public void CacheB2CTokenTest() { using (var harness = CreateTestHarness()) { ITokenCacheInternal cache = new TokenCache(harness.ServiceBundle); string tenantID = "someTenantID"; Authority authority = Authority.CreateAuthority( harness.ServiceBundle, $"https://login.microsoftonline.com/tfp/{tenantID}/somePolicy/oauth2/v2.0/authorize"); // creating IDToken with empty tenantID and displayableID/PreferredUserName for B2C scenario MsalTokenResponse response = TestConstants.CreateMsalTokenResponse(); var requestContext = new RequestContext(harness.ServiceBundle, Guid.NewGuid()); var requestParams = CreateAuthenticationRequestParameters(harness.ServiceBundle, authority, requestContext: requestContext); authority.UpdateWithTenant(TestConstants.Utid); requestParams.TenantUpdatedCanonicalAuthority = authority.AuthorityInfo.CanonicalAuthority; cache.SaveTokenResponseAsync(requestParams, response); Assert.AreEqual(1, cache.Accessor.GetAllRefreshTokens().Count()); Assert.AreEqual(1, cache.Accessor.GetAllAccessTokens().Count()); } }
public async Task SaveAccessAndRefreshTokenWithIntersectingScopesTestAsync() { var serviceBundle = TestCommon.CreateDefaultServiceBundle(); ITokenCacheInternal cache = new TokenCache(serviceBundle); MsalTokenResponse response = TestConstants.CreateMsalTokenResponse(); var requestParams = CreateAuthenticationRequestParameters(serviceBundle); requestParams.TenantUpdatedCanonicalAuthority = TestConstants.AuthorityTestTenant; AddHostToInstanceCache(serviceBundle, TestConstants.ProductionPrefNetworkEnvironment); await cache.SaveTokenResponseAsync(requestParams, response).ConfigureAwait(false); response = TestConstants.CreateMsalTokenResponse(); response.Scope = TestConstants.s_scope.AsSingleString() + " random-scope"; response.AccessToken = "access-token-2"; response.RefreshToken = "refresh-token-2"; await cache.SaveTokenResponseAsync(requestParams, response).ConfigureAwait(false); Assert.AreEqual(1, cache.Accessor.GetAllRefreshTokens().Count()); Assert.AreEqual(1, cache.Accessor.GetAllAccessTokens().Count()); Assert.AreEqual("refresh-token-2", (await cache.GetAllRefreshTokensAsync(true).ConfigureAwait(false)).First().Secret); Assert.AreEqual("access-token-2", (await cache.GetAllAccessTokensAsync(true).ConfigureAwait(false)).First().Secret); }
public async Task SaveAccessAndRefreshTokenWithDifferentAuthoritySameUserTestAsync() { var serviceBundle = TestCommon.CreateDefaultServiceBundle(); ITokenCacheInternal cache = new TokenCache(serviceBundle); MsalTokenResponse response = TestConstants.CreateMsalTokenResponse(); var requestParams = CreateAuthenticationRequestParameters(serviceBundle); requestParams.TenantUpdatedCanonicalAuthority = TestConstants.AuthorityHomeTenant; AddHostToInstanceCache(serviceBundle, TestConstants.ProductionPrefNetworkEnvironment); await cache.SaveTokenResponseAsync(requestParams, response).ConfigureAwait(false); response = TestConstants.CreateMsalTokenResponse(); response.Scope = TestConstants.s_scope.AsSingleString() + " another-scope"; response.AccessToken = "access-token-2"; response.RefreshToken = "refresh-token-2"; requestParams = CreateAuthenticationRequestParameters(serviceBundle); requestParams.TenantUpdatedCanonicalAuthority = TestConstants.AuthorityGuestTenant; cache.SetAfterAccess(AfterAccessChangedNotification); await cache.SaveTokenResponseAsync(requestParams, response).ConfigureAwait(false); #pragma warning disable CS0618 // Type or member is obsolete Assert.IsFalse(((TokenCache)cache).HasStateChanged); #pragma warning restore CS0618 // Type or member is obsolete Assert.AreEqual(1, cache.Accessor.GetAllRefreshTokens().Count()); Assert.AreEqual(2, cache.Accessor.GetAllAccessTokens().Count()); Assert.AreEqual("refresh-token-2", (await cache.GetAllRefreshTokensAsync(true).ConfigureAwait(false)).First().Secret); }
