext(new[] { "https://vault.azure.net/.default" }), CancellationToken.None);
}
Assert.IsNotNull(token.Token);
}
public async Task AuthenticateWithVscCredential()
{
var cloudName = Guid.NewGuid().ToString();
var fileSystem = CredentialTestHelpers.CreateFileSystemForVisualStudioCode(TestEnvironment, cloudName);
using IDisposable fixture = await CredentialTestHelpers.CreateRefreshTokenFixtureAsync(TestEnvironment, Mode, ExpectedServiceName, cloudName);
var options = InstrumentClientOptions(new VisualStudioCodeCredentialOptions {
TenantId = TestEnvironment.TestTenantId
});
VisualStudioCodeCredential credential = InstrumentClient(new VisualStudioCodeCredential(options, default, default, fileSystem, default));
public override TokenCredential GetTokenCredential(TokenCredentialOptions options)
{
using var env = new TestEnvVar(new Dictionary <string, string> { { "TENANT_ID", TenantId } });
var environment = new IdentityTestEnvironment();
var vscOptions = new VisualStudioCodeCredentialOptions
{
Diagnostics = { IsAccountIdentifierLoggingEnabled = options.Diagnostics.IsAccountIdentifierLoggingEnabled },
TenantId = environment.TenantId,
Transport = new MockTransport()
};
return(InstrumentClient(
new VisualStudioCodeCredential(
vscOptions,
null,
mockPublicMsalClient,
CredentialTestHelpers.CreateFileSystemForVisualStudioCode(environment),
new TestVscAdapter("VS Code Azure", "AzureCloud", expectedToken))));
}
public async Task DefaultAzureCredential_UseVisualStudioCodeCredential_ParallelCalls()
{
var options = InstrumentClientOptions(new DefaultAzureCredentialOptions
{
ExcludeEnvironmentCredential = true,
ExcludeInteractiveBrowserCredential = true,
ExcludeSharedTokenCacheCredential = true,
ExcludeManagedIdentityCredential = true,
VisualStudioCodeTenantId = TestEnvironment.TestTenantId
});
var cloudName = Guid.NewGuid().ToString();
var fileSystem = CredentialTestHelpers.CreateFileSystemForVisualStudioCode(TestEnvironment, cloudName);
var processService = new TestProcessService {
CreateHandler = psi => new TestProcess {
Error = "Error"
}
};
var factory = new TestDefaultAzureCredentialFactory(options, fileSystem, processService, default)
{
ManagedIdentitySourceFactory = () => default
};
var credential = InstrumentClient(new DefaultAzureCredential(factory, options));
var tasks = new List <Task <AccessToken> >();
using (await CredentialTestHelpers.CreateRefreshTokenFixtureAsync(TestEnvironment, Mode, ExpectedServiceName, cloudName))
{
for (int i = 0; i < 10; i++)
{
tasks.Add(Task.Run(async() => await credential.GetTokenAsync(new TokenRequestContext(new[] { TestEnvironment.KeyvaultScope }), CancellationToken.None)));
}
await Task.WhenAll(tasks);
}
foreach (Task <AccessToken> task in tasks)
{
Assert.IsNotNull(task.Result.Token);
}
}
public async Task DefaultAzureCredential_UseVisualStudioCodeCredential()
{
var options = InstrumentClientOptions(new DefaultAzureCredentialOptions
{
ExcludeEnvironmentCredential = true,
ExcludeInteractiveBrowserCredential = true,
ExcludeSharedTokenCacheCredential = true,
ExcludeManagedIdentityCredential = true,
ExcludeVisualStudioCredential = true,
VisualStudioCodeTenantId = TestEnvironment.TestTenantId
});
var cloudName = Guid.NewGuid().ToString();
var fileSystem = CredentialTestHelpers.CreateFileSystemForVisualStudioCode(TestEnvironment, cloudName);
var process = new TestProcess {
Error = "Error"
};
var factory = new TestDefaultAzureCredentialFactory(options, fileSystem, new TestProcessService(process), default)
{
ManagedIdentitySourceFactory = () => default
};
var credential = InstrumentClient(new DefaultAzureCredential(factory, options));
AccessToken token;
List <ClientDiagnosticListener.ProducedDiagnosticScope> scopes;
using (await CredentialTestHelpers.CreateRefreshTokenFixtureAsync(TestEnvironment, Mode, ExpectedServiceName, cloudName))
using (ClientDiagnosticListener diagnosticListener = new ClientDiagnosticListener(s => s.StartsWith("Azure.Identity")))
{
token = await credential.GetTokenAsync(new TokenRequestContext(new[] { TestEnvironment.KeyvaultScope }), CancellationToken.None);
scopes = diagnosticListener.Scopes;
}
Assert.IsNotNull(token.Token);
Assert.AreEqual(2, scopes.Count);
Assert.AreEqual($"{nameof(DefaultAzureCredential)}.{nameof(DefaultAzureCredential.GetToken)}", scopes[0].Name);
