public async Task AadMockTest() { string databaseId = Guid.NewGuid().ToString(); string containerId = Guid.NewGuid().ToString(); using (CosmosClient cosmosClient = TestCommon.CreateCosmosClient()) { Database database = await cosmosClient.CreateDatabaseAsync(databaseId); Container container = await database.CreateContainerAsync( containerId, "/id"); } (string endpoint, string authKey) = TestCommon.GetAccountInfo(); LocalEmulatorTokenCredential simpleEmulatorTokenCredential = new LocalEmulatorTokenCredential(authKey); CosmosClientOptions clientOptions = new CosmosClientOptions() { ConnectionMode = ConnectionMode.Gateway, ConnectionProtocol = Protocol.Https }; using CosmosClient aadClient = new CosmosClient( endpoint, simpleEmulatorTokenCredential, clientOptions); TokenCredentialCache tokenCredentialCache = ((AuthorizationTokenProviderTokenCredential)aadClient.AuthorizationTokenProvider).tokenCredentialCache; // The refresh interval changes slightly based on how fast machine calculate the interval based on the expire time. Assert.IsTrue(15 <= tokenCredentialCache.BackgroundTokenCredentialRefreshInterval.Value.TotalMinutes, "Default background refresh should be 25% of the token life which is defaulted to 1hr"); Assert.IsTrue(tokenCredentialCache.BackgroundTokenCredentialRefreshInterval.Value.TotalMinutes > 14.7, "Default background refresh should be 25% of the token life which is defaulted to 1hr"); Database aadDatabase = await aadClient.GetDatabase(databaseId).ReadAsync(); Container aadContainer = await aadDatabase.GetContainer(containerId).ReadContainerAsync(); ToDoActivity toDoActivity = ToDoActivity.CreateRandomToDoActivity(); ItemResponse <ToDoActivity> itemResponse = await aadContainer.CreateItemAsync( toDoActivity, new PartitionKey(toDoActivity.id)); toDoActivity.cost = 42.42; await aadContainer.ReplaceItemAsync( toDoActivity, toDoActivity.id, new PartitionKey(toDoActivity.id)); await aadContainer.ReadItemAsync <ToDoActivity>( toDoActivity.id, new PartitionKey(toDoActivity.id)); await aadContainer.UpsertItemAsync(toDoActivity); await aadContainer.DeleteItemAsync <ToDoActivity>( toDoActivity.id, new PartitionKey(toDoActivity.id)); }
public async Task AadMockNegativeRefreshRetryTest() { int getAadTokenCount = 0; string errorMessage = "Test Failure" + Guid.NewGuid(); void GetAadTokenCallBack( TokenRequestContext context, CancellationToken token) { getAadTokenCount++; throw new RequestFailedException( 408, errorMessage); } (string endpoint, string authKey) = TestCommon.GetAccountInfo(); LocalEmulatorTokenCredential simpleEmulatorTokenCredential = new LocalEmulatorTokenCredential( authKey, GetAadTokenCallBack); CosmosClientOptions clientOptions = new CosmosClientOptions() { TokenCredentialBackgroundRefreshInterval = TimeSpan.FromSeconds(60) }; Assert.AreEqual(0, getAadTokenCount); using (CosmosClient aadClient = new CosmosClient( endpoint, simpleEmulatorTokenCredential, clientOptions)) { Assert.AreEqual(3, getAadTokenCount); await Task.Delay(TimeSpan.FromSeconds(1)); try { ResponseMessage responseMessage = await aadClient.GetDatabase(Guid.NewGuid().ToString()).ReadStreamAsync(); Assert.Fail("Should throw auth error."); } catch (CosmosException ce) when(ce.StatusCode == HttpStatusCode.Unauthorized) { Assert.IsNotNull(ce.Message); Assert.IsTrue(ce.ToString().Contains(errorMessage)); } } }
public async Task AadMockRefreshTest() { int getAadTokenCount = 0; void GetAadTokenCallBack( TokenRequestContext context, CancellationToken token) { getAadTokenCount++; } (string endpoint, string authKey) = TestCommon.GetAccountInfo(); LocalEmulatorTokenCredential simpleEmulatorTokenCredential = new LocalEmulatorTokenCredential( authKey, GetAadTokenCallBack); CosmosClientOptions clientOptions = new CosmosClientOptions() { TokenCredentialBackgroundRefreshInterval = TimeSpan.FromSeconds(1) }; Assert.AreEqual(0, getAadTokenCount); using CosmosClient aadClient = new CosmosClient( endpoint, simpleEmulatorTokenCredential, clientOptions); DocumentClient documentClient = aadClient.ClientContext.DocumentClient; TokenCredentialCache tokenCredentialCache = ((AuthorizationTokenProviderTokenCredential)aadClient.AuthorizationTokenProvider).tokenCredentialCache; Assert.AreEqual(TimeSpan.FromSeconds(1), tokenCredentialCache.BackgroundTokenCredentialRefreshInterval); Assert.AreEqual(1, getAadTokenCount); await aadClient.ReadAccountAsync(); await aadClient.ReadAccountAsync(); await aadClient.ReadAccountAsync(); // Should use cached token Assert.AreEqual(1, getAadTokenCount); // Token should be refreshed after 1 second await Task.Delay(TimeSpan.FromSeconds(1.2)); Assert.AreEqual(2, getAadTokenCount); }
