public void SaveToBadPath()
{
var cachePath = Path.Combine(_ssoTokenTestFixture.ScratchDirectory, "illegalchars:*?");
var tokenCache = new SsoTokenCache(cachePath, _ssoTokenTestFixture.SampleSsoToken.StartUrl);
Assert.IsFalse(tokenCache.TrySave(_ssoTokenTestFixture.SampleSsoToken));
}
/// <summary>
/// Performs the SSO flow to authenticate and get credentials
/// </summary>
/// <param name="oidc">SSO OIDC client</param>
/// <param name="sso">SSO client</param>
/// <returns>Resolved credentials</returns>
private async Task <ImmutableCredentials> GetSsoCredentialsAsync(ICoreAmazonSSOOIDC oidc, ICoreAmazonSSO sso)
{
var tokenCache = new SsoTokenCache(StartUrl);
var token = tokenCache.GetAccessToken();
// Get and cache a SSO token if necessary
if (string.IsNullOrWhiteSpace(token))
{
var response = await oidc.GetSsoTokenAsync(new GetSsoTokenRequest()
{
ClientName = GetSsoClientName(),
ClientType = SsoClientTypePublic,
StartUrl = StartUrl,
SsoVerificationCallback = Options.SsoVerificationCallback,
}).ConfigureAwait(false);
// If save fails, token will not be cached
tokenCache.TrySave(new SsoToken()
{
AccessToken = response.AccessToken,
Region = Region,
ExpiresAt = response.ExpiresAt,
StartUrl = StartUrl,
});
token = response.AccessToken;
}
// Use SSO token to get credentials
return(await GetSsoRoleCredentialsAsync(sso, token).ConfigureAwait(false));
}
public void DisabledWhenCacheFolderIsNull()
{
var tokenCache = new SsoTokenCache(null, _ssoTokenTestFixture.SampleSsoToken.StartUrl);
Assert.IsFalse(tokenCache.TrySave(_ssoTokenTestFixture.SampleSsoToken));
Assert.IsNull(tokenCache.GetAccessToken());
}
public void GetCacheFilename()
{
var startUrl = "https://some-example-start-url.awsapps.com/start";
string path = SsoTokenCache.GetCacheFilename(startUrl);
Assert.IsNotNull(path);
Assert.IsTrue(path.EndsWith("0feed1a26da2ea2a0ae8a631756414f4b5680d9b.json"));
}
public void Save()
{
var cachePath = Path.Combine(_ssoTokenTestFixture.ScratchDirectory,
SsoTokenCache.GetCacheFilename(_ssoTokenTestFixture.SampleSsoToken.StartUrl));
Assert.IsFalse(File.Exists(cachePath));
Assert.IsTrue(_tokenCache.TrySave(_ssoTokenTestFixture.SampleSsoToken));
Assert.IsTrue(File.Exists(cachePath));
}
public void SaveToNestedFolder()
{
var nestedFolder = Path.Combine(_ssoTokenTestFixture.ScratchDirectory, "foo", "bar");
var tokenCache = new SsoTokenCache(nestedFolder, _ssoTokenTestFixture.SampleSsoToken.StartUrl);
var cachePath = Path.Combine(nestedFolder,
SsoTokenCache.GetCacheFilename(_ssoTokenTestFixture.SampleSsoToken.StartUrl));
Assert.IsFalse(File.Exists(cachePath));
Assert.IsTrue(tokenCache.TrySave(_ssoTokenTestFixture.SampleSsoToken));
Assert.IsTrue(File.Exists(cachePath));
}
/// <summary>
/// Performs the SSO flow to authenticate and get credentials
/// </summary>
/// <param name="oidc">SSO OIDC client</param>
/// <param name="sso">SSO client</param>
/// <returns>Resolved credentials</returns>
private ImmutableCredentials GetSsoCredentials(ICoreAmazonSSOOIDC oidc, ICoreAmazonSSO sso)
{
var tokenCache = new SsoTokenCache(StartUrl);
var token = tokenCache.GetAccessToken();
// Get and cache a SSO token if necessary
if (string.IsNullOrWhiteSpace(token))
{
if (string.IsNullOrEmpty(Options.ClientName))
{
throw new ArgumentNullException($"Options property cannot be empty: {nameof(Options.ClientName)}");
}
if (Options.SsoVerificationCallback == null)
{
throw new ArgumentNullException($"Options property cannot be empty: {nameof(Options.SsoVerificationCallback)}");
}
var response = oidc.GetSsoToken(new GetSsoTokenRequest()
{
ClientName = GetSsoClientName(),
ClientType = SsoClientTypePublic,
StartUrl = StartUrl,
SsoVerificationCallback = Options.SsoVerificationCallback,
});
// If save fails, token will not be cached
tokenCache.TrySave(new SsoToken()
{
AccessToken = response.AccessToken,
Region = Region,
ExpiresAt = response.ExpiresAt,
StartUrl = StartUrl,
});
token = response.AccessToken;
}
// Use SSO token to get credentials
return(GetSsoRoleCredentials(sso, token));
}
/// <summary>
/// Returns true if there is already a non-expired cached login access token in the token cache.
/// </summary>
/// <param name="startUrl"></param>
/// <returns></returns>
public static bool HasCachedAccessTokenAvailable(string startUrl)
{
var tokenCache = new SsoTokenCache(startUrl);
return(!string.IsNullOrEmpty(tokenCache.GetAccessToken()));
}
public void TestSetup()
{
_ssoTokenTestFixture = new SsoTokenTestFixture();
_tokenCache = _ssoTokenTestFixture.GetTokenCache(_ssoTokenTestFixture.SampleSsoToken.StartUrl);
}