public async Task GitHubHostProvider_GenerateCredentialAsync_Basic_2FARequired_ReturnsCredential()
{
var input = new InputArguments(new Dictionary <string, string>
{
["protocol"] = "https",
["host"] = "github.com",
});
var expectedTargetUri = new Uri("https://github.com/");
var expectedUserName = "******";
var expectedPassword = "******"; // [SuppressMessage("Microsoft.Security", "CS001:SecretInline", Justification="Fake credential")]
var expectedAuthCode = "123456";
IEnumerable <string> expectedPatScopes = new[]
{
GitHubConstants.TokenScopes.Gist,
GitHubConstants.TokenScopes.Repo,
};
var patValue = "PERSONAL-ACCESS-TOKEN";
var response1 = new AuthenticationResult(GitHubAuthenticationResultType.TwoFactorApp);
var response2 = new AuthenticationResult(GitHubAuthenticationResultType.Success, patValue);
var context = new TestCommandContext();
var ghAuthMock = new Mock <IGitHubAuthentication>(MockBehavior.Strict);
ghAuthMock.Setup(x => x.GetAuthenticationAsync(expectedTargetUri, null, It.IsAny <AuthenticationModes>()))
.ReturnsAsync(new AuthenticationPromptResult(
AuthenticationModes.Basic, new GitCredential(expectedUserName, expectedPassword)));
ghAuthMock.Setup(x => x.GetTwoFactorCodeAsync(expectedTargetUri, false))
.ReturnsAsync(expectedAuthCode);
var ghApiMock = new Mock <IGitHubRestApi>(MockBehavior.Strict);
ghApiMock.Setup(x => x.CreatePersonalAccessTokenAsync(expectedTargetUri, expectedUserName, expectedPassword, null, It.IsAny <IEnumerable <string> >()))
.ReturnsAsync(response1);
ghApiMock.Setup(x => x.CreatePersonalAccessTokenAsync(expectedTargetUri, expectedUserName, expectedPassword, expectedAuthCode, It.IsAny <IEnumerable <string> >()))
.ReturnsAsync(response2);
ghApiMock.Setup(x => x.GetUserInfoAsync(expectedTargetUri, patValue))
.ReturnsAsync(new GitHubUserInfo {
Login = expectedUserName
});
var provider = new GitHubHostProvider(context, ghApiMock.Object, ghAuthMock.Object);
ICredential credential = await provider.GenerateCredentialAsync(input);
Assert.NotNull(credential);
Assert.Equal(expectedUserName, credential.Account);
Assert.Equal(patValue, credential.Password);
ghApiMock.Verify(
x => x.CreatePersonalAccessTokenAsync(
expectedTargetUri, expectedUserName, expectedPassword, null, expectedPatScopes),
Times.Once);
ghApiMock.Verify(
x => x.CreatePersonalAccessTokenAsync(
expectedTargetUri, expectedUserName, expectedPassword, expectedAuthCode, expectedPatScopes),
Times.Once);
}
public async Task GitHubHostProvider_GenerateCredentialAsync_OAuth_ReturnsCredential()
{
var input = new InputArguments(new Dictionary <string, string>
{
["protocol"] = "https",
["host"] = "github.com",
});
var expectedTargetUri = new Uri("https://github.com/");
IEnumerable <string> expectedOAuthScopes = new[]
{
GitHubConstants.OAuthScopes.Repo,
GitHubConstants.OAuthScopes.Gist,
GitHubConstants.OAuthScopes.Workflow,
};
var expectedUserName = "******";
var tokenValue = "OAUTH-TOKEN";
var response = new OAuth2TokenResult(tokenValue, "bearer");
var context = new TestCommandContext();
var ghAuthMock = new Mock <IGitHubAuthentication>(MockBehavior.Strict);
ghAuthMock.Setup(x => x.GetAuthenticationAsync(expectedTargetUri, null, It.IsAny <AuthenticationModes>()))
.ReturnsAsync(new AuthenticationPromptResult(AuthenticationModes.OAuth));
ghAuthMock.Setup(x => x.GetOAuthTokenAsync(expectedTargetUri, It.IsAny <IEnumerable <string> >()))
.ReturnsAsync(response);
var ghApiMock = new Mock <IGitHubRestApi>(MockBehavior.Strict);
ghApiMock.Setup(x => x.GetUserInfoAsync(expectedTargetUri, tokenValue))
.ReturnsAsync(new GitHubUserInfo {
Login = expectedUserName
});
var provider = new GitHubHostProvider(context, ghApiMock.Object, ghAuthMock.Object);
ICredential credential = await provider.GenerateCredentialAsync(input);
Assert.NotNull(credential);
Assert.Equal(expectedUserName, credential.Account);
Assert.Equal(tokenValue, credential.Password);
ghAuthMock.Verify(
x => x.GetOAuthTokenAsync(
expectedTargetUri, expectedOAuthScopes),
Times.Once);
}
public async Task GitHubHostProvider_GenerateCredentialAsync_UnencryptedHttp_ThrowsException()
{
var input = new InputArguments(new Dictionary <string, string>
{
["protocol"] = "http",
["host"] = "github.com",
});
var context = new TestCommandContext();
var ghApi = Mock.Of <IGitHubRestApi>();
var ghAuth = Mock.Of <IGitHubAuthentication>();
var provider = new GitHubHostProvider(context, ghApi, ghAuth);
await Assert.ThrowsAsync <Exception>(() => provider.GenerateCredentialAsync(input));
}
public async Task GitHubHostProvider_GenerateCredentialAsync_2FARequired_ReturnsCredential()
{
var input = new InputArguments(new Dictionary <string, string>
{
["protocol"] = "https",
["host"] = "github.com",
});
var expectedTargetUri = new Uri("https://github.com/");
var expectedUserName = "******";
var expectedPassword = "******";
var expectedAuthCode = "123456";
IEnumerable <string> expectedPatScopes = new[]
{
GitHubConstants.TokenScopes.Repo,
GitHubConstants.TokenScopes.Gist
};
var patValue = "PERSONAL-ACCESS-TOKEN";
var pat = new GitCredential(Constants.PersonalAccessTokenUserName, patValue);
var response1 = new AuthenticationResult(GitHubAuthenticationResultType.TwoFactorApp);
var response2 = new AuthenticationResult(GitHubAuthenticationResultType.Success, pat);
var context = new TestCommandContext();
var ghAuthMock = new Mock <IGitHubAuthentication>(MockBehavior.Strict);
ghAuthMock.Setup(x => x.GetCredentialsAsync(expectedTargetUri))
.ReturnsAsync(new GitCredential(expectedUserName, expectedPassword));
ghAuthMock.Setup(x => x.GetAuthenticationCodeAsync(expectedTargetUri, false))
.ReturnsAsync(expectedAuthCode);
var ghApiMock = new Mock <IGitHubRestApi>(MockBehavior.Strict);
ghApiMock.Setup(x => x.AcquireTokenAsync(expectedTargetUri, expectedUserName, expectedPassword, null, It.IsAny <IEnumerable <string> >()))
.ReturnsAsync(response1);
ghApiMock.Setup(x => x.AcquireTokenAsync(expectedTargetUri, expectedUserName, expectedPassword, expectedAuthCode, It.IsAny <IEnumerable <string> >()))
.ReturnsAsync(response2);
var provider = new GitHubHostProvider(context, ghApiMock.Object, ghAuthMock.Object);
ICredential credential = await provider.GenerateCredentialAsync(input);
Assert.NotNull(credential);
Assert.Equal(Constants.PersonalAccessTokenUserName, credential.UserName);
Assert.Equal(patValue, credential.Password);
}