public async Task AadMockRefreshRetryTest() { int getAadTokenCount = 0; void GetAadTokenCallBack( TokenRequestContext context, CancellationToken token) { getAadTokenCount++; if (getAadTokenCount <= 2) { throw new RequestFailedException( 408, "Test Failure"); } } (string endpoint, string authKey) = TestCommon.GetAccountInfo(); LocalEmulatorTokenCredential simpleEmulatorTokenCredential = new LocalEmulatorTokenCredential( authKey, GetAadTokenCallBack); CosmosClientOptions clientOptions = new CosmosClientOptions() { TokenCredentialBackgroundRefreshInterval = TimeSpan.FromSeconds(60) }; Assert.AreEqual(0, getAadTokenCount); using (CosmosClient aadClient = new CosmosClient( endpoint, simpleEmulatorTokenCredential, clientOptions)) { Assert.AreEqual(3, getAadTokenCount); await Task.Delay(TimeSpan.FromSeconds(1)); ResponseMessage responseMessage = await aadClient.GetDatabase(Guid.NewGuid().ToString()).ReadStreamAsync(); Assert.IsNotNull(responseMessage); // Should use cached token Assert.AreEqual(3, getAadTokenCount); } }
public async Task AadMockTest(ConnectionMode connectionMode) { int requestCount = 0; string databaseId = Guid.NewGuid().ToString(); string containerId = Guid.NewGuid().ToString(); using (CosmosClient cosmosClient = TestCommon.CreateCosmosClient()) { Database database = await cosmosClient.CreateDatabaseAsync(databaseId); Container container = await database.CreateContainerAsync( containerId, "/id"); } (string endpoint, string authKey) = TestCommon.GetAccountInfo(); LocalEmulatorTokenCredential simpleEmulatorTokenCredential = new LocalEmulatorTokenCredential(authKey); CosmosClientOptions clientOptions = new CosmosClientOptions() { ConnectionMode = connectionMode, ConnectionProtocol = connectionMode == ConnectionMode.Direct ? Protocol.Tcp : Protocol.Https, }; if (connectionMode == ConnectionMode.Direct) { long lsn = 2; clientOptions.TransportClientHandlerFactory = (transport) => new TransportClientWrapper(transport, interceptorAfterResult: (request, storeResponse) => { // Force a barrier request on create item. // There needs to be 2 regions and the GlobalCommittedLSN must be behind the LSN. if (storeResponse.StatusCode == HttpStatusCode.Created) { if (requestCount == 0) { requestCount++; lsn = storeResponse.LSN; storeResponse.Headers.Set(Documents.WFConstants.BackendHeaders.NumberOfReadRegions, "2"); storeResponse.Headers.Set(Documents.WFConstants.BackendHeaders.GlobalCommittedLSN, "0"); } } // Head request is the barrier request // The GlobalCommittedLSN is set to -1 because the local emulator doesn't have geo-dr so it has to be // overridden for the validation to succeed. if (request.OperationType == Documents.OperationType.Head) { if (requestCount == 1) { requestCount++; storeResponse.Headers.Set(Documents.WFConstants.BackendHeaders.NumberOfReadRegions, "2"); storeResponse.Headers.Set(Documents.WFConstants.BackendHeaders.GlobalCommittedLSN, lsn.ToString(CultureInfo.InvariantCulture)); } } return(storeResponse); }); } using CosmosClient aadClient = new CosmosClient( endpoint, simpleEmulatorTokenCredential, clientOptions); TokenCredentialCache tokenCredentialCache = ((AuthorizationTokenProviderTokenCredential)aadClient.AuthorizationTokenProvider).tokenCredentialCache; // The refresh interval changes slightly based on how fast machine calculate the interval based on the expire time. Assert.IsTrue(15 <= tokenCredentialCache.BackgroundTokenCredentialRefreshInterval.Value.TotalMinutes, "Default background refresh should be 25% of the token life which is defaulted to 1hr"); Assert.IsTrue(tokenCredentialCache.BackgroundTokenCredentialRefreshInterval.Value.TotalMinutes > 14.7, "Default background refresh should be 25% of the token life which is defaulted to 1hr"); Database aadDatabase = await aadClient.GetDatabase(databaseId).ReadAsync(); Container aadContainer = await aadDatabase.GetContainer(containerId).ReadContainerAsync(); ToDoActivity toDoActivity = ToDoActivity.CreateRandomToDoActivity(); ItemResponse <ToDoActivity> itemResponse = await aadContainer.CreateItemAsync( toDoActivity, new PartitionKey(toDoActivity.id)); // Gateway does the barrier requests so only direct mode needs to be validated. if (connectionMode == ConnectionMode.Direct) { Assert.AreEqual(2, requestCount, "The barrier request was never called."); } toDoActivity.cost = 42.42; await aadContainer.ReplaceItemAsync( toDoActivity, toDoActivity.id, new PartitionKey(toDoActivity.id)); await aadContainer.ReadItemAsync <ToDoActivity>( toDoActivity.id, new PartitionKey(toDoActivity.id)); await aadContainer.UpsertItemAsync(toDoActivity); await aadContainer.DeleteItemAsync <ToDoActivity>( toDoActivity.id, new PartitionKey(toDoActivity.id)); }