public async Task HandlesAlternateDateTimeFormats([Values("en-US", "nl-NL")] string culture)
{
CultureInfo curCulture = CultureInfo.CurrentCulture;
CultureInfo.CurrentCulture = new CultureInfo(culture);
try
{
var(expectedToken, expectedExpiresOn, processOutput) = CredentialTestHelpers.CreateTokenForAzurePowerShell(TimeSpan.FromSeconds(30));
TestContext.WriteLine(processOutput);
var testProcess = new TestProcess
{
Output = processOutput,
};
AzurePowerShellCredential credential = InstrumentClient(
new AzurePowerShellCredential(
new AzurePowerShellCredentialOptions(),
CredentialPipeline.GetInstance(null),
new TestProcessService(testProcess, true)));
await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default));
}
finally
{
CultureInfo.CurrentCulture = new CultureInfo(curCulture.Name);
}
}
[RunOnlyOnPlatforms(Windows = true, OSX = true)] // Comment this attribute to run this tests on Linux with Libsecret enabled
public async Task DefaultAzureCredential_UseVisualStudioCodeCredential()
{
var options = Recording.InstrumentClientOptions(new DefaultAzureCredentialOptions
{
ExcludeEnvironmentCredential = true,
ExcludeInteractiveBrowserCredential = true,
ExcludeSharedTokenCacheCredential = true,
VisualStudioCodeTenantId = TestEnvironment.TestTenantId
});
var cloudName = Guid.NewGuid().ToString();
var fileSystem = CredentialTestHelpers.CreateFileSystemForVisualStudioCode(TestEnvironment, cloudName);
var process = new TestProcess {
Error = "Error"
};
var factory = new TestDefaultAzureCredentialFactory(options, fileSystem, new TestProcessService(process), default);
var credential = InstrumentClient(new DefaultAzureCredential(factory, options));
AccessToken token;
using (await CredentialTestHelpers.CreateRefreshTokenFixtureAsync(TestEnvironment, Mode, ExpectedServiceName, cloudName))
{
token = await credential.GetTokenAsync(new TokenRequestContext(new[] { "https://vault.azure.net/.default" }), CancellationToken.None);
}
Assert.IsNotNull(token.Token);
}
public async Task DefaultAzureCredential_UseAzureCliCredential()
{
var options = Recording.InstrumentClientOptions(new DefaultAzureCredentialOptions
{
ExcludeEnvironmentCredential = true,
ExcludeInteractiveBrowserCredential = true,
ExcludeSharedTokenCacheCredential = true,
VisualStudioCodeTenantId = TestEnvironment.TestTenantId
});
var(expectedToken, expectedExpiresOn, processOutput) = CredentialTestHelpers.CreateTokenForAzureCli();
var testProcess = new TestProcess {
Output = processOutput
};
var vscAdapter = new TestVscAdapter(ExpectedServiceName, "Azure", null);
var fileSystem = CredentialTestHelpers.CreateFileSystemForVisualStudioCode(TestEnvironment);
var factory = new TestDefaultAzureCredentialFactory(options, fileSystem, new TestProcessService(testProcess), vscAdapter);
var credential = InstrumentClient(new DefaultAzureCredential(factory, options));
AccessToken token = await credential.GetTokenAsync(new TokenRequestContext(new[] { "https://vault.azure.net/.default" }), CancellationToken.None);
Assert.AreEqual(token.Token, expectedToken);
Assert.AreEqual(token.ExpiresOn, expectedExpiresOn);
}
public async Task AuthenticateWithCliCredential(
[Values(null, TenantIdHint)] string tenantId,
[Values(true)] bool allowMultiTenantAuthentication,
[Values(null, TenantId)] string explicitTenantId)
{
var context = new TokenRequestContext(new[] { Scope }, tenantId: tenantId);
var options = new AzureCliCredentialOptions {
