public void PromptBehaviorConsentSelectAccount() { TestCommon.ResetInternalStaticCaches(); LabResponse labResponse = LabUserHelper.GetDefaultUserAsync().GetAwaiter().GetResult(); _mobileTestHelper.PromptBehaviorTestHelperWithConsent(_xamarinController, labResponse); }
[Timeout(2 * 60 * 1000)] // 2 min timeout public async Task KerberosDeviceCodeFlowTestAsync() { LabResponse labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); await KerberosAcquireTokenWithDeviceCodeFlowAsync(labResponse, "aad user", KerberosTicketContainer.IdToken).ConfigureAwait(false); await KerberosAcquireTokenWithDeviceCodeFlowAsync(labResponse, "aad user", KerberosTicketContainer.AccessToken).ConfigureAwait(false); }
public async Task FailedAuthorityValidationTestAsync() { LabResponse labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); LabUser user = labResponse.User; IPublicClientApplication pca = PublicClientApplicationBuilder .Create(labResponse.App.AppId) .WithAuthority("https://bogus.microsoft.com/common") .WithTestLogging() .Build(); Trace.WriteLine("Acquire a token using a not so common authority alias"); MsalServiceException exception = await AssertException.TaskThrowsAsync <MsalServiceException>(() => pca.AcquireTokenByUsernamePassword( s_scopes, user.Upn, new NetworkCredential("", user.GetOrFetchPassword()).SecurePassword) .ExecuteAsync()) .ConfigureAwait(false); Assert.IsTrue(exception.Message.Contains("AADSTS50049")); Assert.AreEqual("invalid_instance", exception.ErrorCode); }
public async Task GetTokenByAuthCode_WithPKCE_Async() { // Arrange LabResponse labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); await RunTestForUserAsync(labResponse, "https://login.microsoftonline.com/common", true).ConfigureAwait(false); }
public async Task AuthorityMigrationAsync() { LabResponse labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); LabUser user = labResponse.User; IPublicClientApplication pca = PublicClientApplicationBuilder .Create(labResponse.App.AppId) .WithTestLogging() .Build(); Trace.WriteLine("Acquire a token using a not so common authority alias"); AuthenticationResult authResult = await pca.AcquireTokenByUsernamePassword( s_scopes, user.Upn, new NetworkCredential("", user.GetOrFetchPassword()).SecurePassword) // BugBug https://identitydivision.visualstudio.com/Engineering/_workitems/edit/776308/ // sts.windows.net fails when doing instance discovery, e.g.: // https://sts.windows.net/common/discovery/instance?api-version=1.1&authorization_endpoint=https%3A%2F%2Fsts.windows.net%2Ff645ad92-e38d-4d1a-b510-d1b09a74a8ca%2Foauth2%2Fv2.0%2Fauthorize .WithAuthority("https://login.windows.net/" + labResponse.Lab.TenantId + "/") .ExecuteAsync() .ConfigureAwait(false); Assert.IsNotNull(authResult.AccessToken); Trace.WriteLine("Acquire a token silently using the common authority alias"); authResult = await pca.AcquireTokenSilent(s_scopes, (await pca.GetAccountsAsync().ConfigureAwait(false)).First()) .WithAuthority(AadAuthorityAudience.AzureAdMultipleOrgs) .ExecuteAsync() .ConfigureAwait(false); Assert.IsNotNull(authResult.AccessToken); }
public async Task AcquireTokenWithManagedUsernameIncorrectPasswordAsync() { var labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); var user = labResponse.User; SecureString incorrectSecurePassword = new SecureString(); incorrectSecurePassword.AppendChar('x'); incorrectSecurePassword.MakeReadOnly(); var msalPublicClient = PublicClientApplicationBuilder.Create(labResponse.App.AppId).WithAuthority(_authority).Build(); try { var result = await msalPublicClient .AcquireTokenByUsernamePassword(s_scopes, user.Upn, incorrectSecurePassword) .ExecuteAsync(CancellationToken.None) .ConfigureAwait(false); } catch (MsalServiceException ex) { Assert.IsTrue(!string.IsNullOrWhiteSpace(ex.CorrelationId)); Assert.AreEqual(400, ex.StatusCode); Assert.AreEqual("invalid_grant", ex.ErrorCode); Assert.IsTrue(ex.Message.StartsWith("AADSTS50126: Invalid username or password")); return; } Assert.Fail("Bad exception or no exception thrown"); }
