public static async Task CorrelationIdTestAsync(Sts sts) { SetCredential(sts); var context = new AuthenticationContextProxy(sts.Authority, sts.ValidateAuthority); Guid correlationId = Guid.NewGuid(); AuthenticationResultProxy result = null; var eventListener = new SampleEventListener(); eventListener.EnableEvents(AdalOption.AdalEventSource, EventLevel.Verbose); context.SetCorrelationId(correlationId); result = await context.AcquireTokenAsync(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, PlatformParameters, sts.ValidUserId); VerifySuccessResult(sts, result); Verify.IsTrue(eventListener.TraceBuffer.Contains(correlationId.ToString())); eventListener.TraceBuffer = string.Empty; context.SetCorrelationId(Guid.Empty); AuthenticationResultProxy result2 = await context.AcquireTokenSilentAsync(sts.ValidResource, sts.ValidClientId); Verify.IsNotNullOrEmptyString(result2.AccessToken); Verify.IsFalse(eventListener.TraceBuffer.Contains(correlationId.ToString())); }
public static async Task CorrelationIdTestAsync(Sts sts) { SetCredential(sts); var context = new AuthenticationContextProxy(sts.Authority, sts.ValidateAuthority); Guid correlationId = Guid.NewGuid(); AuthenticationResultProxy result = null; MemoryStream stream = new MemoryStream(); using (var listener = new TextWriterTraceListener(stream)) { Trace.Listeners.Add(listener); context.SetCorrelationId(correlationId); result = context.AcquireToken(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, PromptBehaviorProxy.Auto, sts.ValidUserId); VerifySuccessResult(sts, result); listener.Flush(); string trace = Encoding.UTF8.GetString(stream.ToArray(), 0, (int)stream.Position); Verify.IsTrue(trace.Contains(correlationId.ToString())); Trace.Listeners.Remove(listener); } stream = new MemoryStream(); using (var listener = new TextWriterTraceListener(stream)) { Trace.Listeners.Add(listener); context.SetCorrelationId(Guid.Empty); AuthenticationResultProxy result2 = await context.AcquireTokenByRefreshTokenAsync(result.RefreshToken, sts.ValidClientId); Verify.IsNotNull(result2.AccessToken); listener.Flush(); string trace = Encoding.UTF8.GetString(stream.ToArray(), 0, (int)stream.Position); Verify.IsFalse(trace.Contains(correlationId.ToString())); Verify.IsTrue(trace.Contains("Correlation ID")); Trace.Listeners.Remove(listener); } }
public static async Task ConfidentialClientTestAsync(Sts sts) { SetCredential(sts); var context = new AuthenticationContextProxy(sts.Authority, sts.ValidateAuthority); string authorizationCode = context.AcquireAccessCode(sts.ValidResource, sts.ValidConfidentialClientId, sts.ValidRedirectUriForConfidentialClient, sts.ValidUserId); var credential = new ClientCredential(sts.ValidConfidentialClientId, sts.ValidConfidentialClientSecret); AuthenticationResultProxy result = await context.AcquireTokenByAuthorizationCodeAsync(authorizationCode, sts.ValidRedirectUriForConfidentialClient, credential); VerifySuccessResult(sts, result); AuthenticationContextProxy.Delay(2000); // 2 seconds delay context.SetCorrelationId(new Guid("2ddbba59-1a04-43fb-b363-7fb0ae785031")); // Test cache usage in AcquireTokenByAuthorizationCodeAsync // There is no cache lookup, so the results should be different. AuthenticationResultProxy result2 = await context.AcquireTokenByAuthorizationCodeAsync(authorizationCode, sts.ValidRedirectUriForConfidentialClient, credential); VerifySuccessResult(sts, result2); Verify.AreNotEqual(result.AccessToken, result2.AccessToken); AuthenticationContextProxy.ClearDefaultCache(); result = await context.AcquireTokenByRefreshTokenAsync(result.RefreshToken, credential); VerifySuccessResult(sts, result, true, false); result = await context.AcquireTokenByRefreshTokenAsync(result.RefreshToken, sts.ValidConfidentialClientId, sts.ValidResource); VerifyErrorResult(result, "invalid_request", null, 400, "90014"); // ACS90014: The request body must contain the following parameter: 'client_secret or client_assertion'. result = await context.AcquireTokenByAuthorizationCodeAsync(null, sts.ValidRedirectUriForConfidentialClient, credential); VerifyErrorResult(result, "invalid_argument", "authorizationCode"); result = await context.AcquireTokenByAuthorizationCodeAsync(string.Empty, sts.ValidRedirectUriForConfidentialClient, credential); VerifyErrorResult(result, "invalid_argument", "authorizationCode"); result = await context.AcquireTokenByAuthorizationCodeAsync(authorizationCode + "x", sts.ValidRedirectUriForConfidentialClient, credential); VerifyErrorResult(result, "invalid_grant", "authorization code"); result = await context.AcquireTokenByAuthorizationCodeAsync(authorizationCode, new Uri(sts.ValidRedirectUriForConfidentialClient.AbsoluteUri + "x"), credential); VerifyErrorResult(result, "invalid_grant", "does not match the reply address", 400, "70002"); result = await context.AcquireTokenByAuthorizationCodeAsync(authorizationCode, sts.ValidRedirectUriForConfidentialClient, (ClientCredential)null); VerifyErrorResult(result, "invalid_argument", "credential"); var invalidCredential = new ClientCredential(sts.ValidConfidentialClientId, sts.ValidConfidentialClientSecret + "x"); result = await context.AcquireTokenByAuthorizationCodeAsync(authorizationCode, sts.ValidRedirectUriForConfidentialClient, invalidCredential); VerifyErrorResult(result, "invalid_client", "client secret", 401); }
