use of com.microsoft.identity.common.adal.internal.net.IWebRequestHandler in project azure-activedirectory-library-for-android by AzureAD.
the class AcquireTokenSilentHandlerTest method testRefreshTokenRequestNotReturnErrorCode.
/**
* Test RT request returns errors, but error response doesn't contain error_code.
*/
@Test
public void testRefreshTokenRequestNotReturnErrorCode() throws IOException, JSONException {
FileMockContext mockContext = new FileMockContext(getContext());
ITokenCacheStore mockCache = getCacheForRefreshToken(TEST_IDTOKEN_USERID, TEST_IDTOKEN_UPN);
final AuthenticationRequest authenticationRequest = getAuthenticationRequest(VALID_AUTHORITY, "resource", "clientid", false);
authenticationRequest.setUserIdentifierType(UserIdentifierType.UniqueId);
authenticationRequest.setUserId(TEST_IDTOKEN_USERID);
final AcquireTokenSilentHandler acquireTokenSilentHandler = getAcquireTokenHandler(mockContext, authenticationRequest, mockCache);
// inject mocked web request handler
final IWebRequestHandler mockedWebRequestHandler = Mockito.mock(WebRequestHandler.class);
Mockito.when(mockedWebRequestHandler.sendPost(Mockito.any(URL.class), Mockito.<String, String>anyMap(), Mockito.any(byte[].class), Mockito.anyString())).thenReturn(new HttpWebResponse(HttpURLConnection.HTTP_BAD_REQUEST, Util.getErrorResponseBody(null), null));
acquireTokenSilentHandler.setWebRequestHandler(mockedWebRequestHandler);
try {
acquireTokenSilentHandler.getAccessToken();
fail();
} catch (final AuthenticationException e) {
assertEquals("Token is not exchanged", ADALError.AUTH_FAILED_NO_TOKEN, e.getCode());
// If AUTH_FAILE_NO_TOKEN is thrown, cause will be return in AuthenticationException
assertNotNull(e.getCause());
assertTrue(e.getCause() instanceof AuthenticationException);
final AuthenticationException authException = (AuthenticationException) e.getCause();
assertTrue(authException.getCode() == ADALError.SERVER_ERROR);
}
// verify that the cache is not cleared
assertNotNull(mockCache.getItem(CacheKey.createCacheKeyForRTEntry(VALID_AUTHORITY, "resource", "clientId", TEST_IDTOKEN_USERID)));
assertNotNull(mockCache.getItem(CacheKey.createCacheKeyForRTEntry(VALID_AUTHORITY, "resource", "clientId", TEST_IDTOKEN_UPN)));
clearCache(mockCache);
}
use of com.microsoft.identity.common.adal.internal.net.IWebRequestHandler in project azure-activedirectory-library-for-android by AzureAD.
the class AcquireTokenSilentHandlerTest method testFRTRequestFailedFallBackMRRTRequest.
/**
* Test if FRT request failed, retry with MRRT if exists.
*/
@Test
public void testFRTRequestFailedFallBackMRRTRequest() throws IOException, JSONException {
FileMockContext mockContext = new FileMockContext(getContext());
final ITokenCacheStore mockCache = new DefaultTokenCacheStore(getContext());
final String clientId = "clientId";
final String familyClientId = "familyClientId";
// MRRT token Cache Item with FoCI flag
final String mrrtToken = "MRRT Refresh Token";
final TokenCacheItem mrrtTokenCacheItem = Util.getTokenCacheItem(VALID_AUTHORITY, null, clientId, TEST_IDTOKEN_USERID, TEST_IDTOKEN_UPN);
mrrtTokenCacheItem.setRefreshToken(mrrtToken);
mrrtTokenCacheItem.setFamilyClientId(familyClientId);
mrrtTokenCacheItem.setIsMultiResourceRefreshToken(true);
saveTokenIntoCache(mockCache, mrrtTokenCacheItem);
// FRT token cache item
final TokenCacheItem frtTokenCacheItem = Util.getTokenCacheItem(VALID_AUTHORITY, null, null, TEST_IDTOKEN_USERID, TEST_IDTOKEN_UPN);
final String frtToken = "FRT Refresh Token";
frtTokenCacheItem.setRefreshToken(frtToken);
frtTokenCacheItem.setFamilyClientId(familyClientId);
frtTokenCacheItem.setIsMultiResourceRefreshToken(true);
saveTokenIntoCache(mockCache, frtTokenCacheItem);
final AuthenticationRequest authenticationRequest = getAuthenticationRequest(VALID_AUTHORITY, "resource", clientId, false);
