From fbee6a1a25dd8da5c65bfa1979f7555796097d87 Mon Sep 17 00:00:00 2001 From: Avery-Dunn Date: Mon, 10 Jul 2023 13:21:46 -0700 Subject: [PATCH] Update CIAM tests --- .../AcquireTokenInteractiveIT.java | 44 +++++++++++++++++++ .../ClientCredentialsIT.java | 25 +++++++++++ .../TestConstants.java | 1 + .../UsernamePasswordIT.java | 21 +++++++++ .../java/labapi/LabConstants.java | 2 +- 5 files changed, 92 insertions(+), 1 deletion(-) diff --git a/msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/AcquireTokenInteractiveIT.java b/msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/AcquireTokenInteractiveIT.java index dee0c9a7..fe2d0b25 100644 --- a/msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/AcquireTokenInteractiveIT.java +++ b/msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/AcquireTokenInteractiveIT.java @@ -124,6 +124,50 @@ void acquireTokenInteractive_ManagedUser_InstanceAware() { assertAcquireTokenInstanceAware(user); } + @Test + void acquireTokenInteractive_Ciam() { + User user = labUserProvider.getCiamUser(); + + Map extraQueryParameters = new HashMap<>(); + + PublicClientApplication pca; + try { + pca = PublicClientApplication.builder( + user.getAppId()). + authority("https://" + user.getLabName() + ".ciamlogin.com/") + .build(); + } catch (MalformedURLException ex) { + throw new RuntimeException(ex.getMessage()); + } + + IAuthenticationResult result; + try { + URI url = new URI("http://localhost:8080"); + + SystemBrowserOptions browserOptions = + SystemBrowserOptions + .builder() + .openBrowserAction(new SeleniumOpenBrowserAction(user, pca)) + .build(); + + InteractiveRequestParameters parameters = InteractiveRequestParameters + .builder(url) + .scopes(Collections.singleton(TestConstants.USER_READ_SCOPE)) + .extraQueryParameters(extraQueryParameters) + .systemBrowserOptions(browserOptions) + .build(); + + result = pca.acquireToken(parameters).get(); + + } catch (Exception e) { + LOG.error("Error acquiring token with authCode: " + e.getMessage()); + throw new RuntimeException("Error acquiring token with authCode: " + e.getMessage()); + } + + assertTokenResultNotNull(result); + assertEquals(user.getUpn(), result.account().username()); + } + private void assertAcquireTokenCommon(User user, String authority, String scope) { PublicClientApplication pca; try { diff --git a/msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/ClientCredentialsIT.java b/msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/ClientCredentialsIT.java index 16f01193..de536eed 100644 --- a/msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/ClientCredentialsIT.java +++ b/msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/ClientCredentialsIT.java @@ -6,6 +6,7 @@ import labapi.AppCredentialProvider; import labapi.AzureEnvironment; import labapi.LabUserProvider; +import labapi.User; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.TestInstance; import org.junit.jupiter.api.BeforeAll; @@ -64,6 +65,29 @@ void acquireTokenClientCredentials_ClientAssertion() throws Exception { assertAcquireTokenCommon(clientId, credential, TestConstants.MICROSOFT_AUTHORITY); } + @Test + void acquireTokenClientCredentials_ClientSecret_Ciam() throws Exception { + + User user = labUserProvider.getCiamUser(); + String clientId = user.getAppId(); + + AppCredentialProvider appProvider = new AppCredentialProvider(AzureEnvironment.CIAM); + IClientCredential credential = ClientCredentialFactory.createFromSecret(appProvider.getOboAppPassword()); + + ConfidentialClientApplication cca = ConfidentialClientApplication.builder( + clientId, credential). + authority("https://" + user.getLabName() + ".ciamlogin.com/"). + build(); + + IAuthenticationResult result = cca.acquireToken(ClientCredentialParameters + .builder(Collections.singleton(TestConstants.DEFAULT_SCOPE)) + .build()) + .get(); + + assertNotNull(result); + assertNotNull(result.accessToken()); + } + @Test