public void AcquireTokenSilentTest() { TestCommon.ResetInternalStaticCaches(); _mobileTestHelper.AcquireTokenSilentTestHelper( _xamarinController, LabUserHelper.GetDefaultUserAsync().GetAwaiter().GetResult()); }
public async Task AuthorityMigrationAsync() { LabResponse labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); LabUser user = labResponse.User; IPublicClientApplication pca = PublicClientApplicationBuilder .Create(labResponse.AppId) .Build(); Trace.WriteLine("Acquire a token using a not so common authority alias"); AuthenticationResult authResult = await pca.AcquireTokenByUsernamePassword( s_scopes, user.Upn, new NetworkCredential("", user.GetOrFetchPassword()).SecurePassword) .WithAuthority("https://sts.windows.net/" + user.CurrentTenantId + "/") .ExecuteAsync() .ConfigureAwait(false); Assert.IsNotNull(authResult.AccessToken); Trace.WriteLine("Acquire a token silently using the common authority alias"); authResult = await pca.AcquireTokenSilent(s_scopes, (await pca.GetAccountsAsync().ConfigureAwait(false)).First()) .WithAuthority(AadAuthorityAudience.AzureAdMultipleOrgs) .ExecuteAsync() .ConfigureAwait(false); Assert.IsNotNull(authResult.AccessToken); }
public async Task ChallengeUser_SignInSucceedsTestAsync() { if (!RuntimeInformation.IsOSPlatform(OSPlatform.Windows)) { return; } // Arrange LabResponse labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); ChromeOptions options = new ChromeOptions(); // ~2x faster, no visual rendering // comment-out below when debugging to see the UI automation options.AddArguments(TestConstants.Headless); using IWebDriver driver = new ChromeDriver(options); driver.Manage().Timeouts().ImplicitWait = TimeSpan.FromSeconds(30); // Act Trace.WriteLine("Starting Selenium automation: web app sign-in & call Graph"); driver.Navigate() .GoToUrl("https://webapptestmsidweb.azurewebsites.net/MicrosoftIdentity/Account/signin"); PerformLogin(driver, labResponse.User); // Assert Assert.Contains(labResponse.User.Upn, driver.PageSource, System.StringComparison.OrdinalIgnoreCase); Assert.Contains(TestConstants.PhotoLabel, driver.PageSource, System.StringComparison.OrdinalIgnoreCase); driver.Quit(); driver.Dispose(); }
public async Task AcquireTokenWithFederatedUsernameIncorrectPasswordAsync() { var labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); var user = labResponse.User; SecureString incorrectSecurePassword = new SecureString(); incorrectSecurePassword.AppendChar('x'); incorrectSecurePassword.MakeReadOnly(); var msalPublicClient = PublicClientApplicationBuilder .Create(labResponse.App.AppId) .WithTestLogging() .WithAuthority(Authority).Build(); var result = await AssertException.TaskThrowsAsync <MsalUiRequiredException>(() => msalPublicClient .AcquireTokenByUsernamePassword(s_scopes, user.Upn, incorrectSecurePassword) .ExecuteAsync(CancellationToken.None) ) .ConfigureAwait(false); Assert.AreEqual(result.ErrorCode, "invalid_grant"); }