authenticationRequest.setUserIdentifierType(UserIdentifierType.UniqueId);
authenticationRequest.setUserId(TEST_IDTOKEN_USERID);
final AcquireTokenSilentHandler acquireTokenSilentHandler = getAcquireTokenHandler(mockContext, authenticationRequest, mockCache);
// inject mocked web request handler
final IWebRequestHandler mockedWebRequestHandler = Mockito.mock(WebRequestHandler.class);
// FRT token request fails with invalid_grant
final String anotherResource = "anotherResource";
Mockito.when(mockedWebRequestHandler.sendPost(Mockito.any(URL.class), Mockito.<String, String>anyMap(), Mockito.refEq(Util.getPostMessage(frtToken, clientId, anotherResource)), Mockito.anyString())).thenReturn(new HttpWebResponse(HttpURLConnection.HTTP_BAD_REQUEST, Util.getErrorResponseBody("invalid_grant"), null));
// retry request with MRRT succeeds
Mockito.when(mockedWebRequestHandler.sendPost(Mockito.any(URL.class), Mockito.<String, String>anyMap(), Mockito.refEq(Util.getPostMessage(mrrtToken, clientId, anotherResource)), Mockito.anyString())).thenReturn(new HttpWebResponse(HttpURLConnection.HTTP_OK, Util.getSuccessTokenResponse(true, false), null));
acquireTokenSilentHandler.setWebRequestHandler(mockedWebRequestHandler);
try {
AuthenticationResult result = acquireTokenSilentHandler.getAccessToken();
assertNotNull(result);
assertEquals("Returned assess token is not as expected.", "I am a new access token", result.getAccessToken());
assertEquals("Returned refresh token is not as expected", "I am a new refresh token", result.getRefreshToken());
assertEquals("Returned id token is not as expected.", TEST_IDTOKEN, result.getIdToken());
} catch (AuthenticationException e) {
fail("Unexpected exception");
}
// Verify post request with FRT token is executed first, followed by post request with MRRT..
Mockito.verify(mockedWebRequestHandler, Mockito.times(1)).sendPost(Mockito.any(URL.class), Mockito.<String, String>anyMap(), Mockito.refEq(Util.getPostMessage(frtToken, clientId, anotherResource)), Mockito.anyString());
Mockito.verify(mockedWebRequestHandler, Mockito.times(1)).sendPost(Mockito.any(URL.class), Mockito.<String, String>anyMap(), Mockito.refEq(Util.getPostMessage(mrrtToken, clientId, anotherResource)), Mockito.anyString());
clearCache(mockCache);
}
use of com.microsoft.identity.common.adal.internal.net.IWebRequestHandler in project azure-activedirectory-library-for-android by AzureAD.
the class AcquireTokenSilentHandlerTest method testMRRTSuccessNoFoCI.
/**
* Test only when MRRT without FoCI in the cache.
*/
@Test
public void testMRRTSuccessNoFoCI() throws IOException, JSONException {
FileMockContext mockContext = new FileMockContext(getContext());
final ITokenCacheStore mockedCache = new DefaultTokenCacheStore(getContext());
final String resource = "resource";
final String clientId = "clientId";
// Add MRRT in the cache for same clientid
final TokenCacheItem mrrtTokenCacheItem = Util.getTokenCacheItem(VALID_AUTHORITY, resource, clientId, TEST_IDTOKEN_USERID, TEST_IDTOKEN_UPN);
final String mrrt = "MRRT Refresh Token";
mrrtTokenCacheItem.setRefreshToken(mrrt);
mrrtTokenCacheItem.setResource(null);
mrrtTokenCacheItem.setIsMultiResourceRefreshToken(true);
saveTokenIntoCache(mockedCache, mrrtTokenCacheItem);
final AuthenticationRequest authenticationRequest = getAuthenticationRequest(VALID_AUTHORITY, resource, clientId, false);
authenticationRequest.setUserIdentifierType(UserIdentifierType.UniqueId);
authenticationRequest.setUserId(TEST_IDTOKEN_USERID);
final AcquireTokenSilentHandler acquireTokenSilentHandler = getAcquireTokenHandler(mockContext, authenticationRequest, mockedCache);
// inject mocked web request handler
final IWebRequestHandler mockedWebRequestHandler = Mockito.mock(WebRequestHandler.class);
// Token redeem with RT fail with invalid_grant.
