From af10dd15cdb082bc3dbe14b0c2c6d81f6ca5b541 Mon Sep 17 00:00:00 2001 From: jennyf19 Date: Thu, 13 Feb 2020 18:55:07 -0800 Subject: [PATCH] readd adfs with tenantid tests...they were committed but not pushed :( (#1697) --- .../Test.ADAL.NET.Common/AdalTestConstants.cs | 1 + .../DeviceCodeFlowTests.cs | 109 +++++++++++------- .../InstanceDiscoveryTests.cs | 24 +++- 3 files changed, 86 insertions(+), 48 deletions(-) diff --git a/tests/Test.ADAL.NET.Common/AdalTestConstants.cs b/tests/Test.ADAL.NET.Common/AdalTestConstants.cs index 553ecfee2..e353f833b 100644 --- a/tests/Test.ADAL.NET.Common/AdalTestConstants.cs +++ b/tests/Test.ADAL.NET.Common/AdalTestConstants.cs @@ -35,6 +35,7 @@ public static class AdalTestConstants public static readonly string DefaultResource = "resource1"; public static readonly string AnotherResource = "resource2"; public static readonly string DefaultAdfsAuthorityTenant = "https://login.contoso.com/adfs/"; + public static readonly string AdfsAuthorityWithTenant = "https://login.contoso.com/adfs/" + SomeTenantId + "/"; public static readonly string DefaultAuthorityHomeTenant = "https://login.microsoftonline.com/home/"; public static readonly string SomeTenantId = "some-tenant-id"; public static readonly string TenantSpecificAuthority = "https://login.microsoftonline.com/" + SomeTenantId + "/"; diff --git a/tests/Test.ADAL.NET.Unit.net45/DeviceCodeFlowTests.cs b/tests/Test.ADAL.NET.Unit.net45/DeviceCodeFlowTests.cs index 9d40a0a9c..58886f282 100644 --- a/tests/Test.ADAL.NET.Unit.net45/DeviceCodeFlowTests.cs +++ b/tests/Test.ADAL.NET.Unit.net45/DeviceCodeFlowTests.cs @@ -155,6 +155,61 @@ public void TestDeviceCodeCancel() [TestMethod] public async Task AdfsPositiveTestAsync() + { + await CreateAdfsDeviceCodeTestAsync(AdalTestConstants.DefaultAdfsAuthorityTenant).ConfigureAwait(false); + } + + [TestMethod] + public async Task AdfsWithTenantIdPositiveTestAsync() + { + await CreateAdfsDeviceCodeTestAsync(AdalTestConstants.AdfsAuthorityWithTenant).ConfigureAwait(false); // adfs should never have a tenantId + } + + [TestMethod] + public async Task AdfsPostMethodTestAsync() + { + await CreateAdfsPostMethodTestAsync(AdalTestConstants.DefaultAdfsAuthorityTenant).ConfigureAwait(false); + } + + [TestMethod] + public async Task AdfsWithTenantIdPostMethodTestAsync() + { + await CreateAdfsPostMethodTestAsync(AdalTestConstants.AdfsAuthorityWithTenant).ConfigureAwait(false); // adfs should never have a tenantId + } + + private async Task CreateAdfsPostMethodTestAsync(string authority) + { + using (var httpManager = new MockHttpManager()) + { + var serviceBundle = ServiceBundle.CreateWithCustomHttpManager(httpManager); + + httpManager.AddMockHandler(new MockHttpMessageHandler() + { + Method = HttpMethod.Post, + Url = "https://login.contoso.com/adfs/oauth2/devicecode", + ResponseMessage = MockHelpers.CreateSuccessDeviceCodeResponseMessage() + }); + + AuthenticationContext context = new AuthenticationContext( + serviceBundle, + authority, + AuthorityValidationType.False, + null); + + DeviceCodeResult dcr = await context.AcquireDeviceCodeAsync( + AdalTestConstants.DefaultResource, + AdalTestConstants.DefaultClientId) + .ConfigureAwait(false); + + Assert.IsNotNull(dcr); + Assert.AreEqual("some-user-code", dcr.UserCode); + + Assert.AreEqual(authority, context.Authority); + CheckAdfsEndpoints(authority, context.Authenticator); + } + } + + private