Exemplo n.º 1
0
        public async Task ProbeBeAvailableWhenInitial429ReturnedFromManagedIdentityServiceAsync()
        {
            var handler = new MockManagedIdentityHttpMessageHandler();

            handler.Responders.Add(new Responder
            {
                Matcher = (req, state) =>
                {
                    var tokenEndpoint = Constants.ManagedIdentityTokenEndpoint;
                    var apiVersion    = Constants.ManagedIdentityVMApiVersion;
                    return(req.RequestUri.ToString() == tokenEndpoint + "?resource=https://management.azure.com/&api-version=" + apiVersion);
                },
                MockResponse = (req, state) =>
                {
                    if (state.Keys.Contains("error"))
                    {
                        var resp = new HttpResponseMessage(HttpStatusCode.OK)
                        {
                            Content = new MockJsonContent(AzureManagementVMManagedIdentityJson)
                        };
                        return(resp);
                    }
                    else
                    {
                        state["error"] = true;
                        return(new HttpResponseMessage((HttpStatusCode)429));
                    }
                }
            });
            var client   = new HttpClient(handler);
            var provider = new ManagedIdentityTokenProvider(httpClient: client, config: FakeConfiguration());

            Assert.IsTrue(await provider.IsAvailableAsync().ConfigureAwait(false));
        }
Exemplo n.º 2
0
        public async Task ProbeShouldFetchTokenFromAppServiceManagedIdentityWithResourceUriAsync()
        {
            var handler = new MockManagedIdentityHttpMessageHandler();

            handler.Responders.Add(new Responder
            {
                Matcher = (req, state) =>
                {
                    var apiVersion = Constants.ManagedIdentityAppServiceApiVersion;
                    return(req.RequestUri.ToString() == "http://127.0.0.1/foo?resource=https://management.azure.com/&api-version=" + apiVersion &&
                           req.Headers.GetValues("Secret").FirstOrDefault() == "secret");
                },
                MockResponse = (req, state) =>
                {
                    var resp = new HttpResponseMessage(HttpStatusCode.OK)
                    {
                        Content = new MockJsonContent(AzureAppServiceManagedIdentityJson)
                    };
                    return(resp);
                }
            });
            var client = new HttpClient(handler);
            var config = FakeConfiguration(new List <KeyValuePair <string, string> >
            {
                new KeyValuePair <string, string>(Constants.ManagedIdentityEndpointEnvName, "http://127.0.0.1/foo"),
                new KeyValuePair <string, string>(Constants.ManagedIdentitySecretEnvName, "secret")
            });
            var provider = new ManagedIdentityTokenProvider(httpClient: client, config: config);
            var token    = await provider.GetTokenWithResourceUriAsync("https://management.azure.com/").ConfigureAwait(false);

            Assert.IsNotNull(token);
            Assert.AreEqual(DateTimeOffset.Parse("4/10/19 6:27:14 AM +00:00", CultureInfo.InvariantCulture), token.ExpiresOn);
            Assert.AreEqual(AccessToken, token.AccessToken);
        }
Exemplo n.º 3
0
        public async Task ProviderShouldFetchTokenWithServicePrincipalAndSecretAsync()
        {
            const string authority = "https://login.microsoftonline.com/tenantid/";
            var          handler   = new MockManagedIdentityHttpMessageHandler();

            handler.Responders.Add(DiscoveryResponder);
            handler.Responders.Add(TenantDiscoveryResponder(authority));
            handler.Responders.Add(ClientCredentialTokenResponder);
            var clientFactory = new ClientFactory(new HttpClient(handler));
            var clientId      = Guid.NewGuid();
            var provider      = new InternalServicePrincipalTokenProvider(authority, "tenantid", clientId.ToString(), "someSecret", clientFactory);
            var scopes        = new List <string> {
                @"https://management.azure.com//.default"
            };
            var token = await provider.GetTokenAsync(scopes, CancellationToken.None)
                        .ConfigureAwait(false);

            Assert.IsNotNull(token);
        }
Exemplo n.º 4
0
        public async Task ProbeNotBeAvailableWhen400ReturnedFromManagedIdentityServiceAsync()
        {
            var handler = new MockManagedIdentityHttpMessageHandler();

            handler.Responders.Add(new Responder
            {
                Matcher = (req, state) =>
                {
                    var tokenEndpoint = Constants.ManagedIdentityTokenEndpoint;
                    var apiVersion    = Constants.ManagedIdentityVMApiVersion;
                    return(req.RequestUri.ToString() == tokenEndpoint + "?resource=https://management.azure.com/&api-version=" + apiVersion);
                },
                MockResponse = (req, state) => new HttpResponseMessage(HttpStatusCode.BadRequest)
            });
            var client   = new HttpClient(handler);
            var provider = new ManagedIdentityTokenProvider(httpClient: client, config: FakeConfiguration());

            Assert.IsFalse(await provider.IsAvailableAsync().ConfigureAwait(false));
        }
Exemplo n.º 5
0
        public async Task ProbeShouldFetchTokenWithClientIdFromManagedIdentityServiceAsync()
        {
            var handler = new MockManagedIdentityHttpMessageHandler();

            handler.Responders.Add(new Responder
            {
                Matcher = (req, state) =>
                {
                    var tokenEndpoint = Constants.ManagedIdentityTokenEndpoint;
                    var apiVersion    = Constants.ManagedIdentityVMApiVersion;
                    return(req.RequestUri.ToString() == tokenEndpoint + "?resource=https://management.azure.com/&client_id=foo&api-version=" + apiVersion);
                },
                MockResponse = (req, state) =>
                {
                    var resp = new HttpResponseMessage(HttpStatusCode.OK)
                    {
                        Content = new MockJsonContent(AzureManagementVMManagedIdentityJson)
                    };
                    return(resp);
                }
            });
            var client = new HttpClient(handler);
            var config = FakeConfiguration(new List <KeyValuePair <string, string> >
            {
                new KeyValuePair <string, string>(Constants.AzureClientIdEnvName, "foo"),
            });
            var provider = new ManagedIdentityTokenProvider(httpClient: client, config: config);
            var token    = await provider.GetTokenAsync(new List <string> {
                "https://management.azure.com/.default"
            }).ConfigureAwait(false);

            Assert.IsNotNull(token);
            var seconds         = double.Parse(ExpiresOn, CultureInfo.InvariantCulture);
            var startOfUnixTime = new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc);

            Assert.AreEqual(token.ExpiresOn, startOfUnixTime.AddSeconds(seconds));
            Assert.AreEqual(AccessToken, token.AccessToken);
        }