tests(service-client): E2E tests for aad auth on all our clients

Azure · Feb 19, 2021 · 16b2609 · 16b2609
1 parent b857a98
commit 16b2609
Show file tree

Hide file tree

Showing 5 changed files with 175 additions and 11 deletions.
diff --git a/e2e/test/E2ETests.csproj b/e2e/test/E2ETests.csproj
@@ -45,6 +45,7 @@
   <!-- NetCore and .NET 4.7.2 -->
   <ItemGroup Condition=" '$(TargetFramework)' != 'net451' ">
     <PackageReference Include="Microsoft.Azure.Storage.Blob" Version="11.1.3" />
+    <PackageReference Include="Azure.Identity" Version="1.3.0" />
   </ItemGroup>
 
   <ItemGroup Condition=" '$(AZURE_IOT_LOCALPACKAGES)' == '' ">

diff --git a/e2e/test/config/Configuration.IoTHub.cs b/e2e/test/config/Configuration.IoTHub.cs
@@ -3,6 +3,13 @@
 
 using System;
 using System.Security.Cryptography.X509Certificates;
+
+#if !NET451
+
+using Azure.Identity;
+
+#endif
+
 using Microsoft.VisualStudio.TestTools.UnitTesting;
 
 namespace Microsoft.Azure.Devices.E2ETests
@@ -14,6 +21,24 @@ public static partial class IoTHub
             public static string ConnectionString => GetValue("IOTHUB_CONN_STRING_CSHARP");
             public static string X509ChainDeviceName => GetValue("IOTHUB_X509_CHAIN_DEVICE_NAME");
 
+            public static string GetIotHubHostName()
+            {
+                var config = new Configuration.IoTHub.ConnectionStringParser(ConnectionString);
+                return config.IoTHubHostName;
+            }
+
+#if !NET451
+
+            public static ClientSecretCredential GetClientSecretCredential()
+            {
+                return new ClientSecretCredential(
+                    GetValue("IOTHUB_TENANT_ID"),
+                    GetValue("IOTHUB_CLIENT_ID"),
+                    GetValue("IOTHUB_CLIENT_SECRET"));
+            }
+
+#endif
+
             public static X509Certificate2 GetCertificateWithPrivateKey()
             {
                 const string hubPfxCert = "IOTHUB_X509_PFX_CERTIFICATE";
@@ -65,9 +90,9 @@ public static X509Certificate2 GetIntermediate2Certificate()
             /// </summary>
             public const string InvalidProxyServerAddress = "127.0.0.1:1234";
 
-            public class DeviceConnectionStringParser
+            public class ConnectionStringParser
             {
-                public DeviceConnectionStringParser(string connectionString)
+                public ConnectionStringParser(string connectionString)
                 {
                     string[] parts = connectionString.Split(';');
                     foreach (string part in parts)
@@ -77,7 +102,7 @@ public DeviceConnectionStringParser(string connectionString)
                         switch (tv[0].ToUpperInvariant())
                         {
                             case "HOSTNAME":
-                                IoTHub = part.Substring("HOSTNAME=".Length);
+                                IoTHubHostName = part.Substring("HOSTNAME=".Length);
                                 break;
 
                             case "SHAREDACCESSKEY":
@@ -94,7 +119,7 @@ public DeviceConnectionStringParser(string connectionString)
                     }
                 }
 
-                public string IoTHub
+                public string IoTHubHostName
                 {
                     get;
                     private set;

diff --git a/e2e/test/iothub/ConnectionStatusChangeHandlerTests.cs b/e2e/test/iothub/ConnectionStatusChangeHandlerTests.cs
@@ -109,7 +109,7 @@ private async Task DeviceClient_Gives_ConnectionStatus_DeviceDisabled_Base(
             TestDevice testDevice = await TestDevice.GetTestDeviceAsync(Logger, DevicePrefix + $"_{Guid.NewGuid()}").ConfigureAwait(false);
             string deviceConnectionString = testDevice.ConnectionString;
 
-            var config = new Configuration.IoTHub.DeviceConnectionStringParser(deviceConnectionString);
+            var config = new Configuration.IoTHub.ConnectionStringParser(deviceConnectionString);
             string deviceId = config.DeviceID;
 