async Task CreateAdfsDeviceCodeTestAsync(string authority) { using (var httpManager = new MockHttpManager()) { @@ -197,59 +252,25 @@ public async Task AdfsPositiveTestAsync() TokenCache cache = new TokenCache(); AuthenticationContext context = new AuthenticationContext( serviceBundle, - AdalTestConstants.DefaultAdfsAuthorityTenant, + authority, AuthorityValidationType.False, cache); AuthenticationResult result = await context.AcquireTokenByDeviceCodeAsync(dcr).ConfigureAwait(false); Assert.IsNotNull(result); Assert.AreEqual("some-access-token", result.AccessToken); - Assert.AreEqual("https://login.contoso.com/adfs/", context.Authority); - Assert.AreEqual("https://login.contoso.com/adfs/", context.Authenticator.Authority); - Assert.AreEqual(AuthorityType.ADFS, context.Authenticator.AuthorityType); - Assert.AreEqual("https://login.contoso.com/adfs/oauth2/authorize", context.Authenticator.AuthorizationUri); - Assert.AreEqual("https://login.contoso.com/adfs/oauth2/devicecode", context.Authenticator.DeviceCodeUri); - Assert.AreEqual("https://login.contoso.com/adfs/oauth2/token", context.Authenticator.SelfSignedJwtAudience); - Assert.AreEqual("https://login.contoso.com/adfs/oauth2/token", context.Authenticator.TokenUri); + CheckAdfsEndpoints(authority, context.Authenticator); } } - [TestMethod] - public async Task AdfsPostMethodTestAsync() + private void CheckAdfsEndpoints(string authority, Authenticator authenticator) { - using (var httpManager = new MockHttpManager()) - { - var serviceBundle = ServiceBundle.CreateWithCustomHttpManager(httpManager); - - httpManager.AddMockHandler(new MockHttpMessageHandler() - { - Method = HttpMethod.Post, - Url = "https://login.contoso.com/adfs/oauth2/devicecode", - ResponseMessage = MockHelpers.CreateSuccessDeviceCodeResponseMessage() - }); - - AuthenticationContext context = new AuthenticationContext( - serviceBundle, - AdalTestConstants.DefaultAdfsAuthorityTenant, - AuthorityValidationType.False, - null); - - DeviceCodeResult dcr = await context.AcquireDeviceCodeAsync( - AdalTestConstants.DefaultResource, - AdalTestConstants.DefaultClientId) - .ConfigureAwait(false); - - Assert.IsNotNull(dcr); - Assert.AreEqual("some-user-code", dcr.UserCode); - - Assert.AreEqual("https://login.contoso.com/adfs/", context.Authority); - Assert.AreEqual("https://login.contoso.com/adfs/", context.Authenticator.Authority); - Assert.AreEqual(AuthorityType.ADFS, context.Authenticator.AuthorityType); - Assert.AreEqual("https://login.contoso.com/adfs/oauth2/authorize", context.Authenticator.AuthorizationUri); - Assert.AreEqual("https://login.contoso.com/adfs/oauth2/devicecode", context.Authenticator.DeviceCodeUri); - Assert.AreEqual("https://login.contoso.com/adfs/oauth2/token", context.Authenticator.SelfSignedJwtAudience); - Assert.AreEqual("https://login.contoso.com/adfs/oauth2/token", context.Authenticator.TokenUri); - } + Assert.AreEqual(authority, authenticator.Authority); + Assert.AreEqual(AuthorityType.ADFS, authenticator.AuthorityType); + Assert.AreEqual("https://login.contoso.com/adfs/oauth2/authorize", authenticator.AuthorizationUri); + Assert.AreEqual("https://login.contoso.com/adfs/oauth2/devicecode", authenticator.DeviceCodeUri); + Assert.AreEqual("https://login.contoso.com/adfs/oauth2/token", authenticator.SelfSignedJwtAudience); + Assert.AreEqual("https://login.contoso.com/adfs/oauth2/token", authenticator.TokenUri); } } -} +} \ No newline at end of file diff --git a/tests/Test.ADAL.NET.Unit.net45/InstanceDiscoveryTests.cs b/tests/Test.ADAL.NET.Unit.net45/InstanceDiscoveryTests.cs index 2fb1a14ba..57801907f 100644 --- a/tests/Test.ADAL.NET.Unit.net45/InstanceDiscoveryTests.cs +++ b/tests/Test.ADAL.NET.Unit.net45/InstanceDiscoveryTests.cs @@ -34,7 +34,6 @@ using Microsoft.Identity.Core; using Microsoft.Identity.Core.Cache; using Microsoft.IdentityModel.Clients.ActiveDirectory.Internal; -using Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Http; using Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Instance; using Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Flows; using Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.ClientCreds; @@ -42,6 +41,7 @@ using Test.ADAL.NET.Common; using Test.ADAL.NET.Common.Mocks; using MockHttpMessageHandler = Test.ADAL.NET.Common.Mocks.MockHttpMessageHandler; +using AuthorityType = Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Instance.AuthorityType; namespace Test.ADAL.NET.Unit { @@ -169,12 +169,28 @@ public async Task TestInstanceDiscovery_WhenAuthorityIsValidAndMetadataIsReturne [TestMethod] public async Task TestInstanceDiscovery_WhenAuthorityIsAdfs_ShouldNotDoInstanceDiscoveryAsync() + { + await BasicAdfsTestAsync(AdalTestConstants.DefaultAdfsAuthorityTenant).ConfigureAwait(false); + } + + [TestMethod] + public async Task TestInstanceDiscovery_WhenAuthorityIsAdfsWithTenantSpecified_ShouldNotDoInstanceDiscoveryAsync() + { + await BasicAdfsTestAsync(AdalTestConstants.AdfsAuthorityWithTenant).ConfigureAwait(false); + } + + private async Task BasicAdfsTestAsync(string authority) { using (var httpManager = new MockHttpManager()) { var serviceBundle = ServiceBundle.CreateWithCustomHttpManager(httpManager); - var authenticator = new Authenticator(serviceBundle, "https://login.contoso.com/adfs", false); + var authenticator = new Authenticator(serviceBundle, authority, false); await authenticator.UpdateFromTemplateAsync(new RequestContext(null, new AdalLogger(new Guid()))).ConfigureAwait(false); + Assert.AreEqual(authority, authenticator.Authority); + Assert.AreEqual(AuthorityType.ADFS, authenticator.AuthorityType); + Assert.AreEqual("https://login.contoso.com/adfs/oauth2/authorize", authenticator.AuthorizationUri); + Assert.AreEqual("https://login.contoso.com/adfs/oauth2/token", authenticator.SelfSignedJwtAudience); + Assert.AreEqual("https://login.contoso.com/adfs/oauth2/token", authenticator.TokenUri); } } @@ -214,7 +230,7 @@ public void TestInstanceDiscovery_WhenEndpointTimesOut_ShouldThrowCorrectErrorMe CreateFailureMockHandler(httpManager); CreateFailureMockHandler(httpManager); - RequestContext requestContext = new RequestContext(null, new AdalLogger(new Guid())); + RequestContext requestContext = new RequestContext(null, new AdalLogger(new Guid())); string givenHost = "sts.microsoft.com"; // ADAL still behaves correctly using developer provided authority @@ -481,4 +497,4 @@ public async Task TestInstanceDiscovery_WhenMetadataIsReturned_ShouldUsePreferre } } } -} +} \ No newline at end of file