From 947b537df005666c768ba19ed6fb776b68a490de Mon Sep 17 00:00:00 2001
From: lilgreenbird <v-susanh@microsoft.com>
Date: Mon, 6 Apr 2020 15:08:17 -0700
Subject: [PATCH] Add more tests for Managed Identities authentication for AKV
 to increase code coverage (#1305)

---
 .../sqlserver/jdbc/SQLServerResource.java     |  2 +-
 .../jdbc/AlwaysEncrypted/MSITest.java         | 92 +++++++++++++++++++
 .../sqlserver/testframework/Constants.java    |  1 +
 3 files changed, 94 insertions(+), 1 deletion(-)

diff --git a/src/main/java/com/microsoft/sqlserver/jdbc/SQLServerResource.java b/src/main/java/com/microsoft/sqlserver/jdbc/SQLServerResource.java
index b38fe8a6a..4f42a5025 100644
--- a/src/main/java/com/microsoft/sqlserver/jdbc/SQLServerResource.java
+++ b/src/main/java/com/microsoft/sqlserver/jdbc/SQLServerResource.java
@@ -529,7 +529,7 @@ protected Object[][] getContents() {
                     "\"keyStoreAuthentication\" connection string keyword must be specified, if \"{0}\" is specified."},
             {"R_keyStoreSecretOrLocationNotSet",
                     "Both \"keyStoreSecret\" and \"keyStoreLocation\" must be set, if \"keyStoreAuthentication=JavaKeyStorePassword\" has been specified in the connection string."},
-            {"R_keyStoreSecretnNotSet",
+            {"R_keyStoreSecretNotSet",
                     "\"keyStoreSecret\" must be set, if \"keyStoreAuthentication=KeyVaultClientSecret\" has been specified in the connection string."},
             {"R_certificateStoreInvalidKeyword",
                     "Cannot set \"keyStoreSecret\", if \"keyStoreAuthentication=CertificateStore\" has been specified in the connection string."},
diff --git a/src/test/java/com/microsoft/sqlserver/jdbc/AlwaysEncrypted/MSITest.java b/src/test/java/com/microsoft/sqlserver/jdbc/AlwaysEncrypted/MSITest.java
index 6c073eaf8..552ef2012 100644
--- a/src/test/java/com/microsoft/sqlserver/jdbc/AlwaysEncrypted/MSITest.java
+++ b/src/test/java/com/microsoft/sqlserver/jdbc/AlwaysEncrypted/MSITest.java
@@ -5,6 +5,7 @@
 package com.microsoft.sqlserver.jdbc.AlwaysEncrypted;
 
 import static org.junit.jupiter.api.Assertions.fail;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 import java.sql.Connection;
 import java.sql.ResultSet;
@@ -159,6 +160,21 @@ public void testCharAkvWithCred() throws SQLException {
         testCharAkv(connStr);
     }
 
+    /*
+     * Test AKV with with credentials using deprecated properties
+     */
+    @Test
+    public void testCharAkvWithCredDeprecated() throws SQLException {
+        // unregister the custom providers registered in AESetup
+        SQLServerConnection.unregisterColumnEncryptionKeyStoreProviders();
+
+        // add deprecated connection properties
+        String connStr = AETestConnectionString;
+        connStr = TestUtils.addOrOverrideProperty(connStr, Constants.KEYVAULTPROVIDER_CLIENTID, keyStorePrincipalId);
+        connStr = TestUtils.addOrOverrideProperty(connStr, Constants.KEYVAULTPROVIDER_CLIENTKEY, keyStoreSecret);
+        testCharAkv(connStr);
+    }
+
     /*
      * Test AKV with MSI
      */
@@ -190,6 +206,82 @@ public void testCharAkvWithMSIandPrincipalId() throws SQLException {
         testCharAkv(connStr);
     }
 
