def test_federated_happy_path_and_correlation_id(self):
correlationId = '12300002-0000-0000-c000-000000000000'
util.set_correlation_id(correlationId)
util.setup_expected_user_realm_response_common(True)
util.setup_expected_mex_wstrust_request_common()
response = util.create_response()
assertion = self.setup_expected_oauth_assertion_request(response)
logFunctionCalled = False
def testCorrelationIdLog(level, message):
logFunctionCalled = True
self.assertIsNotNone(message)
logOptions = {
'level' : 3,
'log' : testCorrelationIdLog
}
oldOptions = log.get_logging_options()
log.set_logging_options(logOptions)
authorityUrl = response['authority'] + '/' + cp['tenant']
token_response = adal.acquire_token_with_username_password(authorityUrl, cp['username'], cp['password'], cp['clientId'], response['resource'])
self.assertTrue(util.isMatchTokenResponse(response['cachedResponse'], token_response), 'Response did not match expected: ' + JSON.stringify(token_response))
log.set_logging_options(oldOptions)
util.set_correlation_id()
self.assertTrue(util.isMatchTokenResponse(response['cachedResponse'], token_response), 'The response did not match what was expected')
self.assertTrue(logFunctionCalled, 'Logging was turned on but no messages were recieved.')
def test_acquire_token_with_user_pass_defaults(self):
authority = user_pass_params[
'authorityHostUrl'] + '/' + user_pass_params['tenant']
token_response = adal.acquire_token_with_username_password(
authority, user_pass_params['username'],
user_pass_params['password'])
self.validate_token_response_username_password(token_response)
def get_token_from_username_password(authority_url, username, password):
import adal
token_response = adal.acquire_token_with_username_password(
authority_url,
username,
password,
)
return token_response.get('accessToken')
def get_token_from_username_password(authority_url, username, password):
import adal
token_response = adal.acquire_token_with_username_password(
authority_url,
username,
password,
)
return token_response.get('accessToken')
def test_acquire_token_with_user_pass_explicit(self):
resource = '00000002-0000-0000-c000-000000000000'
client_id_xplat = '04b07795-8ddb-461a-bbee-02f9e1bf7b46'
authority = user_pass_params['authorityHostUrl'] + '/' + user_pass_params['tenant']
token_response = adal.acquire_token_with_username_password(
authority, user_pass_params['username'], user_pass_params['password'],
client_id_xplat, resource)
self.validate_token_response_username_password(token_response)
def test_managed_happy_path(self):
util.setup_expected_user_realm_response_common(False)
response = util.create_response()
authorityUrl = response['authority'] + '/' + cp['tenant']
upRequest = self.setup_expected_username_password_request_response(200, response['wireResponse'], authorityUrl)
token_response = adal.acquire_token_with_username_password(authorityUrl, cp['username'], cp['password'], cp['clientId'], response['resource'])
self.assertTrue(util.isMatchTokenResponse(response['cachedResponse'], token_response), 'Response did not match expected: ' + JSON.stringify(token_response))
def getaccesstokenfromusercredentials():
token_response = adal.acquire_token_with_username_password(
AUTHORIZATION_URL,
USERNAME,
PASSWORD,
resource=RESOURCE_URI
)
return token_response['accessToken']
def test_acquire_token_with_user_pass_explicit(self):
resource = '00000002-0000-0000-c000-000000000000'
client_id_xplat = '04b07795-8ddb-461a-bbee-02f9e1bf7b46'
authority = user_pass_params[
'authorityHostUrl'] + '/' + user_pass_params['tenant']
token_response = adal.acquire_token_with_username_password(
authority, user_pass_params['username'],
user_pass_params['password'], client_id_xplat, resource)
self.validate_token_response_username_password(token_response)
def test_no_access_token(self):
util.setup_expected_user_realm_response_common(False)
response = util.create_response()
del response['wireResponse']['access_token']
upRequest = self.setup_expected_username_password_request_response(200, response['wireResponse'], response['authority'])
authorityUrl = response['authority'] + '/' + cp['tenant']
# Did not receive expected error about missing token_type
with self.assertRaises(Exception):
token_response = adal.acquire_token_with_username_password(authorityUrl, cp['username'], cp['password'], cp['clientId'], response['resource'])
def test_acquire_token_with_refresh_token(self):
authority = user_pass_params['authorityHostUrl'] + '/' + user_pass_params['tenant']
# Get token using username password first
token_response = adal.acquire_token_with_username_password(
authority, user_pass_params['username'], user_pass_params['password'])
self.validate_token_response_username_password(token_response)
