public async Task AuthenticateAsync_AuthenticateWithRefreshToken_WithClientCredential()
{
string refreshToken = "refresh";
this.authenticationProvider.CurrentAccountSession = new AccountSession {
RefreshToken = refreshToken
};
this.adalServiceInfo.ClientSecret = "clientSecret";
var mockAuthenticationResult = new MockAuthenticationResult();
mockAuthenticationResult.SetupGet(result => result.AccessToken).Returns("token");
mockAuthenticationResult.SetupGet(result => result.AccessTokenType).Returns("type");
mockAuthenticationResult.SetupGet(result => result.ExpiresOn).Returns(DateTimeOffset.UtcNow);
var mockAuthenticationContextWrapper = new MockAuthenticationContextWrapper();
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenByRefreshTokenAsync(
It.Is <string>(token => token.Equals(refreshToken)),
It.Is <ClientCredential>(credential => credential.ClientId.Equals(this.adalServiceInfo.AppId)),
It.Is <string>(resource => resource.Equals(this.adalServiceInfo.ServiceResource)))).Returns(Task.FromResult(mockAuthenticationResult.Object));
await this.AuthenticateAsync_AuthenticateWithoutDiscoveryService(
mockAuthenticationContextWrapper.Object,
mockAuthenticationResult.Object);
}
public async Task AuthenticateAsync_AuthenticateWithRefreshToken_WithClientCertificate()
{
string refreshToken = "refresh";
this.authenticationProvider.CurrentAccountSession = new AccountSession {
RefreshToken = refreshToken
};
this.adalServiceInfo.ClientCertificate = new X509Certificate2(@"Certs\testwebapplication.pfx", "password");
var mockAuthenticationResult = new MockAuthenticationResult();
mockAuthenticationResult.SetupGet(result => result.AccessToken).Returns("token");
mockAuthenticationResult.SetupGet(result => result.AccessTokenType).Returns("type");
mockAuthenticationResult.SetupGet(result => result.ExpiresOn).Returns(DateTimeOffset.UtcNow);
var mockAuthenticationContextWrapper = new MockAuthenticationContextWrapper();
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenByRefreshTokenAsync(
It.Is <string>(token => token.Equals(refreshToken)),
It.Is <ClientAssertionCertificate>(certificate =>
certificate.ClientId.Equals(this.adalServiceInfo.AppId) &&
certificate.Certificate == this.adalServiceInfo.ClientCertificate),
It.Is <string>(resource => resource.Equals(serviceResourceId)))).Returns(Task.FromResult(mockAuthenticationResult.Object));
await this.AuthenticateAsync_AuthenticateWithoutDiscoveryService(
mockAuthenticationContextWrapper.Object,
mockAuthenticationResult.Object);
}
public async Task AuthenticateAsync_AuthenticateSilentlyWithClientCredential()
{
this.serviceInfo.ServiceResource = serviceResourceId;
this.serviceInfo.BaseUrl = "https://localhost";
this.serviceInfo.ClientSecret = "clientSecret";
var mockAuthenticationResult = new MockAuthenticationResult();
mockAuthenticationResult.SetupGet(result => result.AccessToken).Returns("token");
mockAuthenticationResult.SetupGet(result => result.AccessTokenType).Returns("type");
mockAuthenticationResult.SetupGet(result => result.ExpiresOn).Returns(DateTimeOffset.UtcNow);
var mockAuthenticationContextWrapper = new MockAuthenticationContextWrapper();
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenSilentAsync(
It.Is <string>(resource => resource.Equals(serviceResourceId)),
It.Is <string>(clientId => clientId.Equals(this.serviceInfo.AppId)))).Throws(new Exception());
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenSilentAsync(
It.Is <string>(resource => resource.Equals(serviceResourceId)),
It.Is <ClientCredential>(credential => credential.ClientId.Equals(this.serviceInfo.AppId)),
UserIdentifier.AnyUser)).Returns(Task.FromResult(mockAuthenticationResult.Object));
await this.AuthenticateAsync_AuthenticateWithoutDiscoveryService(
mockAuthenticationContextWrapper.Object,
mockAuthenticationResult.Object);
}
public async Task AuthenticateAsync_AuthenticateSilentlyWithClientCertificate()
{
this.adalServiceInfo.ServiceResource = serviceResourceId;
this.adalServiceInfo.BaseUrl = "https://localhost";
this.adalServiceInfo.ClientCertificate = new X509Certificate2(@"Certs\testwebapplication.pfx", "password");
var mockAuthenticationResult = new MockAuthenticationResult();
mockAuthenticationResult.SetupGet(result => result.AccessToken).Returns("token");
mockAuthenticationResult.SetupGet(result => result.AccessTokenType).Returns("type");
mockAuthenticationResult.SetupGet(result => result.ExpiresOn).Returns(DateTimeOffset.UtcNow);
var mockAuthenticationContextWrapper = new MockAuthenticationContextWrapper();
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenSilentAsync(
It.Is <string>(resource => resource.Equals(serviceResourceId)),
It.Is <string>(clientId => clientId.Equals(this.adalServiceInfo.AppId)))).Throws(new Exception());
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenSilentAsync(
It.Is <string>(resource => resource.Equals(serviceResourceId)),
It.Is <ClientAssertionCertificate>(certificate =>
certificate.Certificate == this.adalServiceInfo.ClientCertificate &&
certificate.ClientId == this.adalServiceInfo.AppId),
UserIdentifier.AnyUser)).Returns(Task.FromResult(mockAuthenticationResult.Object));
await this.AuthenticateAsync_AuthenticateWithoutDiscoveryService(
mockAuthenticationContextWrapper.Object,
mockAuthenticationResult.Object);
}
public async Task AuthenticateAsync_CachedCurrentAccountSessionExpiring()
{
var cachedAccountSession = new AccountSession
{
AccessToken = "expiredToken",
ExpiresOnUtc = DateTimeOffset.UtcNow,
};
