public async Task InteractiveBrowserRefreshException() { string expInnerExMessage = Guid.NewGuid().ToString(); string expToken = Guid.NewGuid().ToString(); DateTimeOffset expExpiresOn = DateTimeOffset.UtcNow.AddMinutes(5); var mockMsalClient = new MockMsalPublicClient { InteractiveAuthFactory = (_) => { return(AuthenticationResultFactory.Create(accessToken: expToken, expiresOn: expExpiresOn)); }, SilentAuthFactory = (_) => { throw new MsalUiRequiredException("errorCode", "message"); } }; var credential = InstrumentClient(new InteractiveBrowserCredential(CredentialPipeline.GetInstance(null), mockMsalClient)); AccessToken token = await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default)); Assert.AreEqual(expToken, token.Token); Assert.AreEqual(expExpiresOn, token.ExpiresOn); mockMsalClient.InteractiveAuthFactory = (_) => { throw new MockClientException(expInnerExMessage); }; var ex = Assert.ThrowsAsync <AuthenticationFailedException>(async() => await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); Assert.IsNotNull(ex.InnerException); Assert.IsInstanceOf(typeof(MockClientException), ex.InnerException); Assert.AreEqual(expInnerExMessage, ex.InnerException.Message); await Task.CompletedTask; }
public async Task NoMatchingAccountsTenantIdOnly() { string expToken = Guid.NewGuid().ToString(); DateTimeOffset expExpiresOn = DateTimeOffset.UtcNow.AddMinutes(5); string fakeuserTenantId = Guid.NewGuid().ToString(); string madeupuserTenantId = Guid.NewGuid().ToString(); string tenantId = Guid.NewGuid().ToString(); var mockMsalClient = new MockMsalPublicClient { Accounts = new List <IAccount> { new MockAccount("*****@*****.**", fakeuserTenantId), new MockAccount("*****@*****.**", madeupuserTenantId) }, SilentAuthFactory = (_, _) => { return(AuthenticationResultFactory.Create(accessToken: expToken, expiresOn: expExpiresOn)); } }; // with username var credential = InstrumentClient(new SharedTokenCacheCredential(tenantId, null, null, null, mockMsalClient)); var ex = Assert.ThrowsAsync <CredentialUnavailableException>(async() => await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); Assert.AreEqual( ex.Message, $"SharedTokenCacheCredential authentication unavailable. No account matching the specified tenantId: {tenantId} was found in the cache."); await Task.CompletedTask; }
public async Task MultipleAccountsNoTenantIdOrUsername() { string expToken = Guid.NewGuid().ToString(); DateTimeOffset expExpiresOn = DateTimeOffset.UtcNow.AddMinutes(5); string fakeuserTenantId = Guid.NewGuid().ToString(); string madeupuserTenantId = Guid.NewGuid().ToString(); var mockMsalClient = new MockMsalPublicClient { Accounts = new List <IAccount> { new MockAccount("*****@*****.**", fakeuserTenantId), new MockAccount("*****@*****.**", madeupuserTenantId) }, SilentAuthFactory = (_, _) => { return(AuthenticationResultFactory.Create(accessToken: expToken, expiresOn: expExpiresOn)); } }; var credential = InstrumentClient(new SharedTokenCacheCredential(null, null, null, null, mockMsalClient)); var ex = Assert.ThrowsAsync <CredentialUnavailableException>(async() => await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); Assert.AreEqual(ex.Message, SharedTokenCacheCredential.MultipleAccountsInCacheMessage); await Task.CompletedTask; }
public async Task OneMatchingAccountTenantIdAndUsername() { string expToken = Guid.NewGuid().ToString(); DateTimeOffset expExpiresOn = DateTimeOffset.UtcNow.AddMinutes(5); string tenantId = Guid.NewGuid().ToString(); var mockMsalClient = new MockMsalPublicClient { Accounts = new List <IAccount> { new MockAccount(expectedUsername, Guid.NewGuid().ToString()), new MockAccount("*****@*****.**"), new MockAccount(expectedUsername, tenantId) }, SilentAuthFactory = (_, _) => { return(AuthenticationResultFactory.Create(accessToken: expToken, expiresOn: expExpiresOn)); } }; var credential = InstrumentClient(new SharedTokenCacheCredential(tenantId, expectedUsername, null, null, mockMsalClient)); AccessToken token = await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default)); Assert.AreEqual(expToken, token.Token); Assert.AreEqual(expExpiresOn, token.ExpiresOn); }
