diff --git a/Src/Support/Google.Apis.Auth.Tests/OAuth2/AwsExternalAccountCredentialTest.cs b/Src/Support/Google.Apis.Auth.Tests/OAuth2/AwsExternalAccountCredentialTest.cs index 9c6677c3081..f97e13099bc 100644 --- a/Src/Support/Google.Apis.Auth.Tests/OAuth2/AwsExternalAccountCredentialTest.cs +++ b/Src/Support/Google.Apis.Auth.Tests/OAuth2/AwsExternalAccountCredentialTest.cs @@ -28,27 +28,27 @@ namespace Google.Apis.Auth.Tests.OAuth2 { public class AwsExternalAccountCredentialsTests : ExternalAccountCredentialTestsBase { - private const string Imdsv2Url = "http://169.254.169.254/fake-imds/"; + private const string FakeImdsv2Url = "http://169.254.169.254/fake-imds/"; private const string ImdsV2TokenTtlHeaderName = "X-aws-ec2-metadata-token-ttl-seconds"; private const string ImdsV2TokenTtlSeconds = "3600"; - private const string ImdsV2Token = "fake_imdsv2_token"; + private const string FakeImdsV2Token = "fake_imdsv2_token"; private const string ImdsV2TokenHeaderName = "X-aws-ec2-metadata-token"; - private const string RegionUrl = "http://169.254.169.254/fake-region/"; - private const string MetadateRegion = "us-central-a1"; + private const string FakeRegionUrl = "http://169.254.169.254/fake-region/"; + private const string MetadataRegion = "us-central-a1"; private const string Region = "us-central-a"; - private const string SecurityCredentialsUrl = "http://169.254.169.254/fake-security-credentials/"; - private const string SecurityCredentialsRole = "fake_role"; + private const string FakeSecurityCredentialsUrl = "http://169.254.169.254/fake-security-credentials/"; + private const string FakeSecurityCredentialsRole = "fake_role"; - private const string SecurityCredentialsAccessKeyId = "fake_credentials_key_id"; - private const string SecurityCredentialsSecretAccessKey = "fake_credentials_secret"; - private const string SecurityCredentialsToken = "fake_credentials_token"; + private const string FakeSecurityCredentialsAccessKeyId = "fake_credentials_key_id"; + private const string FakeSecurityCredentialsSecretAccessKey = "fake_credentials_secret"; + private const string FakeSecurityCredentialsToken = "fake_credentials_token"; - private const string VerificationUrl = "http://iam.{region}.fakeaws.com/?Action=GetCallerIdentity&Version=2011-06-15"; - private const string RegionalizedVerificationUrl = "http://iam.us-central-a.fakeaws.com/?Action=GetCallerIdentity&Version=2011-06-15"; - private const string RegionalizedVerificationHost = "iam.us-central-a.fakeaws.com"; + private const string FakeVerificationUrl = "http://iam.{region}.fakeaws.com/?Action=GetCallerIdentity&Version=2011-06-15"; + private const string FakeRegionalizedVerificationUrl = "http://iam.us-central-a.fakeaws.com/?Action=GetCallerIdentity&Version=2011-06-15"; + private const string FakeRegionalizedVerificationHost = "iam.us-central-a.fakeaws.com"; private const string ServiceName = "iam"; private static readonly DateTime MockUtcNow = new DateTime(2022, 9, 29, 5, 47, 56, DateTimeKind.Utc); @@ -57,7 +57,7 @@ public class AwsExternalAccountCredentialsTests : ExternalAccountCredentialTests public async Task UniverseDomain_Default() { var credential = new AwsExternalAccountCredential(new AwsExternalAccountCredential.Initializer( - TokenUrl, Audience, SubjectTokenType, VerificationUrl)) as IGoogleCredential; + TokenUrl, FakeAudience, FakeSubjectTokenType, FakeVerificationUrl)) as IGoogleCredential; Assert.Equal(GoogleAuthConsts.DefaultUniverseDomain, credential.GetUniverseDomain()); Assert.Equal(GoogleAuthConsts.DefaultUniverseDomain, await credential.GetUniverseDomainAsync(default)); @@ -67,22 +67,22 @@ public async Task UniverseDomain_Default() public async Task UniverseDomain_Custom() { var credential = new AwsExternalAccountCredential(new AwsExternalAccountCredential.Initializer( - TokenUrl, Audience, SubjectTokenType, VerificationUrl) + TokenUrl, FakeAudience, FakeSubjectTokenType, FakeVerificationUrl) { - UniverseDomain = UniverseDomain + UniverseDomain = FakeUniverseDomain }) as IGoogleCredential; - Assert.Equal(UniverseDomain, credential.GetUniverseDomain()); - Assert.Equal(UniverseDomain, await credential.GetUniverseDomainAsync(default)); + Assert.Equal(FakeUniverseDomain, credential.GetUniverseDomain()); + Assert.Equal(FakeUniverseDomain, await credential.GetUniverseDomainAsync(default)); } [Fact] public async Task WithUniverseDomain() { var credential = new AwsExternalAccountCredential(new AwsExternalAccountCredential.Initializer( - TokenUrl, Audience, SubjectTokenType, VerificationUrl)) as IGoogleCredential; + TokenUrl, FakeAudience, FakeSubjectTokenType, FakeVerificationUrl)) as IGoogleCredential; - var newCredential = credential.WithUniverseDomain(UniverseDomain); + var newCredential = credential.WithUniverseDomain(FakeUniverseDomain); Assert.NotSame(credential, newCredential); Assert.IsType(newCredential); @@ -90,26 +90,26 @@ public async Task WithUniverseDomain() Assert.Equal(GoogleAuthConsts.DefaultUniverseDomain, credential.GetUniverseDomain()); Assert.Equal(GoogleAuthConsts.DefaultUniverseDomain, await credential.GetUniverseDomainAsync(default)); - Assert.Equal(UniverseDomain, newCredential.GetUniverseDomain()); - Assert.Equal(UniverseDomain, await newCredential.GetUniverseDomainAsync(default)); + Assert.Equal(FakeUniverseDomain, newCredential.GetUniverseDomain()); + Assert.Equal(FakeUniverseDomain, await newCredential.GetUniverseDomainAsync(default)); } [Theory] - [InlineData("https://dummy-host/", RegionUrl, SecurityCredentialsUrl, "IMDS")] + [InlineData("https://dummy-host/", FakeRegionUrl, FakeSecurityCredentialsUrl, "IMDS")] [InlineData("https://dummy-host/", null, null, "IMDS")] - [InlineData(Imdsv2Url, "https://dummy-host/", SecurityCredentialsUrl, "Region")] + [InlineData(FakeImdsv2Url, "https://dummy-host/", FakeSecurityCredentialsUrl, "Region")] [InlineData(null, "https://dummy-host/", null, "Region")] - [InlineData(Imdsv2Url, RegionUrl, "https://dummy-host/", "Security Credentials")] + [InlineData(FakeImdsv2Url, FakeRegionUrl, "https://dummy-host/", "Security Credentials")] [InlineData(null, null, "https://dummy-host/", "Security Credentials")] public void ValidatesAwsMetadataServerUrls(string imdsV2TokenUrl, string regionUrl, string securityCredentials, string inMessage) { var exception = Assert.Throws(() => new AwsExternalAccountCredential( - new AwsExternalAccountCredential.Initializer(TokenUrl, Audience, SubjectTokenType, VerificationUrl) + new