[Ignore] // https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/1038 public void B2CMicrosoftOnlineCreateAuthority() { using (var harness = CreateTestHarness()) { // add mock response for tenant endpoint discovery harness.HttpManager.AddMockHandler( new MockHttpMessageHandler { ExpectedMethod = HttpMethod.Get, ExpectedUrl = "https://login.microsoftonline.com/tfp/mytenant.com/my-policy/v2.0/.well-known/openid-configuration", ResponseMessage = MockHelpers.CreateSuccessResponseMessage( File.ReadAllText(ResourceHelper.GetTestResourceRelativePath("OpenidConfiguration-B2C.json"))) }); Authority instance = Authority.CreateAuthority( "https://login.microsoftonline.com/tfp/mytenant.com/my-policy/"); Assert.IsNotNull(instance); Assert.AreEqual(instance.AuthorityInfo.AuthorityType, AuthorityType.B2C); var resolver = new AuthorityResolutionManager(); var endpoints = resolver.ResolveEndpoints( instance, null, new RequestContext(harness.ServiceBundle, Guid.NewGuid())); Assert.AreEqual( "https://login.microsoftonline.com/6babcaad-604b-40ac-a9d7-9fd97c0b779f/my-policy/oauth2/v2.0/authorize", endpoints.AuthorizationEndpoint); Assert.AreEqual( "https://login.microsoftonline.com/6babcaad-604b-40ac-a9d7-9fd97c0b779f/my-policy/oauth2/v2.0/token", endpoints.TokenEndpoint); Assert.AreEqual("https://sts.windows.net/6babcaad-604b-40ac-a9d7-9fd97c0b779f/", endpoints.SelfSignedJwtAudience); } }
public void B2CLoginAuthorityEndpoints() { using (var httpManager = new MockHttpManager()) { var appConfig = new ApplicationConfiguration() { HttpManager = httpManager, AuthorityInfo = AuthorityInfo.FromAuthorityUri( "https://sometenantid.b2clogin.com/tfp/6babcaad-604b-40ac-a9d7-9fd97c0b779f/b2c_1_susi/", true) }; var serviceBundle = ServiceBundle.Create(appConfig); Authority instance = Authority.CreateAuthority( "https://sometenantid.b2clogin.com/tfp/6babcaad-604b-40ac-a9d7-9fd97c0b779f/b2c_1_susi/"); Assert.IsNotNull(instance); Assert.AreEqual(instance.AuthorityInfo.AuthorityType, AuthorityType.B2C); var resolver = new AuthorityResolutionManager(); var endpoints = resolver.ResolveEndpoints( instance, null, new RequestContext(serviceBundle, Guid.NewGuid())); Assert.AreEqual( "https://sometenantid.b2clogin.com/tfp/6babcaad-604b-40ac-a9d7-9fd97c0b779f/b2c_1_susi/oauth2/v2.0/authorize", endpoints.AuthorizationEndpoint); Assert.AreEqual( "https://sometenantid.b2clogin.com/tfp/6babcaad-604b-40ac-a9d7-9fd97c0b779f/b2c_1_susi/oauth2/v2.0/token", endpoints.TokenEndpoint); Assert.AreEqual("https://sometenantid.b2clogin.com/tfp/6babcaad-604b-40ac-a9d7-9fd97c0b779f/b2c_1_susi/oauth2/v2.0/token", endpoints.SelfSignedJwtAudience); } }
public async Task FailedValidationTestAsync() { using (var harness = CreateTestHarness()) { // add mock response for instance validation harness.HttpManager.AddMockHandler( new MockHttpMessageHandler { ExpectedMethod = HttpMethod.Get, ExpectedUrl = "https://login.microsoftonline.com/common/discovery/instance", ExpectedQueryParams = new Dictionary <string, string> { { "api-version", "1.1" }, { "authorization_endpoint", "https%3A%2F%2Flogin.microsoft0nline.com%2Fmytenant.com%2Foauth2%2Fv2.0%2Fauthorize" }, }, ResponseMessage = MockHelpers.CreateFailureMessage( HttpStatusCode.BadRequest, "{\"error\":\"invalid_instance\"," + "\"error_description\":\"AADSTS50049: " + "Unknown or invalid instance. Trace " + "ID: b9d0894d-a9a4-4dba-b38e-8fb6a009bc00 " + "Correlation ID: 34f7b4cf-4fa2-4f35-a59b" + "-54b6f91a9c94 Timestamp: 2016-08-23 " + "20:45:49Z\",\"error_codes\":[50049]," + "\"timestamp\":\"2016-08-23 20:45:49Z\"," + "\"trace_id\":\"b9d0894d-a9a4-4dba-b38e-8f" + "b6a009bc00\",\"correlation_id\":\"34f7b4cf-" + "4fa2-4f35-a59b-54b6f91a9c94\"}") }); Authority instance = Authority.CreateAuthority("https://login.microsoft0nline.com/mytenant.com", true); Assert.IsNotNull(instance); Assert.AreEqual(instance.AuthorityInfo.AuthorityType, AuthorityType.Aad); TestCommon.CreateServiceBundleWithCustomHttpManager(harness.HttpManager, authority: instance.AuthorityInfo.CanonicalAuthority, validateAuthority: true); try { var resolver = new AuthorityResolutionManager(); await resolver.ValidateAuthorityAsync( instance, new RequestContext(harness.ServiceBundle, Guid.NewGuid())).ConfigureAwait(false); Assert.Fail("validation should have failed here"); } catch (Exception exc) { Assert.IsTrue(exc is MsalServiceException); Assert.AreEqual(((MsalServiceException)exc).ErrorCode, "invalid_instance"); } } }
internal ServiceBundle( ApplicationConfiguration config, bool shouldClearCaches = false) { Config = config; DefaultLogger = new MsalLogger( Guid.Empty, config.ClientName, config.ClientVersion, config.LogLevel, config.EnablePiiLogging, config.IsDefaultPlatformLoggingEnabled, config.LoggingCallback); PlatformProxy = config.PlatformProxy ?? PlatformProxyFactory.CreatePlatformProxy(DefaultLogger); HttpManager = config.HttpManager ?? new HttpManager( config.HttpClientFactory ?? PlatformProxy.CreateDefaultHttpClientFactory()); HttpTelemetryManager = new HttpTelemetryManager(); if (config.TelemetryConfig != null) { // This can return null if the device isn't sampled in. There's no need for processing MATS events if we're not going to send them. Mats = TelemetryClient.CreateMats(config, PlatformProxy, config.TelemetryConfig); MatsTelemetryManager = Mats?.TelemetryManager ?? new TelemetryManager(config, PlatformProxy, config.TelemetryCallback); } else { MatsTelemetryManager = new TelemetryManager(config, PlatformProxy, config.TelemetryCallback); } InstanceDiscoveryManager = new InstanceDiscoveryManager( HttpManager, shouldClearCaches, config.CustomInstanceDiscoveryMetadata, config.CustomInstanceDiscoveryMetadataUri); WsTrustWebRequestManager = new WsTrustWebRequestManager(HttpManager); ThrottlingManager = SingletonThrottlingManager.GetInstance(); AuthorityEndpointResolutionManager = new AuthorityResolutionManager(shouldClearCaches); DeviceAuthManager = config.DeviceAuthManagerForTest ?? PlatformProxy.CreateDeviceAuthManager(); }
public void CreateEndpointsWithCommonTenantTest() { using (var harness = CreateTestHarness()) { Authority instance = Authority.CreateAuthority("https://login.microsoftonline.com/common"); Assert.IsNotNull(instance); Assert.AreEqual(instance.AuthorityInfo.AuthorityType, AuthorityType.Aad); var resolver = new AuthorityResolutionManager(); var endpoints = resolver.ResolveEndpoints( instance, null, new RequestContext(harness.ServiceBundle, Guid.NewGuid())); Assert.AreEqual("https://login.microsoftonline.com/common/oauth2/v2.0/authorize", endpoints.AuthorizationEndpoint); Assert.AreEqual("https://login.microsoftonline.com/common/oauth2/v2.0/token", endpoints.TokenEndpoint); Assert.AreEqual("https://login.microsoftonline.com/common/oauth2/v2.0/token", endpoints.SelfSignedJwtAudience); } }
public void NotEnoughPathSegmentsTest() { try { var serviceBundle = TestCommon.CreateDefaultServiceBundle(); var instance = Authority.CreateAuthority("https://login.microsoftonline.in/tfp/"); Assert.IsNotNull(instance); Assert.AreEqual(instance.AuthorityInfo.AuthorityType, AuthorityType.B2C); var resolver = new AuthorityResolutionManager(); var endpoints = resolver.ResolveEndpoints( instance, null, new RequestContext(serviceBundle, Guid.NewGuid())); Assert.Fail("test should have failed"); } catch (Exception exc) { Assert.IsInstanceOfType(exc, typeof(ArgumentException)); Assert.AreEqual(MsalErrorMessage.B2cAuthorityUriInvalidPath, exc.Message); } }