final byte[] postMessage = Util.getPostMessage(mrrt, clientId, resource);
Mockito.when(mockedWebRequestHandler.sendPost(Mockito.any(URL.class), Mockito.<String, String>anyMap(), AdditionalMatchers.aryEq(postMessage), Mockito.anyString())).thenReturn(new HttpWebResponse(HttpURLConnection.HTTP_OK, Util.getSuccessTokenResponse(true, false), null));
acquireTokenSilentHandler.setWebRequestHandler(mockedWebRequestHandler);
try {
final AuthenticationResult authenticationResult = acquireTokenSilentHandler.getAccessToken();
assertNotNull(authenticationResult);
assertNull(authenticationResult.getErrorCode());
assertNotNull(authenticationResult.getAccessToken());
assertNotNull(authenticationResult.getRefreshToken());
} catch (AuthenticationException authException) {
fail("Unexpected Exception");
}
// MRRT token entry
assertNotNull(mockedCache.getItem(CacheKey.createCacheKeyForMRRT(VALID_AUTHORITY, clientId, TEST_IDTOKEN_USERID)));
assertNotNull(mockedCache.getItem(CacheKey.createCacheKeyForMRRT(VALID_AUTHORITY, clientId, TEST_IDTOKEN_UPN)));
// RT entry
assertNotNull(mockedCache.getItem(CacheKey.createCacheKeyForRTEntry(VALID_AUTHORITY, resource, clientId, TEST_IDTOKEN_USERID)));
assertNotNull(mockedCache.getItem(CacheKey.createCacheKeyForRTEntry(VALID_AUTHORITY, resource, clientId, TEST_IDTOKEN_UPN)));
clearCache(mockedCache);
}
use of com.microsoft.identity.common.adal.internal.net.IWebRequestHandler in project azure-activedirectory-library-for-android by AzureAD.
the class AcquireTokenSilentHandlerTest method testTokenPresentForPassedInAuthorityAndOtherAliasedHost.
/**
* If a token is not present for preferred_cache, but available for the developer specified authority, as well as other alias,
* the developer specified authority token is used.
*/
@Test
public void testTokenPresentForPassedInAuthorityAndOtherAliasedHost() throws IOException, JSONException {
final FileMockContext mockContext = new FileMockContext(getContext());
final ITokenCacheStore mockedCache = new DefaultTokenCacheStore(getContext());
clearCache(mockedCache);
updateAuthorityMetadataCache();
// insert token with authority as other aliased host
final String resource = "resource";
final String clientId = "clientId";
// Add regular RT item without RT in the cache
final String aliasedAuthority = "https://test.alias/test.onmicrosoft.com";
final String rtForAliashedHost = "rt with aliased authority";
final TokenCacheItem rtTokenCacheItem = Util.getTokenCacheItem(aliasedAuthority, resource, clientId, TEST_IDTOKEN_USERID, TEST_IDTOKEN_UPN);
rtTokenCacheItem.setRefreshToken(rtForAliashedHost);
rtTokenCacheItem.setIsMultiResourceRefreshToken(false);
saveTokenIntoCache(mockedCache, rtTokenCacheItem);
// insert token with authority as aliased host
final String testHostAuthority = "https://test.host/test.onmicrosoft.com";
final String rtForTestHost = "rt for test host";
final TokenCacheItem itemWithTestHost = Util.getTokenCacheItem(testHostAuthority, resource, clientId, TEST_IDTOKEN_USERID, TEST_IDTOKEN_UPN);
itemWithTestHost.setRefreshToken(rtForTestHost);
saveTokenIntoCache(mockedCache, itemWithTestHost);
final AuthenticationRequest authenticationRequest = getAuthenticationRequest(testHostAuthority, resource, clientId, false);
authenticationRequest.setUserIdentifierType(UserIdentifierType.UniqueId);
authenticationRequest.setUserId(TEST_IDTOKEN_USERID);
final AcquireTokenSilentHandler acquireTokenSilentHandler = getAcquireTokenHandler(mockContext, authenticationRequest, mockedCache);
// inject mocked web request handler
