public void ForcePromptForNeverPromptBehaviorTest()
{
var context = new AuthenticationContext(TestConstants.DefaultAuthorityHomeTenant, new TokenCache());
TokenCacheKey key = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant,
TestConstants.DefaultResource, TestConstants.DefaultClientId, TokenSubjectType.User,
TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId);
context.TokenCache.tokenCacheDictionary[key] = new AuthenticationResultEx
{
RefreshToken = "some-rt",
ResourceInResponse = TestConstants.DefaultResource,
Result = new AuthenticationResult("Bearer", "existing-access-token", DateTimeOffset.UtcNow)
};
HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler(TestConstants.GetTokenEndpoint(TestConstants.DefaultAuthorityHomeTenant))
{
Method = HttpMethod.Post,
ResponseMessage = MockHelpers.CreateInvalidRequestTokenResponseMessage()
});
var exc = AssertException.TaskThrows <AdalServiceException>(() =>
context.AcquireTokenAsync(TestConstants.DefaultResource, TestConstants.DefaultClientId,
TestConstants.DefaultRedirectUri, new PlatformParameters(PromptBehavior.Never)));
Assert.AreEqual(AdalError.FailedToRefreshToken, exc.ErrorCode);
// There should be only one cache entry.
Assert.AreEqual(1, context.TokenCache.Count);
}
public async Task AcquireTokenWithInvalidResourceTestAsync()
{
var context = new AuthenticationContext(TestConstants.DefaultAuthorityCommonTenant, new TokenCache());
TokenCacheKey key = new TokenCacheKey(TestConstants.DefaultAuthorityHomeTenant,
TestConstants.DefaultResource, TestConstants.DefaultClientId, TokenSubjectType.User,
TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId);
context.TokenCache.tokenCacheDictionary[key] = new AuthenticationResultEx
{
RefreshToken = "some-rt",
ResourceInResponse = TestConstants.DefaultResource,
Result = new AuthenticationResult("Bearer", "some-access-token", DateTimeOffset.UtcNow)
};
HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler()
{
Method = HttpMethod.Post,
ResponseMessage = MockHelpers.CreateInvalidRequestTokenResponseMessage()
});
try
{
await context.AcquireTokenSilentAsync("random-resource", TestConstants.DefaultClientId);
}
catch (AdalServiceException exc)
{
Assert.AreEqual(AdalError.FailedToRefreshToken, exc.ErrorCode);
}
}
public void ManagedUsernamePasswordCommonAuthorityTest()
{
using (var httpManager = new MockHttpManager())
{
var serviceBundle = ServiceBundle.CreateWithCustomHttpManager(httpManager);
httpManager.AddInstanceDiscoveryMockHandler();
httpManager.AddMockHandlerForTenantEndpointDiscovery(MsalTestConstants.AuthorityCommonTenant);
// user realm discovery
httpManager.AddMockHandler(
new MockHttpMessageHandler
{
Method = HttpMethod.Get,
ResponseMessage = new HttpResponseMessage(HttpStatusCode.OK)
{
Content = new StringContent(
"{\"ver\":\"1.0\",\"account_type\":\"Managed\",\"domain_name\":\"id.com\"}")
},
QueryParams = new Dictionary <string, string>
{
{ "api-version", "1.0" }
}
});
httpManager.AddMockHandler(
new MockHttpMessageHandler
{
Method = HttpMethod.Post,
ResponseMessage = MockHelpers.CreateInvalidRequestTokenResponseMessage()
});
_cache.ClientId = MsalTestConstants.ClientId;
var app = new PublicClientApplication(serviceBundle, MsalTestConstants.ClientId,
ClientApplicationBase.DefaultAuthority)
{
UserTokenCache = _cache
};
// Call acquire token
var result = AssertException.TaskThrows <MsalException>(
async() => await app.AcquireTokenByUsernamePasswordAsync(
MsalTestConstants.Scope,
MsalTestConstants.User.Username,
_secureString).ConfigureAwait(false));
// Check inner exception
Assert.AreEqual(CoreErrorCodes.InvalidRequest, result.ErrorCode);
// There should be no cached entries.
