def test_federated_happy_path_and_correlation_id(self):
util.setup_expected_user_realm_response_common(True)
util.setup_expected_mex_wstrust_request_common()
response = util.create_response()
assertion = self.setup_expected_oauth_assertion_request(response)
buffer = StringIO()
handler = logging.StreamHandler(buffer)
util.turn_on_logging(level='DEBUG', handler=handler)
authorityUrl = response['authority']
context = adal.AuthenticationContext(authorityUrl)
correlation_id = '12300002-0000-0000-c000-000000000000'
context.correlation_id = correlation_id
#action
token_response = context.acquire_token_with_username_password(response['resource'], cp['username'], cp['password'], cp['clientId'])
self.assertTrue(util.is_match_token_response(response['cachedResponse'], token_response),
'Response did not match expected: ' + json.dumps(token_response))
#assert
log_content = buffer.getvalue()
self.assertTrue(correlation_id in log_content, 'Logging was turned on but no messages were recieved.')
def test_federated_happy_path_and_correlation_id(self):
util.setup_expected_user_realm_response_common(True)
util.setup_expected_mex_wstrust_request_common()
response = util.create_response()
assertion = self.setup_expected_oauth_assertion_request(response)
buffer = StringIO()
handler = logging.StreamHandler(buffer)
util.turn_on_logging(level='DEBUG', handler=handler)
authorityUrl = response['authority']
context = adal.AuthenticationContext(authorityUrl)
correlation_id = '12300002-0000-0000-c000-000000000000'
context.correlation_id = correlation_id
#action
token_response = context.acquire_token_with_username_password(response['resource'], cp['username'], cp['password'], cp['clientId'])
self.assertTrue(util.is_match_token_response(response['cachedResponse'], token_response),
'Response did not match expected: ' + json.dumps(token_response))
#assert
log_content = buffer.getvalue()
self.assertTrue(correlation_id in log_content, 'Logging was turned on but no messages were recieved.')
self.assertNotIn(cp['clientId'], log_content, "Should not log ClientID")
self.assertNotIn(
cp['username'].split('@')[0], log_content, "Should not contain PII")
def test_logging(self):
log_capture_string = StringIO()
handler = logging.StreamHandler(log_capture_string)
util.turn_on_logging(handler=handler)
test_logger = adal_logging.Logger("TokenRequest", {'correlation_id':'12345'})
test_logger.warn('a warning', log_stack_trace=True)
log_contents = log_capture_string.getvalue()
logging.getLogger(adal_logging.ADAL_LOGGER_NAME).removeHandler(handler)
self.assertTrue('12345 - TokenRequest:a warning' in log_contents and 'Stack:' in log_contents)
def test_console_settings(self):
currentOptions = log.get_logging_options()
util.turn_on_logging()
options = log.get_logging_options()
level = options['level']
# Set the looging options back to what they were before this test so that
# future tests are logged as they should be.
log.set_logging_options(currentOptions)
self.assertEqual(level, log.LOGGING_LEVEL.DEBUG, 'Logging level was not the expected value of LOGGING_LEVEL.DEBUG: {}'.format(level))
def test_console_settings(self):
currentOptions = adal_logging.get_logging_options()
util.turn_on_logging()
options = adal_logging.get_logging_options()
level = options['level']
# Set the looging options back to what they were before this test so that
# future tests are logged as they should be.
adal_logging.set_logging_options(currentOptions)
self.assertEqual(level, 'DEBUG', 'Logging level was not the expected value of LOGGING_LEVEL.DEBUG: {}'.format(level))
def test_scrub_pii(self):
not_pii = "not pii"
pii = "*****@*****.**"
content_with_pii = {"message": not_pii, "email": pii}
expected = {"message": not_pii, "email": "..."}
self.assertEqual(adal_logging.scrub_pii(content_with_pii), expected)
log_capture_string = StringIO()
handler = logging.StreamHandler(log_capture_string)
util.turn_on_logging(handler=handler)
test_logger = adal_logging.Logger("TokenRequest", {'correlation_id':'12345'})
test_logger.warn('%(message)s for user email %(email)s', content_with_pii)
log_contents = log_capture_string.getvalue()
logging.getLogger(adal_logging.ADAL_LOGGER_NAME).removeHandler(handler)
self.assertTrue(not_pii in log_contents and pii not in log_contents)
def test_bad_id_token_base64_in_response(self):
foundWarning = False
util.setup_expected_user_realm_response_common(False)
response = util.create_response()
def findIdTokenWarning(level, message):
if 'decoded' in message:
foundWarning = True
util.turn_on_logging() #, findIdTokenWarning)
#util.turnOnLogging(None, findIdTokenWarning)
response['wireResponse']['id_token'] = 'aaaaaaa./+===.aaaaaa'
authorityUrl = response['authority'] + '/' + cp['tenant']
upRequest = self.setup_expected_username_password_request_response(200, response['wireResponse'], authorityUrl)
token_response = adal.acquire_token_with_username_password(authorityUrl, cp['username'], cp['password'], cp['clientId'], response['resource'])
self.assertTrue(foundWarning, 'Did not see expected warning message about bad id_token base64.')
def test_bad_id_token_base64_in_response(self):
foundWarning = False
util.setup_expected_user_realm_response_common(False)
response = util.create_response()
log_content = StringIO()
handler = logging.StreamHandler(log_content)
util.turn_on_logging(level='WARNING', handler=handler)
response['wireResponse']['id_token'] = 'aaaaaaa./+===.aaaaaa'
expected_warn = 'The returned id_token could not be decoded: aaaaaaa./+===.aaaaaa'
authorityUrl = response['authority']
upRequest = self.setup_expected_username_password_request_response(200, response['wireResponse'], authorityUrl)
context = adal.AuthenticationContext(authorityUrl)
#action and verify
self.assertRaises(UnicodeDecodeError, context.acquire_token_with_username_password, response['resource'], cp['username'], cp['password'], cp['clientId'])
def test_bad_id_token_base64_in_response(self):
foundWarning = False
util.setup_expected_user_realm_response_common(False)
response = util.create_response()
log_content = StringIO()
handler = logging.StreamHandler(log_content)
util.turn_on_logging(level='WARNING', handler=handler)
response['wireResponse']['id_token'] = 'aaaaaaa./+===.aaaaaa'
expected_warn = 'The returned id_token could not be decoded: aaaaaaa./+===.aaaaaa'
authorityUrl = response['authority']
upRequest = self.setup_expected_username_password_request_response(200, response['wireResponse'], authorityUrl)
context = adal.AuthenticationContext(authorityUrl)
#action and verify
self.assertRaises(UnicodeDecodeError, context.acquire_token_with_username_password, response['resource'], cp['username'], cp['password'], cp['clientId'])