AwsExternalAccountCredential.Initializer(TokenUrl, FakeAudience, FakeSubjectTokenType, FakeVerificationUrl) { - ClientId = ClientId, - ClientSecret = ClientSecret, - Scopes = new string[] { Scope }, - QuotaProject = QuotaProject, + ClientId = FakeClientId, + ClientSecret = FakeClientSecret, + Scopes = new string[] { FakeScope }, + QuotaProject = FakeQuotaProject, ImdsV2SessionTokenUrl = imdsV2TokenUrl, RegionUrl = regionUrl, SecurityCredentialsUrl = securityCredentials, @@ -125,19 +125,19 @@ public async Task FetchesAccessToken() ValidateRegionRequest, ValidateRoleRequest, ValidateSecurityCredentialsRequest, - request => ValidateAccessTokenRequest(request, Scope, ValidateSubjectToken)); + request => ValidateAccessTokenRequest(request, FakeScope, ValidateSubjectToken)); var credential = new AwsExternalAccountCredential( - new AwsExternalAccountCredential.Initializer(TokenUrl, Audience, SubjectTokenType, VerificationUrl) + new AwsExternalAccountCredential.Initializer(TokenUrl, FakeAudience, FakeSubjectTokenType, FakeVerificationUrl) { HttpClientFactory = new MockHttpClientFactory(messageHandler), - ClientId = ClientId, - ClientSecret = ClientSecret, - Scopes = new string[] { Scope }, - QuotaProject = QuotaProject, - ImdsV2SessionTokenUrl = Imdsv2Url, - SecurityCredentialsUrl = SecurityCredentialsUrl, - RegionUrl = RegionUrl, + ClientId = FakeClientId, + ClientSecret = FakeClientSecret, + Scopes = new string[] { FakeScope }, + QuotaProject = FakeQuotaProject, + ImdsV2SessionTokenUrl = FakeImdsv2Url, + SecurityCredentialsUrl = FakeSecurityCredentialsUrl, + RegionUrl = FakeRegionUrl, Clock = new MockClock(MockUtcNow) }); @@ -159,16 +159,16 @@ public async Task FetchesAccessToken_Impersonated() ValidateImpersonatedAccessTokenRequest); var credential = new AwsExternalAccountCredential( - new AwsExternalAccountCredential.Initializer(TokenUrl, Audience, SubjectTokenType, VerificationUrl) + new AwsExternalAccountCredential.Initializer(TokenUrl, FakeAudience, FakeSubjectTokenType, FakeVerificationUrl) { HttpClientFactory = new MockHttpClientFactory(messageHandler), - ClientId = ClientId, - ClientSecret = ClientSecret, - Scopes = new string[] { Scope }, - QuotaProject = QuotaProject, - ImdsV2SessionTokenUrl = Imdsv2Url, - SecurityCredentialsUrl = SecurityCredentialsUrl, - RegionUrl = RegionUrl, + ClientId = FakeClientId, + ClientSecret = FakeClientSecret, + Scopes = new string[] { FakeScope }, + QuotaProject = FakeQuotaProject, + ImdsV2SessionTokenUrl = FakeImdsv2Url, + SecurityCredentialsUrl = FakeSecurityCredentialsUrl, + RegionUrl = FakeRegionUrl, Clock = new MockClock(MockUtcNow), ServiceAccountImpersonationUrl = ImpersonationUrl }); @@ -196,72 +196,72 @@ public async Task RefreshesAccessToken() var clock = new MockClock(MockUtcNow); var credential = new AwsExternalAccountCredential( - new AwsExternalAccountCredential.Initializer(TokenUrl, Audience, SubjectTokenType, VerificationUrl) + new AwsExternalAccountCredential.Initializer(TokenUrl, FakeAudience, FakeSubjectTokenType, FakeVerificationUrl) { HttpClientFactory = new MockHttpClientFactory(messageHandler), - ClientId = ClientId, - ClientSecret = ClientSecret, - Scopes = new string[] { Scope }, - QuotaProject = QuotaProject, - ImdsV2SessionTokenUrl = Imdsv2Url, - SecurityCredentialsUrl = SecurityCredentialsUrl, - RegionUrl = RegionUrl, + ClientId = FakeClientId, + ClientSecret = FakeClientSecret, + Scopes = new string[] { FakeScope }, + QuotaProject = FakeQuotaProject, + ImdsV2SessionTokenUrl = FakeImdsv2Url, + SecurityCredentialsUrl = FakeSecurityCredentialsUrl, + RegionUrl = FakeRegionUrl, Clock = clock }); - Assert.Equal(AccessToken, await credential.GetAccessTokenForRequestAsync()); + Assert.Equal(FakeAccessToken, await credential.GetAccessTokenForRequestAsync()); clock.UtcNow = clock.UtcNow.AddDays(2); - Assert.Equal(RefreshedAccessToken, await credential.GetAccessTokenForRequestAsync()); + Assert.Equal(FakeRefreshedAccessToken, await credential.GetAccessTokenForRequestAsync()); messageHandler.AssertAllCallsMade(); } private static Task ValidateImdsV2TokenRequest(HttpRequestMessage imdsV2Request) { - Assert.Equal(Imdsv2Url, imdsV2Request.RequestUri.ToString()); + Assert.Equal(FakeImdsv2Url, imdsV2Request.RequestUri.ToString()); Assert.Equal(HttpMethod.Put, imdsV2Request.Method); Assert.Contains(imdsV2Request.Headers, header => header.Key == ImdsV2TokenTtlHeaderName && header.Value.Single() == ImdsV2TokenTtlSeconds); - return BuildStringContentResponse(ImdsV2Token); + return BuildStringContentResponse(FakeImdsV2Token); } private static Task ValidateRegionRequest(HttpRequestMessage regionRequest) { - Assert.Equal(RegionUrl, regionRequest.RequestUri.ToString()); + Assert.Equal(FakeRegionUrl, regionRequest.RequestUri.ToString()); Assert.Equal(HttpMethod.Get, regionRequest.Method); - Assert.Contains(regionRequest.Headers, header => header.Key == ImdsV2TokenHeaderName && header.Value.Single() == ImdsV2Token); + Assert.Contains(regionRequest.Headers, header => header.Key == ImdsV2TokenHeaderName && header.Value.Single() == FakeImdsV2Token); - return BuildStringContentResponse(MetadateRegion); + return BuildStringContentResponse(MetadataRegion); } private static Task ValidateRoleRequest(HttpRequestMessage roleRequest) { - Assert.Equal(SecurityCredentialsUrl, roleRequest.RequestUri.ToString()); + Assert.Equal(FakeSecurityCredentialsUrl, roleRequest.RequestUri.ToString()); Assert.Equal(HttpMethod.Get, roleRequest.Method); - Assert.Contains(roleRequest.Headers, header => header.Key == ImdsV2TokenHeaderName && header.Value.Single() == ImdsV2Token); + Assert.Contains(roleRequest.Headers, header => header.Key == ImdsV2TokenHeaderName && header.Value.Single() == FakeImdsV2Token); - return BuildStringContentResponse(SecurityCredentialsRole); + return BuildStringContentResponse(FakeSecurityCredentialsRole); } private static Task ValidateSecurityCredentialsRequest(HttpRequestMessage roleRequest) { - Assert.Equal($"{SecurityCredentialsUrl}{SecurityCredentialsRole}", roleRequest.RequestUri.ToString()); + Assert.Equal($"{FakeSecurityCredentialsUrl}{FakeSecurityCredentialsRole}", roleRequest.RequestUri.ToString()); Assert.Equal(HttpMethod.Get, roleRequest.Method); - Assert.Contains(roleRequest.Headers, header => header.Key == ImdsV2TokenHeaderName && header.Value.Single() == ImdsV2Token); + Assert.Contains(roleRequest.Headers, header => header.Key == ImdsV2TokenHeaderName && header.Value.Single() == FakeImdsV2Token); return