//Verify https://github.com/Azure/azure-powershell/issues/13376
public async Task SystemAssignedMSI()
{
var accountId = Constants.DefaultMsiAccountIdPrefix + "12345";
//Setup
MockMsalAccessTokenAcquirer mockMsalAccessTokenAcquirer = SetupMockMsalAccessTokenAcquirer();
var mockAzureCredentialFactory = new Mock <AzureCredentialFactory>();
//id must be equal to null
mockAzureCredentialFactory.Setup(f => f.CreateManagedIdentityCredential(It.Is <string>(id => id == null)))
.Returns(new ManagedIdentityCredential(accountId));
AzureSession.Instance.RegisterComponent(nameof(AzureCredentialFactory), () => mockAzureCredentialFactory.Object, true);
var account = new AzureAccount
{
Id = accountId,
Type = AzureAccount.AccountType.ManagedService,
};
account.SetTenants(TestTenantId);
InMemoryTokenCacheProvider cacheProvider = new InMemoryTokenCacheProvider();
var parameter = new ManagedServiceIdentityParameters(
cacheProvider,
AzureEnvironment.PublicEnvironments["AzureCloud"],
null,
TestTenantId,
TestResourceId,
account);
//Run
ManagedServiceIdentityAuthenticator authenticator = new ManagedServiceIdentityAuthenticator();
var token = await authenticator.Authenticate(parameter);
//Verify
var scopes = mockMsalAccessTokenAcquirer.TokenRequestContext.Scopes;
Assert.True(scopes.Length == 1);
Assert.Equal("https://management.core.windows.net/", scopes[0]);
mockAzureCredentialFactory.Verify();
}
private void Init(string vaultName)
{
_vaultAuthenticator = new ManagedServiceIdentityAuthenticator();
_vaultConfiguration = new KeyVaultConfiguration($"https://{vaultName}.vault.azure.net/");
_keyVaultSecretProvider = new KeyVaultSecretProvider(_vaultAuthenticator, _vaultConfiguration);
}