public async Task NoAppMetadata_WhenFociIsDisabledAsync() { using (var harness = CreateTestHarness()) { // Arrange var testFlags = Substitute.For <IFeatureFlags>(); testFlags.IsFociEnabled.Returns(false); harness.ServiceBundle.PlatformProxy.SetFeatureFlags(testFlags); ITokenCacheInternal cache = new TokenCache(harness.ServiceBundle); MsalTokenResponse response = TestConstants.CreateMsalTokenResponse(); var requestParams = CreateAuthenticationRequestParameters(harness.ServiceBundle); requestParams.TenantUpdatedCanonicalAuthority = TestConstants.AuthorityTestTenant; AddHostToInstanceCache(harness.ServiceBundle, TestConstants.ProductionPrefNetworkEnvironment); // Act await cache.SaveTokenResponseAsync(requestParams, response).ConfigureAwait(false); // Assert cache.Accessor.AssertItemCount( expectedAtCount: 1, expectedRtCount: 1, expectedAccountCount: 1, expectedIdtCount: 1, expectedAppMetadataCount: 0); // Don't save RT as an FRT if FOCI is disabled Assert.IsTrue(string.IsNullOrEmpty(cache.Accessor.GetAllRefreshTokens().First().FamilyId)); } }
public async Task DoNotSaveRefreshTokenInAdalCacheForMsalB2CAuthorityTestAsync() { var appConfig = new ApplicationConfiguration() { ClientId = TestConstants.ClientId, RedirectUri = TestConstants.RedirectUri, AuthorityInfo = AuthorityInfo.FromAuthorityUri(TestConstants.B2CAuthority, false) }; var serviceBundle = ServiceBundle.Create(appConfig); ITokenCacheInternal cache = new TokenCache(serviceBundle); MsalTokenResponse response = TestConstants.CreateMsalTokenResponse(); var requestParams = CreateAuthenticationRequestParameters(serviceBundle, authority: Authority.CreateAuthority(serviceBundle, TestConstants.B2CAuthority)); requestParams.TenantUpdatedCanonicalAuthority = TestConstants.AuthorityTestTenant; AddHostToInstanceCache(serviceBundle, TestConstants.ProductionPrefNetworkEnvironment); await cache.SaveTokenResponseAsync(requestParams, response).ConfigureAwait(false); Assert.AreEqual(1, cache.Accessor.GetAllRefreshTokens().Count()); Assert.AreEqual(1, cache.Accessor.GetAllAccessTokens().Count()); IDictionary <AdalTokenCacheKey, AdalResultWrapper> dictionary = AdalCacheOperations.Deserialize(serviceBundle.DefaultLogger, cache.LegacyPersistence.LoadCache()); cache.LegacyPersistence.WriteCache(AdalCacheOperations.Serialize(serviceBundle.DefaultLogger, dictionary)); // ADAL cache is empty because B2C scenario is only for MSAL Assert.AreEqual(0, dictionary.Count); }
public async Task SaveAccessAndRefreshTokenWithEmptyCacheTestAsync() { var serviceBundle = TestCommon.CreateDefaultServiceBundle(); ITokenCacheInternal cache = new TokenCache(serviceBundle); MsalTokenResponse response = TestConstants.CreateMsalTokenResponse(); var requestParams = CreateAuthenticationRequestParameters(serviceBundle); requestParams.TenantUpdatedCanonicalAuthority = TestConstants.AuthorityTestTenant; AddHostToInstanceCache(serviceBundle, TestConstants.ProductionPrefNetworkEnvironment); await cache.SaveTokenResponseAsync(requestParams, response).ConfigureAwait(false); cache.Accessor.AssertItemCount( expectedAtCount: 1, expectedRtCount: 1, expectedAccountCount: 1, expectedIdtCount: 1, expectedAppMetadataCount: 1); var metadata = cache.Accessor.GetAllAppMetadata().First(); Assert.AreEqual(TestConstants.ClientId, metadata.ClientId); Assert.AreEqual(TestConstants.ProductionPrefNetworkEnvironment, metadata.Environment); Assert.IsNull(metadata.FamilyId); }
private IBroker CreateMockBroker() { IBroker mockBroker = Substitute.For <IBroker>(); mockBroker.CanInvokeBroker(null).ReturnsForAnyArgs(true); mockBroker.AcquireTokenUsingBrokerAsync(null).ReturnsForAnyArgs(TestConstants.CreateMsalTokenResponse()); return(mockBroker); }
public void CreateFrtFromTokenResponse() { MsalTokenResponse response = TestConstants.CreateMsalTokenResponse(); response.FamilyId = "1"; var frt = new MsalRefreshTokenCacheItem("env", TestConstants.ClientId, response); Assert.AreEqual("1", frt.FamilyId); }
public async Task SerializeDeserializeCacheTestAsync() { var serviceBundle = TestCommon.CreateDefaultServiceBundle(); ITokenCacheInternal cache = new TokenCache(serviceBundle); MsalTokenResponse response = TestConstants.CreateMsalTokenResponse(); var requestContext = new RequestContext(serviceBundle, Guid.NewGuid()); var requestParams = CreateAuthenticationRequestParameters(serviceBundle, requestContext: requestContext); requestParams.TenantUpdatedCanonicalAuthority = Authority.CreateAuthorityWithTenant( requestParams.AuthorityInfo, TestConstants.Utid); AddHostToInstanceCache(serviceBundle, TestConstants.ProductionPrefNetworkEnvironment); await cache.SaveTokenResponseAsync(requestParams, response).ConfigureAwait(false); byte[] serializedCache = ((ITokenCacheSerializer)cache).SerializeMsalV3(); cache.Accessor.ClearAccessTokens(); cache.Accessor.ClearRefreshTokens(); Assert.AreEqual(0, cache.Accessor.GetAllRefreshTokens().Count()); Assert.AreEqual(0, cache.Accessor.GetAllAccessTokens().Count()); ((ITokenCacheSerializer)cache).DeserializeMsalV3(serializedCache); Assert.AreEqual(1, cache.Accessor.GetAllRefreshTokens().Count()); Assert.AreEqual(1, cache.Accessor.GetAllAccessTokens().Count()); serializedCache = ((ITokenCacheSerializer)cache).SerializeMsalV3(); ((ITokenCacheSerializer)cache).DeserializeMsalV3(serializedCache); // item count should not change because old cache entries should have // been overriden Assert.AreEqual(1, cache.Accessor.GetAllRefreshTokens().Count()); Assert.AreEqual(1, cache.Accessor.GetAllAccessTokens().Count()); var atItem = (await cache.GetAllAccessTokensAsync(true).ConfigureAwait(false)).First(); Assert.AreEqual(response.AccessToken, atItem.Secret); Assert.AreEqual(TestConstants.AuthorityTestTenant, atItem.Authority); Assert.AreEqual(TestConstants.ClientId, atItem.ClientId); Assert.AreEqual(response.Scope, atItem.ScopeSet.AsSingleString()); // todo add test for idToken serialization // Assert.AreEqual(response.IdToken, atItem.RawIdToken); var rtItem = (await cache.GetAllRefreshTokensAsync(true).ConfigureAwait(false)).First(); Assert.AreEqual(response.RefreshToken, rtItem.Secret); Assert.AreEqual(TestConstants.ClientId, rtItem.ClientId); Assert.AreEqual(TestConstants.s_userIdentifier, rtItem.HomeAccountId); Assert.AreEqual(TestConstants.ProductionPrefNetworkEnvironment, rtItem.Environment); }
public void ExpirationTimeTest() { // Need to get timestamp here since it needs to be before we create the token. // ExpireOn time is calculated from UtcNow when the object is created. DateTimeOffset current = DateTimeOffset.UtcNow; const long ExpiresInSeconds = 3599; var response = TestConstants.CreateMsalTokenResponse(); Assert.IsTrue(response.AccessTokenExpiresOn.Subtract(current) >= TimeSpan.FromSeconds(ExpiresInSeconds)); }
public void GlobalSetup() { var serviceBundle = TestCommon.CreateServiceBundleWithCustomHttpManager(null, isLegacyCacheEnabled: EnableLegacyCache); _cache = new TokenCache(serviceBundle, false); _response = TestConstants.CreateMsalTokenResponse(TestConstants.Utid); _requestParams = TestCommon.CreateAuthenticationRequestParameters(serviceBundle); _requestParams.Account = new Account(TestConstants.s_userIdentifier, $"1{TestConstants.DisplayableId}", TestConstants.ProductionPrefNetworkEnvironment); AddHostToInstanceCache(serviceBundle, TestConstants.ProductionPrefCacheEnvironment); LegacyTokenCacheHelper.PopulateLegacyCache(serviceBundle.ApplicationLogger, _cache.LegacyPersistence, TokenCacheSize); TokenCacheHelper.AddRefreshTokensToCache(_cache.Accessor, TokenCacheSize); }
public async Task SaveMultipleAppmetadataAsync() { var serviceBundle = TestCommon.CreateDefaultServiceBundle(); ITokenCacheInternal cache = new TokenCache(serviceBundle); MsalTokenResponse response = TestConstants.CreateMsalTokenResponse(); MsalTokenResponse response2 = TestConstants.CreateMsalTokenResponse(); response2.FamilyId = "1"; var requestParams = CreateAuthenticationRequestParameters(serviceBundle); requestParams.TenantUpdatedCanonicalAuthority = Authority.CreateAuthorityWithTenant( requestParams.AuthorityInfo, TestConstants.Utid); AddHostToInstanceCache(serviceBundle, TestConstants.ProductionPrefNetworkEnvironment); await cache.SaveTokenResponseAsync(requestParams, response).ConfigureAwait(false); await cache.SaveTokenResponseAsync(requestParams, response2).ConfigureAwait(false); cache.Accessor.AssertItemCount( expectedAtCount: 1, expectedRtCount: 2, // a normal RT and an FRT expectedAccountCount: 1, expectedIdtCount: 1, expectedAppMetadataCount: 1); var metadata = cache.Accessor.GetAllAppMetadata().First(); Assert.AreEqual(TestConstants.ClientId, metadata.ClientId); Assert.AreEqual(TestConstants.ProductionPrefNetworkEnvironment, metadata.Environment); Assert.AreEqual(TestConstants.FamilyId, metadata.FamilyId); Assert.IsTrue(cache.Accessor.GetAllRefreshTokens().Any(rt => rt.FamilyId == "1")); Assert.IsTrue(cache.Accessor.GetAllRefreshTokens().Any(rt => string.IsNullOrEmpty(rt.FamilyId))); }