public async Task TestCreateFirewallRuleHandlesTokenExpiration()
{
// Given the token has expired
string serverName = "myserver.database.windows.net";
var sub1Mock = new Mock <IAzureUserAccountSubscriptionContext>();
SetupCreateSession();
string expectedErrorMsg = "Token is expired";
AuthenticationManagerMock.Setup(a => a.GetSubscriptionsAsync()).ThrowsAsync(new ExpiredTokenException(expectedErrorMsg));
// When I request the firewall be created
var createFirewallParams = new CreateFirewallRuleParams()
{
ServerName = serverName,
StartIpAddress = "1.1.1.1",
EndIpAddress = "1.1.1.255",
Account = CreateAccount(),
SecurityTokenMappings = new Dictionary <string, AccountSecurityToken>()
};
await TestUtils.RunAndVerify <CreateFirewallRuleResponse>(
(context) => ResourceProviderService.HandleCreateFirewallRuleRequest(createFirewallParams, context),
(response) =>
{
// Then I expect the response to indicate that we failed due to token expiration
Assert.NotNull(response);
Assert.Equal(expectedErrorMsg, response.ErrorMessage);
Assert.True(response.IsTokenExpiredFailure);
Assert.False(response.Result);
});
}
/// <summary>
/// Handles a firewall rule creation request. It does this by matching the server name to an Azure Server resource,
/// then issuing the command to create a new firewall rule for the specified IP address against that instance
/// </summary>
/// <param name="firewallRule"></param>
/// <param name="requestContext"></param>
/// <returns></returns>
public async Task HandleCreateFirewallRuleRequest(CreateFirewallRuleParams firewallRule, RequestContext <CreateFirewallRuleResponse> requestContext)
{
Func <Task <CreateFirewallRuleResponse> > requestHandler = () =>
{
return(DoHandleCreateFirewallRuleRequest(firewallRule));
};
Func <ExpiredTokenException, CreateFirewallRuleResponse> tokenExpiredHandler = (ExpiredTokenException ex) =>
{
return(new CreateFirewallRuleResponse()
{
Result = false,
IsTokenExpiredFailure = true,
ErrorMessage = ex.Message
});
};
await HandleRequest(requestHandler, tokenExpiredHandler, requestContext, "HandleCreateFirewallRuleRequest");
}
public async Task TestCreateFirewallRuleBasicRequest()
{
// Given a firewall request for a valid subscription
string serverName = "myserver.database.windows.net";
var sub1Mock = new Mock <IAzureUserAccountSubscriptionContext>();
var sub2Mock = new Mock <IAzureUserAccountSubscriptionContext>();
var server = new SqlAzureResource(new Azure.Management.Sql.Models.Server("Somewhere",
"1234", "myserver", "SQLServer",
null, null, null, null, null, null, null,
fullyQualifiedDomainName: serverName));
var subsToServers = new List <Tuple <IAzureUserAccountSubscriptionContext, IEnumerable <IAzureSqlServerResource> > >()
{
Tuple.Create(sub1Mock.Object, Enumerable.Empty <IAzureSqlServerResource>()),
Tuple.Create(sub2Mock.Object, new IAzureSqlServerResource[] { server }.AsEnumerable())
};
var azureRmResponse = new FirewallRuleResponse()
{
Created = true,
StartIpAddress = null,
EndIpAddress = null
};
SetupDependencies(subsToServers, azureRmResponse);
// When I request the firewall be created
var createFirewallParams = new CreateFirewallRuleParams()
{
ServerName = serverName,
StartIpAddress = "1.1.1.1",
EndIpAddress = "1.1.1.255",
Account = CreateAccount(),
SecurityTokenMappings = new Dictionary <string, AccountSecurityToken>()
};
await TestUtils.RunAndVerify <CreateFirewallRuleResponse>(
(context) => ResourceProviderService.HandleCreateFirewallRuleRequest(createFirewallParams, context),
(response) =>
{
// Then I expect the response to be OK as we require the known IP address to function
Assert.NotNull(response);
Assert.Null(response.ErrorMessage);
Assert.True(response.Result);
Assert.False(response.IsTokenExpiredFailure);
});
}
private async Task <CreateFirewallRuleResponse> DoHandleCreateFirewallRuleRequest(CreateFirewallRuleParams firewallRule)
{
var result = new CreateFirewallRuleResponse();
// Note: currently not catching the exception. Expect the caller to this message to handle error cases by
// showing the error string and responding with a clean failure message to the user
try
{
AuthenticationService authService = ServiceProvider.GetService <AuthenticationService>();
IUserAccount account = await authService.SetCurrentAccountAsync(firewallRule.Account, firewallRule.SecurityTokenMappings);
FirewallRuleResponse response = await firewallRuleService.CreateFirewallRuleAsync(firewallRule.ServerName, firewallRule.StartIpAddress, firewallRule.EndIpAddress);
result.Result = true;
}
catch (FirewallRuleException ex)
{
result.Result = false;
result.ErrorMessage = ex.Message;
}
return(result);
}