public async Task AuthorityValidationTestWithFalseValidateAuthorityAsync() { LabResponse labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); LabUser user = labResponse.User; IPublicClientApplication pca = PublicClientApplicationBuilder .Create(labResponse.App.AppId) .WithAuthority("https://bogus.microsoft.com/common", false) .WithTestLogging() .Build(); Trace.WriteLine("Acquire a token using a not so common authority alias"); HttpRequestException exception = await AssertException.TaskThrowsAsync <HttpRequestException>(() => pca.AcquireTokenByUsernamePassword( s_scopes, user.Upn, new NetworkCredential("", user.GetOrFetchPassword()).SecurePassword) .ExecuteAsync()) .ConfigureAwait(false); #if NET_CORE Assert.IsTrue(((System.Net.Sockets.SocketException)exception.InnerException).SocketErrorCode == System.Net.Sockets.SocketError.HostNotFound); #else Assert.IsTrue(((System.Net.WebException)exception.InnerException).Status == System.Net.WebExceptionStatus.NameResolutionFailure); #endif }
public async Task InteractiveConsentPromptAsync() { var labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); await RunPromptTestForUserAsync(labResponse, Prompt.Consent, true).ConfigureAwait(false); await RunPromptTestForUserAsync(labResponse, Prompt.Consent, false).ConfigureAwait(false); }
public async Task Kerberos_Interactive_AADAsync() { LabResponse labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); await KerberosRunTestForUserAsync(labResponse, KerberosTicketContainer.IdToken).ConfigureAwait(false); await KerberosRunTestForUserAsync(labResponse, KerberosTicketContainer.AccessToken).ConfigureAwait(false); }
public async Task ValidateCcsHeadersForInteractiveAuthCodeFlowAsync() { HttpSnifferClientFactory factory = null; LabResponse labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); var pca = PublicClientApplicationBuilder .Create(labResponse.App.AppId) .WithDefaultRedirectUri() .WithRedirectUri(SeleniumWebUI.FindFreeLocalhostRedirectUri()) .WithTestLogging(out factory) .Build(); AuthenticationResult authResult = await pca .AcquireTokenInteractive(s_scopes) .WithPrompt(Prompt.SelectAccount) .WithCustomWebUi(CreateSeleniumCustomWebUI(labResponse.User, Prompt.SelectAccount)) .ExecuteAsync(new CancellationTokenSource(_interactiveAuthTimeout).Token) .ConfigureAwait(false); var CcsHeader = TestCommon.GetCcsHeaderFromSnifferFactory(factory); var userObjectId = labResponse.User.ObjectId; var userTenantID = labResponse.User.TenantId; Assert.AreEqual($"X-AnchorMailbox:Oid:{userObjectId}@{userTenantID}", $"{CcsHeader.Key}:{CcsHeader.Value.FirstOrDefault()}"); Assert.IsNotNull(authResult); Assert.IsNotNull(authResult.AccessToken); }
public async Task Interactive_AADAsync() { // Arrange LabResponse labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); await RunTestForUserAsync(labResponse).ConfigureAwait(false); }
public async Task MultiUserCacheCompatabilityTestAsync() { // Arrange //cache = new TokenCache(); //Acquire AT for default lab account LabResponse labResponseDefault = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); AuthenticationResult defaultAccountResult = await RunTestForUserAsync(labResponseDefault).ConfigureAwait(false); //Acquire AT for ADFS 2019 account UserQuery federatedUserquery = new UserQuery { FederationProvider = FederationProvider.ADFSv2019, IsMamUser = false, IsMfaUser = false, IsFederatedUser = true }; LabResponse labResponseFederated = await LabUserHelper.GetLabUserDataAsync(federatedUserquery).ConfigureAwait(false); var federatedAccountResult = await RunTestForUserAsync(labResponseFederated, false).ConfigureAwait(false); //Acquire AT for MSA account LabResponse labResponseMsa = await LabUserHelper.GetB2CMSAAccountAsync().ConfigureAwait(false); labResponseMsa.AppId = LabApiConstants.MSAOutlookAccountClientID; var msaAccountResult = await RunTestForUserAsync(labResponseMsa).ConfigureAwait(false); PublicClientApplication pca = PublicClientApplicationBuilder.Create(labResponseDefault.AppId).BuildConcrete(); AuthenticationResult authResult = await pca.AcquireTokenSilent(new[] { CoreUiTestConstants.DefaultScope }, defaultAccountResult.Account) .ExecuteAsync() .ConfigureAwait(false); Assert.IsNotNull(authResult); Assert.IsNotNull(authResult.AccessToken); Assert.IsNotNull(authResult.IdToken); pca = PublicClientApplicationBuilder.Create(labResponseFederated.AppId).BuildConcrete(); authResult = await pca.AcquireTokenSilent(new[] { CoreUiTestConstants.DefaultScope }, federatedAccountResult.Account) .ExecuteAsync() .ConfigureAwait(false); Assert.IsNotNull(authResult); Assert.IsNotNull(authResult.AccessToken); Assert.IsNull(authResult.IdToken); pca = PublicClientApplicationBuilder.Create(LabApiConstants.MSAOutlookAccountClientID).BuildConcrete(); authResult = await pca.AcquireTokenSilent(new[] { CoreUiTestConstants.DefaultScope }, msaAccountResult.Account) .ExecuteAsync() .ConfigureAwait(false); Assert.IsNotNull(authResult); Assert.IsNotNull(authResult.AccessToken); Assert.IsNull(authResult.IdToken); }
public async Task AcquireTokenWithManagedUsernameIncorrectPasswordAsync() { var labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); var msalPublicClient = PublicClientApplicationBuilder.Create(labResponse.App.AppId).WithAuthority(Authority).Build(); await RunAcquireTokenWithUsernameIncorrectPasswordAsync(msalPublicClient, labResponse.User.Upn).ConfigureAwait(false); }
[Ignore] // https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/1507 // Regression test for: https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/891 public async Task SeleniumGetAuthCode_RedeemForAt_CommonAuthority_Async() { // Arrange LabResponse labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); await RunTestForUserAsync(labResponse, "https://login.microsoftonline.com/common").ConfigureAwait(false); await RunTestForUserAsync(labResponse, $"https://login.microsoftonline.com/{TenantId}").ConfigureAwait(false); }
public void AcquireTokenTest() { TestCommon.ResetInternalStaticCaches(); _mobileTestHelper.AcquireTokenTestHelper( _xamarinController, LabUserHelper.GetDefaultUserAsync().GetAwaiter().GetResult(), CoreUiTestConstants.AcquireTokenInteractive); }
public async Task Interactive_SSHCert_Async() { LabResponse labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); IPublicClientApplication pca = PublicClientApplicationBuilder .Create(labResponse.AppId) .WithRedirectUri(SeleniumWebUI.FindFreeLocalhostRedirectUri()) .Build(); TokenCacheAccessRecorder userCacheAccess = pca.UserTokenCache.RecordAccess(); Trace.WriteLine("Part 1 - Acquire an SSH cert interactively "); string jwk = CreateJwk(); AuthenticationResult result = await pca .AcquireTokenInteractive(s_scopes) .WithCustomWebUi(CreateSeleniumCustomWebUI(labResponse.User, Prompt.ForceLogin)) .WithSSHCertificateAuthenticationScheme(jwk, "key1") .WithExtraQueryParameters(GetTestSliceParams()) // TODO: remove this once feature is in PROD .ExecuteAsync(new CancellationTokenSource(_interactiveAuthTimeout).Token) .ConfigureAwait(false); userCacheAccess.AssertAccessCounts(0, 1); Assert.AreEqual("ssh-cert", result.TokenType); IAccount account = await MsalAssert.AssertSingleAccountAsync(labResponse, pca, result).ConfigureAwait(false); userCacheAccess.AssertAccessCounts(1, 1); // the assert calls GetAccounts Trace.WriteLine("Part 2 - Acquire a token silent with the same keyID - should be served from the cache"); result = await pca .AcquireTokenSilent(s_scopes, account) .WithSSHCertificateAuthenticationScheme(jwk, "key1") .WithExtraQueryParameters(GetTestSliceParams()) // TODO: remove this once feature is in PROD .ExecuteAsync(new CancellationTokenSource(_interactiveAuthTimeout).Token) .ConfigureAwait(false); userCacheAccess.AssertAccessCounts(2, 1); account = await MsalAssert.AssertSingleAccountAsync(labResponse, pca, result).ConfigureAwait(false); userCacheAccess.AssertAccessCounts(3, 1); Trace.WriteLine("Part 3 - Acquire a token silent with a different keyID - should not sbe served from the cache"); result = await pca .AcquireTokenSilent(s_scopes, account) .WithSSHCertificateAuthenticationScheme(jwk, "key2") .WithExtraQueryParameters(GetTestSliceParams()) // TODO: remove this once feature is in PROD .ExecuteAsync(new CancellationTokenSource(_interactiveAuthTimeout).Token) .ConfigureAwait(false); Assert.AreEqual("ssh-cert", result.TokenType); userCacheAccess.AssertAccessCounts(4, 2); await MsalAssert.AssertSingleAccountAsync(labResponse, pca, result).ConfigureAwait(false); }
public async Task MultiUserCacheCompatabilityTestAsync() { // Arrange //Acquire AT for default lab account LabResponse labResponseDefault = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); AuthenticationResult defaultAccountResult = await RunTestForUserAsync(labResponseDefault).ConfigureAwait(false); //Acquire AT for ADFS 2019 account LabResponse labResponseFederated = await LabUserHelper.GetAdfsUserAsync(FederationProvider.ADFSv2019, true).ConfigureAwait(false); var federatedAccountResult = await RunTestForUserAsync(labResponseFederated, false).ConfigureAwait(false); //Acquire AT for MSA account LabResponse labResponseMsa = await LabUserHelper.GetMsaUserAsync().ConfigureAwait(false); labResponseMsa.App.AppId = LabApiConstants.MSAOutlookAccountClientID; var msaAccountResult = await RunTestForUserAsync(labResponseMsa).ConfigureAwait(false); PublicClientApplication pca = PublicClientApplicationBuilder.Create(labResponseDefault.App.AppId).BuildConcrete(); AuthenticationResult authResult = await pca.AcquireTokenSilent(new[] { CoreUiTestConstants.DefaultScope }, defaultAccountResult.Account) .ExecuteAsync() .ConfigureAwait(false); Assert.IsNotNull(authResult); Assert.IsNotNull(authResult.AccessToken); Assert.IsNotNull(authResult.IdToken); TestCommon.ValidateNoKerberosTicketFromAuthenticationResult(authResult); pca = PublicClientApplicationBuilder.Create(labResponseFederated.App.AppId).BuildConcrete(); authResult = await pca.AcquireTokenSilent(new[] { CoreUiTestConstants.DefaultScope }, federatedAccountResult.Account) .ExecuteAsync() .ConfigureAwait(false); Assert.IsNotNull(authResult); Assert.IsNotNull(authResult.AccessToken); Assert.IsNull(authResult.IdToken); TestCommon.ValidateNoKerberosTicketFromAuthenticationResult(authResult); pca = PublicClientApplicationBuilder.Create(LabApiConstants.MSAOutlookAccountClientID).BuildConcrete(); authResult = await pca.AcquireTokenSilent(new[] { CoreUiTestConstants.DefaultScope }, msaAccountResult.Account) .ExecuteAsync() .ConfigureAwait(false); Assert.IsNotNull(authResult); Assert.IsNotNull(authResult.AccessToken); Assert.IsNull(authResult.IdToken); TestCommon.ValidateNoKerberosTicketFromAuthenticationResult(authResult); }
public async Task SilentAuth_TokenCacheRemainsPersistent_Async() { var labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); var user = labResponse.User; string cacheFilePath = null; try { cacheFilePath = Path.GetTempFileName(); var pca1 = PublicClientApplicationBuilder .Create(labResponse.App.AppId) .WithTestLogging() .WithAuthority("https://login.microsoftonline.com/organizations") .Build(); SetCacheSerializationToFile(pca1, cacheFilePath); AuthenticationResult authResult = await pca1 .AcquireTokenByUsernamePassword(s_scopes, user.Upn, new