+    /*
+     * Test AKV with with missing credentials
+     */
+    @Test
+    public void testNumericAkvMissingCred() throws SQLException {
+        // unregister the custom providers registered in AESetup
+        SQLServerConnection.unregisterColumnEncryptionKeyStoreProviders();
+
+        // set auth type to key vault client secret but do not provide secret
+        String connStr = AETestConnectionString;
+        connStr = TestUtils.addOrOverrideProperty(connStr, Constants.KEYSTORE_AUTHENTICATION, "KeyVaultClientSecret");
+        try {
+            testNumericAKV(connStr);
+            fail(TestResource.getResource("R_expectedFailPassed"));
+        } catch (Exception e) {
+            assertTrue(e.getMessage().matches(TestUtils.formatErrorMsg("R_keyStoreSecretNotSet")));
+        }
+    }
+
+    /*
+     * Test AKV with with keyStoreSecret secret but no keyStoreAuthentication
+     */
+    @Test
+    public void testNumericAkvSecretNoAuth() throws SQLException {
+        // unregister the custom providers registered in AESetup
+        SQLServerConnection.unregisterColumnEncryptionKeyStoreProviders();
+
+        // set key store secret but do not specify authentication type
+        String connStr = AETestConnectionString;
+        connStr = TestUtils.addOrOverrideProperty(connStr, Constants.KEYSTORE_SECRET, keyStoreSecret);
+        try {
+            testNumericAKV(connStr);
+            fail(TestResource.getResource("R_expectedFailPassed"));
+        } catch (Exception e) {
+            assertTrue(e.getMessage().matches(TestUtils.formatErrorMsg("R_keyStoreAuthenticationNotSet")));
+        }
+    }
+
+    /*
+     * Test AKV with with keyStorePrincipalId but no keyStoreAuthentication
+     */
+    @Test
+    public void testNumericAkvPrincipalIdNoAuth() throws SQLException {
+        // unregister the custom providers registered in AESetup
+        SQLServerConnection.unregisterColumnEncryptionKeyStoreProviders();
+
+        // set principal id but do not specify authentication type
+        String connStr = AETestConnectionString;
+        connStr = TestUtils.addOrOverrideProperty(connStr, Constants.KEYSTORE_PRINCIPALID, keyStorePrincipalId);
+        try {
+            testNumericAKV(connStr);
+            fail(TestResource.getResource("R_expectedFailPassed"));
+        } catch (Exception e) {
+            assertTrue(e.getMessage().matches(TestUtils.formatErrorMsg("R_keyStoreAuthenticationNotSet")));
+        }
+    }
+
+    /*
+     * Test AKV with with keyStoreLocation but no keyStoreAuthentication
+     */
+    @Test
+    public void testNumericAkvLocationNoAuth() throws SQLException {
+        // unregister the custom providers registered in AESetup
+        SQLServerConnection.unregisterColumnEncryptionKeyStoreProviders();
+
+        // set key store location but do not specify authentication type
+        String connStr = AETestConnectionString;
+        connStr = TestUtils.addOrOverrideProperty(connStr, Constants.KEYSTORE_LOCATION, "location");
+        try {
+            testNumericAKV(connStr);
+            fail(TestResource.getResource("R_expectedFailPassed"));
+        } catch (Exception e) {
+            assertTrue(e.getMessage().matches(TestUtils.formatErrorMsg("R_keyStoreAuthenticationNotSet")));
+        }
+    }
+
     /*
      * Test AKV with with bad credentials
      */
diff --git a/src/test/java/com/microsoft/sqlserver/testframework/Constants.java b/src/test/java/com/microsoft/sqlserver/testframework/Constants.java
index 4448015c4..6c21f09e0 100644
--- a/src/test/java/com/microsoft/sqlserver/testframework/Constants.java
+++ b/src/test/java/com/microsoft/sqlserver/testframework/Constants.java
@@ -151,6 +151,7 @@ private Constants() {}
     public static final String KEYSTORE_AUTHENTICATION = "KEYSTOREAUTHENTICATION";
     public static final String KEYSTORE_PRINCIPALID = "KEYSTOREPRINCIPALID";
     public static final String KEYSTORE_SECRET = "KEYSTORESECRET";
+    public static final String KEYSTORE_LOCATION = "KEYSTORELOCATION";
     public static final String CLIENT_CERTIFICATE = "CLIENTCERTIFICATE";
     public static final String CLIENT_KEY = "CLIENTKEY";
     public static final String CLIENT_KEY_PASSWORD = "CLIENTKEYPASSWORD";