BuildStringContentResponseFromJson( new { Code = "Success", - AccessKeyId = SecurityCredentialsAccessKeyId, - SecretAccessKey = SecurityCredentialsSecretAccessKey, - Token = SecurityCredentialsToken + AccessKeyId = FakeSecurityCredentialsAccessKeyId, + SecretAccessKey = FakeSecurityCredentialsSecretAccessKey, + Token = FakeSecurityCredentialsToken }); } @@ -272,14 +272,14 @@ private static void ValidateSubjectToken(string accessTokenRequestContent) string subjectToken = Uri.UnescapeDataString(accessTokenRequestContent.Substring(start, end - start)); var deserializedSubjectToken = NewtonsoftJsonSerializer.Instance.Deserialize(subjectToken); - Assert.Equal(RegionalizedVerificationUrl, deserializedSubjectToken.Url); + Assert.Equal(FakeRegionalizedVerificationUrl, deserializedSubjectToken.Url); Assert.Equal("POST", deserializedSubjectToken.HttpMethod); Assert.Equal("", deserializedSubjectToken.Body); - Assert.Contains(deserializedSubjectToken.Headers, header => header.Key == "x-goog-cloud-target-resource" && header.Value == Audience); + Assert.Contains(deserializedSubjectToken.Headers, header => header.Key == "x-goog-cloud-target-resource" && header.Value == FakeAudience); Assert.Contains(deserializedSubjectToken.Headers, header => header.Key == "x-amz-date" && header.Value == "20220929T054756Z"); - Assert.Contains(deserializedSubjectToken.Headers, header => header.Key == "host" && header.Value == RegionalizedVerificationHost); - Assert.Contains(deserializedSubjectToken.Headers, header => header.Key == "x-amz-security-token" && header.Value == SecurityCredentialsToken); + Assert.Contains(deserializedSubjectToken.Headers, header => header.Key == "host" && header.Value == FakeRegionalizedVerificationHost); + Assert.Contains(deserializedSubjectToken.Headers, header => header.Key == "x-amz-security-token" && header.Value == FakeSecurityCredentialsToken); var authorizationHeaderValue = Assert.Single(deserializedSubjectToken.Headers, header => header.Key == "Authorization").Value; Assert.Contains("AWS4-HMAC-SHA256", authorizationHeaderValue); diff --git a/Src/Support/Google.Apis.Auth.Tests/OAuth2/ComputeCredentialTests.cs b/Src/Support/Google.Apis.Auth.Tests/OAuth2/ComputeCredentialTests.cs index e82c78e7f9c..adac92211d5 100644 --- a/Src/Support/Google.Apis.Auth.Tests/OAuth2/ComputeCredentialTests.cs +++ b/Src/Support/Google.Apis.Auth.Tests/OAuth2/ComputeCredentialTests.cs @@ -33,7 +33,7 @@ namespace Google.Apis.Auth.Tests.OAuth2 /// Tests for . public class ComputeCredentialTests { - private const string UniverseDomain = "fake.universe.domain.com"; + private const string FakeUniverseDomain = "fake.universe.domain.com"; [Fact] public void IsRunningOnComputeEngine_ResultIsCached() @@ -48,11 +48,11 @@ public async Task UniverseDomain_Custom() { var credential = new ComputeCredential(new ComputeCredential.Initializer { - UniverseDomain = UniverseDomain + UniverseDomain = FakeUniverseDomain }) as IGoogleCredential; - Assert.Equal(UniverseDomain, await credential.GetUniverseDomainAsync(default)); - Assert.Equal(UniverseDomain, credential.GetUniverseDomain()); + Assert.Equal(FakeUniverseDomain, await credential.GetUniverseDomainAsync(default)); + Assert.Equal(FakeUniverseDomain, credential.GetUniverseDomain()); } [Fact] @@ -60,13 +60,13 @@ public async Task WithUniverseDomain() { var credential = new ComputeCredential() as IGoogleCredential; - var newCredential = credential.WithUniverseDomain(UniverseDomain); + var newCredential = credential.WithUniverseDomain(FakeUniverseDomain); Assert.NotSame(credential, newCredential); Assert.IsType(newCredential); - Assert.Equal(UniverseDomain, await newCredential.GetUniverseDomainAsync(default)); - Assert.Equal(UniverseDomain, newCredential.GetUniverseDomain()); + Assert.Equal(FakeUniverseDomain, await newCredential.GetUniverseDomainAsync(default)); + Assert.Equal(FakeUniverseDomain, newCredential.GetUniverseDomain()); } [Fact] diff --git a/Src/Support/Google.Apis.Auth.Tests/OAuth2/ExternalAccountCredentialTestsBase.cs b/Src/Support/Google.Apis.Auth.Tests/OAuth2/ExternalAccountCredentialTestsBase.cs index eb3ffcb781b..c2dff965ed2 100644 --- a/Src/Support/Google.Apis.Auth.Tests/OAuth2/ExternalAccountCredentialTestsBase.cs +++ b/Src/Support/Google.Apis.Auth.Tests/OAuth2/ExternalAccountCredentialTestsBase.cs @@ -29,31 +29,31 @@ namespace Google.Apis.Auth.Tests.OAuth2 { public abstract class ExternalAccountCredentialTestsBase { - protected const string SubjectTokenText = "fake_subject_token"; - protected const string SubjectTokenJsonField = "subject_token_field"; - protected static readonly string SubjectTokenJson = $@"{{""{SubjectTokenJsonField}"": ""{SubjectTokenText}""}}"; + protected const string FakeSubjectTokenText = "fake_subject_token"; + protected const string FakeSubjectTokenJsonField = "subject_token_field"; + protected static readonly string FakeSubjectTokenJson = $@"{{""{FakeSubjectTokenJsonField}"": ""{FakeSubjectTokenText}""}}"; protected const string TokenUrl = "https://sts.googleapis.com/"; protected const string GrantTypeClaim = "grant_type=urn:ietf:params:oauth:grant-type:token-exchange"; protected const string RequestedTokenTypeClaim = "requested_token_type=urn:ietf:params:oauth:token-type:access_token"; - protected const string Audience = "fake_audience"; - protected const string SubjectTokenType = "fake_token_type"; - protected const string Scope = "fake_scope"; + protected const string FakeAudience = "fake_audience"; + protected const string FakeSubjectTokenType = "fake_token_type"; + protected const string FakeScope = "fake_scope"; protected const string ImpersonationScope = "https://www.googleapis.com/auth/iam"; - protected const string ClientId = "fake_client_ID"; - protected const string ClientSecret = "fake_client_secret"; - protected const string WorkforcePoolUserProject = "fake_workforce_project"; + protected const string FakeClientId = "fake_client_ID"; + protected const string FakeClientSecret = "fake_client_secret"; + protected const string FakeWorkforcePoolUserProject = "fake_workforce_project"; protected const string ImpersonationUrl = "https://iamcredentials.googleapis.com/"; - protected const string AccessToken = "fake_access_token"; - protected const string RefreshedAccessToken = "fake_refreshed_access_token"; - protected const string ImpersonatedAccessToken = "fake_impersonated_access_token"; - protected const string QuotaProject = "fake_project_id"; + protected