public async Task UsesTokenProvidedByCredentials() { var policy = new StorageBearerTokenChallengeAuthorizationPolicy(cred, scopes, false); MockTransport transport = CreateMockTransport(new MockResponse(200)); await SendGetRequest(transport, policy, uri : new Uri("https://example.com")); Assert.True(transport.SingleRequest.Headers.TryGetValue("Authorization", out _)); }
public async Task DoesNotSendUnAuthroizedRequestWhenEnableTenantDiscoveryIsFalse([Values(true, false)] bool enableTenantDiscovery) { var policy = new StorageBearerTokenChallengeAuthorizationPolicy(cred, scopes, false); MockTransport transport = CreateMockTransport(_ => new MockResponse(200)); for (int i = 0; i < 10; i++) { await SendGetRequest(transport, policy, uri : new Uri("https://example.com")); } Assert.True(transport.Requests.All(r => r.Headers.TryGetValue("Authorization", out _))); }
public async Task UsesScopeFromBearerChallange() { // Arrange bool firstRequest = true; string initialMismatchedScope = "https://disk.compute.azure.com/.default"; string serviceChallengeResponseScope = "https://storage.azure.com"; string[] initialMismatchedScopes = new string[] { initialMismatchedScope }; string[] serviceChallengeResponseScopes = new string[] { serviceChallengeResponseScope + "/.default" }; int callCount = 0; MockCredential mockCredential = new MockCredential() { GetTokenCallback = (trc, _) => { Assert.IsTrue(callCount <= 1); Assert.AreEqual(serviceChallengeResponseScopes, trc.Scopes); callCount++; } }; StorageBearerTokenChallengeAuthorizationPolicy tokenChallengeAuthorizationPolicy = new StorageBearerTokenChallengeAuthorizationPolicy(mockCredential, initialMismatchedScopes, enableTenantDiscovery: true); MockResponse challengeResponse = new MockResponse((int)HttpStatusCode.Unauthorized); challengeResponse.AddHeader( new HttpHeader( HttpHeader.Names.WwwAuthenticate, $"Bearer authorization_uri=https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/authorize resource_id={serviceChallengeResponseScope}")); MockTransport transport = CreateMockTransport( _ => { MockResponse response = firstRequest switch { true => challengeResponse, false => new MockResponse(200) }; firstRequest = false; return(response); }); // Act await SendGetRequest(transport, tokenChallengeAuthorizationPolicy, uri : new Uri("https://example.com")); await SendGetRequest(transport, tokenChallengeAuthorizationPolicy, uri : new Uri("https://example.com")); }
public async Task SendsUnUnAuthroizedRequestWhenEnableTenantDiscoveryIsTrue([Values(true, false)] bool enableTenantDiscovery) { var policy = new StorageBearerTokenChallengeAuthorizationPolicy(cred, scopes, enableTenantDiscovery); bool firstRequest = true; var challengeReponse = new MockResponse((int)HttpStatusCode.Unauthorized); if (enableTenantDiscovery) { expectedTenantId = "72f988bf-86f1-41af-91ab-2d7cd011db47"; } challengeReponse.AddHeader( new HttpHeader( HttpHeader.Names.WwwAuthenticate, $"Bearer authorization_uri=https://login.microsoftonline.com/{expectedTenantId}/oauth2/authorize resource_id=https://storage.azure.com")); MockTransport transport = CreateMockTransport( _ => { var response = firstRequest switch { false when enableTenantDiscovery => challengeReponse, _ => new MockResponse(200) }; firstRequest = false; return(response); }); for (int i = 0; i < 10; i++) { await SendGetRequest(transport, policy, uri : new Uri("https://example.com")); } // if enableTeanantDiscovery is true, the first request should be unauthorized if (enableTenantDiscovery) { Assert.False(transport.Requests[0].Headers.TryGetValue("Authorization", out _)); } // If enableTenantDiscovery is true, all but the first request should be authorized. Assert.True(transport.Requests.Skip(enableTenantDiscovery ? 1 : 0).All(r => r.Headers.TryGetValue("Authorization", out _))); }