microsoft-authentication-library-for-java/msal4j-sdk/src/integrationtest/java/com/microsoft/aad/msal4j/TokenCacheIT.java at 7746246b22a29e56ccee07f50a179624e9bda5d0 · AzureAD/microsoft-authentication-library-for-java · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.

package com.microsoft.aad.msal4j;

import com.microsoft.aad.msal4j.labapi.*;
import static com.microsoft.aad.msal4j.labapi.KeyVaultSecrets.*;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.TestInstance;
import org.junit.jupiter.api.condition.DisabledIfSystemProperty;

import static org.junit.jupiter.api.Assertions.assertEquals;

import java.util.Collections;
import java.util.HashMap;
import java.util.Map;

@TestInstance(TestInstance.Lifecycle.PER_CLASS)
class TokenCacheIT {

    @Test
    void singleAccountInCache_RemoveAccountTest() throws Exception {
        AppConfig app = LabResponseHelper.getAppConfig(APP_PCACLIENT);
        UserConfig user = LabResponseHelper.getUserConfig(USER_PUBLIC_CLOUD);

        PublicClientApplication pca = PublicClientApplication.builder(
                app.getAppId()).
                authority(TestConstants.ORGANIZATIONS_AUTHORITY).
                build();

        // Check that cache is empty
        assertEquals(0, pca.getAccounts().join().size());

        Map<String, String> extraQueryParameters = new HashMap<>();
        extraQueryParameters.put("test", "test");

        pca.acquireToken(UserNamePasswordParameters.
                builder(Collections.singleton(TestConstants.GRAPH_DEFAULT_SCOPE),
                        user.getUpn(),
                        user.getPassword().toCharArray())
                        .extraQueryParameters(extraQueryParameters)
                .build())
                .get();

        // Check that cache contains one account
        assertEquals(1, pca.getAccounts().join().size());

        pca.removeAccount(pca.getAccounts().join().iterator().next()).join();

        // Check that account has been removed
        assertEquals(0, pca.getAccounts().join().size());
    }

    @Test
    @DisabledIfSystemProperty(named = "adfs.disabled", matches = "true")
    void twoAccountsInCache_SameUserDifferentTenants_RemoveAccountTest() throws Exception {

        AppConfig app = LabResponseHelper.getAppConfig(APP_PCACLIENT);
        UserConfig guestUser = LabResponseHelper.getUserConfig(USER_PUBLIC_CLOUD);

        String dataToInitCache = TestHelper.readResource(
                this.getClass(),
                "/cache_data/remove-account-test-cache.json");

        // check that cache is empty
        assertEquals(dataToInitCache, "");

        ITokenCacheAccessAspect persistenceAspect = new TestTokenCachePersistence(dataToInitCache);

        // acquire tokens for home tenant, and serialize cache
        PublicClientApplication pca = PublicClientApplication.builder(
                app.getAppId()).
                authority(TestConstants.ORGANIZATIONS_AUTHORITY)
                .setTokenCacheAccessAspect(persistenceAspect)
                .build();

        pca.acquireToken(UserNamePasswordParameters.
                builder(Collections.singleton(TestConstants.GRAPH_DEFAULT_SCOPE),
                        guestUser.getHomeUPN(),
                        guestUser.getPassword().toCharArray())
                .build())
                .get();

        String guestTenantAuthority = TestConstants.MICROSOFT_AUTHORITY_HOST + guestUser.getTenantId();

        // initialize pca with tenant where user is guest, deserialize cache, and acquire second token
        PublicClientApplication pca2 = PublicClientApplication.builder(
                app.getAppId()).
                authority(guestTenantAuthority).
                setTokenCacheAccessAspect(persistenceAspect).
                build();

        pca2.acquireToken(UserNamePasswordParameters.
                builder(Collections.singleton(TestConstants.GRAPH_DEFAULT_SCOPE),
                        guestUser.getHomeUPN(),
                        guestUser.getPassword().toCharArray())
                .build())
                .get();

        // There should be two tokens in cache, with same accounts except for tenant
        assertEquals(pca2.getAccounts().join().iterator().next().getTenantProfiles().size(), 2);

        IAccount account = pca2.getAccounts().get().iterator().next();

        // RemoveAccount should remove both cache entities
        pca2.removeAccount(account).join();

        assertEquals(0, pca2.getAccounts().join().size());

        //clean up file
        TestHelper.deleteFileContent(
                this.getClass(),
                "/cache_data/remove-account-test-cache.json");
    }
}