const string FakeAccessToken = "fake_access_token"; + protected const string FakeRefreshedAccessToken = "fake_refreshed_access_token"; + protected const string FakeImpersonatedAccessToken = "fake_impersonated_access_token"; + protected const string FakeQuotaProject = "fake_project_id"; protected const string QuotaProjectHeaderName = "x-goog-user-project"; - protected const string UniverseDomain = "fake.universe.domain.com"; + protected const string FakeUniverseDomain = "fake.universe.domain.com"; protected static Task ValidateAccessTokenRequest(HttpRequestMessage accessTokenRequest, string scope, bool isWorkforce = false) => - ValidateAccessTokenRequest(accessTokenRequest, scope, contentText => Assert.Contains($"subject_token={SubjectTokenText}", contentText), isWorkforce); + ValidateAccessTokenRequest(accessTokenRequest, scope, contentText => Assert.Contains($"subject_token={FakeSubjectTokenText}", contentText), isWorkforce); protected static async Task ValidateAccessTokenRequest(HttpRequestMessage accessTokenRequest, string scope, Action subjectTokenValidator, bool isWorkforce = false) { @@ -65,24 +65,24 @@ protected static async Task ValidateAccessTokenRequest(Http if (isWorkforce) { Assert.Null(accessTokenRequest.Headers.Authorization); - Assert.Contains($"options={{\"userProject\":\"{WorkforcePoolUserProject}\"}}", contentText); + Assert.Contains($"options={{\"userProject\":\"{FakeWorkforcePoolUserProject}\"}}", contentText); } else { Assert.Equal("Basic", accessTokenRequest.Headers.Authorization.Scheme); - Assert.Equal(Convert.ToBase64String(Encoding.UTF8.GetBytes($"{ClientId}:{ClientSecret}")), accessTokenRequest.Headers.Authorization.Parameter); + Assert.Equal(Convert.ToBase64String(Encoding.UTF8.GetBytes($"{FakeClientId}:{FakeClientSecret}")), accessTokenRequest.Headers.Authorization.Parameter); Assert.DoesNotContain("options=", contentText); } Assert.Contains(GrantTypeClaim, contentText); Assert.Contains(RequestedTokenTypeClaim, contentText); - Assert.Contains($"audience={Audience}", contentText); - Assert.Contains($"subject_token_type={SubjectTokenType}", contentText); + Assert.Contains($"audience={FakeAudience}", contentText); + Assert.Contains($"subject_token_type={FakeSubjectTokenType}", contentText); Assert.Contains($"scope={scope}", contentText); subjectTokenValidator?.Invoke(contentText); - return await BuildAccessTokenResponse(AccessToken); + return await BuildAccessTokenResponse(FakeAccessToken); } protected static async Task ValidateImpersonatedAccessTokenRequest(HttpRequestMessage accessTokenRequest) @@ -90,18 +90,18 @@ protected static async Task ValidateImpersonatedAccessToken Assert.Equal(ImpersonationUrl, accessTokenRequest.RequestUri.ToString()); Assert.Equal(HttpMethod.Post, accessTokenRequest.Method); - Assert.Contains(accessTokenRequest.Headers, header => header.Key == QuotaProjectHeaderName && header.Value.Single() == QuotaProject); + Assert.Contains(accessTokenRequest.Headers, header => header.Key == QuotaProjectHeaderName && header.Value.Single() == FakeQuotaProject); Assert.Equal("Bearer", accessTokenRequest.Headers.Authorization.Scheme); - Assert.Equal(AccessToken, accessTokenRequest.Headers.Authorization.Parameter); + Assert.Equal(FakeAccessToken, accessTokenRequest.Headers.Authorization.Parameter); string contentText = WebUtility.UrlDecode(await accessTokenRequest.Content.ReadAsStringAsync()); - Assert.Contains(Scope, contentText); + Assert.Contains(FakeScope, contentText); return await BuildStringContentResponseFromJson(new { - accessToken = ImpersonatedAccessToken, + accessToken = FakeImpersonatedAccessToken, expireTime = "2020-05-13T16:00:00.045123456Z" }); } @@ -111,16 +111,16 @@ protected static async Task ValidateAccessTokenFromJsonSubj string contentText = WebUtility.UrlDecode(await accessTokenRequest.Content.ReadAsStringAsync()); // Even if the subject token was returned as a JSON, the access token request should receive the token value only. - Assert.Contains($"subject_token={SubjectTokenText}", contentText); + Assert.Contains($"subject_token={FakeSubjectTokenText}", contentText); - return await BuildAccessTokenResponse(AccessToken); + return await BuildAccessTokenResponse(FakeAccessToken); } protected static Task AccessTokenRequest(HttpRequestMessage accessTokenRequest) => - BuildAccessTokenResponse(AccessToken); + BuildAccessTokenResponse(FakeAccessToken); protected static Task RefreshTokenRequest(HttpRequestMessage accessTokenRequest) => - BuildAccessTokenResponse(RefreshedAccessToken); + BuildAccessTokenResponse(FakeRefreshedAccessToken); protected static Task BuildAccessTokenResponse(string accessToken) => BuildStringContentResponseFromJson(new TokenResponse @@ -142,20 +142,20 @@ protected static Task BuildStringContentResponse(string con protected static void AssertAccessTokenWithHeaders(AccessTokenWithHeaders token) { - Assert.Equal(AccessToken, token.AccessToken); + Assert.Equal(FakeAccessToken, token.AccessToken); var header = Assert.Single(token.Headers); Assert.Equal(QuotaProjectHeaderName, header.Key); var headerValue = Assert.Single(header.Value); - Assert.Equal(QuotaProject, headerValue); + Assert.Equal(FakeQuotaProject, headerValue); } protected static void AssertImpersonatedAccessTokenWithHeaders(AccessTokenWithHeaders token) { - Assert.Equal(ImpersonatedAccessToken, token.AccessToken); + Assert.Equal(FakeImpersonatedAccessToken, token.AccessToken); var header = Assert.Single(token.Headers); Assert.Equal(QuotaProjectHeaderName, header.Key); var headerValue = Assert.Single(header.Value); - Assert.Equal(QuotaProject, headerValue); + Assert.Equal(FakeQuotaProject, headerValue); } } } diff --git a/Src/Support/Google.Apis.Auth.Tests/OAuth2/FileSourcedExternalAccountCredentialTest.cs b/Src/Support/Google.Apis.Auth.Tests/OAuth2/FileSourcedExternalAccountCredentialTest.cs index d2cda37925c..d1b7058850c 100644 --- a/Src/Support/Google.Apis.Auth.Tests/OAuth2/FileSourcedExternalAccountCredentialTest.cs +++ b/Src/Support/Google.Apis.Auth.Tests/OAuth2/FileSourcedExternalAccountCredentialTest.cs @@ -37,7 +37,7 @@ private static string WriteSubjectTokenToTempFile(string subjectToken) public async Task UniverseDomain_Default() { var credential = new FileSourcedExternalAccountCredential(new FileSourcedExternalAccountCredential.Initializer( - TokenUrl, Audience, SubjectTokenType, "subjectTokenPath")) as IGoogleCredential; + TokenUrl, FakeAudience, FakeSubjectTokenType, "subjectTokenPath")) as