// TODO: Initialze only once for all testfixtures
// TODO: Make common property public
public async Task InitializeAsync()
{
// Set up aad app for this test
try
{
// Load config
Configuration = new ConfigurationBuilder()
.SetBasePath(System.IO.Directory.GetCurrentDirectory())
.AddJsonFile("appsettings.IntegrationTests.json")
.AddEnvironmentVariables(prefix: "TEAMS_SIMPLE_AUTH_")
.Build();
IntegrationTestSettings = new IntegrationTestSettings();
Configuration.GetSection("IntegrationTestSettings").Bind(IntegrationTestSettings);
var confidentialClientApplication = ConfidentialClientApplicationBuilder
.Create(IntegrationTestSettings.AdminClientId)
.WithTenantId(IntegrationTestSettings.TenantId)
.WithClientSecret(IntegrationTestSettings.AdminClientSecret)
.Build();
var authProvider = new ClientCredentialProvider(confidentialClientApplication);
_graphClient = new GraphServiceClient(authProvider);
// Create aad apps
TeamsAadInfo = await CreateTeamsAadAppAsync();
// Make token for the aad app expire after 10 minutes
var policyId = await GetOrCreateShortTokenLifetimePolicy();
await ApplyPolicyToAadApp(policyId, TeamsAadInfo.Id);
using (var sha256 = SHA256.Create())
{
var challengeBytes = sha256.ComputeHash(Encoding.UTF8.GetBytes(IntegrationTestSettings.CodeVerifier));
IntegrationTestSettings.CodeChallenge = Base64UrlEncoder.Encode(challengeBytes);
}
Utilities.ConsentAndGetAuthorizationCode(IntegrationTestSettings.AuthorizeUrl, TeamsAadInfo.AppId,
IntegrationTestSettings.RedirectUri, "https://graph.microsoft.com/User.Read", IntegrationTestSettings.CodeChallenge,
IntegrationTestSettings.TestUsername, IntegrationTestSettings.TestPassword); // Just consent the default permission
Utilities.ConsentAndGetAuthorizationCode(IntegrationTestSettings.AuthorizeUrl, TeamsAadInfo.AppId,
IntegrationTestSettings.RedirectUri, "https://graph.microsoft.com/User.Read", IntegrationTestSettings.CodeChallenge,
IntegrationTestSettings.TestUsername2, IntegrationTestSettings.TestPassword2); // Just consent the default permission
// Use User.Read scope instead of .default scope to avoid intermittent error caused by AAD permission list sync issue
}
catch (Exception ex)
{
new Exception("Failed to create aad app for this test.", ex);
}
}
public AuthControllerTests()
{
_aadInstance = AadInstanceSetUp.defaultAadInstance;
_settings = _aadInstance.IntegrationTestSettings;
_configuration = _aadInstance.Configuration;
_teamsAadInfo = _aadInstance.TeamsAadInfo;
_defaultConfigurations = new Dictionary <string, string>()
{
[ConfigurationName.ClientId] = _configuration[ConfigurationName.ClientId],
[ConfigurationName.ClientSecret] = _configuration[ConfigurationName.ClientSecret],
[ConfigurationName.OAuthAuthority] = _configuration[ConfigurationName.OAuthAuthority],
[ConfigurationName.IdentifierUri] = _teamsAadInfo.IdentifierUri,
[ConfigurationName.AadMetadataAddress] = _configuration[ConfigurationName.AadMetadataAddress]
};
replaceTenantId();
_defaultFactory = _aadInstance.ConfigureWebApplicationFactory(_defaultConfigurations);
}
