public async Task DefaultAzureCredential_UseAzureCliCredential() { var options = Recording.InstrumentClientOptions(new DefaultAzureCredentialOptions { ExcludeEnvironmentCredential = true, ExcludeInteractiveBrowserCredential = true, ExcludeSharedTokenCacheCredential = true, VisualStudioCodeTenantId = TestEnvironment.TestTenantId }); var(expectedToken, expectedExpiresOn, processOutput) = CredentialTestHelpers.CreateTokenForAzureCli(); var testProcess = new TestProcess { Output = processOutput }; var vscAdapter = new TestVscAdapter(ExpectedServiceName, "Azure", null); var fileSystem = CredentialTestHelpers.CreateFileSystemForVisualStudioCode(TestEnvironment); var factory = new TestDefaultAzureCredentialFactory(options, fileSystem, new TestProcessService(testProcess), vscAdapter); var credential = InstrumentClient(new DefaultAzureCredential(factory, options)); AccessToken token = await credential.GetTokenAsync(new TokenRequestContext(new[] { "https://vault.azure.net/.default" }), CancellationToken.None); Assert.AreEqual(token.Token, expectedToken); Assert.AreEqual(token.ExpiresOn, expectedExpiresOn); }
public async Task AuthenticateWithCliCredential( [Values(null, TenantIdHint)] string tenantId, [Values(true)] bool allowMultiTenantAuthentication, [Values(null, TenantId)] string explicitTenantId) { var context = new TokenRequestContext(new[] { Scope }, tenantId: tenantId); var options = new AzureCliCredentialOptions { TenantId = explicitTenantId, AllowMultiTenantAuthentication = allowMultiTenantAuthentication }; string expectedTenantId = TenantIdResolver.Resolve(explicitTenantId, context, options.AllowMultiTenantAuthentication); var(expectedToken, expectedExpiresOn, processOutput) = CredentialTestHelpers.CreateTokenForAzureCli(); var testProcess = new TestProcess { Output = processOutput }; AzureCliCredential credential = InstrumentClient(new AzureCliCredential(CredentialPipeline.GetInstance(null), new TestProcessService(testProcess, true), options)); AccessToken actualToken = await credential.GetTokenAsync(context); Assert.AreEqual(expectedToken, actualToken.Token); Assert.AreEqual(expectedExpiresOn, actualToken.ExpiresOn); var expectTenantId = expectedTenantId != null; if (expectTenantId) { Assert.That(testProcess.StartInfo.Arguments, Does.Contain($"-tenant {expectedTenantId}")); } else { Assert.That(testProcess.StartInfo.Arguments, Does.Not.Contain("-tenant")); } }
public async Task AuthenticateWithCliCredential() { var(expectedToken, expectedExpiresOn, processOutput) = CredentialTestHelpers.CreateTokenForAzureCli(); var testProcess = new TestProcess { Output = processOutput }; AzureCliCredential credential = InstrumentClient(new AzureCliCredential(CredentialPipeline.GetInstance(null), new TestProcessService(testProcess))); AccessToken actualToken = await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default)); Assert.AreEqual(expectedToken, actualToken.Token); Assert.AreEqual(expectedExpiresOn, actualToken.ExpiresOn); }
public override TokenCredential GetTokenCredential(TokenCredentialOptions options) { var azCliOptions = new AzureCliCredentialOptions { Diagnostics = { IsAccountIdentifierLoggingEnabled = options.Diagnostics.IsAccountIdentifierLoggingEnabled } }; var(_, _, processOutput) = CredentialTestHelpers.CreateTokenForAzureCli(); var testProcess = new TestProcess { Output = processOutput }; return(InstrumentClient(new AzureCliCredential(CredentialPipeline.GetInstance(null), new TestProcessService(testProcess, true), azCliOptions))); }
public async Task DefaultAzureCredential_UseAzureCliCredential_ParallelCalls() { var options = InstrumentClientOptions(new DefaultAzureCredentialOptions { ExcludeEnvironmentCredential = true, ExcludeInteractiveBrowserCredential = true, ExcludeSharedTokenCacheCredential = true, VisualStudioCodeTenantId = TestEnvironment.TestTenantId }); var(expectedToken, expectedExpiresOn, processOutput) = CredentialTestHelpers.CreateTokenForAzureCli(); var processService = new TestProcessService { CreateHandler = psi => new TestProcess { Output = processOutput } }; var vscAdapter = new TestVscAdapter(ExpectedServiceName, "AzureCloud", null); var fileSystem = CredentialTestHelpers.CreateFileSystemForVisualStudioCode(TestEnvironment); var factory = new TestDefaultAzureCredentialFactory(options, fileSystem, processService, vscAdapter) { ManagedIdentitySourceFactory = () => default }; var credential = InstrumentClient(new DefaultAzureCredential(factory, options)); var tasks = new List <Task <AccessToken> >(); for (int i = 0; i < 10; i++) { tasks.Add(Task.Run(async() => await credential.GetTokenAsync(new TokenRequestContext(new[] { "https://vault.azure.net/.default" }), CancellationToken.None))); } await Task.WhenAll(tasks); foreach (Task <AccessToken> task in tasks) { Assert.AreEqual(task.Result.Token, expectedToken); Assert.AreEqual(task.Result.ExpiresOn, expectedExpiresOn); } }
public async Task DefaultAzureCredential_UseAzureCliCredential() { var options = InstrumentClientOptions(new DefaultAzureCredentialOptions { ExcludeEnvironmentCredential = true, ExcludeInteractiveBrowserCredential = true, ExcludeSharedTokenCacheCredential = true, VisualStudioCodeTenantId = TestEnvironment.TestTenantId }); var(expectedToken, expectedExpiresOn, processOutput) = CredentialTestHelpers.CreateTokenForAzureCli(); var testProcess = new TestProcess { Output = processOutput }; var vscAdapter = new TestVscAdapter(ExpectedServiceName, "AzureCloud", null); var fileSystem = CredentialTestHelpers.CreateFileSystemForVisualStudioCode(TestEnvironment); var factory = new TestDefaultAzureCredentialFactory(options, fileSystem, new TestProcessService(testProcess), vscAdapter) { ManagedIdentitySourceFactory = () => default }; var credential = InstrumentClient(new DefaultAzureCredential(factory, options)); AccessToken token; List <ClientDiagnosticListener.ProducedDiagnosticScope> scopes; using (ClientDiagnosticListener diagnosticListener = new ClientDiagnosticListener(s => s.StartsWith("Azure.Identity"))) { token = await credential.GetTokenAsync(new TokenRequestContext(new[] { "https://vault.azure.net/.default" }), CancellationToken.None); scopes = diagnosticListener.Scopes; } Assert.AreEqual(token.Token, expectedToken); Assert.AreEqual(token.ExpiresOn, expectedExpiresOn); Assert.AreEqual(2, scopes.Count); Assert.AreEqual($"{nameof(DefaultAzureCredential)}.{nameof(DefaultAzureCredential.GetToken)}", scopes[0].Name); Assert.AreEqual($"{nameof(AzureCliCredential)}.{nameof(AzureCliCredential.GetToken)}", scopes[1].Name); }