TenantId = explicitTenantId, AllowMultiTenantAuthentication = allowMultiTenantAuthentication
};
string expectedTenantId = TenantIdResolver.Resolve(explicitTenantId, context, options.AllowMultiTenantAuthentication);
var(expectedToken, expectedExpiresOn, processOutput) = CredentialTestHelpers.CreateTokenForAzureCli();
var testProcess = new TestProcess {
Output = processOutput
};
AzureCliCredential credential =
InstrumentClient(new AzureCliCredential(CredentialPipeline.GetInstance(null), new TestProcessService(testProcess, true), options));
AccessToken actualToken = await credential.GetTokenAsync(context);
Assert.AreEqual(expectedToken, actualToken.Token);
Assert.AreEqual(expectedExpiresOn, actualToken.ExpiresOn);
var expectTenantId = expectedTenantId != null;
if (expectTenantId)
{
Assert.That(testProcess.StartInfo.Arguments, Does.Contain($"-tenant {expectedTenantId}"));
}
else
{
Assert.That(testProcess.StartInfo.Arguments, Does.Not.Contain("-tenant"));
}
}
public async Task AuthenticateWithVsCredential()
{
var fileSystem = CredentialTestHelpers.CreateFileSystemForVisualStudio();
var(expectedToken, expectedExpiresOn, processOutput) = CredentialTestHelpers.CreateTokenForVisualStudio();
var testProcess = new TestProcess {
Output = processOutput
};
var credential = InstrumentClient(new VisualStudioCredential(default, default, fileSystem, new TestProcessService(testProcess)));
public async Task AuthenticateWithVsCredential([Values(null, TenantIdHint)] string tenantId, [Values(true)] bool allowMultiTenantAuthentication)
{
var fileSystem = CredentialTestHelpers.CreateFileSystemForVisualStudio();
var(expectedToken, expectedExpiresOn, processOutput) = CredentialTestHelpers.CreateTokenForVisualStudio();
var testProcess = new TestProcess {
Output = processOutput
};
var options = new VisualStudioCredentialOptions();
var credential = InstrumentClient(new VisualStudioCredential(TenantId, default, fileSystem, new TestProcessService(testProcess, true), options));
[RunOnlyOnPlatforms(Windows = true)] // VisualStudioCredential works only on Windows
public async Task ChainedTokenCredential_UseVisualStudioCredential()
{
var fileSystem = CredentialTestHelpers.CreateFileSystemForVisualStudio();
var(expectedToken, expectedExpiresOn, processOutput) = CredentialTestHelpers.CreateTokenForVisualStudio();
var processService = new TestProcessService(new TestProcess {
Output = processOutput
});
var miCredential = new ManagedIdentityCredential(EnvironmentVariables.ClientId);
var vsCredential = new VisualStudioCredential(default, default, fileSystem, processService);
public async Task AuthenticateWithVscCredential()
{
var cloudName = Guid.NewGuid().ToString();
var fileSystem = CredentialTestHelpers.CreateFileSystemForVisualStudioCode(TestEnvironment, cloudName);
using IDisposable fixture = await CredentialTestHelpers.CreateRefreshTokenFixtureAsync(TestEnvironment, Mode, ExpectedServiceName, cloudName);
var options = InstrumentClientOptions(new VisualStudioCodeCredentialOptions {
TenantId = TestEnvironment.TestTenantId
});
VisualStudioCodeCredential credential = InstrumentClient(new VisualStudioCodeCredential(options, default, default, fileSystem, default));
public async Task AuthenticateWithCliCredential_ExpiresIn()
{
var(expectedToken, expectedExpiresOn, processOutput) = CredentialTestHelpers.CreateTokenForAzureCliExpiresIn(1800);
var testProcess = new TestProcess {
Output = processOutput
};
