private IAzure CreateAzureClient(AzureEnvironment azureCloud, string tenantId, string subscriptionId, AzureAuthenticationInfo azureAuthenticationInfo, ILoggerFactory loggerFactory, MetricSinkWriter metricSinkWriter, IAzureScrapingPrometheusMetricsCollector azureScrapingPrometheusMetricsCollector, IOptions <AzureMonitorLoggingConfiguration> azureMonitorLoggingConfiguration)
{
var credentials = AzureAuthenticationFactory.CreateAzureAuthentication(azureCloud, tenantId, azureAuthenticationInfo, _azureCredentialsFactory);
var throttlingLogger = loggerFactory.CreateLogger <AzureResourceManagerThrottlingRequestHandler>();
var monitorHandler = new AzureResourceManagerThrottlingRequestHandler(tenantId, subscriptionId, azureAuthenticationInfo, metricSinkWriter, azureScrapingPrometheusMetricsCollector, throttlingLogger);
var azureClientConfiguration = Microsoft.Azure.Management.Fluent.Azure.Configure()
.WithDelegatingHandler(monitorHandler);
var azureMonitorLogging = azureMonitorLoggingConfiguration.Value;
if (azureMonitorLogging.IsEnabled)
{
var integrationLogger = loggerFactory.CreateLogger <AzureMonitorIntegrationLogger>();
ServiceClientTracing.AddTracingInterceptor(new AzureMonitorIntegrationLogger(integrationLogger));
ServiceClientTracing.IsEnabled = true;
azureClientConfiguration = azureClientConfiguration.WithDelegatingHandler(new HttpLoggingDelegatingHandler())
.WithLogLevel(azureMonitorLogging.InformationLevel);
}
return(azureClientConfiguration
.Authenticate(credentials)
.WithSubscription(subscriptionId));
}
public void CreateAzureAuthentication_UserAssignedManagedIdentityWithInvalidIdentity_Fails(string identityId)
{
// Arrange
var expectedTenantId = Guid.NewGuid().ToString();
var azureCloud = AzureEnvironment.AzureChinaCloud;
var azureAuthenticationInfo = new AzureAuthenticationInfo
{
Mode = AuthenticationMode.UserAssignedManagedIdentity,
IdentityId = identityId
};
var azureCredentialFactory = new AzureCredentialsFactory();
// Act & Assert
Assert.Throws <AuthenticationException>(() => AzureAuthenticationFactory.CreateAzureAuthentication(azureCloud, expectedTenantId, azureAuthenticationInfo, azureCredentialFactory));
}
public void CreateAzureAuthentication_ServicePrincipleWithInvalidSecret_Fails(string identityId)
{
// Arrange
var expectedTenantId = Guid.NewGuid().ToString();
var expectedSecret = Guid.NewGuid().ToString();
var azureCloud = AzureEnvironment.AzureChinaCloud;
var azureAuthenticationInfo = new AzureAuthenticationInfo
{
Mode = AuthenticationMode.ServicePrincipal,
IdentityId = identityId,
Secret = expectedSecret
};
var azureCredentialFactory = new AzureCredentialsFactory();
// Act & Assert
Assert.Throws <AuthenticationException>(() => AzureAuthenticationFactory.CreateAzureAuthentication(azureCloud, expectedTenantId, azureAuthenticationInfo, azureCredentialFactory));
}
public void CreateAzureAuthentication_SystemAssignedManagedIdentityIsValid_Succeeds()
{
// Arrange
var expectedTenantId = Guid.NewGuid().ToString();
var azureCloud = AzureEnvironment.AzureChinaCloud;
var azureAuthenticationInfo = new AzureAuthenticationInfo
{
Mode = AuthenticationMode.SystemAssignedManagedIdentity
};
var azureCredentialFactory = new AzureCredentialsFactory();
// Act
var azureCredentials = AzureAuthenticationFactory.CreateAzureAuthentication(azureCloud, expectedTenantId, azureAuthenticationInfo, azureCredentialFactory);
// Assert
Assert.Equal(expectedTenantId, azureCredentials.TenantId);
Assert.Equal(azureCloud, azureCredentials.Environment);
Assert.Null(azureCredentials.ClientId);
}
public void CreateAzureAuthentication_NoModeSpecified_AssumesServicePrinciple()
{
// Arrange
var expectedTenantId = Guid.NewGuid().ToString();
var expectedIdentityId = Guid.NewGuid().ToString();
var expectedSecret = Guid.NewGuid().ToString();
var azureCloud = AzureEnvironment.AzureChinaCloud;
var azureAuthenticationInfo = new AzureAuthenticationInfo
{
IdentityId = expectedIdentityId,
Secret = expectedSecret
};
var azureCredentialFactory = new AzureCredentialsFactory();
// Act
var azureCredentials = AzureAuthenticationFactory.CreateAzureAuthentication(azureCloud, expectedTenantId, azureAuthenticationInfo, azureCredentialFactory);
// Assert
Assert.Equal(expectedTenantId, azureCredentials.TenantId);
Assert.Equal(expectedIdentityId, azureCredentials.ClientId);
Assert.Equal(azureCloud, azureCredentials.Environment);
}