this.authenticationProvider.CurrentAccountSession = cachedAccountSession;
var mockAuthenticationResult = new MockAuthenticationResult();
mockAuthenticationResult.SetupGet(result => result.AccessToken).Returns("token");
mockAuthenticationResult.SetupGet(result => result.AccessTokenType).Returns("type");
mockAuthenticationResult.SetupGet(result => result.ExpiresOn).Returns(DateTimeOffset.UtcNow.AddHours(1));
var mockAuthenticationContextWrapper = new MockAuthenticationContextWrapper();
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenSilentAsync(
It.Is <string>(resource => resource.Equals(serviceResourceId)),
It.Is <string>(clientId => clientId.Equals(this.serviceInfo.AppId))))
.Returns(Task.FromResult(mockAuthenticationResult.Object));
await this.AuthenticateAsync_AuthenticateWithoutDiscoveryService(
mockAuthenticationContextWrapper.Object,
mockAuthenticationResult.Object);
}
public async Task AuthenticateAsync_AuthenticateWithoutDiscoveryService()
{
this.serviceInfo.ServiceResource = serviceResourceId;
this.serviceInfo.BaseUrl = "https://localhost";
var mockAuthenticationResult = new MockAuthenticationResult();
mockAuthenticationResult.SetupGet(result => result.AccessToken).Returns("token");
mockAuthenticationResult.SetupGet(result => result.AccessTokenType).Returns("type");
mockAuthenticationResult.SetupGet(result => result.ExpiresOn).Returns(DateTimeOffset.UtcNow);
var mockAuthenticationContextWrapper = new MockAuthenticationContextWrapper();
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenSilentAsync(
It.Is <string>(resource => resource.Equals(serviceResourceId)),
It.Is <string>(clientId => clientId.Equals(this.serviceInfo.AppId)))).Throws(new Exception());
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireToken(
It.Is <string>(resource => resource.Equals(serviceResourceId)),
It.Is <string>(clientId => clientId.Equals(this.serviceInfo.AppId)),
It.Is <Uri>(returnUri => returnUri.ToString().Equals(this.serviceInfo.ReturnUrl)),
PromptBehavior.Always)).Returns(mockAuthenticationResult.Object);
await this.AuthenticateAsync_AuthenticateWithoutDiscoveryService(
mockAuthenticationContextWrapper.Object,
mockAuthenticationResult.Object);
}
public async Task AuthenticateAsync_DiscoveryServiceMyFilesVersionNotFound()
{
var mockAuthenticationContextWrapper = new MockAuthenticationContextWrapper();
try
{
await this.AuthenticateWithDiscoveryService(
mockAuthenticationContextWrapper,
new DiscoveryServiceResponse
{
Value = new List <DiscoveryService>
{
new DiscoveryService
{
Capability = Constants.Authentication.MyFilesCapability,
ServiceApiVersion = "v1.0"
}
}
});
}
catch (OneDriveException exception)
{
Assert.IsNotNull(exception.Error, "Error not set in exception.");
Assert.AreEqual(OneDriveErrorCode.MyFilesCapabilityNotFound.ToString(), exception.Error.Code, "Unexpected error code returned.");
Assert.AreEqual(
string.Format(
"{0} capability with version {1} not found for the current user.",
Constants.Authentication.MyFilesCapability,
this.serviceInfo.OneDriveServiceEndpointVersion),
exception.Error.Message,
"Unexpected error message returned.");
throw;
}
}
public async Task AuthenticateAsync_NullAuthenticationResult()
{
var mockAuthenticationContextWrapper = new MockAuthenticationContextWrapper();
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenSilentAsync(
It.Is <string>(resource => resource.Equals(serviceResourceId)),
It.Is <string>(clientId => clientId.Equals(this.serviceInfo.AppId)))).Throws(new Exception());
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireToken(
It.Is <string>(resource => resource.Equals(serviceResourceId)),
It.Is <string>(clientId => clientId.Equals(this.serviceInfo.AppId)),
It.Is <Uri>(returnUri => returnUri.ToString().Equals(this.serviceInfo.ReturnUrl)),
PromptBehavior.Always)).Returns((IAuthenticationResult)null);
try
{
await this.AuthenticateWithDiscoveryService(mockAuthenticationContextWrapper);
}
catch (OneDriveException exception)
{
Assert.IsNotNull(exception.Error, "Error not set in exception.");
Assert.AreEqual(OneDriveErrorCode.AuthenticationFailure.ToString(), exception.Error.Code, "Unexpected error code returned.");
Assert.AreEqual(
"An error occurred during active directory authentication.",
exception.Error.Message,
"Unexpected error message returned.");
throw;
}
}
public override void Setup()
{
base.Setup();
this.adalServiceInfo = new AdalServiceInfo();
this.adalServiceInfo.CopyFrom(this.serviceInfo);
this.authenticationProvider = new TestAdalAuthenticationByCodeAuthenticationProvider(this.adalServiceInfo, authenticationCode);
this.authenticationContextWrapper = new MockAuthenticationContextWrapper();
this.authenticationProvider.authenticationContextWrapper = this.authenticationContextWrapper.Object;
}
public override void Setup()
{
base.Setup();
this.adalServiceInfo = new AdalServiceInfo();
this.adalServiceInfo.CopyFrom(this.serviceInfo);
this.authenticationProvider = new TestAdalAuthenticationByCodeAuthenticationProvider(this.adalServiceInfo, authenticationCode);
this.authenticationContextWrapper = new MockAuthenticationContextWrapper();
this.authenticationProvider.authenticationContextWrapper = this.authenticationContextWrapper.Object;
}
public async Task <AccountSession> AuthenticateWithDiscoveryService(
MockAuthenticationContextWrapper mockAuthenticationContextWrapper,
DiscoveryServiceResponse discoveryServiceResponse = null)
{
var mockAuthenticationResult = new MockAuthenticationResult();