AzureCliCredential credential = InstrumentClient(new AzureCliCredential(CredentialPipeline.GetInstance(null), new TestProcessService(testProcess)));
AccessToken actualToken = await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default));
Assert.AreEqual(expectedToken, actualToken.Token);
Assert.LessOrEqual(expectedExpiresOn, actualToken.ExpiresOn);
}
public override TokenCredential GetTokenCredential(TokenCredentialOptions options)
{
var fileSystem = CredentialTestHelpers.CreateFileSystemForVisualStudio();
var(_, _, processOutput) = CredentialTestHelpers.CreateTokenForVisualStudio();
var testProcess = new TestProcess {
Output = processOutput
};
var vsOptions = new VisualStudioCredentialOptions
{
Diagnostics = { IsAccountIdentifierLoggingEnabled = options.Diagnostics.IsAccountIdentifierLoggingEnabled }
};
return(InstrumentClient(new VisualStudioCredential(TenantId, default, fileSystem, new TestProcessService(testProcess, true), vsOptions)));
public async Task AuthenticateWithAzurePowerShellCredential()
{
var(expectedToken, expectedExpiresOn, processOutput) = CredentialTestHelpers.CreateTokenForAzurePowerShell(TimeSpan.FromSeconds(30));
var testProcess = new TestProcess {
Output = processOutput
};
AzurePowerShellCredential credential = InstrumentClient(new AzurePowerShellCredential
(new AzurePowerShellCredentialOptions(), CredentialPipeline.GetInstance(null), new TestProcessService(testProcess)));
AccessToken actualToken = await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default));
Assert.AreEqual(expectedToken, actualToken.Token);
Assert.AreEqual(expectedExpiresOn, actualToken.ExpiresOn);
}
public override TokenCredential GetTokenCredential(TokenCredentialOptions options)
{
var azCliOptions = new AzureCliCredentialOptions
{
Diagnostics = { IsAccountIdentifierLoggingEnabled = options.Diagnostics.IsAccountIdentifierLoggingEnabled }
};
var(_, _, processOutput) = CredentialTestHelpers.CreateTokenForAzureCli();
var testProcess = new TestProcess {
Output = processOutput
};
return(InstrumentClient(new AzureCliCredential(CredentialPipeline.GetInstance(null), new TestProcessService(testProcess, true), azCliOptions)));
}
public override TokenCredential GetTokenCredential(TokenCredentialOptions options)
{
var pwshOptions = new AzurePowerShellCredentialOptions
{
Diagnostics = { IsAccountIdentifierLoggingEnabled = options.Diagnostics.IsAccountIdentifierLoggingEnabled }
};
var(_, _, processOutput) = CredentialTestHelpers.CreateTokenForAzurePowerShell(TimeSpan.FromSeconds(30));
var testProcess = new TestProcess {
Output = processOutput
};
return(InstrumentClient(
new AzurePowerShellCredential(pwshOptions, CredentialPipeline.GetInstance(null), new TestProcessService(testProcess, true))));
}
public override TokenCredential GetTokenCredential(TokenCredentialOptions options)
{
using var env = new TestEnvVar(new Dictionary <string, string> { { "TENANT_ID", TenantId } });
var environment = new IdentityTestEnvironment();
var vscOptions = new VisualStudioCodeCredentialOptions
{
Diagnostics = { IsAccountIdentifierLoggingEnabled = options.Diagnostics.IsAccountIdentifierLoggingEnabled },
TenantId = environment.TenantId,
Transport = new MockTransport()
};
return(InstrumentClient(
new VisualStudioCodeCredential(
vscOptions,
null,
mockPublicMsalClient,
CredentialTestHelpers.CreateFileSystemForVisualStudioCode(environment),
new TestVscAdapter("VS Code Azure", "AzureCloud", expectedToken))));
}
public async Task AuthenticateWithAzurePowerShellCredential(