Assert.AreEqual(0, _cache.TokenCacheAccessor.AccessTokenCount);
}
}
public async Task ManagedUsernamePasswordCommonAuthorityTestAsync()
{
using (var httpManager = new MockHttpManager())
{
httpManager.AddInstanceDiscoveryMockHandler();
httpManager.AddMockHandlerForTenantEndpointDiscovery(TestConstants.AuthorityCommonTenant);
// user realm discovery
httpManager.AddMockHandler(
new MockHttpMessageHandler
{
ExpectedMethod = HttpMethod.Get,
ResponseMessage = new HttpResponseMessage(HttpStatusCode.OK)
{
Content = new StringContent(
"{\"ver\":\"1.0\",\"account_type\":\"Managed\",\"domain_name\":\"id.com\"}")
},
ExpectedQueryParams = new Dictionary <string, string>
{
{ "api-version", "1.0" }
}
});
httpManager.AddMockHandler(
new MockHttpMessageHandler
{
ExpectedMethod = HttpMethod.Post,
ResponseMessage = MockHelpers.CreateInvalidRequestTokenResponseMessage()
});
PublicClientApplication app = PublicClientApplicationBuilder.Create(TestConstants.ClientId)
.WithAuthority(new Uri(ClientApplicationBase.DefaultAuthority), true)
.WithHttpManager(httpManager)
.WithTelemetry(new TraceTelemetryConfig())
.BuildConcrete();
// Call acquire token
MsalServiceException result = await AssertException.TaskThrowsAsync <MsalServiceException>(
async() => await app.AcquireTokenByUsernamePassword(
TestConstants.s_scope,
TestConstants.s_user.Username,
_secureString).ExecuteAsync(CancellationToken.None).ConfigureAwait(false)).ConfigureAwait(false);
// Check inner exception
Assert.AreEqual(MsalError.InvalidRequest, result.ErrorCode);
// There should be no cached entries.
Assert.AreEqual(0, app.UserTokenCacheInternal.Accessor.GetAllAccessTokens().Count());
}
}
public void FederatedUsernamePasswordCommonAuthorityTest()
{
var ui = new MockWebUI
{
MockResult = new AuthorizationResult(
AuthorizationStatus.Success,
MsalTestConstants.AuthorityCommonTenant + "?code=some-code")
};
using (var httpManager = new MockHttpManager())
{
var serviceBundle = ServiceBundle.CreateWithCustomHttpManager(httpManager);
httpManager.AddInstanceDiscoveryMockHandler();
httpManager.AddMockHandlerForTenantEndpointDiscovery(MsalTestConstants.AuthorityCommonTenant);
AddMockHandlerDefaultUserRealmDiscovery(httpManager);
AddMockHandlerMex(httpManager);
AddMockHandlerWsTrustUserName(httpManager);
// AAD
httpManager.AddMockHandler(
new MockHttpMessageHandler
{
Url = "https://login.microsoftonline.com/common/oauth2/v2.0/token",
Method = HttpMethod.Post,
ResponseMessage = MockHelpers.CreateInvalidRequestTokenResponseMessage()
});
_cache.ClientId = MsalTestConstants.ClientId;
var app = new PublicClientApplication(serviceBundle, MsalTestConstants.ClientId,
ClientApplicationBase.DefaultAuthority)
{
UserTokenCache = _cache
};
// Call acquire token
var result = AssertException.TaskThrows <MsalException>(
async() => await app.AcquireTokenByUsernamePasswordAsync(
MsalTestConstants.Scope,
MsalTestConstants.User.Username,
_secureString).ConfigureAwait(false));
// Check inner exception
Assert.AreEqual(CoreErrorCodes.InvalidRequest, result.ErrorCode);
// There should be no cached entries.
Assert.AreEqual(0, _cache.TokenCacheAccessor.AccessTokenCount);
}
}
public async Task FederatedUsernamePasswordCommonAuthorityTestAsync()
{
using (var httpManager = new MockHttpManager())
{
httpManager.AddInstanceDiscoveryMockHandler();
httpManager.AddMockHandlerForTenantEndpointDiscovery(TestConstants.AuthorityCommonTenant);
AddMockHandlerDefaultUserRealmDiscovery(httpManager);
AddMockHandlerMex(httpManager);
AddMockHandlerWsTrustUserName(httpManager);
// AAD
httpManager.AddMockHandler(
new MockHttpMessageHandler
{
ExpectedUrl = "https://login.microsoftonline.com/common/oauth2/v2.0/token",
ExpectedMethod = HttpMethod.Post,
ResponseMessage = MockHelpers.CreateInvalidRequestTokenResponseMessage()
});
PublicClientApplication app = PublicClientApplicationBuilder.Create(TestConstants.ClientId)
.WithAuthority(new Uri(ClientApplicationBase.DefaultAuthority), true)
.WithHttpManager(httpManager)
.WithTelemetry(new TraceTelemetryConfig())
.BuildConcrete();
// Call acquire token
MsalServiceException result = await AssertException.TaskThrowsAsync <MsalServiceException>(
async() => await app.AcquireTokenByUsernamePassword(
TestConstants.s_scope,
TestConstants.s_user.Username,
_secureString).ExecuteAsync(CancellationToken.None).ConfigureAwait(false)).ConfigureAwait(false);
// Check inner exception
Assert.AreEqual(MsalError.InvalidRequest, result.ErrorCode);
// There should be no cached entries.
Assert.AreEqual(0, app.UserTokenCacheInternal.Accessor.GetAllAccessTokens().Count());
}
}
