public async Task CloudAudienceUrnTest() { AuthenticationContext context = new AuthenticationContext(TestConstants.DefaultAuthorityCommonTenant); await context.Authenticator.UpdateFromTemplateAsync(null); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler() { Method = HttpMethod.Get, ResponseMessage = new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent("{\"ver\":\"1.0\",\"account_type\":\"Federated\",\"domain_name\":\"microsoft.com\"," + "\"federation_protocol\":\"WSTrust\",\"federation_metadata_url\":" + "\"https://msft.sts.microsoft.com/adfs/services/trust/mex\"," + "\"federation_active_auth_url\":\"https://msft.sts.microsoft.com/adfs/services/trust/2005/usernamemixed\"" + ",\"cloud_audience_urn\":\"urn:federation:Blackforest\"" + ",\"cloudinstancename\":\"login.microsoftonline.com\"}") }, QueryParams = new Dictionary <string, string>() { { "api-version", "1.0" } } }); UserRealmDiscoveryResponse userRealmResponse = await UserRealmDiscoveryResponse.CreateByDiscoveryAsync(context.Authenticator.UserRealmUri, TestConstants.DefaultDisplayableId, null); WsTrustAddress address = new WsTrustAddress() { Uri = new Uri("https://some/address/usernamemixed"), Version = WsTrustVersion.WsTrust13 }; HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler() { Method = HttpMethod.Post, ResponseMessage = new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent(File.ReadAllText("WsTrustResponse.xml")) } }); WsTrustResponse wsTrustResponse = await WsTrustRequest.SendRequestAsync(address, new UserCredential(TestConstants.DefaultDisplayableId), null, userRealmResponse.CloudAudienceUrn); VerifyCloudInstanceUrnResponse(userRealmResponse.CloudAudienceUrn, "urn:federation:Blackforest"); }
public async Task WsTrustAddressExtractionTest() { var federatedSts = SetupStsService(StsType.AADFederatedWithADFS3); AuthenticationContext context = new AuthenticationContext(federatedSts.Authority, federatedSts.ValidateAuthority); await context.Authenticator.UpdateFromTemplateAsync(null); UserRealmDiscoveryResponse userRealmResponse = await UserRealmDiscoveryResponse.CreateByDiscoveryAsync(context.Authenticator.UserRealmUri, federatedSts.ValidUserName, null); XDocument mexDocument = await FecthMexAsync(userRealmResponse.FederationMetadataUrl); Verify.IsNotNull(mexDocument); WsTrustAddress wsTrustAddress = MexParser.ExtractWsTrustAddressFromMex(mexDocument, UserAuthType.IntegratedAuth, null); Verify.IsNotNull(wsTrustAddress); wsTrustAddress = MexParser.ExtractWsTrustAddressFromMex(mexDocument, UserAuthType.UsernamePassword, null); Verify.IsNotNull(wsTrustAddress); string mexDocumentContent = mexDocument.ToString(); try { string modifiedMexDocumentContent = mexDocumentContent.Replace("securitypolicy", string.Empty); XDocument modifiedMexDocument = ConvertStringToXDocument(modifiedMexDocumentContent); MexParser.ExtractWsTrustAddressFromMex(modifiedMexDocument, UserAuthType.UsernamePassword, null); Verify.Fail("Exception expected"); } catch (AdalException ex) { Verify.AreEqual(ex.ErrorCode, AdalError.WsTrustEndpointNotFoundInMetadataDocument); } try { string modifiedMexDocumentContent = mexDocumentContent.Replace(wsTrustAddress.Uri.AbsoluteUri, string.Empty); XDocument modifiedMexDocument = ConvertStringToXDocument(modifiedMexDocumentContent); MexParser.ExtractWsTrustAddressFromMex(modifiedMexDocument, UserAuthType.UsernamePassword, null); Verify.Fail("Exception expected"); } catch (AdalException ex) { Verify.AreEqual(ex.ErrorCode, AdalError.WsTrustEndpointNotFoundInMetadataDocument); } }
