public async Task SovereignUserWorldWideAuthorityIntegrationTest() { // creating AuthenticationContext with common Authority var authenticationContext = new AuthenticationContext(TestConstants.DefaultAuthorityCommonTenant, false, new TokenCache()); // mock value for authentication returnedUriInput, with cloud_instance_name claim var authReturnedUriInputMock = TestConstants.DefaultRedirectUri + "?code=some-code" + "&" + TokenResponseClaim.CloudInstanceHost + "=" + SovereignAuthorityHost; MockHelpers.ConfigureMockWebUI( new AuthorizationResult(AuthorizationStatus.Success, authReturnedUriInputMock), // validate that authorizationUri passed to WebUi contains instance_aware query parameter new Dictionary <string, string> { { "instance_aware", "true" } }); HttpMessageHandlerFactory.AddMockHandler(MockHelpers.CreateInstanceDiscoveryMockHandler(TestConstants.GetDiscoveryEndpoint(TestConstants.DefaultAuthorityCommonTenant))); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler(TestConstants.GetTokenEndpoint(TestConstants.DefaultAuthorityBlackforestTenant)) { Method = HttpMethod.Post, ResponseMessage = MockHelpers.CreateSuccessTokenResponseMessage(TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultResource), AdditionalRequestValidation = request => { // make sure that Sovereign authority was used for Authorization request Assert.AreEqual(SovereignAuthorityHost, request.RequestUri.Authority); } }); var authenticationResult = await authenticationContext.AcquireTokenAsync(TestConstants.DefaultResource, TestConstants.DefaultClientId, TestConstants.DefaultRedirectUri, _platformParameters, UserIdentifier.AnyUser, "instance_aware=true"); // make sure that tenant specific sovereign Authority returned to the app in AuthenticationResult Assert.AreEqual(_sovereignTenantSpecificAuthority, authenticationResult.Authority); // make sure that AuthenticationContext Authority was updated Assert.AreEqual(_sovereignTenantSpecificAuthority, authenticationContext.Authority); // make sure AT was stored in the cache with tenant specific Sovereign Authority in the key Assert.AreEqual(1, authenticationContext.TokenCache.tokenCacheDictionary.Count); Assert.AreEqual(_sovereignTenantSpecificAuthority, authenticationContext.TokenCache.tokenCacheDictionary.Keys.FirstOrDefault()?.Authority); // all mocks are consumed Assert.AreEqual(0, HttpMessageHandlerFactory.MockHandlersCount()); }
public void Initialize() { HttpMessageHandlerFactory.InitializeMockProvider(); InstanceDiscovery.InstanceCache.Clear(); HttpMessageHandlerFactory.AddMockHandler(MockHelpers.CreateInstanceDiscoveryMockHandler(TestConstants.GetDiscoveryEndpoint(TestConstants.DefaultAuthorityCommonTenant))); }
public async Task AuthorityNotInInstanceCache_InstanceDiscoverCallMadeTestAsync() { const string content = @"{ ""tenant_discovery_endpoint"":""https://login.microsoftonline.com/tenant/.well-known/openid-configuration"", ""api-version"":""1.1"", ""metadata"":[{ ""preferred_network"":""login.microsoftonline.com"", ""preferred_cache"":""login.windows.net"", ""aliases"":[ ""login.microsoftonline.com"", ""login.windows.net"", ""login.microsoft.com"", ""sts.windows.net""]}]}"; // creating AuthenticationContext with common Authority var authenticationContext = new AuthenticationContext(TestConstants.DefaultAuthorityCommonTenant, false, new TokenCache()); // mock value for authentication returnedUriInput, with cloud_instance_name claim var authReturnedUriInputMock = TestConstants.DefaultRedirectUri + "?code=some-code" + "&" + TokenResponseClaim.CloudInstanceHost + "=" + SovereignAuthorityHost; MockHelpers.ConfigureMockWebUI( new AuthorizationResult(AuthorizationStatus.Success, authReturnedUriInputMock), // validate that authorizationUri passed to WebUi contains instance_aware query parameter new Dictionary <string, string> { { "instance_aware", "true" } }); HttpMessageHandlerFactory.AddMockHandler(MockHelpers.CreateInstanceDiscoveryMockHandler(TestConstants.GetDiscoveryEndpoint(TestConstants.DefaultAuthorityCommonTenant), content)); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler(TestConstants.GetDiscoveryEndpoint(TestConstants.DefaultAuthorityBlackforestTenant)) { Method = HttpMethod.Get, ResponseMessage = new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent(content) } }); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler(TestConstants.GetTokenEndpoint(TestConstants.DefaultAuthorityBlackforestTenant)) { Method = HttpMethod.Post, ResponseMessage = MockHelpers.CreateSuccessTokenResponseMessage(TestConstants.DefaultUniqueId, TestConstants.DefaultDisplayableId, TestConstants.DefaultResource) }); // Assure instance cache is empty Assert.AreEqual(0, InstanceDiscovery.InstanceCache.Count()); await authenticationContext.AcquireTokenAsync(TestConstants.DefaultResource, TestConstants.DefaultClientId, TestConstants.DefaultRedirectUri, _platformParameters, UserIdentifier.AnyUser, "instance_aware=true"); // make sure AT was stored in the cache with tenant specific Sovereign Authority in the key Assert.AreEqual(1, authenticationContext.TokenCache.tokenCacheDictionary.Count); Assert.AreEqual(_sovereignTenantSpecificAuthority, authenticationContext.TokenCache.tokenCacheDictionary.Keys.FirstOrDefault()?.Authority); // DE cloud authority now included in instance cache Assert.AreEqual(5, InstanceDiscovery.InstanceCache.Count()); Assert.AreEqual(true, InstanceDiscovery.InstanceCache.Keys.Contains("login.microsoftonline.de")); Assert.AreEqual(true, InstanceDiscovery.InstanceCache.Keys.Contains("login.windows.net")); Assert.AreEqual(false, InstanceDiscovery.InstanceCache.Keys.Contains("login.partner.microsoftonline.cn")); // all mocks are consumed Assert.AreEqual(0, HttpMessageHandlerFactory.MockHandlersCount()); }