[Values(null, TenantIdHint)] string tenantId,
[Values(true)] bool allowMultiTenantAuthentication,
[Values(null, TenantId)] string explicitTenantId)
{
var context = new TokenRequestContext(new[] { Scope }, tenantId: tenantId);
var options = new AzurePowerShellCredentialOptions {
TenantId = explicitTenantId, AllowMultiTenantAuthentication = allowMultiTenantAuthentication
};
string expectedTenantId = TenantIdResolver.Resolve(explicitTenantId, context, options.AllowMultiTenantAuthentication);
var(expectedToken, expectedExpiresOn, processOutput) = CredentialTestHelpers.CreateTokenForAzurePowerShell(TimeSpan.FromSeconds(30));
var testProcess = new TestProcess {
Output = processOutput
};
AzurePowerShellCredential credential = InstrumentClient(
new AzurePowerShellCredential(options, CredentialPipeline.GetInstance(null), new TestProcessService(testProcess, true)));
AccessToken actualToken = await credential.GetTokenAsync(context);
Assert.AreEqual(expectedToken, actualToken.Token);
Assert.AreEqual(expectedExpiresOn, actualToken.ExpiresOn);
var iStart = testProcess.StartInfo.Arguments.IndexOf("EncodedCommand");
iStart = testProcess.StartInfo.Arguments.IndexOf('\"', iStart) + 1;
var iEnd = testProcess.StartInfo.Arguments.IndexOf('\"', iStart);
var commandString = testProcess.StartInfo.Arguments.Substring(iStart, iEnd - iStart);
var b = Convert.FromBase64String(commandString);
commandString = Encoding.Unicode.GetString(b);
var expectTenantId = expectedTenantId != null;
if (expectTenantId)
{
Assert.That(commandString, Does.Contain($"-TenantId {expectedTenantId}"));
}
else
{
Assert.That(commandString, Does.Not.Contain("-TenantId"));
}
}
public async Task DefaultAzureCredential_UseVisualStudioCodeCredential_ParallelCalls()
{
var options = InstrumentClientOptions(new DefaultAzureCredentialOptions
{
ExcludeEnvironmentCredential = true,
ExcludeInteractiveBrowserCredential = true,
ExcludeSharedTokenCacheCredential = true,
ExcludeManagedIdentityCredential = true,
VisualStudioCodeTenantId = TestEnvironment.TestTenantId
});
var cloudName = Guid.NewGuid().ToString();
var fileSystem = CredentialTestHelpers.CreateFileSystemForVisualStudioCode(TestEnvironment, cloudName);
var processService = new TestProcessService {
CreateHandler = psi => new TestProcess {
Error = "Error"
}
};
var factory = new TestDefaultAzureCredentialFactory(options, fileSystem, processService, default)
{
ManagedIdentitySourceFactory = () => default
};
var credential = InstrumentClient(new DefaultAzureCredential(factory, options));
var tasks = new List <Task <AccessToken> >();
using (await CredentialTestHelpers.CreateRefreshTokenFixtureAsync(TestEnvironment, Mode, ExpectedServiceName, cloudName))
{
for (int i = 0; i < 10; i++)
{
tasks.Add(Task.Run(async() => await credential.GetTokenAsync(new TokenRequestContext(new[] { TestEnvironment.KeyvaultScope }), CancellationToken.None)));
}
await Task.WhenAll(tasks);
}
foreach (Task <AccessToken> task in tasks)
{
Assert.IsNotNull(task.Result.Token);
}
}
public async Task DefaultAzureCredential_UseVisualStudioCodeCredential()
{
var options = InstrumentClientOptions(new DefaultAzureCredentialOptions
{
ExcludeEnvironmentCredential = true,
ExcludeInteractiveBrowserCredential = true,
ExcludeSharedTokenCacheCredential = true,
ExcludeManagedIdentityCredential = true,
ExcludeVisualStudioCredential = true,
VisualStudioCodeTenantId = TestEnvironment.TestTenantId
});
var cloudName = Guid.NewGuid().ToString();