public async Task MexFetchingTest() { var federatedSts = SetupStsService(StsType.AADFederatedWithADFS3); AuthenticationContext context = new AuthenticationContext(federatedSts.Authority, federatedSts.ValidateAuthority); await context.Authenticator.UpdateFromTemplateAsync(null); UserRealmDiscoveryResponse userRealmResponse = await UserRealmDiscoveryResponse.CreateByDiscoveryAsync(context.Authenticator.UserRealmUri, federatedSts.ValidUserName, null); XDocument mexDocument = await FecthMexAsync(userRealmResponse.FederationMetadataUrl); Verify.IsNotNull(mexDocument); try { await FecthMexAsync(userRealmResponse.FederationMetadataUrl + "x"); Verify.Fail("Exception expected"); } catch (AdalException ex) { Verify.AreEqual(ex.ErrorCode, AdalError.AccessingWsMetadataExchangeFailed); } }
public async Task UserRealmDiscoveryTest() { AuthenticationContext context = new AuthenticationContext(TestConstants.GetUserRealmEndpoint(TestConstants.DefaultAuthorityCommonTenant) + "/" + TestConstants.DefaultDisplayableId, new TokenCache()); await context.Authenticator.UpdateFromTemplateAsync(null); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler(TestConstants.GetUserRealmEndpoint(TestConstants.DefaultAuthorityCommonTenant) + "/" + TestConstants.DefaultDisplayableId) { Method = HttpMethod.Get, ResponseMessage = new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent("{\"ver\":\"1.0\",\"account_type\":\"Federated\",\"domain_name\":\"microsoft.com\"," + "\"federation_protocol\":\"WSTrust\",\"federation_metadata_url\":" + "\"https://msft.sts.microsoft.com/adfs/services/trust/mex\"," + "\"federation_active_auth_url\":\"https://msft.sts.microsoft.com/adfs/services/trust/2005/usernamemixed\"" + ",\"cloud_instance_name\":\"login.microsoftonline.com\"}") }, QueryParams = new Dictionary <string, string>() { { "api-version", "1.0" } } }); UserRealmDiscoveryResponse userRealmResponse = await UserRealmDiscoveryResponse.CreateByDiscoveryAsync(context.Authenticator.UserRealmUri, TestConstants.DefaultDisplayableId, CallState.Default); VerifyUserRealmResponse(userRealmResponse, "Federated"); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler(TestConstants.GetUserRealmEndpoint(TestConstants.DefaultAuthorityCommonTenant) + "/" + TestConstants.DefaultDisplayableId) { Method = HttpMethod.Get, ResponseMessage = new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent("{\"ver\":\"1.0\",\"account_type\":\"Unknown\",\"cloud_instance_name\":\"login.microsoftonline.com\"}") }, QueryParams = new Dictionary <string, string>() { { "api-version", "1.0" } } }); userRealmResponse = await UserRealmDiscoveryResponse.CreateByDiscoveryAsync(context.Authenticator.UserRealmUri, TestConstants.DefaultDisplayableId, CallState.Default); VerifyUserRealmResponse(userRealmResponse, "Unknown"); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler(TestConstants.GetUserRealmEndpoint(TestConstants.DefaultAuthorityCommonTenant) + "/" + null) { Method = HttpMethod.Get, ResponseMessage = MockHelpers.CreateFailureResponseMessage("unknown_user") }); AdalException ex = AssertException.TaskThrows <AdalException>(() => UserRealmDiscoveryResponse.CreateByDiscoveryAsync(context.Authenticator.UserRealmUri, null, CallState.Default)); Assert.AreEqual(AdalError.UnknownUser, ex.Message); // All mocks are consumed Assert.AreEqual(0, HttpMessageHandlerFactory.MockHandlersCount()); }