public async Task VerifyMsiUnavailableCredentialException() { var mockClient = new MockManagedIdentityClient { MsiTypeFactory = () => MsiType.Unavailable }; var credential = InstrumentClient(new ManagedIdentityCredential(CredentialPipeline.GetInstance(null), mockClient)); var ex = Assert.ThrowsAsync <CredentialUnavailableException>(async() => await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); Assert.AreEqual(ManagedIdentityCredential.MsiUnavailableError, ex.Message); await Task.CompletedTask; }
public async Task VerifyImdsRequestWithClientIdMockAsync() { using (new TestEnvVar("MSI_ENDPOINT", null)) using (new TestEnvVar("MSI_SECRET", null)) { var response = new MockResponse(200); var expectedToken = "mock-msi-access-token"; response.SetContent($"{{ \"access_token\": \"{expectedToken}\", \"expires_on\": \"3600\" }}"); var mockTransport = new MockTransport(response); var options = new TokenCredentialOptions() { Transport = mockTransport }; var pipeline = CredentialPipeline.GetInstance(options); var client = new MockManagedIdentityClient(pipeline, "mock-client-id") { ManagedIdentitySourceFactory = () => new ImdsManagedIdentitySource(pipeline.HttpPipeline, "mock-client-id") }; ManagedIdentityCredential credential = InstrumentClient(new ManagedIdentityCredential(pipeline, client)); AccessToken actualToken = await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default)); Assert.AreEqual(expectedToken, actualToken.Token); MockRequest request = mockTransport.Requests[0]; string query = request.Uri.Query; Assert.IsTrue(query.Contains("api-version=2018-02-01")); Assert.IsTrue(query.Contains($"resource={Uri.EscapeDataString(ScopeUtilities.ScopesToResource(MockScopes.Default))}")); Assert.IsTrue(query.Contains($"client_id=mock-client-id")); Assert.IsTrue(request.Headers.TryGetValue("Metadata", out string metadataValue)); Assert.AreEqual("true", metadataValue); } }