void acquireTokenClientCredentials_Callback() throws Exception { String clientId = "2afb0add-2f32-4946-ac90-81a02aa4550e"; @@ -132,6 +156,7 @@ void acquireTokenClientCredentials_Regional() throws Exception { assertAcquireTokenCommon_withRegion(clientId, certificate, "westus", TestConstants.REGIONAL_MICROSOFT_AUTHORITY_BASIC_HOST_WESTUS); } + private ClientAssertion getClientAssertion(String clientId) { return JwtHelper.buildJwt( clientId, diff --git a/msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/TestConstants.java b/msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/TestConstants.java index d11fcdf8..23f6e621 100644 --- a/msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/TestConstants.java +++ b/msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/TestConstants.java @@ -13,6 +13,7 @@ public class TestConstants { public final static String MSIDLAB_VAULT_URL = "https://msidlabs.vault.azure.net/"; public final static String GRAPH_DEFAULT_SCOPE = "https://graph.windows.net/.default"; public final static String USER_READ_SCOPE = "user.read"; + public final static String DEFAULT_SCOPE = ".default"; public final static String B2C_LAB_SCOPE = "https://msidlabb2c.onmicrosoft.com/msaapp/user_impersonation"; public final static String B2C_CONFIDENTIAL_CLIENT_APP_SECRETID = "MSIDLABB2C-MSAapp-AppSecret"; public final static String B2C_CONFIDENTIAL_CLIENT_LAB_APP_ID = "MSIDLABB2C-MSAapp-AppID"; diff --git a/msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/UsernamePasswordIT.java b/msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/UsernamePasswordIT.java index 049c5d40..415b2ac9 100644 --- a/msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/UsernamePasswordIT.java +++ b/msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/UsernamePasswordIT.java @@ -119,6 +119,27 @@ void acquireTokenWithUsernamePassword_AuthorityWithPort() throws Exception { user.getAppId()); } + @Test + void acquireTokenWithUsernamePassword_Ciam() throws Exception { + + Map extraQueryParameters = new HashMap<>(); + + User user = labUserProvider.getCiamUser(); + PublicClientApplication pca = PublicClientApplication.builder(user.getAppId()) + .authority("https://" + user.getLabName() + ".ciamlogin.com/") + .build(); + + + IAuthenticationResult result = pca.acquireToken(UserNamePasswordParameters. + builder(Collections.singleton(TestConstants.USER_READ_SCOPE), + user.getUpn(), + user.getPassword().toCharArray()) + .extraQueryParameters(extraQueryParameters) + .build()) + .get(); + + assertNotNull(result.accessToken()); + } private void assertAcquireTokenCommonAAD(User user) throws Exception { assertAcquireTokenCommon(user, cfg.organizationsAuthority(), cfg.graphDefaultScope(), diff --git a/msal4j-sdk/src/integrationtest/java/labapi/LabConstants.java b/msal4j-sdk/src/integrationtest/java/labapi/LabConstants.java index 569acafd..79397eb9 100644 --- a/msal4j-sdk/src/integrationtest/java/labapi/LabConstants.java +++ b/msal4j-sdk/src/integrationtest/java/labapi/LabConstants.java @@ -14,7 +14,7 @@ public class LabConstants { public final static String USER_MSA_USERNAME_URL = "https://msidlabs.vault.azure.net/secrets/MSA-MSIDLAB4-UserName"; public final static String USER_MSA_PASSWORD_URL = "https://msidlabs.vault.azure.net/secrets/MSA-MSIDLAB4-Password"; public final static String OBO_APP_PASSWORD_URL = "https://msidlabs.vault.azure.net/secrets/TodoListServiceV2-OBO"; - public final static String CIAM_KEY_VAULT_SECRET_KEY = "https://msidlabs.vault.azure.net/secrets/MSIDLABCIAM1-cc"; + public final static String CIAM_KEY_VAULT_SECRET_KEY = "https://msidlabs.vault.azure.net/secrets/MSIDLABCIAM2-cc"; public final static String ARLINGTON_APP_ID = "cb7faed4-b8c0-49ee-b421-f5ed16894c83"; public final static String ARLINGTON_OBO_APP_ID = "c0555d2d-02f2-4838-802e-3463422e571d";