# Use returned refresh token to acquire a new token.
refresh_token = token_response['refreshToken']
token_response2 = adal.acquire_token_with_refresh_token(authority, refresh_token)
self.validate_token_response_refresh_token(token_response2)
def test_bad_int_in_response(self):
util.setup_expected_user_realm_response_common(False)
response = util.create_response()
response['wireResponse']['expires_in'] = 'foo'
upRequest = self.setup_expected_username_password_request_response(200, response['wireResponse'], response['authority'])
authorityUrl = response['authority'] + '/' + cp['tenant']
# Did not receive expected error about bad int parameter
with self.assertRaises(Exception):
token_response = adal.acquire_token_with_username_password(authorityUrl, cp['username'], cp['password'], cp['clientId'], response['resource'])
def test_acquire_token_with_refresh_token(self):
authority = user_pass_params[
'authorityHostUrl'] + '/' + user_pass_params['tenant']
# Get token using username password first
token_response = adal.acquire_token_with_username_password(
authority, user_pass_params['username'],
user_pass_params['password'])
self.validate_token_response_username_password(token_response)
# Use returned refresh token to acquire a new token.
refresh_token = token_response['refreshToken']
token_response2 = adal.acquire_token_with_refresh_token(
authority, refresh_token)
self.validate_token_response_refresh_token(token_response2)
def get_aad_access_token(self, provider_name, open_id):
# return str or None
account_info = self.get_aad_account_username_password(provider_name, open_id)
if not account_info:
return None
try:
token_response = adal.acquire_token_with_username_password(safe_get_config("adal.refresh_token_url", ""),
str(account_info["username"]),
str(account_info["password"]))
refresh_token = str(token_response['refreshToken'])
token_response = adal.acquire_token_with_refresh_token(safe_get_config('adal.access_token_url', ""), refresh_token)
return str(token_response["accessToken"])
except Exception as e:
log.error("fail to get access token")
return None
def test_bad_id_token_base64_in_response(self):
foundWarning = False
util.setup_expected_user_realm_response_common(False)
response = util.create_response()
def findIdTokenWarning(level, message):
if 'decoded' in message:
foundWarning = True
util.turn_on_logging() #, findIdTokenWarning)
#util.turnOnLogging(None, findIdTokenWarning)
response['wireResponse']['id_token'] = 'aaaaaaa./+===.aaaaaa'
authorityUrl = response['authority'] + '/' + cp['tenant']
upRequest = self.setup_expected_username_password_request_response(200, response['wireResponse'], authorityUrl)
token_response = adal.acquire_token_with_username_password(authorityUrl, cp['username'], cp['password'], cp['clientId'], response['resource'])
self.assertTrue(foundWarning, 'Did not see expected warning message about bad id_token base64.')
def test_invalid_id_token(self):
''' TODO: Test Failing as of 2015/06/03 and needs to be completed. '''
util.setup_expected_user_realm_response_common(False)
response = util.create_response()
wireResponse = response['wireResponse']
response_options = { 'noIdToken' : True }
#response = util.create_response(response_options)
# break the id token
#idToken = wireResponse['id_token']
#idToken = idToken.replace('.', ' ')
#wireResponse['id_token'] = idToken
authorityUrl = response['authority'] + '/' + cp['tenant']
upRequest = self.setup_expected_username_password_request_response(200, wireResponse, authorityUrl)
token_response = adal.acquire_token_with_username_password(authorityUrl, cp['username'], cp['password'], cp['clientId'], response['resource'])
self.assertTrue(util.isMatchTokenResponse(response['cachedResponse'], token_response), 'Response did not match expected: ' + JSON.stringify(token_response))
def get_aad_access_token(self, provider_name, open_id):
# return str or None
account_info = self.get_aad_account_username_password(
provider_name, open_id)
if not account_info:
return None
try:
token_response = adal.acquire_token_with_username_password(
safe_get_config("adal.refresh_token_url", ""),
str(account_info["username"]), str(account_info["password"]))
refresh_token = str(token_response['refreshToken'])
token_response = adal.acquire_token_with_refresh_token(
safe_get_config('adal.access_token_url', ""), refresh_token)
return str(token_response["accessToken"])
except Exception as e:
log.error("fail to get access token")
return None
import adal
from dynamics365crm.client import Client
import pandas as pd
import psycopg2
import numpy as np
pd.set_option('precision', 0)
RESOURCE_URI = 'RESOURCE URL'
# O365 credentials for authentication w/o login prompt
USERNAME = '******'
PASSWORD = '******'
# Azure Directory OAUTH 2.0 AUTHORIZATION ENDPOINT
AUTHORIZATION_URL = 'AUTH URL'
token_response = adal.acquire_token_with_username_password(
AUTHORIZATION_URL, USERNAME, PASSWORD, resource=RESOURCE_URI)
token = token_response['accessToken']
refresh = token_response['refreshToken']
client = Client(RESOURCE_URI, token)
stoken = client.set_token(token)
get_accounts = client.get_accounts()
accounts = get_accounts['value']
df = pd.DataFrame(accounts)
df = df[df['new_nameindy'].notnull()]
columns = list(df.columns)
def test_acquire_token_with_user_pass_defaults(self):
authority = user_pass_params['authorityHostUrl'] + '/' + user_pass_params['tenant']
token_response = adal.acquire_token_with_username_password(
authority, user_pass_params['username'], user_pass_params['password'])
self.validate_token_response_username_password(token_response)
