Merge pull request #136 from microsoft/andrueastman/enableLocalHost

Do not require https for localhost
microsoft · Nov 3, 2023 · 6a5ad5e · 6a5ad5e
2 parents 49de41c + 97f5841
commit 6a5ad5e
Show file tree

Hide file tree

Showing 5 changed files with 34 additions and 3 deletions.
diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml
@@ -71,7 +71,7 @@ jobs:
           CoverletOutputFormat: 'opencover' # https://github.com/microsoft/vstest/issues/4014#issuecomment-1307913682
         shell: pwsh
         run: |
-          ./.sonar/scanner/dotnet-sonarscanner begin /k:"microsoft_kiota-authentication-azure-dotnet" /o:"microsoft" /d:sonar.login="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.cs.opencover.reportsPaths="Microsoft.Kiota.Authentication.Azure.Tests/coverage.opencover.xml"
+          ./.sonar/scanner/dotnet-sonarscanner begin /k:"microsoft_kiota-authentication-azure-dotnet" /o:"microsoft" /d:sonar.login="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.cs.opencover.reportsPaths="Microsoft.Kiota.Authentication.Azure.Tests/coverage.net6.0.opencover.xml"
           dotnet workload restore
           dotnet build
           dotnet test Microsoft.Kiota.Authentication.Azure.sln --no-build --verbosity normal /p:CollectCoverage=true /p:CoverletOutputFormat=opencover

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -9,6 +9,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Added
 
+## [1.1.1] - 2023-11-03
+
+### Added
+
+- Allow http scheme on localhost.
+
 ## [1.1.0] - 2023-10-23
 
 ### Added

diff --git a/Microsoft.Kiota.Authentication.Azure.Tests/AzureIdentityAuthenticationProviderTests.cs b/Microsoft.Kiota.Authentication.Azure.Tests/AzureIdentityAuthenticationProviderTests.cs
@@ -88,6 +88,23 @@ public async Task GetAuthorizationTokenAsyncThrowsExcpetionForNonHTTPsUrl()
         var exception = await Assert.ThrowsAsync<ArgumentException>(() => azureIdentityAuthenticationProvider.GetAuthorizationTokenAsync(new Uri(nonHttpsUrl)));
         Assert.Equal("Only https is supported", exception.Message);
     }
+
+    [Theory]
+    [InlineData("http://localhost/test")]
+    [InlineData("http://localhost:8080/test")]
+    [InlineData("http://127.0.0.1:8080/test")]
+    [InlineData("http://127.0.0.1/test")]
+    public async Task GetAuthorizationTokenAsyncDoesNotThrowsExcpetionForNonHTTPsUrlIfLocalHost(string nonHttpsUrl)
+    {
+        // Arrange
+        var mockTokenCredential = new Mock<TokenCredential>();
+        mockTokenCredential.Setup(credential => credential.GetTokenAsync(It.IsAny<TokenRequestContext>(), It.IsAny<CancellationToken>())).Returns(new ValueTask<AccessToken>(new AccessToken(string.Empty, DateTimeOffset.Now)));
+        var azureIdentityAuthenticationProvider = new AzureIdentityAccessTokenProvider(mockTokenCredential.Object);
+
+        // Assert
+        var token = await azureIdentityAuthenticationProvider.GetAuthorizationTokenAsync(new Uri(nonHttpsUrl));
+        Assert.Empty(token);
+    }
     [Fact]
     public async Task AddsClaimsToTheTokenContext()
     {

diff --git a/src/AzureIdentityAccessTokenProvider.cs b/src/AzureIdentityAccessTokenProvider.cs
@@ -50,6 +50,14 @@ public AzureIdentityAccessTokenProvider(TokenCredential credential, string []? a
 
     private const string ClaimsKey = "claims";
 
+    private readonly HashSet<string> _localHostStrings = new HashSet<string>(StringComparer.OrdinalIgnoreCase)
+    {
+        "localhost",
+        "[::1]",
+        "::1",
+        "127.0.0.1"
+    };
+
     /// <inheritdoc/>
     public async Task<string> GetAuthorizationTokenAsync(Uri uri, Dictionary<string, object>? additionalAuthenticationContext = default, CancellationToken cancellationToken = default)
     {
@@ -59,7 +67,7 @@ public async Task<string> GetAuthorizationTokenAsync(Uri uri, Dictionary<string,
             return string.Empty;
         }
 
-        if(!uri.Scheme.Equals("https", StringComparison.OrdinalIgnoreCase)) {
+        if(!uri.Scheme.Equals("https", StringComparison.OrdinalIgnoreCase) && !_localHostStrings.Contains(uri.Host)) {
             span?.SetTag("com.microsoft.kiota.authentication.is_url_valid", BoxedFalse);
             throw new ArgumentException("Only https is supported");
         }

diff --git a/src/Microsoft.Kiota.Authentication.Azure.csproj b/src/Microsoft.Kiota.Authentication.Azure.csproj
@@ -14,7 +14,7 @@
     <PackageProjectUrl>https://aka.ms/kiota/docs</PackageProjectUrl>
     <EmbedUntrackedSources>true</EmbedUntrackedSources>
     <Deterministic>true</Deterministic>
-    <VersionPrefix>1.1.0</VersionPrefix>
+    <VersionPrefix>1.1.1</VersionPrefix>
     <VersionSuffix></VersionSuffix>
     <GenerateDocumentationFile>true</GenerateDocumentationFile>
     <GeneratePackageOnBuild>true</GeneratePackageOnBuild>