NetworkCredential("", user.GetOrFetchPassword()).SecurePassword) .ExecuteAsync() .ConfigureAwait(false); MsalAssert.AssertAuthResult(authResult, user); Assert.AreEqual( "https://login.microsoftonline.com/organizations/oauth2/v2.0/token", authResult.AuthenticationResultMetadata.TokenEndpoint); // simulate a restart by creating a new client var pca2 = PublicClientApplicationBuilder .Create(labResponse.App.AppId) .WithTestLogging() .Build(); SetCacheSerializationToFile(pca2, cacheFilePath); authResult = await pca2.AcquireTokenSilent(s_scopes, user.Upn) .WithTenantId("organizations") .ExecuteAsync() .ConfigureAwait(false); MsalAssert.AssertAuthResult(authResult, user); } finally { if (cacheFilePath != null && File.Exists(cacheFilePath)) { File.Delete(cacheFilePath); } } }
public async Task OBO_WithCache_MultipleUsers_Async() { var aadUser1 = (await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false)).User; var aadUser2 = (await LabUserHelper.GetAdfsUserAsync(FederationProvider.AdfsV2, true).ConfigureAwait(false)).User; var adfsUser = (await LabUserHelper.GetAdfsUserAsync(FederationProvider.ADFSv2019).ConfigureAwait(false)).User; await RunOnBehalfOfTestAsync(adfsUser, false).ConfigureAwait(false); await RunOnBehalfOfTestAsync(aadUser1, false).ConfigureAwait(false); await RunOnBehalfOfTestAsync(aadUser1, true).ConfigureAwait(false); await RunOnBehalfOfTestAsync(aadUser2, false).ConfigureAwait(false); await RunOnBehalfOfTestAsync(adfsUser, true).ConfigureAwait(false); await RunOnBehalfOfTestAsync(aadUser2, true).ConfigureAwait(false); }
public async Task SilentAuth_ForceRefresh_Async() { var labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); var user = labResponse.User; var pca = PublicClientApplicationBuilder .Create(labResponse.App.AppId) .WithAuthority("https://login.microsoftonline.com/organizations") .Build(); Trace.WriteLine("Part 1 - Acquire a token with U/P"); AuthenticationResult authResult = await pca .AcquireTokenByUsernamePassword(s_scopes, user.Upn, new NetworkCredential("", user.GetOrFetchPassword()).SecurePassword) .ExecuteAsync(new CancellationTokenSource().Token) .ConfigureAwait(false); MsalAssert.AssertAuthResult(authResult, user); var at1 = authResult.AccessToken; // If test fails with "user needs to consent to the application, do an interactive request" error - see UsernamePassword tests Trace.WriteLine("Part 2 - Acquire a token silently, with forceRefresh = true"); IAccount account = await MsalAssert.AssertSingleAccountAsync(labResponse, pca, authResult).ConfigureAwait(false); authResult = await pca.AcquireTokenSilent(s_scopes, account) .WithForceRefresh(true) .ExecuteAsync() .ConfigureAwait(false); MsalAssert.AssertAuthResult(authResult, user); var at2 = authResult.AccessToken; Trace.WriteLine("Part 3 - Acquire a token silently with a login hint, with forceRefresh = true"); authResult = await pca.AcquireTokenSilent(s_scopes, user.Upn) .WithForceRefresh(true) .ExecuteAsync() .ConfigureAwait(false); MsalAssert.AssertAuthResult(authResult, user); var at3 = authResult.AccessToken; Assert.IsFalse(at1.Equals(at2, System.StringComparison.InvariantCultureIgnoreCase)); Assert.IsFalse(at1.Equals(at3, System.StringComparison.InvariantCultureIgnoreCase)); Assert.IsFalse(at2.Equals(at3, System.StringComparison.InvariantCultureIgnoreCase)); }
public async Task SilentAuth_ForceRefresh_Async() { var labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); pca = PublicClientApplicationBuilder .Create(labResponse.App.AppId) .WithAuthority("https://login.microsoftonline.com/organizations") .Build(); Trace.WriteLine("Part 1 - Acquire a token with U/P"); AuthenticationResult authResult = await pca .AcquireTokenByUsernamePassword(s_scopes, labResponse.User.Upn, new NetworkCredential("", labResponse.User.GetOrFetchPassword()).SecurePassword) .ExecuteAsync(new CancellationTokenSource().Token) .ConfigureAwait(false); await ValidateAuthResultAsync(authResult, labResponse).ConfigureAwait(false); }
