public async Task CreateFromResourceResponseAsync_HttpClient_Null_Async(HttpClient httpClient)
{
const string resourceUri = "https://example.com/";
Func <Task> action = () => WwwAuthenticateParameters.CreateFromResourceResponseAsync(httpClient, resourceUri);
await Assert.ThrowsExceptionAsync <ArgumentNullException>(action).ConfigureAwait(false);
}
public async Task CreateWwwAuthenticateResponseFromGraphUrlAsync()
{
var authParams = await WwwAuthenticateParameters.CreateFromResourceResponseAsync("https://graph.microsoft.com/v1.0/me").ConfigureAwait(false);
Assert.AreEqual("https://login.microsoftonline.com/common", authParams.Authority);
Assert.AreEqual("common", authParams.GetTenantId());
Assert.AreEqual(3, authParams.RawParameters.Count);
Assert.IsNull(authParams.Claims);
Assert.IsNull(authParams.Error);
}
public async Task CreateWwwAuthenticateResponseFromKeyVaultUrlAsync()
{
var authParams = await WwwAuthenticateParameters.CreateFromResourceResponseAsync("https://buildautomation.vault.azure.net/secrets/CertName/CertVersion").ConfigureAwait(false);
Assert.AreEqual("login.windows.net", new Uri(authParams.Authority).Host);
Assert.AreEqual("72f988bf-86f1-41af-91ab-2d7cd011db47", authParams.GetTenantId()); // because the Key Vault resource belong to Microsoft Corp tenant
Assert.AreEqual(2, authParams.RawParameters.Count);
Assert.IsNull(authParams.Claims);
Assert.IsNull(authParams.Error);
}
public async Task CreateWwwAuthenticateResponseFromKeyVaultUrlAsync()
{
var authParams = await WwwAuthenticateParameters.CreateFromResourceResponseAsync("https://msidentitywebsamples.vault.azure.net/secrets/CertName/CertVersion").ConfigureAwait(false);
Assert.AreEqual("https://vault.azure.net", authParams.Resource);
Assert.AreEqual("login.windows.net", new Uri(authParams.Authority).Host);
Assert.AreEqual("https://vault.azure.net/.default", authParams.Scopes.FirstOrDefault());
Assert.AreEqual(2, authParams.RawParameters.Count);
Assert.IsNull(authParams.Claims);
Assert.IsNull(authParams.Error);
}
public async Task CreateWwwAuthenticateResponseFromAzureResourceManagerUrlAsync(string hostName, string subscriptionId, string authority, string tenantId)
{
const string apiVersion = "2020-08-01"; // current latest API version for /subscriptions/get
var url = $"https://{hostName}/subscriptions/{subscriptionId}?api-version={apiVersion}";
var authParams = await WwwAuthenticateParameters.CreateFromResourceResponseAsync(url).ConfigureAwait(false);
Assert.AreEqual($"https://{authority}/{tenantId}", authParams.Authority); // authority URI consists of AAD endpoint and tenant ID
Assert.AreEqual(tenantId, authParams.GetTenantId()); // tenant ID is extracted out of authority URI
Assert.AreEqual(3, authParams.RawParameters.Count);
Assert.IsNull(authParams.Claims);
Assert.AreEqual("invalid_token", authParams.Error);
}
public async Task CreateFromResourceResponseAsync_HttpClient_ADFS_GetTenantId_Null_Async(string authority)
{
const string resourceUri = "https://example.com/";
string tenantId = Guid.NewGuid().ToString();
var handler = new MockHttpMessageHandler
{
ExpectedMethod = HttpMethod.Get,
ExpectedUrl = resourceUri,
ResponseMessage = CreateInvalidTokenHttpErrorResponse(tenantId, authority)
};
var httpClient = new HttpClient(handler);
var authParams = await WwwAuthenticateParameters.CreateFromResourceResponseAsync(httpClient, resourceUri).ConfigureAwait(false);
Assert.IsNull(authParams.GetTenantId());
}
public async Task CreateFromResourceResponseAsync_HttpClient_B2C_GetTenantId_Async()
{
const string resourceUri = "https://example.com/";
const string tenantId = "tenant";
var handler = new MockHttpMessageHandler
{
ExpectedMethod = HttpMethod.Get,
ExpectedUrl = resourceUri,
ResponseMessage = CreateInvalidTokenHttpErrorResponse(authority: TestConstants.B2CAuthority)
};
var httpClient = new HttpClient(handler);
var authParams = await WwwAuthenticateParameters.CreateFromResourceResponseAsync(httpClient, resourceUri).ConfigureAwait(false);
Assert.AreEqual(authParams.GetTenantId(), tenantId);
}
public async Task CreateFromResourceResponseAsync_Incorrect_ResourceUri_Async(string resourceUri)
{
Func <Task> action = () => WwwAuthenticateParameters.CreateFromResourceResponseAsync(resourceUri);
await Assert.ThrowsExceptionAsync <ArgumentNullException>(action).ConfigureAwait(false);
}
