add obo test for cache key

AzureAD · Jun 27, 2020 · 1059c32 · 1059c32
1 parent 5f751ba
commit 1059c32
Showing 1 changed file with 17 additions and 12 deletions.
diff --git a/...osoft.Identity.Test.Integration.net45/HeadlessTests/ConfidentialClientIntegrationTests.cs b/...osoft.Identity.Test.Integration.net45/HeadlessTests/ConfidentialClientIntegrationTests.cs
@@ -51,6 +51,7 @@ public class ConfidentialClientIntegrationTests
         private const string RedirectUri = "https://login.microsoftonline.com/common/oauth2/nativeclient";
         private const string PublicCloudTestAuthority = "https://login.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47";
         private const string AdfsCertName = "IDLABS-APP-Confidential-Client-Cert-OnPrem";
+        private const string AppCacheKey = "16dab2ba-145d-4b1b-8569-bf4b9aed4dc8_AppTokenCache";
         private KeyVaultSecretsProvider _keyVault;
         private static string _publicCloudCcaSecret;
         private static string _arlingtonCCASecret;
@@ -131,7 +132,7 @@ public async Task ConfidentialClientWithCertificateTestAsync()
             MsalAssert.AssertAuthResult(authResult);
             appCacheRecorder.AssertAccessCounts(1, 1);
             Assert.IsTrue(appCacheRecorder.LastNotificationArgs.IsApplicationCache);
-            Assert.AreEqual("16dab2ba-145d-4b1b-8569-bf4b9aed4dc8_AppTokenCache", appCacheRecorder.LastNotificationArgs.SuggestedCacheKey);
+            Assert.AreEqual(AppCacheKey, appCacheRecorder.LastNotificationArgs.SuggestedCacheKey);
 
             // Call again to ensure token cache is hit
             authResult = await confidentialApp
@@ -142,7 +143,7 @@ public async Task ConfidentialClientWithCertificateTestAsync()
             MsalAssert.AssertAuthResult(authResult);
             appCacheRecorder.AssertAccessCounts(2, 1);
             Assert.IsTrue(appCacheRecorder.LastNotificationArgs.IsApplicationCache);
-            Assert.AreEqual("16dab2ba-145d-4b1b-8569-bf4b9aed4dc8_AppTokenCache", appCacheRecorder.LastNotificationArgs.SuggestedCacheKey);
+            Assert.AreEqual(AppCacheKey, appCacheRecorder.LastNotificationArgs.SuggestedCacheKey);
         }
 
         [TestMethod]
@@ -168,7 +169,7 @@ public async Task ConfidentialClientWithRSACertificateTestAsync()
             MsalAssert.AssertAuthResult(authResult);
             appCacheRecorder.AssertAccessCounts(1, 1);
             Assert.IsTrue(appCacheRecorder.LastNotificationArgs.IsApplicationCache);
-            Assert.AreEqual("16dab2ba-145d-4b1b-8569-bf4b9aed4dc8_AppTokenCache", appCacheRecorder.LastNotificationArgs.SuggestedCacheKey);
+            Assert.AreEqual(AppCacheKey, appCacheRecorder.LastNotificationArgs.SuggestedCacheKey);
 
             // Call again to ensure token cache is hit
             authResult = await confidentialApp
@@ -179,7 +180,7 @@ public async Task ConfidentialClientWithRSACertificateTestAsync()
             MsalAssert.AssertAuthResult(authResult);
             appCacheRecorder.AssertAccessCounts(2, 1);
             Assert.IsTrue(appCacheRecorder.LastNotificationArgs.IsApplicationCache);
-            Assert.AreEqual("16dab2ba-145d-4b1b-8569-bf4b9aed4dc8_AppTokenCache", appCacheRecorder.LastNotificationArgs.SuggestedCacheKey);
+            Assert.AreEqual(AppCacheKey, appCacheRecorder.LastNotificationArgs.SuggestedCacheKey);
         }
 
         [TestMethod]
@@ -218,7 +219,7 @@ public async Task RunTestWithClientSecretAsync(string clientID, string authority
             MsalAssert.AssertAuthResult(authResult);
             appCacheRecorder.AssertAccessCounts(1, 1);
             Assert.IsTrue(appCacheRecorder.LastNotificationArgs.IsApplicationCache);
-            Assert.AreEqual("16dab2ba-145d-4b1b-8569-bf4b9aed4dc8_AppTokenCache", appCacheRecorder.LastNotificationArgs.SuggestedCacheKey);
+            Assert.AreEqual(AppCacheKey, appCacheRecorder.LastNotificationArgs.SuggestedCacheKey);
 