final IWebRequestHandler mockedWebRequestHandler = Mockito.mock(WebRequestHandler.class);
// MRRT request fails with invalid_grant
Mockito.when(mockedWebRequestHandler.sendPost(Mockito.any(URL.class), Mockito.<String, String>anyMap(), AdditionalMatchers.aryEq(Util.getPostMessage(rtForTestHost, clientId, resource)), Mockito.anyString())).thenReturn(new HttpWebResponse(HttpURLConnection.HTTP_OK, Util.getSuccessTokenResponse(false, false), null));
acquireTokenSilentHandler.setWebRequestHandler(mockedWebRequestHandler);
try {
final AuthenticationResult result = acquireTokenSilentHandler.getAccessToken();
assertNotNull(result);
assertNotNull(result.getAccessToken());
} catch (final AuthenticationException e) {
fail();
}
Mockito.verify(mockedWebRequestHandler, Mockito.times(1)).sendPost(Mockito.any(URL.class), Mockito.<String, String>anyMap(), AdditionalMatchers.aryEq(Util.getPostMessage(rtForTestHost, clientId, resource)), Mockito.anyString());
// verify token items
final String preferredCacheLocation = "https://preferred.cache/test.onmicrosoft.com";
assertNotNull(mockedCache.getItem(CacheKey.createCacheKeyForRTEntry(preferredCacheLocation, resource, clientId, TEST_IDTOKEN_USERID)));
assertNotNull(mockedCache.getItem(CacheKey.createCacheKeyForRTEntry(preferredCacheLocation, resource, clientId, TEST_IDTOKEN_UPN)));
clearCache(mockedCache);
}
use of com.microsoft.identity.common.adal.internal.net.IWebRequestHandler in project azure-activedirectory-library-for-android by AzureAD.
the class AcquireTokenSilentHandlerTest method testRefreshTokenWebRequestHasError.
/**
* Acquire token uses refresh token, but web request returns error with an empty body.
*/
@Test
public void testRefreshTokenWebRequestHasError() throws IOException {
FileMockContext mockContext = new FileMockContext(getContext());
ITokenCacheStore mockCache = getCacheForRefreshToken(TEST_IDTOKEN_USERID, TEST_IDTOKEN_UPN);
final String resource = "resource";
final String clientId = "clientId";
final AuthenticationRequest authenticationRequest = getAuthenticationRequest(VALID_AUTHORITY, resource, clientId, false);
authenticationRequest.setUserIdentifierType(UserIdentifierType.UniqueId);
authenticationRequest.setUserId(TEST_IDTOKEN_USERID);
final AcquireTokenSilentHandler acquireTokenSilentHandler = getAcquireTokenHandler(mockContext, authenticationRequest, mockCache);
// inject mocked web request handler
final IWebRequestHandler mockedWebRequestHandler = Mockito.mock(WebRequestHandler.class);
Mockito.when(mockedWebRequestHandler.sendPost(Mockito.any(URL.class), Mockito.<String, String>anyMap(), Mockito.any(byte[].class), Mockito.anyString())).thenReturn(new HttpWebResponse(HttpURLConnection.HTTP_INTERNAL_ERROR, "{\"error\":\"interaction_required\" ,\"error_description\":\"Windows device is not in required device state\"}", new HashMap<String, List<String>>()));
acquireTokenSilentHandler.setWebRequestHandler(mockedWebRequestHandler);
try {
acquireTokenSilentHandler.getAccessToken();
fail("Expect exception");
} catch (final AuthenticationException authenticationException) {
assertTrue(authenticationException.getCode() == ADALError.AUTH_FAILED_NO_TOKEN);
assertTrue(authenticationException.getCause() instanceof AuthenticationException);
final AuthenticationException throwable = (AuthenticationException) authenticationException.getCause();
assertTrue(throwable.getCode() == ADALError.SERVER_ERROR);
assertNotNull(authenticationException.getHttpResponseBody());
assertEquals(authenticationException.getServiceStatusCode(), HttpURLConnection.HTTP_INTERNAL_ERROR);
}
clearCache(mockCache);
}
Aggregations