public async Task MultipleMatchingAccountsUsernameAndTenantId() { string expToken = Guid.NewGuid().ToString(); DateTimeOffset expExpiresOn = DateTimeOffset.UtcNow.AddMinutes(5); string fakeuserTenantId = Guid.NewGuid().ToString(); string mockuserTenantId = Guid.NewGuid().ToString(); string mockuserGuestTenantId = fakeuserTenantId; var mockMsalClient = new MockMsalPublicClient { Accounts = new IAccount[] { new MockAccount("*****@*****.**", fakeuserTenantId), new MockAccount("*****@*****.**", mockuserTenantId), new MockAccount("*****@*****.**", mockuserTenantId) }, SilentAuthFactory = (_) => { return(AuthenticationResultFactory.Create(accessToken: expToken, expiresOn: expExpiresOn)); } }; var credential = InstrumentClient(new SharedTokenCacheCredential(mockuserTenantId, "*****@*****.**", CredentialPipeline.GetInstance(null), mockMsalClient)); var ex = Assert.ThrowsAsync <CredentialUnavailableException>(async() => await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); Assert.True(ex.Message.StartsWith($"Multiple accounts matching the specified username: [email protected] tenantId: {mockuserTenantId} were found in the cache")); Assert.True(ex.Message.Contains($"username: [email protected] tenantId: {fakeuserTenantId}")); Assert.True(ex.Message.IndexOf($"username: [email protected] tenantId: {mockuserTenantId}") != ex.Message.LastIndexOf($"username: [email protected] tenantId: {mockuserTenantId}")); await Task.CompletedTask; }
public async Task ValidateClientSecretCredentialSucceededEvents() { var mockMsalClient = new MockMsalConfidentialClient(AuthenticationResultFactory.Create()); var credential = InstrumentClient(new ClientSecretCredential(Guid.NewGuid().ToString(), Guid.NewGuid().ToString(), Guid.NewGuid().ToString(), CredentialPipeline.GetInstance(null), mockMsalClient)); var method = "ClientSecretCredential.GetToken"; await AssertCredentialGetTokenSucceededAsync(credential, method); }
public async Task ValidateClientCertificateCredentialSucceededEvents() { var mockMsalClient = new MockMsalConfidentialClient(AuthenticationResultFactory.Create(Guid.NewGuid().ToString(), expiresOn: DateTimeOffset.Now + TimeSpan.FromMinutes(10))); var mockAadClient = new MockAadIdentityClient(() => new AccessToken(Guid.NewGuid().ToString(), DateTimeOffset.UtcNow.AddMinutes(10))); var credential = InstrumentClient(new ClientCertificateCredential(Guid.NewGuid().ToString(), Guid.NewGuid().ToString(), new X509Certificate2(), CredentialPipeline.GetInstance(null), mockMsalClient)); var method = "ClientCertificateCredential.GetToken"; await AssertCredentialGetTokenSucceededAsync(credential, method); }
public async Task ValidateDeviceCodeCredentialSucceededEvents() { var mockMsalClient = new MockMsalPublicClient() { DeviceCodeAuthFactory = (_) => { return(AuthenticationResultFactory.Create(accessToken: Guid.NewGuid().ToString(), expiresOn: DateTimeOffset.UtcNow.AddMinutes(10))); } }; var credential = InstrumentClient(new DeviceCodeCredential((_, __) => { return(Task.CompletedTask); }, Guid.NewGuid().ToString(), CredentialPipeline.GetInstance(null), mockMsalClient)); var method = "Azure.Identity.DeviceCodeCredential.GetToken"; await AssertCredentialGetTokenSucceededAsync(credential, method); }
public async Task ValidateInteractiveBrowserCredentialSucceededEvents() { var mockMsalClient = new MockMsalPublicClient() { InteractiveAuthFactory = (_) => { return(AuthenticationResultFactory.Create(accessToken: Guid.NewGuid().ToString(), expiresOn: DateTimeOffset.UtcNow.AddMinutes(10))); } }; var credential = InstrumentClient(new InteractiveBrowserCredential(CredentialPipeline.GetInstance(null), mockMsalClient)); var method = "InteractiveBrowserCredential.GetToken"; await AssertCredentialGetTokenSucceededAsync(credential, method); }
public async Task ValidateSharedTokenCacheCredentialSucceededEvents() { var mockMsalClient = new MockMsalPublicClient { Accounts = new IAccount[] { new MockAccount("*****@*****.**") }, SilentAuthFactory = (_) => { return(AuthenticationResultFactory.Create(accessToken: Guid.NewGuid().ToString(), expiresOn: DateTimeOffset.UtcNow.AddMinutes(10))); } }; var credential = InstrumentClient(new SharedTokenCacheCredential(null, "*****@*****.**", CredentialPipeline.GetInstance(null), mockMsalClient)); var method = "SharedTokenCacheCredential.GetToken"; await AssertCredentialGetTokenSucceededAsync(credential, method); }
