Beispiel #1
0
    def test_federated_happy_path_and_correlation_id(self):
        util.setup_expected_user_realm_response_common(True)
        util.setup_expected_mex_wstrust_request_common()

        response = util.create_response()
        assertion = self.setup_expected_oauth_assertion_request(response)

        buffer = StringIO()
        handler = logging.StreamHandler(buffer)
        util.turn_on_logging(level='DEBUG', handler=handler)

        authorityUrl = response['authority']

        context = adal.AuthenticationContext(authorityUrl)
        correlation_id = '12300002-0000-0000-c000-000000000000'
        context.correlation_id = correlation_id

        #action
        token_response = context.acquire_token_with_username_password(response['resource'], cp['username'], cp['password'], cp['clientId'])
        self.assertTrue(util.is_match_token_response(response['cachedResponse'], token_response), 
                        'Response did not match expected: ' + json.dumps(token_response))
        
        #assert
        log_content = buffer.getvalue()
        self.assertTrue(correlation_id in log_content, 'Logging was turned on but no messages were recieved.')
    def test_federated_happy_path_and_correlation_id(self):
        util.setup_expected_user_realm_response_common(True)
        util.setup_expected_mex_wstrust_request_common()

        response = util.create_response()
        assertion = self.setup_expected_oauth_assertion_request(response)

        buffer = StringIO()
        handler = logging.StreamHandler(buffer)
        util.turn_on_logging(level='DEBUG', handler=handler)

        authorityUrl = response['authority']

        context = adal.AuthenticationContext(authorityUrl)
        correlation_id = '12300002-0000-0000-c000-000000000000'
        context.correlation_id = correlation_id

        #action
        token_response = context.acquire_token_with_username_password(response['resource'], cp['username'], cp['password'], cp['clientId'])
        self.assertTrue(util.is_match_token_response(response['cachedResponse'], token_response), 
                        'Response did not match expected: ' + json.dumps(token_response))
        
        #assert
        log_content = buffer.getvalue()
        self.assertTrue(correlation_id in log_content, 'Logging was turned on but no messages were recieved.')

        self.assertNotIn(cp['clientId'], log_content, "Should not log ClientID")
        self.assertNotIn(
            cp['username'].split('@')[0], log_content, "Should not contain PII")
Beispiel #3
0
 def test_logging(self):
     log_capture_string = StringIO()
     handler = logging.StreamHandler(log_capture_string)
     util.turn_on_logging(handler=handler)
     
     test_logger = adal_logging.Logger("TokenRequest", {'correlation_id':'12345'})
     test_logger.warn('a warning', log_stack_trace=True)
     log_contents = log_capture_string.getvalue()
     logging.getLogger(adal_logging.ADAL_LOGGER_NAME).removeHandler(handler)
     self.assertTrue('12345 - TokenRequest:a warning' in log_contents and 'Stack:' in log_contents)
    def test_console_settings(self):
        currentOptions = log.get_logging_options()
        util.turn_on_logging()
        options = log.get_logging_options()
        level = options['level']

        # Set the looging options back to what they were before this test so that
        # future tests are logged as they should be.
        log.set_logging_options(currentOptions)

        self.assertEqual(level, log.LOGGING_LEVEL.DEBUG, 'Logging level was not the expected value of LOGGING_LEVEL.DEBUG: {}'.format(level))
Beispiel #5
0
    def test_console_settings(self):
        currentOptions = adal_logging.get_logging_options()
        util.turn_on_logging()
        options = adal_logging.get_logging_options()
        level = options['level']

        # Set the looging options back to what they were before this test so that
        # future tests are logged as they should be.
        adal_logging.set_logging_options(currentOptions)

        self.assertEqual(level, 'DEBUG', 'Logging level was not the expected value of LOGGING_LEVEL.DEBUG: {}'.format(level))
Beispiel #6
0
    def test_scrub_pii(self):
        not_pii = "not pii"
        pii = "*****@*****.**"
        content_with_pii = {"message": not_pii, "email": pii}
        expected = {"message": not_pii, "email": "..."}
        self.assertEqual(adal_logging.scrub_pii(content_with_pii), expected)

        log_capture_string = StringIO()
        handler = logging.StreamHandler(log_capture_string)
        util.turn_on_logging(handler=handler)
        test_logger = adal_logging.Logger("TokenRequest", {'correlation_id':'12345'})
        test_logger.warn('%(message)s for user email %(email)s', content_with_pii)
        log_contents = log_capture_string.getvalue()
        logging.getLogger(adal_logging.ADAL_LOGGER_NAME).removeHandler(handler)
        self.assertTrue(not_pii in log_contents and pii not in log_contents)
    def test_bad_id_token_base64_in_response(self):
        foundWarning = False
        util.setup_expected_user_realm_response_common(False)
        response = util.create_response()

        def findIdTokenWarning(level, message):
            if 'decoded' in message:
                foundWarning = True
        util.turn_on_logging() #, findIdTokenWarning)
        #util.turnOnLogging(None, findIdTokenWarning)

        response['wireResponse']['id_token'] = 'aaaaaaa./+===.aaaaaa'
        authorityUrl = response['authority'] + '/' + cp['tenant']
        upRequest = self.setup_expected_username_password_request_response(200, response['wireResponse'], authorityUrl)

        token_response = adal.acquire_token_with_username_password(authorityUrl, cp['username'], cp['password'], cp['clientId'], response['resource'])

        self.assertTrue(foundWarning, 'Did not see expected warning message about bad id_token base64.')
    def test_bad_id_token_base64_in_response(self):
        foundWarning = False
        util.setup_expected_user_realm_response_common(False)
        response = util.create_response()
      
        log_content = StringIO()
        handler = logging.StreamHandler(log_content)
        util.turn_on_logging(level='WARNING', handler=handler)

        response['wireResponse']['id_token'] = 'aaaaaaa./+===.aaaaaa'
        expected_warn = 'The returned id_token could not be decoded: aaaaaaa./+===.aaaaaa'
        authorityUrl = response['authority'] 
        upRequest = self.setup_expected_username_password_request_response(200, response['wireResponse'], authorityUrl)

        context = adal.AuthenticationContext(authorityUrl)

        #action and verify
        self.assertRaises(UnicodeDecodeError, context.acquire_token_with_username_password, response['resource'], cp['username'], cp['password'], cp['clientId'])
Beispiel #9
0
    def test_bad_id_token_base64_in_response(self):
        foundWarning = False
        util.setup_expected_user_realm_response_common(False)
        response = util.create_response()
      
        log_content = StringIO()
        handler = logging.StreamHandler(log_content)
        util.turn_on_logging(level='WARNING', handler=handler)

        response['wireResponse']['id_token'] = 'aaaaaaa./+===.aaaaaa'
        expected_warn = 'The returned id_token could not be decoded: aaaaaaa./+===.aaaaaa'
        authorityUrl = response['authority'] 
        upRequest = self.setup_expected_username_password_request_response(200, response['wireResponse'], authorityUrl)

        context = adal.AuthenticationContext(authorityUrl)

        #action and verify
        self.assertRaises(UnicodeDecodeError, context.acquire_token_with_username_password, response['resource'], cp['username'], cp['password'], cp['clientId'])