IGoogleCredential; Assert.Equal(GoogleAuthConsts.DefaultUniverseDomain, credential.GetUniverseDomain()); Assert.Equal(GoogleAuthConsts.DefaultUniverseDomain, await credential.GetUniverseDomainAsync(default)); @@ -47,22 +47,22 @@ public async Task UniverseDomain_Default() public async Task UniverseDomain_Custom() { var credential = new FileSourcedExternalAccountCredential(new FileSourcedExternalAccountCredential.Initializer( - TokenUrl, Audience, SubjectTokenType, "subjectTokenPath") + TokenUrl, FakeAudience, FakeSubjectTokenType, "subjectTokenPath") { - UniverseDomain = UniverseDomain + UniverseDomain = FakeUniverseDomain }) as IGoogleCredential; - Assert.Equal(UniverseDomain, credential.GetUniverseDomain()); - Assert.Equal(UniverseDomain, await credential.GetUniverseDomainAsync(default)); + Assert.Equal(FakeUniverseDomain, credential.GetUniverseDomain()); + Assert.Equal(FakeUniverseDomain, await credential.GetUniverseDomainAsync(default)); } [Fact] public async Task WithUniverseDomain() { var credential = new FileSourcedExternalAccountCredential(new FileSourcedExternalAccountCredential.Initializer( - TokenUrl, Audience, SubjectTokenType, "subjectTokenPath")) as IGoogleCredential; + TokenUrl, FakeAudience, FakeSubjectTokenType, "subjectTokenPath")) as IGoogleCredential; - var newCredential = credential.WithUniverseDomain(UniverseDomain); + var newCredential = credential.WithUniverseDomain(FakeUniverseDomain); Assert.NotSame(credential, newCredential); Assert.IsType(newCredential); @@ -70,24 +70,24 @@ public async Task WithUniverseDomain() Assert.Equal(GoogleAuthConsts.DefaultUniverseDomain, credential.GetUniverseDomain()); Assert.Equal(GoogleAuthConsts.DefaultUniverseDomain, await credential.GetUniverseDomainAsync(default)); - Assert.Equal(UniverseDomain, newCredential.GetUniverseDomain()); - Assert.Equal(UniverseDomain, await newCredential.GetUniverseDomainAsync(default)); + Assert.Equal(FakeUniverseDomain, newCredential.GetUniverseDomain()); + Assert.Equal(FakeUniverseDomain, await newCredential.GetUniverseDomainAsync(default)); } [Fact] public async Task FetchesAccessToken() { - var subjectTokenPath = WriteSubjectTokenToTempFile(SubjectTokenText); - var messageHandler = new DelegatedMessageHandler(request => ValidateAccessTokenRequest(request, Scope)); + var subjectTokenPath = WriteSubjectTokenToTempFile(FakeSubjectTokenText); + var messageHandler = new DelegatedMessageHandler(request => ValidateAccessTokenRequest(request, FakeScope)); var credential = new FileSourcedExternalAccountCredential( - new FileSourcedExternalAccountCredential.Initializer(TokenUrl, Audience, SubjectTokenType, subjectTokenPath) + new FileSourcedExternalAccountCredential.Initializer(TokenUrl, FakeAudience, FakeSubjectTokenType, subjectTokenPath) { HttpClientFactory = new MockHttpClientFactory(messageHandler), - ClientId = ClientId, - ClientSecret = ClientSecret, - Scopes = new string[] { Scope }, - QuotaProject = QuotaProject + ClientId = FakeClientId, + ClientSecret = FakeClientSecret, + Scopes = new string[] { FakeScope }, + QuotaProject = FakeQuotaProject }); var token = await credential.GetAccessTokenWithHeadersForRequestAsync(); @@ -99,19 +99,19 @@ public async Task FetchesAccessToken() [Fact] public async Task FetchesAccessToken_Impersonated() { - var subjectTokenPath = WriteSubjectTokenToTempFile(SubjectTokenText); + var subjectTokenPath = WriteSubjectTokenToTempFile(FakeSubjectTokenText); var messageHandler = new DelegatedMessageHandler( request => ValidateAccessTokenRequest(request, ImpersonationScope), ValidateImpersonatedAccessTokenRequest); var credential = new FileSourcedExternalAccountCredential( - new FileSourcedExternalAccountCredential.Initializer(TokenUrl, Audience, SubjectTokenType, subjectTokenPath) + new FileSourcedExternalAccountCredential.Initializer(TokenUrl, FakeAudience, FakeSubjectTokenType, subjectTokenPath) { HttpClientFactory = new MockHttpClientFactory(messageHandler), - ClientId = ClientId, - ClientSecret = ClientSecret, - Scopes = new string[] { Scope }, - QuotaProject = QuotaProject, + ClientId = FakeClientId, + ClientSecret = FakeClientSecret, + Scopes = new string[] { FakeScope }, + QuotaProject = FakeQuotaProject, ServiceAccountImpersonationUrl = ImpersonationUrl }); @@ -124,16 +124,16 @@ public async Task FetchesAccessToken_Impersonated() [Fact] public async Task FetchesAccessToken_Workforce() { - var subjectTokenPath = WriteSubjectTokenToTempFile(SubjectTokenText); - var messageHandler = new DelegatedMessageHandler(request => ValidateAccessTokenRequest(request, Scope, isWorkforce: true)); + var subjectTokenPath = WriteSubjectTokenToTempFile(FakeSubjectTokenText); + var messageHandler = new DelegatedMessageHandler(request => ValidateAccessTokenRequest(request, FakeScope, isWorkforce: true)); var credential = new FileSourcedExternalAccountCredential( - new FileSourcedExternalAccountCredential.Initializer(TokenUrl, Audience, SubjectTokenType, subjectTokenPath) + new FileSourcedExternalAccountCredential.Initializer(TokenUrl, FakeAudience, FakeSubjectTokenType, subjectTokenPath) { HttpClientFactory = new MockHttpClientFactory(messageHandler), - WorkforcePoolUserProject = WorkforcePoolUserProject, - Scopes = new string[] { Scope }, - QuotaProject = QuotaProject + WorkforcePoolUserProject = FakeWorkforcePoolUserProject, + Scopes = new string[] { FakeScope }, + QuotaProject = FakeQuotaProject }); var token = await credential.GetAccessTokenWithHeadersForRequestAsync(); @@ -145,18 +145,18 @@ public async Task FetchesAccessToken_Workforce() [Fact] public async Task FetchesAccessToken_ClientIdAndSecret_IgnoresWorkforce() { - var subjectTokenPath = WriteSubjectTokenToTempFile(SubjectTokenText); - var messageHandler = new DelegatedMessageHandler(request => ValidateAccessTokenRequest(request, Scope, isWorkforce: false)); + var subjectTokenPath = WriteSubjectTokenToTempFile(FakeSubjectTokenText); + var messageHandler = new DelegatedMessageHandler(request => ValidateAccessTokenRequest(request, FakeScope, isWorkforce: false)); var credential = new FileSourcedExternalAccountCredential( - new FileSourcedExternalAccountCredential.Initializer(TokenUrl, Audience, SubjectTokenType, subjectTokenPath) + new FileSourcedExternalAccountCredential.Initializer(TokenUrl, FakeAudience, FakeSubjectTokenType, subjectTokenPath) { HttpClientFactory = new MockHttpClientFactory(messageHandler), - WorkforcePoolUserProject = WorkforcePoolUserProject, - ClientId = ClientId, - ClientSecret = ClientSecret, - Scopes = new string[] { Scope }, - QuotaProject = QuotaProject + WorkforcePoolUserProject = FakeWorkforcePoolUserProject, + ClientId = FakeClientId, + ClientSecret = FakeClientSecret, + Scopes = new string[] { FakeScope }, + QuotaProject = FakeQuotaProject }); var token = await credential.GetAccessTokenWithHeadersForRequestAsync(); @@ -168,17 +168,17 @@ public async Task FetchesAccessToken_ClientIdAndSecret_IgnoresWorkforce() [Fact] public async Task FetchesAccessToken_JsonSubjectToken() { - var subjectTokenPath = WriteSubjectTokenToTempFile(SubjectTokenJson); + var subjectTokenPath = WriteSubjectTokenToTempFile(FakeSubjectTokenJson); var messageHandler = new DelegatedMessageHandler(ValidateAccessTokenFromJsonSubjectTokenRequest); var credential = new FileSourcedExternalAccountCredential( - new FileSourcedExternalAccountCredential.Initializer(TokenUrl, Audience, SubjectTokenType, subjectTokenPath) + new FileSourcedExternalAccountCredential.Initializer(TokenUrl, FakeAudience, FakeSubjectTokenType, subjectTokenPath) { HttpClientFactory = new MockHttpClientFactory(messageHandler), - SubjectTokenJsonFieldName = SubjectTokenJsonField + SubjectTokenJsonFieldName = FakeSubjectTokenJsonField }); - Assert.Equal(AccessToken, await credential.GetAccessTokenForRequestAsync()); + Assert.Equal(FakeAccessToken, await credential.GetAccessTokenForRequestAsync()); messageHandler.AssertAllCallsMade(); } @@ -186,22 +186,22 @@ public async Task FetchesAccessToken_JsonSubjectToken() [Fact] public async Task RefreshesAccessToken() { - var subjectTokenPath = WriteSubjectTokenToTempFile(SubjectTokenText); + var subjectTokenPath = WriteSubjectTokenToTempFile(FakeSubjectTokenText); var messageHandler = new DelegatedMessageHandler(AccessTokenRequest, RefreshTokenRequest); var clock = new MockClock(DateTime.UtcNow); var credential = new FileSourcedExternalAccountCredential( - new FileSourcedExternalAccountCredential.Initializer(TokenUrl, Audience, SubjectTokenType, subjectTokenPath) + new FileSourcedExternalAccountCredential.Initializer(TokenUrl, FakeAudience, FakeSubjectTokenType, subjectTokenPath) { HttpClientFactory = new MockHttpClientFactory(messageHandler), Clock = clock }); - Assert.Equal(AccessToken, await credential.GetAccessTokenForRequestAsync()); + Assert.Equal(FakeAccessToken, await credential.GetAccessTokenForRequestAsync()); clock.UtcNow = clock.UtcNow.AddDays(2); - Assert.Equal(RefreshedAccessToken, await credential.GetAccessTokenForRequestAsync()); + Assert.Equal(FakeRefreshedAccessToken, await credential.GetAccessTokenForRequestAsync()); messageHandler.AssertAllCallsMade(); } @@ -210,18 +210,18 @@ public static TheoryData SubjectToke { get { - var subjectTokenPath = WriteSubjectTokenToTempFile(SubjectTokenText); + var subjectTokenPath = WriteSubjectTokenToTempFile(FakeSubjectTokenText); var data = new TheoryData { { new FileSourcedExternalAccountCredential( - new FileSourcedExternalAccountCredential.Initializer(TokenUrl, Audience, SubjectTokenType, "unknownPath")), + new FileSourcedExternalAccountCredential.Initializer(TokenUrl, FakeAudience, FakeSubjectTokenType, "unknownPath")), typeof(FileNotFoundException) }, { new FileSourcedExternalAccountCredential( - new FileSourcedExternalAccountCredential.Initializer(TokenUrl, Audience, SubjectTokenType, subjectTokenPath) + new FileSourcedExternalAccountCredential.Initializer(TokenUrl, FakeAudience, FakeSubjectTokenType, subjectTokenPath) { SubjectTokenJsonFieldName = "unknownField" }), diff --git a/Src/Support/Google.Apis.Auth.Tests/OAuth2/ServiceAccountCredentialTests.cs b/Src/Support/Google.Apis.Auth.Tests/OAuth2/ServiceAccountCredentialTests.cs index 5f159538622..6f7e53ff885 100644 --- a/Src/Support/Google.Apis.Auth.Tests/OAuth2/ServiceAccountCredentialTests.cs +++ b/Src/Support/Google.Apis.Auth.Tests/OAuth2/ServiceAccountCredentialTests.cs @@ -34,7 +34,7 @@ namespace Google.Apis.Auth.Tests.OAuth2 { public class ServiceAccountCredentialTests { - private const string UniverseDomain = "fake.universe.domain.com"; + private const string FakeUniverseDomain = "fake.universe.domain.com"; private static readonly Assembly CurrentAssembly = typeof(ServiceAccountCredentialTests).Assembly; private static readonly TimeSpan JwtLifetime = TimeSpan.FromMinutes(60); @@ -470,13 +470,13 @@ public async Task UniverseDomain_Custom() var credential = new ServiceAccountCredential( new ServiceAccountCredential.Initializer("MyId", "MyTokenServerUrl") { - UniverseDomain = UniverseDomain, + UniverseDomain = FakeUniverseDomain, // So that we can set a custom universe domain as only self-signed JWTs are supported in universe domains other than googleapis.com. UseJwtAccessWithScopes = true }.FromPrivateKey(PrivateKey)) as IGoogleCredential; - Assert.Equal(UniverseDomain, credential.GetUniverseDomain()); - Assert.Equal(UniverseDomain, await credential.GetUniverseDomainAsync(default)); + Assert.Equal(FakeUniverseDomain, credential.GetUniverseDomain()); + Assert.Equal(FakeUniverseDomain, await credential.GetUniverseDomainAsync(default)); } [Fact] @@ -484,7 +484,7 @@ public void UniverseDomain_Custom_DomainWideDelegation() => Assert.Throws(() => new ServiceAccountCredential( new ServiceAccountCredential.Initializer("MyId", "MyTokenServerUrl") { - UniverseDomain = UniverseDomain, + UniverseDomain = FakeUniverseDomain, // So that we can set a custom universe domain as only self-signed JWTs are supported in universe domains other than googleapis.com. UseJwtAccessWithScopes = true, User = "usert@fake.com" @@ -495,7 +495,7 @@ public void UniverseDomain_Custom_NoJwtsWithScopes_Implicit() => Assert.Throws(() => new ServiceAccountCredential( new ServiceAccountCredential.Initializer("MyId", "MyTokenServerUrl") { - UniverseDomain = UniverseDomain, + UniverseDomain = FakeUniverseDomain, }.FromPrivateKey(PrivateKey))); [Fact] @@ -503,7 +503,7 @@ public void UniverseDomain_Custom_NoJwtsWithScopes_Explicit() => Assert.Throws(() => new ServiceAccountCredential( new ServiceAccountCredential.Initializer("MyId", "MyTokenServerUrl") { - UniverseDomain = UniverseDomain, + UniverseDomain = FakeUniverseDomain, UseJwtAccessWithScopes = false, }.FromPrivateKey(PrivateKey))); @@ -518,7 +518,7 @@ public async Task WithUniverseDomain_UseJwtAccessWithScopes_True() } .FromPrivateKey(PrivateKey)) as IGoogleCredential; - var newCredential = credential.WithUniverseDomain(UniverseDomain); + var