mockAuthenticationResult.SetupGet(result => result.AccessToken).Returns("discoveryResource");
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenSilentAsync(
It.Is <string>(resource => resource.Equals(Constants.Authentication.ActiveDirectoryDiscoveryResource)),
It.Is <string>(clientId => clientId.Equals(this.serviceInfo.AppId)))).Throws(new Exception());
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireToken(
It.Is <string>(resource => resource.Equals(Constants.Authentication.ActiveDirectoryDiscoveryResource)),
It.Is <string>(clientId => clientId.Equals(this.serviceInfo.AppId)),
It.Is <Uri>(returnUri => returnUri.ToString().Equals(this.serviceInfo.ReturnUrl)),
PromptBehavior.Auto,
UserIdentifier.AnyUser)).Returns(mockAuthenticationResult.Object);
if (discoveryServiceResponse == null)
{
discoveryServiceResponse = new DiscoveryServiceResponse
{
Value = new List <DiscoveryService>
{
new DiscoveryService
{
Capability = Constants.Authentication.MyFilesCapability,
ServiceApiVersion = this.serviceInfo.OneDriveServiceEndpointVersion,
ServiceEndpointUri = serviceEndpointUri,
ServiceResourceId = serviceResourceId,
}
}
};
}
var requestBodyString = this.serializer.SerializeObject(discoveryServiceResponse);
AccountSession accountSession;
using (var stringContent = new StringContent(requestBodyString))
{
this.httpResponseMessage.Content = stringContent;
this.authenticationProvider.authenticationContextWrapper = mockAuthenticationContextWrapper.Object;
accountSession = await this.authenticationProvider.AuthenticateAsync();
}
return(accountSession);
}
public override void Setup()
{
base.Setup();
this.adalServiceInfo = new AdalServiceInfo();
this.adalServiceInfo.CopyFrom(this.serviceInfo);
this.authenticationProvider = new TestAdalAppOnlyAuthenticationProvider(this.adalServiceInfo);
this.authenticationContextWrapper = new MockAuthenticationContextWrapper();
this.authenticationProvider.authenticationContextWrapper = this.authenticationContextWrapper.Object;
this.clientCertificate = new X509Certificate2(@"Certs\testwebapplication.pfx", "password");
this.adalServiceInfo.ClientCertificate = this.clientCertificate;
}
public override void Setup()
{
base.Setup();
this.adalServiceInfo = new AdalServiceInfo();
this.adalServiceInfo.CopyFrom(this.serviceInfo);
this.authenticationProvider = new TestAdalAppOnlyAuthenticationProvider(this.adalServiceInfo);
this.authenticationContextWrapper = new MockAuthenticationContextWrapper();
this.authenticationProvider.authenticationContextWrapper = this.authenticationContextWrapper.Object;
this.clientCertificate = new X509Certificate2(@"Certs\testwebapplication.pfx", "password");
this.adalServiceInfo.ClientCertificate = this.clientCertificate;
}
public async Task AuthenticateAsync_AuthenticateWithDiscoveryService(
MockAuthenticationContextWrapper mockAuthenticationContextWrapper,
IAuthenticationResult authenticationResult)
{
var accountSession = await this.AuthenticateWithDiscoveryService(mockAuthenticationContextWrapper);
Assert.AreEqual(accountSession, this.authenticationProvider.CurrentAccountSession, "Account session not cached correctly.");
Assert.AreEqual(serviceEndpointUri, this.serviceInfo.BaseUrl, "Base URL not set.");
Assert.AreEqual(serviceResourceId, this.serviceInfo.ServiceResource, "Service resource not set.");
Assert.AreEqual(authenticationResult.AccessToken, accountSession.AccessToken, "Unexpected access token set.");
Assert.AreEqual(authenticationResult.AccessTokenType, accountSession.AccessTokenType, "Unexpected access token type set.");
Assert.AreEqual(AccountType.ActiveDirectory, accountSession.AccountType, "Unexpected account type set.");
Assert.IsTrue(accountSession.CanSignOut, "CanSignOut set to false.");
Assert.AreEqual(this.serviceInfo.AppId, accountSession.ClientId, "Unexpected client ID set.");
Assert.AreEqual(authenticationResult.ExpiresOn, accountSession.ExpiresOnUtc, "Unexpected expiration set.");
Assert.IsNull(accountSession.UserId, "Unexpected user ID set.");
}
public async Task AuthenticateAsync_AuthenticateSilentlyWithDiscoveryService()
{
var mockAuthenticationResult = new MockAuthenticationResult();
mockAuthenticationResult.SetupGet(result => result.AccessToken).Returns("token");
mockAuthenticationResult.SetupGet(result => result.AccessTokenType).Returns("type");
mockAuthenticationResult.SetupGet(result => result.ExpiresOn).Returns(DateTimeOffset.UtcNow);
var mockAuthenticationContextWrapper = new MockAuthenticationContextWrapper();
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenSilentAsync(
It.Is <string>(resource => resource.Equals(serviceResourceId)),
It.Is <string>(clientId => clientId.Equals(this.serviceInfo.AppId))))
.Returns(Task.FromResult(mockAuthenticationResult.Object));
await this.AuthenticateAsync_AuthenticateWithDiscoveryService(mockAuthenticationContextWrapper, mockAuthenticationResult.Object);
}
public async Task AuthenticateAsync_AuthenticateWithClientCertificate()
{
this.adalServiceInfo.ServiceResource = serviceResourceId;
this.adalServiceInfo.BaseUrl = "https://localhost";
this.adalServiceInfo.ClientCertificate = new X509Certificate2(@"Certs\testwebapplication.pfx", "password");
var mockAuthenticationResult = new MockAuthenticationResult();
mockAuthenticationResult.SetupGet(result => result.AccessToken).Returns("token");
mockAuthenticationResult.SetupGet(result => result.AccessTokenType).Returns("type");
mockAuthenticationResult.SetupGet(result => result.ExpiresOn).Returns(DateTimeOffset.UtcNow);
var mockAuthenticationContextWrapper = new MockAuthenticationContextWrapper();