[Timeout(1 * 60 * 1000)] // 1 min timeout public async Task DeviceCodeFlowTestAsync() { LabResponse labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); Trace.WriteLine("Calling AcquireTokenWithDeviceCodeAsync"); var pca = PublicClientApplicationBuilder.Create(labResponse.AppId).Build(); var result = await pca.AcquireTokenWithDeviceCode(s_scopes, deviceCodeResult => { RunAutomatedDeviceCodeFlow(deviceCodeResult, labResponse.User); return(Task.FromResult(0)); }).ExecuteAsync(CancellationToken.None).ConfigureAwait(false); Trace.WriteLine("Running asserts"); Assert.IsNotNull(result); Assert.IsTrue(!string.IsNullOrEmpty(result.AccessToken)); }
[Timeout(2 * 60 * 1000)] // 2 min timeout public async Task DeviceCodeFlowTestAsync() { LabResponse labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); Trace.WriteLine("Calling AcquireTokenWithDeviceCodeAsync"); var pca = PublicClientApplicationBuilder.Create(labResponse.AppId).Build(); var userCacheAccess = pca.UserTokenCache.RecordAccess(); var result = await pca.AcquireTokenWithDeviceCode(s_scopes, deviceCodeResult => { SeleniumExtensions.PerformDeviceCodeLogin(deviceCodeResult, labResponse.User, TestContext, false); return(Task.FromResult(0)); }).ExecuteAsync(CancellationToken.None).ConfigureAwait(false); Trace.WriteLine("Running asserts"); userCacheAccess.AssertAccessCounts(0, 1); Assert.IsNotNull(result); Assert.IsTrue(!string.IsNullOrEmpty(result.AccessToken)); }
public async Task OBO_WithCache_MultipleUsers_Async() { var aadUser1 = (await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false)).User; UserQuery query = new UserQuery { FederationProvider = FederationProvider.AdfsV2, IsMamUser = false, IsMfaUser = false, IsFederatedUser = true }; var aadUser2 = (await LabUserHelper.GetLabUserDataAsync(query).ConfigureAwait(false)).User; var adfsUser = (await LabUserHelper.GetAdfsUserAsync(FederationProvider.ADFSv2019).ConfigureAwait(false)).User; await RunOnBehalfOfTestAsync(adfsUser, false).ConfigureAwait(false); await RunOnBehalfOfTestAsync(aadUser1, false).ConfigureAwait(false); await RunOnBehalfOfTestAsync(aadUser1, true).ConfigureAwait(false); await RunOnBehalfOfTestAsync(aadUser2, false).ConfigureAwait(false); await RunOnBehalfOfTestAsync(adfsUser, true).ConfigureAwait(false); await RunOnBehalfOfTestAsync(aadUser2, true).ConfigureAwait(false); }
public async Task AuthorityValidationTestWithFalseValidateAuthorityAsync() { LabResponse labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); LabUser user = labResponse.User; IPublicClientApplication pca = PublicClientApplicationBuilder .Create(labResponse.App.AppId) .WithAuthority("https://bogus.microsoft.com/common", false) .WithTestLogging() .Build(); Trace.WriteLine("Acquire a token using a not so common authority alias"); HttpRequestException exception = await AssertException.TaskThrowsAsync <HttpRequestException>(() => pca.AcquireTokenByUsernamePassword( s_scopes, user.Upn, new NetworkCredential("", user.GetOrFetchPassword()).SecurePassword) .ExecuteAsync()) .ConfigureAwait(false); }
[Ignore] // https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/2004 public async Task Interactive_SSHCert_Async() { LabResponse labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false); await CreateSSHCertTestAsync(labResponse).ConfigureAwait(false); }