var fileSystem = CredentialTestHelpers.CreateFileSystemForVisualStudioCode(TestEnvironment, cloudName);
var process = new TestProcess {
Error = "Error"
};
var factory = new TestDefaultAzureCredentialFactory(options, fileSystem, new TestProcessService(process), default)
{
ManagedIdentitySourceFactory = () => default
};
var credential = InstrumentClient(new DefaultAzureCredential(factory, options));
AccessToken token;
List <ClientDiagnosticListener.ProducedDiagnosticScope> scopes;
using (await CredentialTestHelpers.CreateRefreshTokenFixtureAsync(TestEnvironment, Mode, ExpectedServiceName, cloudName))
using (ClientDiagnosticListener diagnosticListener = new ClientDiagnosticListener(s => s.StartsWith("Azure.Identity")))
{
token = await credential.GetTokenAsync(new TokenRequestContext(new[] { TestEnvironment.KeyvaultScope }), CancellationToken.None);
scopes = diagnosticListener.Scopes;
}
Assert.IsNotNull(token.Token);
Assert.AreEqual(2, scopes.Count);
Assert.AreEqual($"{nameof(DefaultAzureCredential)}.{nameof(DefaultAzureCredential.GetToken)}", scopes[0].Name);
Assert.AreEqual($"{nameof(VisualStudioCodeCredential)}.{nameof(VisualStudioCodeCredential.GetToken)}", scopes[1].Name);
}
public async Task AuthenticateWithVsCodeCredential([Values(null, TenantIdHint)] string tenantId, [Values(true)] bool allowMultiTenantAuthentication)
{
using var env = new TestEnvVar(new Dictionary<string, string> {{"TENANT_ID", TenantId}});
var environment = new IdentityTestEnvironment();
var options = new VisualStudioCodeCredentialOptions { TenantId = environment.TenantId, Transport = new MockTransport() };
var context = new TokenRequestContext(new[] { Scope }, tenantId: tenantId);
expectedTenantId = TenantIdResolver.Resolve(environment.TenantId, context);
VisualStudioCodeCredential credential = InstrumentClient(
new VisualStudioCodeCredential(
options,
null,
mockPublicMsalClient,
CredentialTestHelpers.CreateFileSystemForVisualStudioCode(environment),
new TestVscAdapter("VS Code Azure", "AzureCloud", expectedToken)));
var actualToken = await credential.GetTokenAsync(context, CancellationToken.None);
Assert.AreEqual(expectedToken, actualToken.Token, "Token should match");
Assert.AreEqual(expiresOn, actualToken.ExpiresOn, "expiresOn should match");
}
public async Task DefaultAzureCredential_UseAzureCliCredential()
{
var options = InstrumentClientOptions(new DefaultAzureCredentialOptions
{
ExcludeEnvironmentCredential = true,
ExcludeInteractiveBrowserCredential = true,
ExcludeSharedTokenCacheCredential = true,
VisualStudioCodeTenantId = TestEnvironment.TestTenantId
});
var(expectedToken, expectedExpiresOn, processOutput) = CredentialTestHelpers.CreateTokenForAzureCli();
var testProcess = new TestProcess {
Output = processOutput
};
var vscAdapter = new TestVscAdapter(ExpectedServiceName, "AzureCloud", null);
var fileSystem = CredentialTestHelpers.CreateFileSystemForVisualStudioCode(TestEnvironment);
var factory = new TestDefaultAzureCredentialFactory(options, fileSystem, new TestProcessService(testProcess), vscAdapter)
{
ManagedIdentitySourceFactory = () => default
};
var credential = InstrumentClient(new DefaultAzureCredential(factory, options));
AccessToken token;
List <ClientDiagnosticListener.ProducedDiagnosticScope> scopes;
using (ClientDiagnosticListener diagnosticListener = new ClientDiagnosticListener(s => s.StartsWith("Azure.Identity")))
{