public static async Task CorrelationIdTestAsync(Sts sts) { SetCredential(sts); var context = new AuthenticationContextProxy(sts.Authority, sts.ValidateAuthority); Guid correlationId = Guid.NewGuid(); AuthenticationResultProxy result = null; var eventListener = new SampleEventListener(); eventListener.EnableEvents(AdalOption.AdalEventSource, EventLevel.Verbose); context.SetCorrelationId(correlationId); result = await context.AcquireTokenAsync(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, PlatformParameters, sts.ValidUserId); VerifySuccessResult(sts, result); Verify.IsTrue(eventListener.TraceBuffer.Contains(correlationId.ToString())); eventListener.TraceBuffer = string.Empty; context.SetCorrelationId(Guid.Empty); AuthenticationResultProxy result2 = await context.AcquireTokenSilentAsync(sts.ValidResource, sts.ValidClientId); Verify.IsNotNullOrEmptyString(result2.AccessToken); Verify.IsFalse(eventListener.TraceBuffer.Contains(correlationId.ToString())); }
public static async Task CorrelationIdTestAsync(Sts sts) { SetCredential(sts); var context = new AuthenticationContextProxy(sts.Authority, sts.ValidateAuthority); Guid correlationId = Guid.NewGuid(); AuthenticationResultProxy result = null; MemoryStream stream = new MemoryStream(); using (var listener = new TextWriterTraceListener(stream)) { Trace.Listeners.Add(listener); context.SetCorrelationId(correlationId); result = context.AcquireToken(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, PromptBehaviorProxy.Auto, sts.ValidUserId); VerifySuccessResult(sts, result); listener.Flush(); string trace = Encoding.UTF8.GetString(stream.ToArray(), 0, (int)stream.Position); Verify.IsTrue(trace.Contains(correlationId.ToString())); Trace.Listeners.Remove(listener); } stream = new MemoryStream(); using (var listener = new TextWriterTraceListener(stream)) { Trace.Listeners.Add(listener); context.SetCorrelationId(Guid.Empty); AuthenticationResultProxy result2 = await context.AcquireTokenByRefreshTokenAsync(result.RefreshToken, sts.ValidClientId); Verify.IsNotNullOrEmptyString(result2.AccessToken); listener.Flush(); string trace = Encoding.UTF8.GetString(stream.ToArray(), 0, (int)stream.Position); Verify.IsFalse(trace.Contains(correlationId.ToString())); Verify.IsTrue(trace.Contains("Correlation ID")); Trace.Listeners.Remove(listener); } }
public static async Task ConfidentialClientTestAsync(Sts sts) { SetCredential(sts); var context = new AuthenticationContextProxy(sts.Authority, sts.ValidateAuthority); string authorizationCode = context.AcquireAccessCode(sts.ValidResource, sts.ValidConfidentialClientId, sts.ValidRedirectUriForConfidentialClient, sts.ValidUserId); var credential = new ClientCredential(sts.ValidConfidentialClientId, sts.ValidConfidentialClientSecret); AuthenticationResultProxy result = await context.AcquireTokenByAuthorizationCodeAsync(authorizationCode, sts.ValidRedirectUriForConfidentialClient, credential); VerifySuccessResult(sts, result); AuthenticationContextProxy.Delay(2000); // 2 seconds delay context.SetCorrelationId(new Guid("2ddbba59-1a04-43fb-b363-7fb0ae785031")); // Test cache usage in AcquireTokenByAuthorizationCodeAsync // There is no cache lookup, so the results should be different. AuthenticationResultProxy result2 = await context.AcquireTokenByAuthorizationCodeAsync(authorizationCode, sts.ValidRedirectUriForConfidentialClient, credential); VerifySuccessResult(sts, result2); Verify.AreNotEqual(result.AccessToken, result2.AccessToken); AuthenticationContextProxy.ClearDefaultCache(); result = await context.AcquireTokenByRefreshTokenAsync(result.RefreshToken, credential); VerifySuccessResult(sts, result, true, false); result = await context.AcquireTokenByRefreshTokenAsync(result.RefreshToken, sts.ValidConfidentialClientId, sts.ValidResource); VerifyErrorResult(result, "invalid_request", null, 400, "90014"); // ACS90014: The request body must contain the following parameter: 'client_secret or client_assertion'. result = await context.AcquireTokenByAuthorizationCodeAsync(null, sts.ValidRedirectUriForConfidentialClient, credential); VerifyErrorResult(result, "invalid_argument", "authorizationCode"); result = await context.AcquireTokenByAuthorizationCodeAsync(string.Empty, sts.ValidRedirectUriForConfidentialClient, credential); VerifyErrorResult(result, "invalid_argument", "authorizationCode"); result = await context.AcquireTokenByAuthorizationCodeAsync(authorizationCode + "x", sts.ValidRedirectUriForConfidentialClient, credential); VerifyErrorResult(result, "invalid_grant", "authorization code"); result = await context.AcquireTokenByAuthorizationCodeAsync(authorizationCode, new Uri(sts.ValidRedirectUriForConfidentialClient.AbsoluteUri + "x"), credential); VerifyErrorResult(result, "invalid_grant", "does not match the reply address", 400, "70002"); result = await context.AcquireTokenByAuthorizationCodeAsync(authorizationCode, sts.ValidRedirectUriForConfidentialClient, (ClientCredential)null); VerifyErrorResult(result, "invalid_argument", "credential"); var invalidCredential = new ClientCredential(sts.ValidConfidentialClientId, sts.ValidConfidentialClientSecret + "x"); result = await context.AcquireTokenByAuthorizationCodeAsync(authorizationCode, sts.ValidRedirectUriForConfidentialClient, invalidCredential); VerifyErrorResult(result, "invalid_client", "client secret", 401); }