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenSilentAsync(
It.Is <string>(resource => resource.Equals(serviceResourceId)),
It.Is <string>(clientId => clientId.Equals(this.adalServiceInfo.AppId)))).Throws(new Exception());
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenByAuthorizationCodeAsync(
It.Is <string>(code => code.Equals(Constants.Authentication.CodeKeyName)),
It.Is <Uri>(returnUri => returnUri.ToString().Equals(this.adalServiceInfo.ReturnUrl)),
It.Is <ClientAssertionCertificate>(certificate =>
certificate.Certificate == this.adalServiceInfo.ClientCertificate &&
certificate.ClientId == this.adalServiceInfo.AppId),
It.Is <string>(resource => resource.Equals(serviceResourceId))))
.Returns(Task.FromResult(mockAuthenticationResult.Object));
var webAuthenticationUi = new MockWebAuthenticationUi(
new Dictionary <string, string>
{
{ Constants.Authentication.CodeKeyName, Constants.Authentication.CodeKeyName }
});
this.adalServiceInfo.WebAuthenticationUi = webAuthenticationUi.Object;
await this.AuthenticateAsync_AuthenticateWithoutDiscoveryService(
mockAuthenticationContextWrapper.Object,
mockAuthenticationResult.Object);
}
public async Task AuthenticateAsync_DiscoveryServiceResponseValueNull()
{
var mockAuthenticationContextWrapper = new MockAuthenticationContextWrapper();
try
{
await this.AuthenticateWithDiscoveryService(
mockAuthenticationContextWrapper,
new DiscoveryServiceResponse());
}
catch (OneDriveException exception)
{
Assert.IsNotNull(exception.Error, "Error not set in exception.");
Assert.AreEqual(OneDriveErrorCode.MyFilesCapabilityNotFound.ToString(), exception.Error.Code, "Unexpected error code returned.");
Assert.AreEqual(
"MyFiles capability not found for the current user.",
exception.Error.Message,
"Unexpected error message returned.");
throw;
}
}
public async Task AuthenticateResourceAsync_ClientSecret()
{
this.authenticationProvider.ServiceInfo = this.serviceInfo;
this.authenticationProvider.authenticationContextWrapper = this.authenticationContextWrapper.Object;
this.serviceInfo.ClientSecret = "clientSecret";
var resource = "https://resource.sharepoint.com/";
var expectedAuthenticationResult = new MockAuthenticationResult();
this.authenticationContextWrapper
.Setup(wrapper => wrapper.AcquireTokenByAuthorizationCodeAsync(
It.Is <string>(code => authenticationCode.Equals(code)),
It.Is <Uri>(returnUri => this.serviceInfo.ReturnUrl.Equals(returnUri.ToString())),
It.Is <ClientCredential>(credential => this.serviceInfo.AppId.Equals(credential.ClientId)),
It.Is <string>(resourceValue => resource.Equals(resourceValue))))
.Returns(Task.FromResult(expectedAuthenticationResult.Object));
var authenticationResult = await this.authenticationProvider.AuthenticateResourceAsyncWrapper(resource);
Assert.AreEqual(expectedAuthenticationResult.Object, authenticationResult, "Unexpected authentication result returned.");
}
public async Task AuthenticateAsync_AuthenticateSilentlyWithClientCredential()
{
this.serviceInfo.ServiceResource = serviceResourceId;
this.serviceInfo.BaseUrl = "https://localhost";
this.serviceInfo.ClientSecret = "clientSecret";
var mockAuthenticationResult = new MockAuthenticationResult();
mockAuthenticationResult.SetupGet(result => result.AccessToken).Returns("token");
mockAuthenticationResult.SetupGet(result => result.AccessTokenType).Returns("type");
mockAuthenticationResult.SetupGet(result => result.ExpiresOn).Returns(DateTimeOffset.UtcNow);
var mockAuthenticationContextWrapper = new MockAuthenticationContextWrapper();
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenSilentAsync(
It.Is<string>(resource => resource.Equals(serviceResourceId)),
It.Is<string>(clientId => clientId.Equals(this.serviceInfo.AppId)))).Throws(new Exception());
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenSilentAsync(
It.Is<string>(resource => resource.Equals(serviceResourceId)),
It.Is<ClientCredential>(credential => credential.ClientId.Equals(this.serviceInfo.AppId)),
UserIdentifier.AnyUser)).Returns(Task.FromResult(mockAuthenticationResult.Object));
await this.AuthenticateAsync_AuthenticateWithoutDiscoveryService(
mockAuthenticationContextWrapper.Object,
mockAuthenticationResult.Object);
}
public async Task<AccountSession> AuthenticateWithDiscoveryService(
MockAuthenticationContextWrapper mockAuthenticationContextWrapper,
DiscoveryServiceResponse discoveryServiceResponse = null)
{
var mockAuthenticationResult = new MockAuthenticationResult();
mockAuthenticationResult.SetupGet(result => result.AccessToken).Returns("discoveryResource");
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenSilentAsync(
It.Is<string>(resource => resource.Equals(Constants.Authentication.ActiveDirectoryDiscoveryResource)),
It.Is<string>(clientId => clientId.Equals(this.serviceInfo.AppId)))).Throws(new Exception());
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireToken(
It.Is<string>(resource => resource.Equals(Constants.Authentication.ActiveDirectoryDiscoveryResource)),
It.Is<string>(clientId => clientId.Equals(this.serviceInfo.AppId)),
It.Is<Uri>(returnUri => returnUri.ToString().Equals(this.serviceInfo.ReturnUrl)),
PromptBehavior.Always)).Returns(mockAuthenticationResult.Object);
if (discoveryServiceResponse == null)
{
discoveryServiceResponse = new DiscoveryServiceResponse
{
Value = new List<DiscoveryService>
{
new DiscoveryService
{
Capability = Constants.Authentication.MyFilesCapability,
ServiceApiVersion = this.serviceInfo.OneDriveServiceEndpointVersion,