Assert.AreEqual($"{nameof(VisualStudioCodeCredential)}.{nameof(VisualStudioCodeCredential.GetToken)}", scopes[1].Name);
}
public async Task AuthenticateWithVsCodeCredential([Values(null, TenantIdHint)] string tenantId, [Values(true)] bool allowMultiTenantAuthentication)
{
using var env = new TestEnvVar(new Dictionary<string, string> {{"TENANT_ID", TenantId}});
var environment = new IdentityTestEnvironment();
var options = new VisualStudioCodeCredentialOptions { TenantId = environment.TenantId, Transport = new MockTransport() };
var context = new TokenRequestContext(new[] { Scope }, tenantId: tenantId);
expectedTenantId = TenantIdResolver.Resolve(environment.TenantId, context);
VisualStudioCodeCredential credential = InstrumentClient(
new VisualStudioCodeCredential(
options,
null,
mockPublicMsalClient,
CredentialTestHelpers.CreateFileSystemForVisualStudioCode(environment),
new TestVscAdapter("VS Code Azure", "AzureCloud", expectedToken)));
var actualToken = await credential.GetTokenAsync(context, CancellationToken.None);
Assert.AreEqual(expectedToken, actualToken.Token, "Token should match");
Assert.AreEqual(expiresOn, actualToken.ExpiresOn, "expiresOn should match");
}
public async Task DefaultAzureCredential_UseAzureCliCredential_ParallelCalls()
{
var options = InstrumentClientOptions(new DefaultAzureCredentialOptions
{
ExcludeEnvironmentCredential = true,
ExcludeInteractiveBrowserCredential = true,
ExcludeSharedTokenCacheCredential = true,
VisualStudioCodeTenantId = TestEnvironment.TestTenantId
});
var(expectedToken, expectedExpiresOn, processOutput) = CredentialTestHelpers.CreateTokenForAzureCli();
var processService = new TestProcessService {
CreateHandler = psi => new TestProcess {
Output = processOutput
}
};
var vscAdapter = new TestVscAdapter(ExpectedServiceName, "AzureCloud", null);
var fileSystem = CredentialTestHelpers.CreateFileSystemForVisualStudioCode(TestEnvironment);
var factory = new TestDefaultAzureCredentialFactory(options, fileSystem, processService, vscAdapter)
{
ManagedIdentitySourceFactory = () => default
};
var credential = InstrumentClient(new DefaultAzureCredential(factory, options));
var tasks = new List <Task <AccessToken> >();
for (int i = 0; i < 10; i++)
{
tasks.Add(Task.Run(async() => await credential.GetTokenAsync(new TokenRequestContext(new[] { "https://vault.azure.net/.default" }), CancellationToken.None)));
}
await Task.WhenAll(tasks);
foreach (Task <AccessToken> task in tasks)
{
Assert.AreEqual(task.Result.Token, expectedToken);
Assert.AreEqual(task.Result.ExpiresOn, expectedExpiresOn);
}
}
public async Task DefaultAzureCredential_UseAzureCliCredential()
{
var options = InstrumentClientOptions(new DefaultAzureCredentialOptions
{
ExcludeEnvironmentCredential = true,
ExcludeInteractiveBrowserCredential = true,
ExcludeSharedTokenCacheCredential = true,
VisualStudioCodeTenantId = TestEnvironment.TestTenantId
});
var(expectedToken, expectedExpiresOn, processOutput) = CredentialTestHelpers.CreateTokenForAzureCli();
var testProcess = new TestProcess {
Output = processOutput
};
var vscAdapter = new TestVscAdapter(ExpectedServiceName, "AzureCloud", null);
var fileSystem = CredentialTestHelpers.CreateFileSystemForVisualStudioCode(TestEnvironment);
var factory = new TestDefaultAzureCredentialFactory(options, fileSystem, new TestProcessService(testProcess), vscAdapter)
{
ManagedIdentitySourceFactory = () => default
};
var credential = InstrumentClient(new DefaultAzureCredential(factory, options));
AccessToken token;
List <ClientDiagnosticListener.ProducedDiagnosticScope> scopes;
using (ClientDiagnosticListener diagnosticListener = new ClientDiagnosticListener(s => s.StartsWith("Azure.Identity")))
{
token = await credential.GetTokenAsync(new TokenRequestContext(new[] { "https://vault.azure.net/.default" }), CancellationToken.None);
scopes = diagnosticListener.Scopes;
}
Assert.AreEqual(token.Token, expectedToken);
Assert.AreEqual(token.ExpiresOn, expectedExpiresOn);
Assert.AreEqual(2, scopes.Count);
Assert.AreEqual($"{nameof(DefaultAzureCredential)}.{nameof(DefaultAzureCredential.GetToken)}", scopes[0].Name);
Assert.AreEqual($"{nameof(AzureCliCredential)}.{nameof(AzureCliCredential.GetToken)}", scopes[1].Name);
}