public async Task OneMatchingAccountUsernameOnly() { string expToken = Guid.NewGuid().ToString(); DateTimeOffset expExpiresOn = DateTimeOffset.UtcNow.AddMinutes(5); var mockMsalClient = new MockMsalPublicClient { Accounts = new IAccount[] { new MockAccount("*****@*****.**"), new MockAccount("*****@*****.**") }, SilentAuthFactory = (_) => { return(AuthenticationResultFactory.Create(accessToken: expToken, expiresOn: expExpiresOn)); } }; var credential = InstrumentClient(new SharedTokenCacheCredential(null, "*****@*****.**", CredentialPipeline.GetInstance(null), mockMsalClient)); AccessToken token = await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default)); Assert.AreEqual(expToken, token.Token); Assert.AreEqual(expExpiresOn, token.ExpiresOn); }
public async Task VerifyAuthenticationRecordOption() { var expectedHomeId = $"{Guid.NewGuid()}.{Guid.NewGuid()}"; var expectedEnvironment = AzureAuthorityHosts.AzurePublicCloud.ToString(); var acquireTokenSilentCalled = false; var options = new SharedTokenCacheCredentialOptions { AuthenticationRecord = new AuthenticationRecord( expectedUsername, expectedEnvironment, expectedHomeId, Guid.NewGuid().ToString(), Guid.NewGuid().ToString()) }; var mockMsalClient = new MockMsalPublicClient { Accounts = new List <IAccount> { new MockAccount("*****@*****.**") }, ExtendedSilentAuthFactory = (_, _, account, _, _, _) => { Assert.AreEqual(expectedUsername, account.Username); Assert.AreEqual(expectedEnvironment, account.Environment); Assert.AreEqual(expectedHomeId, account.HomeAccountId.Identifier); acquireTokenSilentCalled = true; return(AuthenticationResultFactory.Create()); } }; var credential = InstrumentClient(new SharedTokenCacheCredential(null, null, options, null, mockMsalClient)); AccessToken token = await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default)); Assert.IsTrue(acquireTokenSilentCalled); }
public async Task NoAccounts() { string expToken = Guid.NewGuid().ToString(); DateTimeOffset expExpiresOn = DateTimeOffset.UtcNow.AddMinutes(5); var mockMsalClient = new MockMsalPublicClient { Accounts = new List <IAccount> { }, SilentAuthFactory = (_) => { return(AuthenticationResultFactory.Create(accessToken: expToken, expiresOn: expExpiresOn)); } }; // without username var credential = InstrumentClient(new SharedTokenCacheCredential(null, null, null, null, mockMsalClient)); var ex = Assert.ThrowsAsync <CredentialUnavailableException>(async() => await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); Assert.AreEqual(SharedTokenCacheCredential.NoAccountsInCacheMessage, ex.Message); // with username var credential2 = InstrumentClient(new SharedTokenCacheCredential(null, "*****@*****.**", null, null, mockMsalClient)); var ex2 = Assert.ThrowsAsync <CredentialUnavailableException>(async() => await credential2.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); Assert.AreEqual(SharedTokenCacheCredential.NoAccountsInCacheMessage, ex2.Message); // with tenantId var credential3 = InstrumentClient(new SharedTokenCacheCredential(Guid.NewGuid().ToString(), null, null, null, mockMsalClient)); var ex3 = Assert.ThrowsAsync <CredentialUnavailableException>(async() => await credential3.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); Assert.AreEqual(SharedTokenCacheCredential.NoAccountsInCacheMessage, ex3.Message); // with tenantId and username var credential4 = InstrumentClient(new SharedTokenCacheCredential(Guid.NewGuid().ToString(), "*****@*****.**", null, null, mockMsalClient)); var ex4 = Assert.ThrowsAsync <CredentialUnavailableException>(async() => await credential4.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); Assert.AreEqual(SharedTokenCacheCredential.NoAccountsInCacheMessage, ex4.Message); await Task.CompletedTask; }
public async Task MultipleMatchingAccountsDifferentHomeIds() { string expToken = Guid.NewGuid().ToString(); DateTimeOffset expExpiresOn = DateTimeOffset.UtcNow.AddMinutes(5); var mockMsalClient = new MockMsalPublicClient { Accounts = new IAccount[] { new MockAccount("*****@*****.**"), new MockAccount("*****@*****.**"), new MockAccount("*****@*****.**") }, SilentAuthFactory = (_) => { return(AuthenticationResultFactory.Create(accessToken: expToken, expiresOn: expExpiresOn)); } }; // with username var credential = InstrumentClient(new SharedTokenCacheCredential("*****@*****.**", CredentialPipeline.GetInstance(null), mockMsalClient)); var ex = Assert.ThrowsAsync <CredentialUnavailableException>(async() => await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); Assert.True(ex.Message.Contains("Multiple entries for the user account '*****@*****.**' were found in the shared token cache. This is not currently supported by the SharedTokenCacheCredential.")); await Task.CompletedTask; }