ServiceEndpointUri = serviceEndpointUri,
ServiceResourceId = serviceResourceId,
}
}
};
}
var requestBodyString = this.serializer.SerializeObject(discoveryServiceResponse);
AccountSession accountSession;
using (var stringContent = new StringContent(requestBodyString))
{
this.httpResponseMessage.Content = stringContent;
this.authenticationProvider.authenticationContextWrapper = mockAuthenticationContextWrapper.Object;
accountSession = await this.authenticationProvider.AuthenticateAsync();
}
return accountSession;
}
public async Task AuthenticateAsync_AuthenticateWithDiscoveryService(
MockAuthenticationContextWrapper mockAuthenticationContextWrapper,
IAuthenticationResult authenticationResult)
{
var accountSession = await this.AuthenticateWithDiscoveryService(mockAuthenticationContextWrapper);
Assert.AreEqual(accountSession, this.authenticationProvider.CurrentAccountSession, "Account session not cached correctly.");
Assert.AreEqual(serviceEndpointUri, this.serviceInfo.BaseUrl, "Base URL not set.");
Assert.AreEqual(serviceResourceId, this.serviceInfo.ServiceResource, "Service resource not set.");
Assert.AreEqual(authenticationResult.AccessToken, accountSession.AccessToken, "Unexpected access token set.");
Assert.AreEqual(authenticationResult.AccessTokenType, accountSession.AccessTokenType, "Unexpected access token type set.");
Assert.AreEqual(AccountType.ActiveDirectory, accountSession.AccountType, "Unexpected account type set.");
Assert.IsTrue(accountSession.CanSignOut, "CanSignOut set to false.");
Assert.AreEqual(this.serviceInfo.AppId, accountSession.ClientId, "Unexpected client ID set.");
Assert.AreEqual(authenticationResult.ExpiresOn, accountSession.ExpiresOnUtc, "Unexpected expiration set.");
Assert.IsNull(accountSession.UserId, "Unexpected user ID set.");
}
public async Task AuthenticateAsync_NullAuthenticationResult()
{
var mockAuthenticationContextWrapper = new MockAuthenticationContextWrapper();
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenSilentAsync(
It.Is<string>(resource => resource.Equals(serviceResourceId)),
It.Is<string>(clientId => clientId.Equals(this.serviceInfo.AppId)))).Throws(new Exception());
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireToken(
It.Is<string>(resource => resource.Equals(serviceResourceId)),
It.Is<string>(clientId => clientId.Equals(this.serviceInfo.AppId)),
It.Is<Uri>(returnUri => returnUri.ToString().Equals(this.serviceInfo.ReturnUrl)),
PromptBehavior.Always)).Returns((IAuthenticationResult)null);
try
{
await this.AuthenticateWithDiscoveryService(mockAuthenticationContextWrapper);
}
catch (OneDriveException exception)
{
Assert.IsNotNull(exception.Error, "Error not set in exception.");
Assert.AreEqual(OneDriveErrorCode.AuthenticationFailure.ToString(), exception.Error.Code, "Unexpected error code returned.");
Assert.AreEqual(
"An error occured during active directory authentication.",
exception.Error.Message,
"Unexpected error message returned.");
throw;
}
}
public async Task AuthenticateAsync_AuthenticateWithRefreshToken_WithClientCredential()
{
string refreshToken = "refresh";
this.authenticationProvider.CurrentAccountSession = new AccountSession { RefreshToken = refreshToken };
this.adalServiceInfo.ClientSecret = "clientSecret";
var mockAuthenticationResult = new MockAuthenticationResult();
mockAuthenticationResult.SetupGet(result => result.AccessToken).Returns("token");
mockAuthenticationResult.SetupGet(result => result.AccessTokenType).Returns("type");
mockAuthenticationResult.SetupGet(result => result.ExpiresOn).Returns(DateTimeOffset.UtcNow);
var mockAuthenticationContextWrapper = new MockAuthenticationContextWrapper();
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenByRefreshTokenAsync(
It.Is<string>(token => token.Equals(refreshToken)),
It.Is<ClientCredential>(credential => credential.ClientId.Equals(this.adalServiceInfo.AppId)),
It.Is<string>(resource => resource.Equals(this.adalServiceInfo.ServiceResource)))).Returns(Task.FromResult(mockAuthenticationResult.Object));
await this.AuthenticateAsync_AuthenticateWithoutDiscoveryService(
mockAuthenticationContextWrapper.Object,
mockAuthenticationResult.Object);
}
public async Task <BusinessServiceInformation> AuthenticateWithDiscoveryServiceAsync(
DiscoveryServiceResponse discoveryServiceResponse = null,
string refreshToken = null)
{
bool refresh = refreshToken != null;
var mockAuthenticationResult = new MockAuthenticationResult();
mockAuthenticationResult.SetupGet(result => result.AccessToken).Returns("token");
mockAuthenticationResult.SetupGet(result => result.AccessTokenType).Returns((string)null);
mockAuthenticationResult.SetupGet(result => result.ExpiresOn).Returns(DateTimeOffset.UtcNow.AddHours(1));
var mockAuthenticationContextWrapper = new MockAuthenticationContextWrapper();
if (refresh)
{
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenByRefreshTokenAsync(
It.Is <string>(token => token.Equals(refreshToken)),
It.Is <string>(clientId => clientId.Equals(AuthenticationTestBase.ClientId)),
It.Is <string>(resource => resource.Equals(OAuthConstants.ActiveDirectoryDiscoveryResource))))
.Returns(Task.FromResult(mockAuthenticationResult.Object));
}
else
{
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenSilentAsync(
It.Is <string>(resource => resource.Equals(OAuthConstants.ActiveDirectoryDiscoveryResource)),
It.Is <string>(clientId => clientId.Equals(AuthenticationTestBase.ClientId)),
UserIdentifier.AnyUser))
