public async Task GivenUnableToGetAccessToken_WhenGetAuthorizedClientAsync_ThenExportClientInitializerExceptionIsThrown() { _exportJobConfiguration.StorageAccountUri = "https://localhost/storage"; // Set up access token provider to throw exception when invoked _accessTokenProvider.GetAccessTokenForResourceAsync(Arg.Any <Uri>(), Arg.Any <CancellationToken>()).Returns <string>(x => throw new AccessTokenProviderException("cant get access token")); var exception = await Assert.ThrowsAsync <ExportClientInitializerException>(() => _azureAccessTokenClientInitializer.GetAuthorizedClientAsync(CancellationToken.None)); Assert.Contains(Resources.CannotGetAccessToken, exception.Message); Assert.Equal(HttpStatusCode.Unauthorized, exception.StatusCode); }
public async Task <CloudBlobClient> GetAuthorizedClientAsync(IntegrationDataStoreConfiguration integrationDataStoreConfiguration, CancellationToken cancellationToken) { if (string.IsNullOrWhiteSpace(integrationDataStoreConfiguration.StorageAccountUri)) { throw new IntegrationDataStoreClientInitializerException(Resources.InvalidStorageUri, HttpStatusCode.BadRequest); } if (!Uri.TryCreate(integrationDataStoreConfiguration.StorageAccountUri, UriKind.Absolute, out Uri storageAccountUri)) { throw new IntegrationDataStoreClientInitializerException(Resources.InvalidStorageUri, HttpStatusCode.BadRequest); } string accessToken; try { accessToken = await _accessTokenProvider.GetAccessTokenForResourceAsync(storageAccountUri, cancellationToken); } catch (AccessTokenProviderException atp) { _logger.LogError(atp, "Unable to get access token"); throw new IntegrationDataStoreClientInitializerException(Resources.CannotGetAccessToken, HttpStatusCode.Unauthorized); } #pragma warning disable CA2000 // Dispose objects before losing scope StorageCredentials storageCredentials = new StorageCredentials(new TokenCredential(accessToken)); #pragma warning restore CA2000 // Dispose objects before losing scope return(new CloudBlobClient(storageAccountUri, storageCredentials)); }
public async Task <string> GetTokenAsync(string registryServer, CancellationToken cancellationToken) { EnsureArg.IsNotNullOrEmpty(registryServer, nameof(registryServer)); var aadResourceUri = new Uri(_convertDataConfiguration.ArmResourceManagerId); string aadToken; try { aadToken = await _aadTokenProvider.GetAccessTokenForResourceAsync(aadResourceUri, cancellationToken); } catch (AccessTokenProviderException ex) { _logger.LogWarning(ex, "Failed to get AAD access token from managed identity."); throw new AzureContainerRegistryTokenException(Resources.CannotGetAcrAccessToken, HttpStatusCode.Unauthorized, ex); } try { return(await Policy .Handle <HttpRequestException>() .RetryAsync(3, onRetry: (exception, retryCount) => { _logger.LogWarning(exception, "Get ACR token failed. Retry {retryCount}.", retryCount); }) .ExecuteAsync(() => GetAcrAccessTokenWithAadToken(registryServer, aadToken, cancellationToken))); } catch (HttpRequestException ex) { _logger.LogError(ex, "Failed to get ACR access token with AAD access token."); throw new AzureContainerRegistryTokenException(Resources.CannotGetAcrAccessToken, HttpStatusCode.BadRequest, ex); } }
public async Task <CloudBlobClient> GetAuthorizedClientAsync(ExportJobConfiguration exportJobConfiguration, CancellationToken cancellationToken) { // Get storage uri from config if (string.IsNullOrWhiteSpace(exportJobConfiguration.StorageAccountUri)) { throw new ExportClientInitializerException(Resources.InvalidStorageUri, HttpStatusCode.BadRequest); } if (!Uri.TryCreate(exportJobConfiguration.StorageAccountUri, UriKind.Absolute, out Uri storageAccountUri)) { throw new ExportClientInitializerException(Resources.InvalidStorageUri, HttpStatusCode.BadRequest); } string accessToken = null; try { accessToken = await _accessTokenProvider.GetAccessTokenForResourceAsync(storageAccountUri, cancellationToken); } catch (AccessTokenProviderException atp) { _logger.LogError(atp, "Unable to get access token"); throw new ExportClientInitializerException(Resources.CannotGetAccessToken, HttpStatusCode.Unauthorized); } var storageCredentials = new StorageCredentials(new TokenCredential(accessToken)); return(new CloudBlobClient(storageAccountUri, storageCredentials)); }