Skip to content

Commit 40a6b06

Browse files
committed
Working OBO, CIAM, MSA, and device code tests
1 parent 5ec7b2f commit 40a6b06

11 files changed

Lines changed: 246 additions & 139 deletions

File tree

msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/AcquireTokenInteractiveIT.java

Lines changed: 47 additions & 48 deletions
Original file line numberDiff line numberDiff line change
@@ -7,19 +7,18 @@
77
import org.junit.jupiter.api.AfterEach;
88
import org.junit.jupiter.api.BeforeEach;
99
import org.junit.jupiter.api.Test;
10-
import org.junit.jupiter.api.condition.DisabledIfSystemProperty;
1110
import org.slf4j.Logger;
1211
import org.slf4j.LoggerFactory;
1312
import org.junit.jupiter.api.TestInstance;
14-
import org.junit.jupiter.params.ParameterizedTest;
15-
import org.junit.jupiter.params.provider.MethodSource;
1613
import static org.junit.jupiter.api.Assertions.assertEquals;
1714
import static org.junit.jupiter.api.Assertions.assertNotEquals;
1815

1916
import java.net.MalformedURLException;
2017
import java.net.URI;
2118
import java.net.URL;
2219
import java.util.Collections;
20+
import java.util.HashMap;
21+
import java.util.Map;
2322
import java.util.concurrent.ExecutionException;
2423

2524
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
@@ -96,51 +95,51 @@ void acquireTokenWithAuthorizationCode_B2C_LegacyFormat() {
9695
// assertAcquireTokenInstanceAware(user);
9796
// }
9897

99-
// TODO: labapi2 doesn't have CIAM CUD user configuration yet - will be pulled from MSAL.NET
100-
// @Test
101-
// void acquireTokenInteractive_Ciam() {
102-
// LabResponse labResponse = LabUserHelper.getCiamCudUser();
103-
// LabUser user = labResponse.getUser();
104-
//
105-
// Map<String, String> extraQueryParameters = new HashMap<>();
106-
//
107-
// PublicClientApplication pca;
108-
// try {
109-
// pca = PublicClientApplication.builder(
110-
// user.getAppId()).
111-
// authority("https://" + user.getLabName() + ".ciamlogin.com/")
112-
// .build();
113-
// } catch (MalformedURLException ex) {
114-
// throw new RuntimeException(ex.getMessage());
115-
// }
116-
//
117-
// IAuthenticationResult result;
118-
// try {
119-
// URI url = new URI("http://localhost:8080");
120-
//
121-
// SystemBrowserOptions browserOptions =
122-
// SystemBrowserOptions
123-
// .builder()
124-
// .openBrowserAction(new SeleniumOpenBrowserAction(user, pca))
125-
// .build();
126-
//
127-
// InteractiveRequestParameters parameters = InteractiveRequestParameters
128-
// .builder(url)
129-
// .scopes(Collections.singleton(TestConstants.USER_READ_SCOPE))
130-
// .extraQueryParameters(extraQueryParameters)
131-
// .systemBrowserOptions(browserOptions)
132-
// .build();
133-
//
134-
// result = pca.acquireToken(parameters).get();
135-
//
136-
// } catch (Exception e) {
137-
// LOG.error("Error acquiring token with authCode: {}", e.getMessage());
138-
// throw new RuntimeException("Error acquiring token with authCode: " + e.getMessage());
139-
// }
140-
//
141-
// IntegrationTestHelper.assertAccessAndIdTokensNotNull(result);
142-
// assertEquals(user.getUpn(), result.account().username());
143-
// }
98+
@Test
99+
void acquireTokenInteractive_Ciam() {
100+
LabResponse labResponse = LabUserHelper.getCiamCudUser();
101+
LabUser user = labResponse.getUser();
102+
LabApp app = labResponse.getApp();
103+
104+
Map<String, String> extraQueryParameters = new HashMap<>();
105+
106+
PublicClientApplication pca;
107+
try {
108+
pca = PublicClientApplication.builder(
109+
app.getAppId()).
110+
authority(app.getAuthority())
111+
.build();
112+
} catch (MalformedURLException ex) {
113+
throw new RuntimeException(ex.getMessage());
114+
}
115+
116+
IAuthenticationResult result;
117+
try {
118+
URI url = new URI("http://localhost:8080");
119+
120+
SystemBrowserOptions browserOptions =
121+
SystemBrowserOptions
122+
.builder()
123+
.openBrowserAction(new SeleniumOpenBrowserAction(user, pca))
124+
.build();
125+
126+
InteractiveRequestParameters parameters = InteractiveRequestParameters
127+
.builder(url)
128+
.scopes(Collections.singleton(TestConstants.USER_READ_SCOPE))
129+
.extraQueryParameters(extraQueryParameters)
130+
.systemBrowserOptions(browserOptions)
131+
.build();
132+
133+
result = pca.acquireToken(parameters).get();
134+
135+
} catch (Exception e) {
136+
LOG.error("Error acquiring token with authCode: {}", e.getMessage());
137+
throw new RuntimeException("Error acquiring token with authCode: " + e.getMessage());
138+
}
139+
140+
IntegrationTestHelper.assertAccessAndIdTokensNotNull(result);
141+
assertEquals(user.getUpn(), result.account().username());
142+
}
144143