.Returns(Task.FromResult(mockAuthenticationResult.Object));
}
var authenticationProvider = new AdalAuthenticationProvider(
AuthenticationTestBase.ClientId,
AuthenticationTestBase.ReturnUrl,
mockAuthenticationContextWrapper.Object);
var discoveryServiceHelper = new DiscoveryServiceHelper(authenticationProvider);
if (discoveryServiceResponse == null)
{
discoveryServiceResponse = new DiscoveryServiceResponse
{
Value = new List <DiscoveryService>
{
new DiscoveryService
{
Capability = "MyFiles",
ServiceApiVersion = "v2.0",
ServiceEndpointUri = AuthenticationTestBase.ServiceEndpointUrl,
ServiceResourceId = AuthenticationTestBase.ServiceResourceId,
}
}
};
}
var requestBodyString = this.serializer.SerializeObject(discoveryServiceResponse);
BusinessServiceInformation businessServiceInformation = null;
using (var stringContent = new StringContent(requestBodyString))
{
this.httpResponseMessage.Content = stringContent;
if (refresh)
{
businessServiceInformation = await discoveryServiceHelper.DiscoverFilesEndpointInformationForUserWithRefreshTokenAsync(
refreshToken,
httpProvider : this.httpProvider.Object);
}
else
{
businessServiceInformation = await discoveryServiceHelper.DiscoverFilesEndpointInformationForUserAsync(httpProvider : this.httpProvider.Object);
}
}
return(businessServiceInformation);
}
public async Task AuthenticateAsync_AuthenticateWithDiscoveryService(
IAuthenticationResult authenticationResult,
MockAuthenticationContextWrapper.AuthenticationResultCallback authenticationResultCallback,
MockAuthenticationContextWrapper.AuthenticationResultSilentCallback authenticationResultSilentCallback)
{
const string serviceEndpointUri = "https://localhost";
const string serviceResourceId = "https://localhost/resource/";
var discoveryServiceResponse = new DiscoveryServiceResponse
{
Value = new List<DiscoveryService>
{
new DiscoveryService
{
Capability = Constants.Authentication.MyFilesCapability,
ServiceApiVersion = this.serviceInfo.OneDriveServiceEndpointVersion,
ServiceEndpointUri = serviceEndpointUri,
ServiceResourceId = serviceResourceId,
}
}
};
var accountSession = await this.AuthenticateWithDiscoveryService(
authenticationResultCallback,
authenticationResultSilentCallback);
Assert.AreEqual(serviceEndpointUri, this.serviceInfo.BaseUrl, "Base URL not set.");
Assert.AreEqual(serviceResourceId, this.serviceInfo.ServiceResource, "Service resource not set.");
Assert.AreEqual(authenticationResult.AccessToken, accountSession.AccessToken, "Unexpected access token set.");
Assert.AreEqual(authenticationResult.AccessTokenType, accountSession.AccessTokenType, "Unexpected access token type set.");
Assert.AreEqual(AccountType.ActiveDirectory, accountSession.AccountType, "Unexpected account type set.");
Assert.IsTrue(accountSession.CanSignOut, "CanSignOut set to false.");
Assert.AreEqual(this.serviceInfo.AppId, accountSession.ClientId, "Unexpected client ID set.");
Assert.AreEqual(authenticationResult.ExpiresOn, accountSession.ExpiresOnUtc, "Unexpected expiration set.");
Assert.IsNull(accountSession.UserId, "Unexpected user ID set.");
}
public async Task AuthenticateAsync_AuthenticateWithoutDiscoveryService(
IAuthenticationResult authenticationResult,
MockAuthenticationContextWrapper.AuthenticationResultCallback authenticationResultCallback,
MockAuthenticationContextWrapper.AuthenticationResultSilentCallback authenticationResultSilentCallback,
MockAuthenticationContextWrapper.AuthenticationResultByRefreshTokenCallback authenticationResultByRefreshTokenCallback)
{
this.serviceInfo.BaseUrl = "https://localhost";
this.serviceInfo.ServiceResource = "https://resource/";
this.authenticationProvider.authenticationContextWrapper = new MockAuthenticationContextWrapper
{
AcquireTokenAsyncCallback = authenticationResultCallback,
AcquireTokenSilentAsyncCallback = authenticationResultSilentCallback,
AcquireTokenByRefreshTokenAsyncCallback = authenticationResultByRefreshTokenCallback,
};
var accountSession = await this.authenticationProvider.AuthenticateAsync();
Assert.AreEqual(authenticationResult.AccessToken, accountSession.AccessToken, "Unexpected access token set.");
Assert.AreEqual(authenticationResult.AccessTokenType, accountSession.AccessTokenType, "Unexpected access token type set.");
Assert.AreEqual(AccountType.ActiveDirectory, accountSession.AccountType, "Unexpected account type set.");
Assert.IsTrue(accountSession.CanSignOut, "CanSignOut set to false.");
Assert.AreEqual(this.serviceInfo.AppId, accountSession.ClientId, "Unexpected client ID set.");
Assert.AreEqual(authenticationResult.ExpiresOn, accountSession.ExpiresOnUtc, "Unexpected expiration set.");
Assert.IsNull(accountSession.UserId, "Unexpected user ID set.");
}
public async Task AuthenticateAsync_AuthenticateWithClientCredential()
{
this.adalServiceInfo.ServiceResource = serviceResourceId;
this.adalServiceInfo.BaseUrl = "https://localhost";
this.adalServiceInfo.ClientSecret = "clientSecret";
var mockAuthenticationResult = new MockAuthenticationResult();
mockAuthenticationResult.SetupGet(result => result.AccessToken).Returns("token");
mockAuthenticationResult.SetupGet(result => result.AccessTokenType).Returns("type");
mockAuthenticationResult.SetupGet(result => result.ExpiresOn).Returns(DateTimeOffset.UtcNow);
var mockAuthenticationContextWrapper = new MockAuthenticationContextWrapper();
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenSilentAsync(
It.Is<string>(resource => resource.Equals(serviceResourceId)),
It.Is<string>(clientId => clientId.Equals(this.adalServiceInfo.AppId)))).Throws(new Exception());