newCredential = credential.WithUniverseDomain(FakeUniverseDomain); Assert.NotSame(credential, newCredential); Assert.IsType(newCredential); @@ -526,8 +526,8 @@ public async Task WithUniverseDomain_UseJwtAccessWithScopes_True() Assert.Equal(GoogleAuthConsts.DefaultUniverseDomain, credential.GetUniverseDomain()); Assert.Equal(GoogleAuthConsts.DefaultUniverseDomain, await credential.GetUniverseDomainAsync(default)); - Assert.Equal(UniverseDomain, newCredential.GetUniverseDomain()); - Assert.Equal(UniverseDomain, await newCredential.GetUniverseDomainAsync(default)); + Assert.Equal(FakeUniverseDomain, newCredential.GetUniverseDomain()); + Assert.Equal(FakeUniverseDomain, await newCredential.GetUniverseDomainAsync(default)); } [Fact] diff --git a/Src/Support/Google.Apis.Auth.Tests/OAuth2/UrlSourcedExternalAccountCredentialTest.cs b/Src/Support/Google.Apis.Auth.Tests/OAuth2/UrlSourcedExternalAccountCredentialTest.cs index 1d7a66b9085..8a43c5bbeb1 100644 --- a/Src/Support/Google.Apis.Auth.Tests/OAuth2/UrlSourcedExternalAccountCredentialTest.cs +++ b/Src/Support/Google.Apis.Auth.Tests/OAuth2/UrlSourcedExternalAccountCredentialTest.cs @@ -29,26 +29,26 @@ namespace Google.Apis.Auth.Tests.OAuth2 { public class UrlSourcedExternalAccountCredentialsTests : ExternalAccountCredentialTestsBase { - private const string SubjectTokenUrl = "https://fake.subject.token.url/"; - private static readonly KeyValuePair SubjectTokenServiceHeader = new KeyValuePair("key1", "value1"); + private const string FakeSubjectTokenUrl = "https://fake.subject.token.url/"; + private static readonly KeyValuePair KeySubjectTokenServiceHeader = new KeyValuePair("key1", "value1"); private static Task ValidateSubjectTokenRequest(HttpRequestMessage subjectTokenRequest) { - Assert.Equal(SubjectTokenUrl, subjectTokenRequest.RequestUri.ToString()); + Assert.Equal(FakeSubjectTokenUrl, subjectTokenRequest.RequestUri.ToString()); Assert.Equal(HttpMethod.Get, subjectTokenRequest.Method); - Assert.Contains(subjectTokenRequest.Headers, header => header.Key == SubjectTokenServiceHeader.Key && header.Value.Single() == SubjectTokenServiceHeader.Value); + Assert.Contains(subjectTokenRequest.Headers, header => header.Key == KeySubjectTokenServiceHeader.Key && header.Value.Single() == KeySubjectTokenServiceHeader.Value); return Task.FromResult(new HttpResponseMessage(HttpStatusCode.OK) { - Content = new StringContent(SubjectTokenText) + Content = new StringContent(FakeSubjectTokenText) }); } private static Task SubjectTokenRequest(HttpRequestMessage subjectTokenRequest) => Task.FromResult(new HttpResponseMessage(HttpStatusCode.OK) { - Content = new StringContent(SubjectTokenText) + Content = new StringContent(FakeSubjectTokenText) }); private static Task SubjectTokenRequestFailure(HttpRequestMessage subjectTokenRequest) => @@ -58,7 +58,7 @@ private static Task SubjectTokenRequestFailure(HttpRequestM public async Task UniverseDomain_Default() { var credential = new UrlSourcedExternalAccountCredential(new UrlSourcedExternalAccountCredential.Initializer( - TokenUrl, Audience, SubjectTokenType, SubjectTokenUrl)) as IGoogleCredential; + TokenUrl, FakeAudience, FakeSubjectTokenType, FakeSubjectTokenUrl)) as IGoogleCredential; Assert.Equal(GoogleAuthConsts.DefaultUniverseDomain, credential.GetUniverseDomain()); Assert.Equal(GoogleAuthConsts.DefaultUniverseDomain, await credential.GetUniverseDomainAsync(default)); @@ -68,22 +68,22 @@ public async Task UniverseDomain_Default() public async Task UniverseDomain_Custom() { var credential = new UrlSourcedExternalAccountCredential(new UrlSourcedExternalAccountCredential.Initializer( - TokenUrl, Audience, SubjectTokenType, SubjectTokenUrl) + TokenUrl, FakeAudience, FakeSubjectTokenType, FakeSubjectTokenUrl) { - UniverseDomain = UniverseDomain + UniverseDomain = FakeUniverseDomain }) as IGoogleCredential; - Assert.Equal(UniverseDomain, credential.GetUniverseDomain()); - Assert.Equal(UniverseDomain, await credential.GetUniverseDomainAsync(default)); + Assert.Equal(FakeUniverseDomain, credential.GetUniverseDomain()); + Assert.Equal(FakeUniverseDomain, await credential.GetUniverseDomainAsync(default)); } [Fact] public async Task WithUniverseDomain() { var credential = new UrlSourcedExternalAccountCredential(new UrlSourcedExternalAccountCredential.Initializer( - TokenUrl, Audience, SubjectTokenType, SubjectTokenUrl)) as IGoogleCredential; + TokenUrl, FakeAudience, FakeSubjectTokenType, FakeSubjectTokenUrl)) as IGoogleCredential; - var newCredential = credential.WithUniverseDomain(UniverseDomain); + var newCredential = credential.WithUniverseDomain(FakeUniverseDomain); Assert.NotSame(credential, newCredential); Assert.IsType(newCredential); @@ -91,24 +91,24 @@ public async Task WithUniverseDomain() Assert.Equal(GoogleAuthConsts.DefaultUniverseDomain, credential.GetUniverseDomain()); Assert.Equal(GoogleAuthConsts.DefaultUniverseDomain, await credential.GetUniverseDomainAsync(default)); - Assert.Equal(UniverseDomain, newCredential.GetUniverseDomain()); - Assert.Equal(UniverseDomain, await newCredential.GetUniverseDomainAsync(default)); + Assert.Equal(FakeUniverseDomain, newCredential.GetUniverseDomain()); + Assert.Equal(FakeUniverseDomain, await newCredential.GetUniverseDomainAsync(default)); } [Fact] public async Task FetchesAccessToken() { - var messageHandler = new DelegatedMessageHandler(ValidateSubjectTokenRequest, request => ValidateAccessTokenRequest(request, Scope)); + var messageHandler = new DelegatedMessageHandler(ValidateSubjectTokenRequest, request => ValidateAccessTokenRequest(request, FakeScope)); var credential = new UrlSourcedExternalAccountCredential( - new UrlSourcedExternalAccountCredential.Initializer(TokenUrl, Audience, SubjectTokenType, SubjectTokenUrl) + new UrlSourcedExternalAccountCredential.Initializer(TokenUrl, FakeAudience, FakeSubjectTokenType, FakeSubjectTokenUrl) { HttpClientFactory = new MockHttpClientFactory(messageHandler), - Headers = { { SubjectTokenServiceHeader } }, - ClientId = ClientId, - ClientSecret = ClientSecret, - Scopes = new string[] { Scope }, - QuotaProject = QuotaProject + Headers = { { KeySubjectTokenServiceHeader } }, + ClientId = FakeClientId, + ClientSecret = FakeClientSecret, + Scopes = new string[] { FakeScope }, + QuotaProject = FakeQuotaProject }); var token = await credential.GetAccessTokenWithHeadersForRequestAsync(); @@ -126,14 +126,14 @@ public async Task FetchesAccessToken_Impersonated() ValidateImpersonatedAccessTokenRequest); var