public async Task ProbeBeAvailableWhenInitial429ReturnedFromManagedIdentityServiceAsync()
{
var handler = new MockManagedIdentityHttpMessageHandler();
handler.Responders.Add(new Responder
{
Matcher = (req, state) =>
{
var tokenEndpoint = Constants.ManagedIdentityTokenEndpoint;
var apiVersion = Constants.ManagedIdentityVMApiVersion;
return(req.RequestUri.ToString() == tokenEndpoint + "?resource=https://management.azure.com/&api-version=" + apiVersion);
},
MockResponse = (req, state) =>
{
if (state.Keys.Contains("error"))
{
var resp = new HttpResponseMessage(HttpStatusCode.OK)
{
Content = new MockJsonContent(AzureManagementVMManagedIdentityJson)
};
return(resp);
}
else
{
state["error"] = true;
return(new HttpResponseMessage((HttpStatusCode)429));
}
}
});
var client = new HttpClient(handler);
var provider = new ManagedIdentityTokenProvider(httpClient: client, config: FakeConfiguration());
Assert.IsTrue(await provider.IsAvailableAsync().ConfigureAwait(false));
}
public async Task ProbeShouldFetchTokenFromAppServiceManagedIdentityWithResourceUriAsync()
{
var handler = new MockManagedIdentityHttpMessageHandler();
handler.Responders.Add(new Responder
{
Matcher = (req, state) =>
{
var apiVersion = Constants.ManagedIdentityAppServiceApiVersion;
return(req.RequestUri.ToString() == "http://127.0.0.1/foo?resource=https://management.azure.com/&api-version=" + apiVersion &&
req.Headers.GetValues("Secret").FirstOrDefault() == "secret");
},
MockResponse = (req, state) =>
{
var resp = new HttpResponseMessage(HttpStatusCode.OK)
{
Content = new MockJsonContent(AzureAppServiceManagedIdentityJson)
};
return(resp);
}
});
var client = new HttpClient(handler);
var config = FakeConfiguration(new List <KeyValuePair <string, string> >
{
new KeyValuePair <string, string>(Constants.ManagedIdentityEndpointEnvName, "http://127.0.0.1/foo"),
new KeyValuePair <string, string>(Constants.ManagedIdentitySecretEnvName, "secret")
});
var provider = new ManagedIdentityTokenProvider(httpClient: client, config: config);
var token = await provider.GetTokenWithResourceUriAsync("https://management.azure.com/").ConfigureAwait(false);
Assert.IsNotNull(token);
Assert.AreEqual(DateTimeOffset.Parse("4/10/19 6:27:14 AM +00:00", CultureInfo.InvariantCulture), token.ExpiresOn);
Assert.AreEqual(AccessToken, token.AccessToken);
}
public async Task ProbeShouldNotBeAvailableWithoutManagedIdentityServiceAsync()
{
var probe = new ManagedIdentityTokenProvider(config: FakeConfiguration());
var st = DateTime.Now;
Assert.IsFalse(await probe.IsAvailableAsync().ConfigureAwait(false));
Assert.IsTrue(DateTime.Now - st < TimeSpan.FromMilliseconds(800), "should take less than 800 milliseconds");
}
public async Task ProbeShouldNotBeAvailableWithoutManagedIdentityServiceAsync()
{
var probe = new ManagedIdentityTokenProvider(config: FakeConfiguration());
var st = DateTime.Now;
Assert.IsFalse(await probe.IsAvailableAsync().ConfigureAwait(false));
Assert.IsTrue(DateTime.Now - st < TimeSpan.FromMilliseconds(800), "should take less than 800 milliseconds");
VisualStudio.TestTools.UnitTesting.Logging.Logger.LogMessage((DateTime.Now - st).ToString());
}
public async Task ProbeShouldBeAvailableWithAppServiceConfigManagedIdentityServiceAsync()
{
var config = FakeConfiguration(new List <KeyValuePair <string, string> >
{
new KeyValuePair <string, string>(Constants.ManagedIdentityEndpointEnvName,
"http://127.0.0.1/foo"),
new KeyValuePair <string, string>(Constants.ManagedIdentitySecretEnvName, "secret")
});
var probe = new ManagedIdentityTokenProvider(config: config);
Assert.IsTrue(await probe.IsAvailableAsync().ConfigureAwait(false));
}
public async Task ProbeNotBeAvailableWhen400ReturnedFromManagedIdentityServiceAsync()
{
var handler = new MockManagedIdentityHttpMessageHandler();
handler.Responders.Add(new Responder
{
Matcher = (req, state) =>
{
var tokenEndpoint = Constants.ManagedIdentityTokenEndpoint;
var apiVersion = Constants.ManagedIdentityVMApiVersion;
return(req.RequestUri.ToString() == tokenEndpoint + "?resource=https://management.azure.com/&api-version=" + apiVersion);
},
MockResponse = (req, state) => new HttpResponseMessage(HttpStatusCode.BadRequest)
});
var client = new HttpClient(handler);
var provider = new ManagedIdentityTokenProvider(httpClient: client, config: FakeConfiguration());
Assert.IsFalse(await provider.IsAvailableAsync().ConfigureAwait(false));
}
public async Task ProbeShouldFetchTokenWithClientIdFromManagedIdentityServiceAsync()
{
var handler = new MockManagedIdentityHttpMessageHandler();
handler.Responders.Add(new Responder
{
Matcher = (req, state) =>
{
var tokenEndpoint = Constants.ManagedIdentityTokenEndpoint;
var apiVersion = Constants.ManagedIdentityVMApiVersion;
return(req.RequestUri.ToString() == tokenEndpoint + "?resource=https://management.azure.com/&client_id=foo&api-version=" + apiVersion);
},
MockResponse = (req, state) =>
{
var resp = new HttpResponseMessage(HttpStatusCode.OK)
{
Content = new MockJsonContent(AzureManagementVMManagedIdentityJson)
};
return(resp);
}
});
var client = new HttpClient(handler);
var config = FakeConfiguration(new List <KeyValuePair <string, string> >
{
new KeyValuePair <string, string>(Constants.AzureClientIdEnvName, "foo"),
});
var provider = new ManagedIdentityTokenProvider(httpClient: client, config: config);
var token = await provider.GetTokenAsync(new List <string> {
"https://management.azure.com/.default"
}).ConfigureAwait(false);
Assert.IsNotNull(token);
var seconds = double.Parse(ExpiresOn, CultureInfo.InvariantCulture);
var startOfUnixTime = new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc);
Assert.AreEqual(token.ExpiresOn, startOfUnixTime.AddSeconds(seconds));
Assert.AreEqual(AccessToken, token.AccessToken);
}