145144
private void assertAcquireTokenCommon(LabUser user, String appId, String authority, String scope) {
146145
PublicClientApplication pca = IntegrationTestHelper.createPublicApp(appId, authority);

msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/AuthorizationCodeIT.java

Lines changed: 34 additions & 41 deletions
Original file line numberDiff line numberDiff line change
@@ -6,13 +6,10 @@
66
import com.microsoft.aad.msal4j.labapi2.*;
77
import org.junit.jupiter.api.AfterEach;
88
import org.junit.jupiter.api.BeforeEach;
9-
import org.junit.jupiter.api.condition.DisabledIfSystemProperty;
109
import org.slf4j.Logger;
1110
import org.slf4j.LoggerFactory;
1211
import org.junit.jupiter.api.Test;
1312
import org.junit.jupiter.api.TestInstance;
14-
import org.junit.jupiter.params.ParameterizedTest;
15-
import org.junit.jupiter.params.provider.MethodSource;
1613
import static org.junit.jupiter.api.Assertions.assertEquals;
1714

1815
import java.net.MalformedURLException;
@@ -73,44 +70,40 @@ public void acquireTokenWithAuthorizationCode_B2C_Local() {
7370
assertAcquireTokenB2C(user);
7471
}
7572

76-
// TODO: labapi2 doesn't have CIAM CUD user configuration yet - will be pulled from MSAL.NET
77-
// @Test
78-
// public void acquireTokenWithAuthorizationCode_CiamCud() throws Exception {
79-
// String authorityCud = "https://login.msidlabsciam.com/fe362aec-5d43-45d1-b730-9755e60dc3b9/v2.0/";
80-
// LabResponse labResponse = LabUserHelper.getCiamCudUser();
81-
// LabUser user = labResponse.getUser();
82-
//
83-
// PublicClientApplication pca = PublicClientApplication.builder(
84-
// user.getAppId()).
85-
// oidcAuthority(authorityCud).
86-
// build();
87-
//
88-
// assertEquals("https://login.msidlabsciam.com/fe362aec-5d43-45d1-b730-9755e60dc3b9/v2.0/.well-known/openid-configuration",
89-
// pca.authenticationAuthority.canonicalAuthorityUrl.toString());
90-
// assertEquals("https://login.msidlabsciam.com/fe362aec-5d43-45d1-b730-9755e60dc3b9/oauth2/v2.0/authorize",
91-
// pca.authenticationAuthority.authorizationEndpoint);
92-
//
93-
// String authCode = acquireAuthorizationCodeAutomated(user, pca, null);
94-
//
95-
// IAuthenticationResult result = pca.acquireToken(AuthorizationCodeParameters
96-
// .builder(authCode,
97-
// new URI(TestConstants.LOCALHOST + httpListener.port()))
98-
// .scopes(Collections.singleton("user.read"))
99-
// .build())
100-
// .get();
101-
//
102-
// IntegrationTestHelper.assertAccessAndIdTokensNotNull(result);
103-
// assertEquals(user.getUpn(), result.account().username());
104-
//
105-
// IAuthenticationResult resultSilent = pca.acquireTokenSilently(SilentParameters