             // Call again to ensure token cache is hit
             authResult = await confidentialApp.AcquireTokenForClient(s_keyvaultScope)
@@ -228,7 +229,7 @@ public async Task RunTestWithClientSecretAsync(string clientID, string authority
             MsalAssert.AssertAuthResult(authResult);
             appCacheRecorder.AssertAccessCounts(2, 1);
             Assert.IsTrue(appCacheRecorder.LastNotificationArgs.IsApplicationCache);
-            Assert.AreEqual("16dab2ba-145d-4b1b-8569-bf4b9aed4dc8_AppTokenCache", appCacheRecorder.LastNotificationArgs.SuggestedCacheKey);
+            Assert.AreEqual(AppCacheKey, appCacheRecorder.LastNotificationArgs.SuggestedCacheKey);
         }
 
         [TestMethod]
@@ -305,7 +306,7 @@ public async Task ConfidentialClientWithSignedAssertionTestAsync()
 
             appCacheRecorder.AssertAccessCounts(1, 1);
             Assert.IsTrue(appCacheRecorder.LastNotificationArgs.IsApplicationCache);
-            Assert.AreEqual("16dab2ba-145d-4b1b-8569-bf4b9aed4dc8_AppTokenCache", appCacheRecorder.LastNotificationArgs.SuggestedCacheKey);
+            Assert.AreEqual(AppCacheKey, appCacheRecorder.LastNotificationArgs.SuggestedCacheKey);
             ValidateClaimsInAssertion(claims, ((ConfidentialClientApplication)confidentialApp).ClientCredential.SignedAssertion);
             MsalAssert.AssertAuthResult(authResult);
 
@@ -316,7 +317,7 @@ public async Task ConfidentialClientWithSignedAssertionTestAsync()
 
             appCacheRecorder.AssertAccessCounts(2, 1);
             Assert.IsTrue(appCacheRecorder.LastNotificationArgs.IsApplicationCache);
-            Assert.AreEqual("16dab2ba-145d-4b1b-8569-bf4b9aed4dc8_AppTokenCache", appCacheRecorder.LastNotificationArgs.SuggestedCacheKey);
+            Assert.AreEqual(AppCacheKey, appCacheRecorder.LastNotificationArgs.SuggestedCacheKey);
         }
 
         private void ValidateClaimsInAssertion(IDictionary<string, string> claims, string assertion)
@@ -551,7 +552,7 @@ private async Task RunOnBehalfOfTestAsync(LabResponse labResponse)
                     break;
             }
 
-            //TODO: acquire scenario specific client ids from the lab resonse
+            //TODO: acquire scenario specific client ids from the lab response
 
             SecureString securePassword = new NetworkCredential("", user.GetOrFetchPassword()).SecurePassword;
 
@@ -574,14 +575,18 @@ private async Task RunOnBehalfOfTestAsync(LabResponse labResponse)
                 .WithTestLogging()
                 .Build();
 
-            var appCacheRecorder = confidentialApp.AppTokenCache.RecordAccess();
+            var userCacheRecorder = confidentialApp.UserTokenCache.RecordAccess();
+
+            UserAssertion userAssertion = new UserAssertion(authResult.AccessToken);
+
+            string atHash = userAssertion.AssertionHash;
 
-            authResult = await confidentialApp.AcquireTokenOnBehalfOf(s_scopes, new UserAssertion(authResult.AccessToken))
+            authResult = await confidentialApp.AcquireTokenOnBehalfOf(s_scopes, userAssertion)
                 .ExecuteAsync(CancellationToken.None)
                 .ConfigureAwait(false);
 
             MsalAssert.AssertAuthResult(authResult, user);
-            //Assert.AreEqual("YKaBLu1qpbkeiYa3QRiHRD066w8xp31kaWKrDZdxCfo", appCacheRecorder.LastNotificationArgs.SuggestedCacheKey);
+            Assert.AreEqual(atHash, userCacheRecorder.LastNotificationArgs.SuggestedCacheKey);
         }
     }
 }