             ConnectionStatus? status = null;

diff --git a/e2e/test/iothub/DeviceTokenRefreshE2ETests.cs b/e2e/test/iothub/DeviceTokenRefreshE2ETests.cs
@@ -30,8 +30,8 @@ public async Task DeviceClient_Not_Exist_AMQP()
         {
             TestDevice testDevice = await TestDevice.GetTestDeviceAsync(Logger, DevicePrefix).ConfigureAwait(false);
 
-            var config = new Configuration.IoTHub.DeviceConnectionStringParser(testDevice.ConnectionString);
-            using (DeviceClient deviceClient = DeviceClient.CreateFromConnectionString($"HostName={config.IoTHub};DeviceId=device_id_not_exist;SharedAccessKey={config.SharedAccessKey}", Client.TransportType.Amqp_Tcp_Only))
+            var config = new Configuration.IoTHub.ConnectionStringParser(testDevice.ConnectionString);
+            using (DeviceClient deviceClient = DeviceClient.CreateFromConnectionString($"HostName={config.IoTHubHostName};DeviceId=device_id_not_exist;SharedAccessKey={config.SharedAccessKey}", Client.TransportType.Amqp_Tcp_Only))
             {
                 await deviceClient.OpenAsync().ConfigureAwait(false);
             }
@@ -43,9 +43,9 @@ public async Task DeviceClient_Bad_Credentials_AMQP()
         {
             TestDevice testDevice = await TestDevice.GetTestDeviceAsync(Logger, DevicePrefix).ConfigureAwait(false);
 
-            var config = new Configuration.IoTHub.DeviceConnectionStringParser(testDevice.ConnectionString);
+            var config = new Configuration.IoTHub.ConnectionStringParser(testDevice.ConnectionString);
             string invalidKey = Convert.ToBase64String(Encoding.UTF8.GetBytes("invalid_key"));
-            using (DeviceClient deviceClient = DeviceClient.CreateFromConnectionString($"HostName={config.IoTHub};DeviceId={config.DeviceID};SharedAccessKey={invalidKey}", Client.TransportType.Amqp_Tcp_Only))
+            using (DeviceClient deviceClient = DeviceClient.CreateFromConnectionString($"HostName={config.IoTHubHostName};DeviceId={config.DeviceID};SharedAccessKey={invalidKey}", Client.TransportType.Amqp_Tcp_Only))
             {
                 await deviceClient.OpenAsync().ConfigureAwait(false);
             }
@@ -82,8 +82,8 @@ public async Task DeviceClient_TokenConnectionDoubleRelease_Ok()
 
             string deviceConnectionString = testDevice.ConnectionString;
 
-            var config = new Configuration.IoTHub.DeviceConnectionStringParser(deviceConnectionString);
-            string iotHub = config.IoTHub;
+            var config = new Configuration.IoTHub.ConnectionStringParser(deviceConnectionString);
+            string iotHub = config.IoTHubHostName;
             string deviceId = config.DeviceID;
             string key = config.SharedAccessKey;
 