106-
// .builder(Collections.singleton("user.read"), result.account())
107-
// .build())
108-
// .get();
109-
//
110-
// IntegrationTestHelper.assertAccessAndIdTokensNotNull(result);
111-
// assertEquals(resultSilent.accessToken(), result.accessToken());
112-
// assertEquals(resultSilent.account().username(), result.account().username());
113-
// }
73+
@Test
74+
public void acquireTokenWithAuthorizationCode_CiamCud() throws Exception {
75+
String authorityCud = "https://login.msidlabsciam.com/fe362aec-5d43-45d1-b730-9755e60dc3b9/v2.0/";
76+
77+
LabResponse labResponse = LabUserHelper.getCiamCudUser();
78+
LabUser user = labResponse.getUser();
79+
LabApp app = labResponse.getApp();
80+
81+
PublicClientApplication pca = PublicClientApplication.builder(
82+
app.getAppId()).
83+
oidcAuthority(authorityCud).
84+
build();
85+
86+
String authCode = acquireAuthorizationCodeAutomated(user, pca, null);
87+
88+
IAuthenticationResult result = pca.acquireToken(AuthorizationCodeParameters
89+
.builder(authCode,
90+
new URI(TestConstants.LOCALHOST + httpListener.port()))
91+
.scopes(Collections.singleton("user.read"))
92+
.build())
93+
.get();
94+
95+
IntegrationTestHelper.assertAccessAndIdTokensNotNull(result);
96+
assertEquals(user.getUpn(), result.account().username());
97+
98+
IAuthenticationResult resultSilent = pca.acquireTokenSilently(SilentParameters
99+
.builder(Collections.singleton("user.read"), result.account())
100+
.build())
101+
.get();
102+
103+
IntegrationTestHelper.assertAccessAndIdTokensNotNull(result);
104+
assertEquals(resultSilent.accessToken(), result.accessToken());
105+
assertEquals(resultSilent.account().username(), result.account().username());
106+
}
114107

115108
private void assertAcquireTokenADFS2019(LabUser user) {
116109
PublicClientApplication pca;

msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/DeviceCodeIT.java

Lines changed: 30 additions & 33 deletions
Original file line numberDiff line numberDiff line change
@@ -12,9 +12,6 @@
1212
import org.slf4j.LoggerFactory;
1313
import org.junit.jupiter.api.Test;
1414
import org.junit.jupiter.api.TestInstance;
15-
import org.junit.jupiter.api.condition.DisabledIfSystemProperty;
16-
import org.junit.jupiter.params.ParameterizedTest;
17-
import org.junit.jupiter.params.provider.MethodSource;
1815
import org.junit.jupiter.api.BeforeAll;
1916
import org.junit.jupiter.api.AfterAll;
2017
import static org.junit.jupiter.api.Assertions.assertNotNull;
@@ -52,37 +49,37 @@ void DeviceCodeFlowADTest() throws Exception {
5249
IntegrationTestHelper.assertAccessAndIdTokensNotNull(result);
5350
}
5451