token = await credential.GetTokenAsync(new TokenRequestContext(new[] { "https://vault.azure.net/.default" }), CancellationToken.None);
scopes = diagnosticListener.Scopes;
}
Assert.AreEqual(token.Token, expectedToken);
Assert.AreEqual(token.ExpiresOn, expectedExpiresOn);
Assert.AreEqual(2, scopes.Count);
Assert.AreEqual($"{nameof(DefaultAzureCredential)}.{nameof(DefaultAzureCredential.GetToken)}", scopes[0].Name);
Assert.AreEqual($"{nameof(AzureCliCredential)}.{nameof(AzureCliCredential.GetToken)}", scopes[1].Name);
}
public async Task DefaultAzureCredential_UseAzureCliCredential_ParallelCalls()
{
var options = InstrumentClientOptions(new DefaultAzureCredentialOptions
{
ExcludeEnvironmentCredential = true,
ExcludeInteractiveBrowserCredential = true,
ExcludeSharedTokenCacheCredential = true,
VisualStudioCodeTenantId = TestEnvironment.TestTenantId
});
var(expectedToken, expectedExpiresOn, processOutput) = CredentialTestHelpers.CreateTokenForAzureCli();
var processService = new TestProcessService {
CreateHandler = psi => new TestProcess {
Output = processOutput
}
};
var vscAdapter = new TestVscAdapter(ExpectedServiceName, "AzureCloud", null);
var fileSystem = CredentialTestHelpers.CreateFileSystemForVisualStudioCode(TestEnvironment);
var factory = new TestDefaultAzureCredentialFactory(options, fileSystem, processService, vscAdapter)
{
ManagedIdentitySourceFactory = () => default
};
var credential = InstrumentClient(new DefaultAzureCredential(factory, options));
var tasks = new List <Task <AccessToken> >();
for (int i = 0; i < 10; i++)
{
tasks.Add(Task.Run(async() => await credential.GetTokenAsync(new TokenRequestContext(new[] { "https://vault.azure.net/.default" }), CancellationToken.None)));
}
await Task.WhenAll(tasks);
foreach (Task <AccessToken> task in tasks)
{
Assert.AreEqual(task.Result.Token, expectedToken);
Assert.AreEqual(task.Result.ExpiresOn, expectedExpiresOn);
}
}
[RunOnlyOnPlatforms(Windows = true)] // VisualStudioCredential works only on Windows
public async Task DefaultAzureCredential_UseVisualStudioCredential()
{
var options = InstrumentClientOptions(new DefaultAzureCredentialOptions
{
ExcludeEnvironmentCredential = true,
ExcludeManagedIdentityCredential = true,
ExcludeInteractiveBrowserCredential = true,
ExcludeSharedTokenCacheCredential = true,
ExcludeAzureCliCredential = true,
});
var fileSystem = CredentialTestHelpers.CreateFileSystemForVisualStudio();
var(expectedToken, expectedExpiresOn, processOutput) = CredentialTestHelpers.CreateTokenForVisualStudio();
var testProcess = new TestProcess {
Output = processOutput
};
var factory = new TestDefaultAzureCredentialFactory(options, fileSystem, new TestProcessService(testProcess), default);
var credential = InstrumentClient(new DefaultAzureCredential(factory, options));
AccessToken token;
List <ClientDiagnosticListener.ProducedDiagnosticScope> scopes;
using (ClientDiagnosticListener diagnosticListener = new ClientDiagnosticListener(s => s.StartsWith("Azure.Identity")))
{
token = await credential.GetTokenAsync(new TokenRequestContext(new[] { TestEnvironment.KeyvaultScope }), CancellationToken.None);
scopes = diagnosticListener.Scopes;
}
Assert.AreEqual(token.Token, expectedToken);
Assert.AreEqual(token.ExpiresOn, expectedExpiresOn);
Assert.AreEqual(2, scopes.Count);
Assert.AreEqual($"{nameof(DefaultAzureCredential)}.{nameof(DefaultAzureCredential.GetToken)}", scopes[0].Name);
Assert.AreEqual($"{nameof(VisualStudioCredential)}.{nameof(VisualStudioCredential.GetToken)}", scopes[1].Name);
}