public async Task NoMatchingAccounts() { string expToken = Guid.NewGuid().ToString(); DateTimeOffset expExpiresOn = DateTimeOffset.UtcNow.AddMinutes(5); var mockMsalClient = new MockMsalPublicClient { Accounts = new IAccount[] { new MockAccount("*****@*****.**"), new MockAccount("*****@*****.**") }, SilentAuthFactory = (_) => { return(AuthenticationResultFactory.Create(accessToken: expToken, expiresOn: expExpiresOn)); } }; // with username var credential = InstrumentClient(new SharedTokenCacheCredential("*****@*****.**", CredentialPipeline.GetInstance(null), mockMsalClient)); var ex = Assert.ThrowsAsync <CredentialUnavailableException>(async() => await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); Assert.True(ex.Message.Contains($"account '*****@*****.**' was not found")); Assert.True(ex.Message.Contains($"Discovered Accounts: [ '*****@*****.**', '*****@*****.**' ]")); await Task.CompletedTask; }
public async Task MultipleMatchingAccountsUsernameOnly() { string expToken = Guid.NewGuid().ToString(); DateTimeOffset expExpiresOn = DateTimeOffset.UtcNow.AddMinutes(5); string fakeuserTenantId = Guid.NewGuid().ToString(); string mockuserTenantId = Guid.NewGuid().ToString(); string mockuserGuestTenantId = fakeuserTenantId; var mockMsalClient = new MockMsalPublicClient { Accounts = new IAccount[] { new MockAccount("*****@*****.**", fakeuserTenantId), new MockAccount("*****@*****.**", mockuserTenantId), new MockAccount("*****@*****.**", mockuserGuestTenantId) }, SilentAuthFactory = (_) => { return(AuthenticationResultFactory.Create(accessToken: expToken, expiresOn: expExpiresOn)); } }; var credential = InstrumentClient(new SharedTokenCacheCredential(null, "*****@*****.**", null, null, mockMsalClient)); var ex = Assert.ThrowsAsync <CredentialUnavailableException>(async() => await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); Assert.AreEqual(ex.Message, "SharedTokenCacheCredential authentication unavailable. Multiple accounts matching the specified username: [email protected] were found in the cache."); await Task.CompletedTask; }
public async Task MatchAnySingleTenantIdWithEnableGuestTenantAuthentication() { string expToken = Guid.NewGuid().ToString(); DateTimeOffset expExpiresOn = DateTimeOffset.UtcNow.AddMinutes(5); string tenantId = Guid.NewGuid().ToString(); var mockMsalClient = new MockMsalPublicClient { Accounts = new List <IAccount> { new MockAccount("*****@*****.**", Guid.NewGuid().ToString()) }, SilentAuthFactory = (_) => { return(AuthenticationResultFactory.Create(accessToken: expToken, expiresOn: expExpiresOn)); } }; var credential = InstrumentClient(new SharedTokenCacheCredential(tenantId, null, new SharedTokenCacheCredentialOptions { EnableGuestTenantAuthentication = true }, null, mockMsalClient)); AccessToken token = await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default)); Assert.AreEqual(expToken, token.Token); Assert.AreEqual(expExpiresOn, token.ExpiresOn); }
public async Task MultipleMatchingAccountsUsernameAndTenantIdWithEnableGuestTenantAuthentication() { string expToken = Guid.NewGuid().ToString(); DateTimeOffset expExpiresOn = DateTimeOffset.UtcNow.AddMinutes(5); string fakeuserTenantId = Guid.NewGuid().ToString(); string mockuserTenantId1 = Guid.NewGuid().ToString(); string mockuserTenantId2 = Guid.NewGuid().ToString(); string mockuserGuestTenantId = fakeuserTenantId; var mockMsalClient = new MockMsalPublicClient { Accounts = new List <IAccount> { new MockAccount("*****@*****.**", fakeuserTenantId), new MockAccount(expectedUsername, mockuserTenantId1), new MockAccount(expectedUsername, mockuserTenantId2) }, SilentAuthFactory = (_, _) => { return(AuthenticationResultFactory.Create(accessToken: expToken, expiresOn: expExpiresOn)); } }; var credential = InstrumentClient( new SharedTokenCacheCredential( mockuserTenantId1, expectedUsername, new SharedTokenCacheCredentialOptions { EnableGuestTenantAuthentication = true }, null, mockMsalClient)); var token = await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default)); Assert.AreEqual(expToken, token.Token); Assert.AreEqual(expExpiresOn, token.ExpiresOn); }
public async Task ValidateClientSecretCredentialSucceededEvents() { var mockMsalClient = new MockMsalConfidentialClient(AuthenticationResultFactory.Create()); var credential = InstrumentClient(new ClientSecretCredential(Guid.NewGuid().ToString(), Guid.NewGuid().ToString(), Guid.NewGuid().ToString(), default, default, mockMsalClient));