55-
// TODO: labapi2 doesn't have MSA user configuration yet - will be pulled from MSAL.NET
56-
// NOTE: This test was also failing intermittently in the pipeline runs for the same commit, but always passed locally.
52+
//TODO: This test is failing intermittently in the pipeline runs for the same commit, but always passes locally. Disabling until we can investigate more.
5753
//@Test()
58-
// void DeviceCodeFlowMSATest() throws Exception {
59-
//
60-
// LabResponse labResponse = LabUserHelper.getMSAUser();
61-
// LabUser user = labResponse.getUser();
62-
//
63-
// PublicClientApplication pca = IntegrationTestHelper.createPublicApp(user.getAppId(), TestConstants.CONSUMERS_AUTHORITY);
64-
//
65-
// Consumer<DeviceCode> deviceCodeConsumer = (DeviceCode deviceCode) -> {
66-
// runAutomatedDeviceCodeFlow(deviceCode, user);
67-
// };
68-
//
69-
// IAuthenticationResult result = pca.acquireToken(DeviceCodeFlowParameters
70-
// .builder(Collections.singleton(""),
71-
// deviceCodeConsumer)
72-
// .build())
73-
// .get();
74-
//
75-
// assertNotNull(result);
76-
// assertNotNull(result.accessToken());
77-
//
78-
// result = pca.acquireTokenSilently(SilentParameters.
79-
// builder(Collections.singleton(""), result.account()).
80-
// build())
81-
// .get();
82-
//
83-
// assertNotNull(result);
84-
// assertNotNull(result.accessToken());
85-
// }
54+
void DeviceCodeFlowMSATest() throws Exception {
55+
56+
LabResponse labResponse = LabUserHelper.getMSAUser();
57+
LabUser user = labResponse.getUser();
58+
LabApp app = labResponse.getApp();
59+
60+
PublicClientApplication pca = IntegrationTestHelper.createPublicApp(app.getAppId(), TestConstants.CONSUMERS_AUTHORITY);
61+
62+
Consumer<DeviceCode> deviceCodeConsumer = (DeviceCode deviceCode) -> {
63+
runAutomatedDeviceCodeFlow(deviceCode, user);
64+
};
65+
66+
IAuthenticationResult result = pca.acquireToken(DeviceCodeFlowParameters
67+
.builder(Collections.singleton(""),
68+
deviceCodeConsumer)
69+
.build())
70+
.get();
71+
72+
assertNotNull(result);
73+
assertNotNull(result.accessToken());
74+
75+
result = pca.acquireTokenSilently(SilentParameters.
76+
builder(Collections.singleton(""), result.account()).
77+
build())
78+
.get();
79+
80+
assertNotNull(result);
81+
assertNotNull(result.accessToken());
82+
}
8683

8784
private void runAutomatedDeviceCodeFlow(DeviceCode deviceCode, LabUser user) {
8885

msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/OnBehalfOfIT.java

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ void acquireTokenWithOBO_Managed() throws Exception {
2929

3030
ConfidentialClientApplication cca =
3131
ConfidentialClientApplication.builder(clientId, ClientCredentialFactory.createFromSecret(password)).
32-
authority(cfg.tenantSpecificAuthority()).
32+
authority(cfg.tenantSpecificAuthority("10c419d4-4a50-45b2-aa4e-919fb84df24f")).
3333
build();
3434

3535
IAuthenticationResult result =
@@ -43,14 +43,16 @@ void acquireTokenWithOBO_Managed() throws Exception {
4343

4444
@Test
4545
void acquireTokenWithOBO_testCache() throws Exception {
46+
cfg = new Config();
47+
4648
String accessToken = this.getAccessToken();
4749

4850
final String clientId = cfg.appProvider().getOboAppId();
4951
final String password = cfg.appProvider().getOboAppPassword();
5052

5153
ConfidentialClientApplication cca =
5254
ConfidentialClientApplication.builder(clientId, ClientCredentialFactory.createFromSecret(password)).
53-
authority(cfg.tenantSpecificAuthority()).
55+
authority(cfg.tenantSpecificAuthority("10c419d4-4a50-45b2-aa4e-919fb84df24f")).
5456
build();
5557