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenByAuthorizationCodeAsync(
It.Is<string>(code => code.Equals(Constants.Authentication.CodeKeyName)),
It.Is<Uri>(returnUri => returnUri.ToString().Equals(this.adalServiceInfo.ReturnUrl)),
It.Is<ClientCredential>(credential => credential.ClientId.Equals(this.adalServiceInfo.AppId)),
It.Is<string>(resource => resource.Equals(serviceResourceId))))
.Returns(Task.FromResult(mockAuthenticationResult.Object));
var webAuthenticationUi = new MockWebAuthenticationUi(
new Dictionary<string, string>
{
{ Constants.Authentication.CodeKeyName, Constants.Authentication.CodeKeyName }
});
this.adalServiceInfo.WebAuthenticationUi = webAuthenticationUi.Object;
await this.AuthenticateAsync_AuthenticateWithoutDiscoveryService(
mockAuthenticationContextWrapper.Object,
mockAuthenticationResult.Object);
}
public async Task AuthenticateAsync_AuthenticateSilentlyWithClientCertificate()
{
this.adalServiceInfo.ServiceResource = serviceResourceId;
this.adalServiceInfo.BaseUrl = "https://localhost";
this.adalServiceInfo.ClientCertificate = new X509Certificate2(@"Certs\testwebapplication.pfx", "password");
var mockAuthenticationResult = new MockAuthenticationResult();
mockAuthenticationResult.SetupGet(result => result.AccessToken).Returns("token");
mockAuthenticationResult.SetupGet(result => result.AccessTokenType).Returns("type");
mockAuthenticationResult.SetupGet(result => result.ExpiresOn).Returns(DateTimeOffset.UtcNow);
var mockAuthenticationContextWrapper = new MockAuthenticationContextWrapper();
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenSilentAsync(
It.Is<string>(resource => resource.Equals(serviceResourceId)),
It.Is<string>(clientId => clientId.Equals(this.adalServiceInfo.AppId)))).Throws(new Exception());
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenSilentAsync(
It.Is<string>(resource => resource.Equals(serviceResourceId)),
It.Is<ClientAssertionCertificate>(certificate =>
certificate.Certificate == this.adalServiceInfo.ClientCertificate &&
certificate.ClientId == this.adalServiceInfo.AppId),
UserIdentifier.AnyUser)).Returns(Task.FromResult(mockAuthenticationResult.Object));
await this.AuthenticateAsync_AuthenticateWithoutDiscoveryService(
mockAuthenticationContextWrapper.Object,
mockAuthenticationResult.Object);
}
public async Task AuthenticateResourceAsync_ClientSecret()
{
this.authenticationProvider.ServiceInfo = this.serviceInfo;
this.authenticationProvider.authenticationContextWrapper = this.authenticationContextWrapper.Object;
this.serviceInfo.ClientSecret = "clientSecret";
var resource = "https://resource.sharepoint.com/";
var expectedAuthenticationResult = new MockAuthenticationResult();
this.authenticationContextWrapper
.Setup(wrapper => wrapper.AcquireTokenByAuthorizationCodeAsync(
It.Is<string>(code => authenticationCode.Equals(code)),
It.Is<Uri>(returnUri => this.serviceInfo.ReturnUrl.Equals(returnUri.ToString())),
It.Is<ClientCredential>(credential => this.serviceInfo.AppId.Equals(credential.ClientId)),
It.Is<string>(resourceValue => resource.Equals(resourceValue))))
.Returns(Task.FromResult(expectedAuthenticationResult.Object));
var authenticationResult = await this.authenticationProvider.AuthenticateResourceAsyncWrapper(resource);
Assert.AreEqual(expectedAuthenticationResult.Object, authenticationResult, "Unexpected authentication result returned.");
}
public async Task AuthenticateAsync_CachedCurrentAccountSessionExpiring()
{
var cachedAccountSession = new AccountSession
{
AccessToken = "expiredToken",
ExpiresOnUtc = DateTimeOffset.UtcNow,
};
this.authenticationProvider.CurrentAccountSession = cachedAccountSession;
var mockAuthenticationResult = new MockAuthenticationResult();
mockAuthenticationResult.SetupGet(result => result.AccessToken).Returns("token");
mockAuthenticationResult.SetupGet(result => result.AccessTokenType).Returns("type");
mockAuthenticationResult.SetupGet(result => result.ExpiresOn).Returns(DateTimeOffset.UtcNow.AddHours(1));
var mockAuthenticationContextWrapper = new MockAuthenticationContextWrapper();
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenSilentAsync(
It.Is<string>(resource => resource.Equals(serviceResourceId)),
It.Is<string>(clientId => clientId.Equals(this.serviceInfo.AppId))))
.Returns(Task.FromResult(mockAuthenticationResult.Object));
await this.AuthenticateAsync_AuthenticateWithoutDiscoveryService(
mockAuthenticationContextWrapper.Object,
mockAuthenticationResult.Object);
}
public async Task AuthenticateAsync_DiscoveryServiceMyFilesVersionNotFound()
{
var mockAuthenticationContextWrapper = new MockAuthenticationContextWrapper();
try
{
await this.AuthenticateWithDiscoveryService(
mockAuthenticationContextWrapper,
new DiscoveryServiceResponse
{
Value = new List<DiscoveryService>
{
new DiscoveryService
{
Capability = Constants.Authentication.MyFilesCapability,
ServiceApiVersion = "v1.0"
}
}
});
}
catch (OneDriveException exception)
{
Assert.IsNotNull(exception.Error, "Error not set in exception.");
Assert.AreEqual(OneDriveErrorCode.MyFilesCapabilityNotFound.ToString(), exception.Error.Code, "Unexpected error code returned.");
Assert.AreEqual(
string.Format(
"{0} capability with version {1} not found for the current user.",
Constants.Authentication.MyFilesCapability,
this.serviceInfo.OneDriveServiceEndpointVersion),
exception.Error.Message,
"Unexpected error message returned.");
throw;
}
}
public async Task AuthenticateAsync_DiscoveryServiceResponseValueNull()