credential = new UrlSourcedExternalAccountCredential( - new UrlSourcedExternalAccountCredential.Initializer(TokenUrl, Audience, SubjectTokenType, SubjectTokenUrl) + new UrlSourcedExternalAccountCredential.Initializer(TokenUrl, FakeAudience, FakeSubjectTokenType, FakeSubjectTokenUrl) { HttpClientFactory = new MockHttpClientFactory(messageHandler), - Headers = { { SubjectTokenServiceHeader } }, - ClientId = ClientId, - ClientSecret = ClientSecret, - Scopes = new string[] { Scope }, - QuotaProject = QuotaProject, + Headers = { { KeySubjectTokenServiceHeader } }, + ClientId = FakeClientId, + ClientSecret = FakeClientSecret, + Scopes = new string[] { FakeScope }, + QuotaProject = FakeQuotaProject, ServiceAccountImpersonationUrl = ImpersonationUrl }); @@ -146,16 +146,16 @@ public async Task FetchesAccessToken_Impersonated() [Fact] public async Task FetchesAccessToken_Workforce() { - var messageHandler = new DelegatedMessageHandler(ValidateSubjectTokenRequest, request => ValidateAccessTokenRequest(request, Scope, isWorkforce: true)); + var messageHandler = new DelegatedMessageHandler(ValidateSubjectTokenRequest, request => ValidateAccessTokenRequest(request, FakeScope, isWorkforce: true)); var credential = new UrlSourcedExternalAccountCredential( - new UrlSourcedExternalAccountCredential.Initializer(TokenUrl, Audience, SubjectTokenType, SubjectTokenUrl) + new UrlSourcedExternalAccountCredential.Initializer(TokenUrl, FakeAudience, FakeSubjectTokenType, FakeSubjectTokenUrl) { HttpClientFactory = new MockHttpClientFactory(messageHandler), - Headers = { { SubjectTokenServiceHeader } }, - WorkforcePoolUserProject = WorkforcePoolUserProject, - Scopes = new string[] { Scope }, - QuotaProject = QuotaProject + Headers = { { KeySubjectTokenServiceHeader } }, + WorkforcePoolUserProject = FakeWorkforcePoolUserProject, + Scopes = new string[] { FakeScope }, + QuotaProject = FakeQuotaProject }); var token = await credential.GetAccessTokenWithHeadersForRequestAsync(); @@ -167,18 +167,18 @@ public async Task FetchesAccessToken_Workforce() [Fact] public async Task FetchesAccessToken_ClientIdAndSecret_IgnoresWorkforce() { - var messageHandler = new DelegatedMessageHandler(ValidateSubjectTokenRequest, request => ValidateAccessTokenRequest(request, Scope, isWorkforce: false)); + var messageHandler = new DelegatedMessageHandler(ValidateSubjectTokenRequest, request => ValidateAccessTokenRequest(request, FakeScope, isWorkforce: false)); var credential = new UrlSourcedExternalAccountCredential( - new UrlSourcedExternalAccountCredential.Initializer(TokenUrl, Audience, SubjectTokenType, SubjectTokenUrl) + new UrlSourcedExternalAccountCredential.Initializer(TokenUrl, FakeAudience, FakeSubjectTokenType, FakeSubjectTokenUrl) { HttpClientFactory = new MockHttpClientFactory(messageHandler), - Headers = { { SubjectTokenServiceHeader } }, - WorkforcePoolUserProject = WorkforcePoolUserProject, - ClientId = ClientId, - ClientSecret = ClientSecret, - Scopes = new string[] { Scope }, - QuotaProject = QuotaProject + Headers = { { KeySubjectTokenServiceHeader } }, + WorkforcePoolUserProject = FakeWorkforcePoolUserProject, + ClientId = FakeClientId, + ClientSecret = FakeClientSecret, + Scopes = new string[] { FakeScope }, + QuotaProject = FakeQuotaProject }); var token = await credential.GetAccessTokenWithHeadersForRequestAsync(); @@ -193,13 +193,13 @@ public async Task FetchesAccessToken_JsonSubjectToken() var messageHandler = new DelegatedMessageHandler(SubjectTokenAsJson, ValidateAccessTokenFromJsonSubjectTokenRequest); var credential = new UrlSourcedExternalAccountCredential( - new UrlSourcedExternalAccountCredential.Initializer(TokenUrl, Audience, SubjectTokenType, SubjectTokenUrl) + new UrlSourcedExternalAccountCredential.Initializer(TokenUrl, FakeAudience, FakeSubjectTokenType, FakeSubjectTokenUrl) { HttpClientFactory = new MockHttpClientFactory(messageHandler), - SubjectTokenJsonFieldName = SubjectTokenJsonField + SubjectTokenJsonFieldName = FakeSubjectTokenJsonField }); - Assert.Equal(AccessToken, await credential.GetAccessTokenForRequestAsync()); + Assert.Equal(FakeAccessToken, await credential.GetAccessTokenForRequestAsync()); messageHandler.AssertAllCallsMade(); @@ -207,7 +207,7 @@ static Task SubjectTokenAsJson(HttpRequestMessage subjectTo { return Task.FromResult(new HttpResponseMessage(HttpStatusCode.OK) { - Content = new StringContent(SubjectTokenJson) + Content = new StringContent(FakeSubjectTokenJson) }); } } @@ -219,17 +219,17 @@ public async Task RefreshesAccessToken() var clock = new MockClock(DateTime.UtcNow); var credential = new UrlSourcedExternalAccountCredential( - new UrlSourcedExternalAccountCredential.Initializer(TokenUrl, Audience, SubjectTokenType, SubjectTokenUrl) + new UrlSourcedExternalAccountCredential.Initializer(TokenUrl, FakeAudience, FakeSubjectTokenType, FakeSubjectTokenUrl) { HttpClientFactory = new MockHttpClientFactory(messageHandler), Clock = clock }); - Assert.Equal(AccessToken, await credential.GetAccessTokenForRequestAsync()); + Assert.Equal(FakeAccessToken, await credential.GetAccessTokenForRequestAsync()); clock.UtcNow = clock.UtcNow.AddDays(2); - Assert.Equal(RefreshedAccessToken, await credential.GetAccessTokenForRequestAsync()); + Assert.Equal(FakeRefreshedAccessToken, await credential.GetAccessTokenForRequestAsync()); messageHandler.AssertAllCallsMade(); } @@ -238,7 +238,7 @@ public async Task RefreshesAccessToken() { { new UrlSourcedExternalAccountCredential( - new UrlSourcedExternalAccountCredential.Initializer(TokenUrl, Audience, SubjectTokenType, SubjectTokenUrl) + new UrlSourcedExternalAccountCredential.Initializer(TokenUrl, FakeAudience, FakeSubjectTokenType, FakeSubjectTokenUrl) { // We retry 3 times so let's fail three times so the error is truly surfaced. HttpClientFactory = new MockHttpClientFactory(new DelegatedMessageHandler(SubjectTokenRequestFailure, SubjectTokenRequestFailure, SubjectTokenRequestFailure)) @@ -247,7 +247,7 @@ public async Task RefreshesAccessToken() }, { new UrlSourcedExternalAccountCredential( - new UrlSourcedExternalAccountCredential.Initializer(TokenUrl, Audience, SubjectTokenType, SubjectTokenUrl) + new UrlSourcedExternalAccountCredential.Initializer(TokenUrl, FakeAudience, FakeSubjectTokenType, FakeSubjectTokenUrl) { HttpClientFactory = new MockHttpClientFactory(new DelegatedMessageHandler(SubjectTokenRequest)), SubjectTokenJsonFieldName = "unknownField"