5658
IAuthenticationResult result1 =
@@ -131,10 +133,10 @@ private String getAccessToken() throws Exception {
131133
LabUser user = labResponse.getUser();
132134

133135
String clientId = cfg.appProvider().getAppId();
134-
String apiReadScope = cfg.appProvider().getOboAppIdURI() + "/user_impersonation";
136+
String apiReadScope = cfg.appProvider().getOboAppIdURI() + "/access_as_user";
135137
PublicClientApplication pca = PublicClientApplication.builder(
136-
clientId).
137-
authority(cfg.tenantSpecificAuthority()).
138+
clientId).
139+
authority("https://login.microsoftonline.com/organizations").
138140
build();
139141

140142
IAuthenticationResult result = pca.acquireToken(

msal4j-sdk/src/integrationtest/java/com/microsoft/aad/msal4j/labapi2/AppCredentialProvider.java

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -13,10 +13,10 @@ public class AppCredentialProvider {
1313
public AppCredentialProvider() {
1414
KeyVaultSecretsProvider keyVaultSecretsProvider = new KeyVaultSecretsProvider();
1515

16-
clientId = "c0485386-1e9a-4663-bc96-7ab30656de7f";
17-
oboClientId = "f4aa5217-e87c-42b2-82af-5624dd14ee72";
18-
oboAppIdURI = "api://f4aa5217-e87c-42b2-82af-5624dd14ee72";
19-
oboAppPassword = keyVaultSecretsProvider.getSecretByName("TodoListServiceV2-OBO").getValue();
16+
clientId = "54a2d933-8bf8-483b-a8f8-0a31924f3c1f";
17+
oboClientId = "23c64cd8-21e4-41dd-9756-ab9e2c23f58c";
18+
oboAppIdURI = "api://23c64cd8-21e4-41dd-9756-ab9e2c23f58c";
19+
oboAppPassword = keyVaultSecretsProvider.getSecretByName("IdentityDivisionDotNetOBOServiceSecret").getValue();
2020
}
2121

2222
public String getAppId() {

msal4j-sdk/src/integrationtest/java/com/microsoft/aad/msal4j/labapi2/Config.java

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,10 @@ public String tenantSpecificAuthority() {
4242
return LabConstants.MICROSOFT_AUTHORITY_HOST + tenant;
4343
}
4444

45+
public String tenantSpecificAuthority(String tenant) {
46+
return LabConstants.MICROSOFT_AUTHORITY_HOST + tenant;
47+
}
48+
4549
public AppCredentialProvider appProvider() {
4650
return appProvider;
4751
}

msal4j-sdk/src/integrationtest/java/com/microsoft/aad/msal4j/labapi2/LabConstants.java

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,7 @@ public class LabConstants {
2121
public static final String HOME_DOMAIN = "homedomain";
2222
public static final String B2C_PROVIDER = "b2cprovider";
2323
public static final String FEDERATION_PROVIDER = "federationprovider";
24+
public static final String SIGN_IN_AUDIENCE = "SignInAudience";
2425
public static final String AZURE_ENVIRONMENT = "azureenvironment";
2526

2627
public static final String MICROSOFT_AUTHORITY_HOST = "https://login.microsoftonline.com/";

msal4j-sdk/src/integrationtest/java/com/microsoft/aad/msal4j/labapi2/LabServiceApi.java

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -163,6 +163,11 @@ private String runQuery(UserQuery query) {
163163
query.getFederationProvider().toString());
164164
}
165165

166+
if (query.getSignInAudience() != null) {
167+
queryDict.put(LabConstants.SIGN_IN_AUDIENCE,
168+
query.getSignInAudience().toString());
169+
}
170+
166171
if (query.getAzureEnvironment() != null) {
167172
queryDict.put(LabConstants.AZURE_ENVIRONMENT,
168173
query.getAzureEnvironment().toString());

0 commit comments

Comments
 (0)