Skip to content

Commit 7c260c0

Browse files
simorenohCopilot
andcommitted
Adapt AAD tests to runtime TLS + feed module from main
Main replaced the compile-time �llow_invalid_certificates feature with a runtime CosmosRuntime certificate-validation option (#4649) and moved FeedScope from the query module to eed (#4512). Update the AAD test client builder to configure ServerCertificateValidation::RequiredUnlessEmulator via CosmosRuntime instead of the removed cfg gate, and fix the FeedScope import. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
1 parent 074f3b2 commit 7c260c0

2 files changed

Lines changed: 20 additions & 17 deletions

File tree

sdk/cosmos/azure_data_cosmos/tests/emulator_tests/cosmos_aad.rs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,8 +20,8 @@ use super::framework;
2020

2121
use azure_core::http::StatusCode;
2222
use azure_core::Uuid;
23+
use azure_data_cosmos::feed::FeedScope;
2324
use azure_data_cosmos::models::ContainerProperties;
24-
use azure_data_cosmos::query::FeedScope;
2525
use azure_data_cosmos::{PartitionKey, Query};
2626
use framework::{TestClient, TestRunContext};
2727
use futures::TryStreamExt;

sdk/cosmos/azure_data_cosmos/tests/framework/test_client.rs

Lines changed: 19 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -1103,23 +1103,26 @@ pub async fn build_aad_client_from_env(
11031103
std::sync::Arc<dyn azure_core::credentials::TokenCredential>,
11041104
Option<super::CredentialRecorder>,
11051105
) = if is_emulator {
1106-
#[cfg(not(feature = "allow_invalid_certificates"))]
1107-
return Err(
1108-
"The 'allow_invalid_certificates' feature must be enabled to run AAD tests \
1109-
against the emulator. Add `allow_invalid_certificates` to the features list."
1110-
.into(),
1111-
);
1106+
// The emulator serves a self-signed certificate, so route the client
1107+
// through a runtime that skips certificate validation for emulator
1108+
// hosts (mirroring the key-auth emulator client setup).
1109+
let runtime = CosmosRuntime::builder()
1110+
.with_connection_pool(
1111+
ConnectionPoolOptions::builder()
1112+
.with_server_certificate_validation(
1113+
ServerCertificateValidation::RequiredUnlessEmulator,
1114+
)
1115+
.build()?,
1116+
)
1117+
.build()
1118+
.await?;
1119+
builder = builder.with_runtime(runtime);
11121120

1113-
#[cfg(feature = "allow_invalid_certificates")]
1114-
{
1115-
builder = builder.with_allow_emulator_invalid_certificates(true);
1116-
// Sign the fake JWT with the same master key the emulator validates against.
1117-
let master_key = parsed.account_key().secret().to_string();
1118-
let credential =
1119-
std::sync::Arc::new(CosmosEmulatorCredential::with_master_key(master_key));
1120-
let recorder = credential.recorder();
1121-
(credential, Some(recorder))
1122-
}
1121+
// Sign the fake JWT with the same master key the emulator validates against.
1122+
let master_key = parsed.account_key().secret().to_string();
1123+
let credential = std::sync::Arc::new(CosmosEmulatorCredential::with_master_key(master_key));
1124+
let recorder = credential.recorder();
1125+
(credential, Some(recorder))
11231126
} else {
11241127
(azure_core_test::credentials::from_env(None)?, None)
11251128
};

0 commit comments

Comments
 (0)