diff --git a/e2e/test/iothub/TokenCredentialAuthenticationTests.cs b/e2e/test/iothub/TokenCredentialAuthenticationTests.cs
@@ -0,0 +1,138 @@
+// Copyright (c) Microsoft. All rights reserved.
+// Licensed under the MIT license. See LICENSE file in the project root for full license information.
+using System;
+using System.Collections.Generic;
+using System.Text;
+using System.Threading.Tasks;
+using FluentAssertions;
+using Microsoft.Azure.Devices.Client;
+using Microsoft.Azure.Devices.Common.Exceptions;
+using Microsoft.Azure.Devices.E2ETests.Helpers;
+using Microsoft.Azure.Devices.Shared;
+using Microsoft.VisualStudio.TestTools.UnitTesting;
+
+#if !NET451
+
+using Microsoft.Rest;
+using Azure.Core;
+using Azure.Identity;
+
+#endif
+
+using ClientOptions = Microsoft.Azure.Devices.Client.ClientOptions;
+
+namespace Microsoft.Azure.Devices.E2ETests.iothub
+{
+    /// <summary>
+    /// Tests to ensure authentication using Azure active directory succeeds in all the clients.
+    /// </summary>
+    [TestClass]
+    [TestCategory("E2E")]
+    [TestCategory("IoTHub")]
+    public class TokenCredentialAuthenticationTests : E2EMsTestBase
+    {
+        private readonly string _devicePrefix = $"E2E_{nameof(TokenCredentialAuthenticationTests)}_";
+
+#if !NET451
+
+        [LoggedTestMethod]
+        public async Task RegistryManager_Http_TokenCredentialAuth_Success()
+        {
+            // arrange
+            using var registryManager = RegistryManager.Create(
+                Configuration.IoTHub.GetIotHubHostName(),
+                Configuration.IoTHub.GetClientSecretCredential());
+            var device = new Device(Guid.NewGuid().ToString());
+
+            // act
+            Device createdDevice = await registryManager.AddDeviceAsync(device).ConfigureAwait(false);
+
+            // assert
+            Assert.IsNotNull(createdDevice);
+            await registryManager.RemoveDeviceAsync(device.Id).ConfigureAwait(false);
+        }
+
+        [LoggedTestMethod]
+        public async Task JobClient_Http_TokenCredentialAuth_Success()
+        {
+            // arrange
+            using var jobClient = JobClient.Create(
+                Configuration.IoTHub.GetIotHubHostName(),
+                Configuration.IoTHub.GetClientSecretCredential());
+
+            string jobId = "JOBSAMPLE" + Guid.NewGuid().ToString();
+            string jobDeviceId = "JobsSample_Device";
+            string query = $"DeviceId IN ['{jobDeviceId}']";
+            Twin twin = new Twin(jobDeviceId);
+
+            try
+            {
+                // act
+                JobResponse createJobResponse = await jobClient.ScheduleTwinUpdateAsync(
+                    jobId,
+                    query,
+                    twin,
+                    DateTime.UtcNow,
+                    (long)TimeSpan.FromMinutes(2).TotalSeconds).ConfigureAwait(false);
+            }
+            catch (ThrottlingException)
+            {
+                // Concurrent jobs can be rejected, but it still means authentication was successful. Ignore the exception.
+            }
+        }
+
+        [LoggedTestMethod]
+        public async Task DigitalTwinClient_Http_TokenCredentialAuth_Success()
+        {
+            // arrange
+            TestDevice testDevice = await TestDevice.GetTestDeviceAsync(Logger, _devicePrefix).ConfigureAwait(false);
+            string deviceId = testDevice.Id;
+            string thermostatModelId = "dtmi:com:example:TemperatureController;1";
+
+            // Create a device client instance initializing it with the "Thermostat" model.
+            var options = new ClientOptions
+            {
+                ModelId = thermostatModelId,
+            };
+            using DeviceClient deviceClient = testDevice.CreateDeviceClient(Client.TransportType.Mqtt, options);
+
+            // Call openAsync() to open the device's connection, so that the ModelId is sent over Mqtt CONNECT packet.
+            await deviceClient.OpenAsync().ConfigureAwait(false);
+
+            using var digitalTwinClient = DigitalTwinClient.Create(
+                Configuration.IoTHub.GetIotHubHostName(),
+                Configuration.IoTHub.GetClientSecretCredential());
+
+            // act
+            HttpOperationResponse<ThermostatTwin, DigitalTwinGetHeaders> response = await digitalTwinClient
+                .GetDigitalTwinAsync<ThermostatTwin>(deviceId)
+                .ConfigureAwait(false);
+            ThermostatTwin twin = response.Body;
+
+            // assert
+            twin.Metadata.ModelId.Should().Be(thermostatModelId);
+        }
+
+        [LoggedTestMethod]
+        public async Task Service_Amqp_TokenCredentialAuth_Success()
+        {
+            // arrange
+            TestDevice testDevice = await TestDevice.GetTestDeviceAsync(Logger, _devicePrefix).ConfigureAwait(false);
+            string deviceId = testDevice.Id;
+            using DeviceClient deviceClient = testDevice.CreateDeviceClient(Client.TransportType.Mqtt);
+            await deviceClient.OpenAsync().ConfigureAwait(false);
+
+            using var serviceClient = ServiceClient.Create(
+                Configuration.IoTHub.GetIotHubHostName(),
+                Configuration.IoTHub.GetClientSecretCredential(),
+                TransportType.Amqp);
+
+            // act
+            await serviceClient.OpenAsync().ConfigureAwait(false);
+            using var message = new Message(Encoding.ASCII.GetBytes("Hello, Cloud!"));
+            await serviceClient.SendAsync(deviceId, message);
+        }
+
+#endif
+    }
+}