{
var mockAuthenticationContextWrapper = new MockAuthenticationContextWrapper();
try
{
await this.AuthenticateWithDiscoveryService(
mockAuthenticationContextWrapper,
new DiscoveryServiceResponse());
}
catch (OneDriveException exception)
{
Assert.IsNotNull(exception.Error, "Error not set in exception.");
Assert.AreEqual(OneDriveErrorCode.MyFilesCapabilityNotFound.ToString(), exception.Error.Code, "Unexpected error code returned.");
Assert.AreEqual(
"MyFiles capability not found for the current user.",
exception.Error.Message,
"Unexpected error message returned.");
throw;
}
}
public async Task AuthenticateAsync_AuthenticateSilentlyWithoutDiscoveryService()
{
var mockAuthenticationResult = new MockAuthenticationResult();
mockAuthenticationResult.SetupGet(result => result.AccessToken).Returns("token");
mockAuthenticationResult.SetupGet(result => result.AccessTokenType).Returns("type");
mockAuthenticationResult.SetupGet(result => result.ExpiresOn).Returns(DateTimeOffset.UtcNow);
var mockAuthenticationContextWrapper = new MockAuthenticationContextWrapper();
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenSilentAsync(
It.Is<string>(resource => resource.Equals(serviceResourceId)),
It.Is<string>(clientId => clientId.Equals(this.serviceInfo.AppId))))
.Returns(Task.FromResult(mockAuthenticationResult.Object));
await this.AuthenticateAsync_AuthenticateWithoutDiscoveryService(
mockAuthenticationContextWrapper.Object,
mockAuthenticationResult.Object);
}
public async Task AuthenticateAsync_AuthenticateWithRefreshToken_WithClientCertificate()
{
string refreshToken = "refresh";
this.authenticationProvider.CurrentAccountSession = new AccountSession { RefreshToken = refreshToken };
this.adalServiceInfo.ClientCertificate = new X509Certificate2(@"Certs\testwebapplication.pfx", "password");
var mockAuthenticationResult = new MockAuthenticationResult();
mockAuthenticationResult.SetupGet(result => result.AccessToken).Returns("token");
mockAuthenticationResult.SetupGet(result => result.AccessTokenType).Returns("type");
mockAuthenticationResult.SetupGet(result => result.ExpiresOn).Returns(DateTimeOffset.UtcNow);
var mockAuthenticationContextWrapper = new MockAuthenticationContextWrapper();
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenByRefreshTokenAsync(
It.Is<string>(token => token.Equals(refreshToken)),
It.Is<ClientAssertionCertificate>(certificate =>
certificate.ClientId.Equals(this.adalServiceInfo.AppId) &&
certificate.Certificate == this.adalServiceInfo.ClientCertificate),
It.Is<string>(resource => resource.Equals(serviceResourceId)))).Returns(Task.FromResult(mockAuthenticationResult.Object));
await this.AuthenticateAsync_AuthenticateWithoutDiscoveryService(
mockAuthenticationContextWrapper.Object,
mockAuthenticationResult.Object);
}
public async Task<AccountSession> AuthenticateWithDiscoveryService(
MockAuthenticationContextWrapper.AuthenticationResultCallback authenticationResultCallback,
MockAuthenticationContextWrapper.AuthenticationResultSilentCallback authenticationResultSilentCallback,
DiscoveryServiceResponse discoveryServiceResponse = null)
{
const string serviceEndpointUri = "https://localhost";
const string serviceResourceId = "https://localhost/resource/";
if (discoveryServiceResponse == null)
{
discoveryServiceResponse = new DiscoveryServiceResponse
{
Value = new List<DiscoveryService>
{
new DiscoveryService
{
Capability = Constants.Authentication.MyFilesCapability,
ServiceApiVersion = this.serviceInfo.OneDriveServiceEndpointVersion,
ServiceEndpointUri = serviceEndpointUri,
ServiceResourceId = serviceResourceId,
}
}
};
}
var requestBodyString = this.serializer.SerializeObject(discoveryServiceResponse);
AccountSession accountSession;
using (var stringContent = new StringContent(requestBodyString))
{
this.httpResponseMessage.Content = stringContent;
this.authenticationProvider.authenticationContextWrapper = new MockAuthenticationContextWrapper
{
AcquireTokenAsyncCallback = authenticationResultCallback,
AcquireTokenSilentAsyncCallback = authenticationResultSilentCallback,
};
accountSession = await this.authenticationProvider.AuthenticateAsync();
}
return accountSession;
}
public async Task AuthenticateAsync_AuthenticateWithoutDiscoveryService()
{
this.serviceInfo.ServiceResource = serviceResourceId;
this.serviceInfo.BaseUrl = "https://localhost";
var mockAuthenticationResult = new MockAuthenticationResult();
mockAuthenticationResult.SetupGet(result => result.AccessToken).Returns("token");
mockAuthenticationResult.SetupGet(result => result.AccessTokenType).Returns("type");
mockAuthenticationResult.SetupGet(result => result.ExpiresOn).Returns(DateTimeOffset.UtcNow);
var mockAuthenticationContextWrapper = new MockAuthenticationContextWrapper();
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireTokenSilentAsync(
It.Is<string>(resource => resource.Equals(serviceResourceId)),
It.Is<string>(clientId => clientId.Equals(this.serviceInfo.AppId)))).Throws(new Exception());
mockAuthenticationContextWrapper.Setup(wrapper => wrapper.AcquireToken(
It.Is<string>(resource => resource.Equals(serviceResourceId)),
It.Is<string>(clientId => clientId.Equals(this.serviceInfo.AppId)),
It.Is<Uri>(returnUri => returnUri.ToString().Equals(this.serviceInfo.ReturnUrl)),
PromptBehavior.Always)).Returns(mockAuthenticationResult.Object);
await this.AuthenticateAsync_AuthenticateWithoutDiscoveryService(
mockAuthenticationContextWrapper.Object,
mockAuthenticationResult.Object);
}
