async def test_generate_uri_contains_expected_payloads_dto(user_id, roles):
client = WebPubSubServiceClient.from_connection_string(
f"Endpoint=http://localhost;Port=8080;AccessKey={access_key};Version=1.0;",
"hub")
minutes_to_expire = 5
token = await client.get_client_access_token(
user_id=user_id, roles=roles, minutes_to_expire=minutes_to_expire)
assert token
assert len(token) == 3
assert set(token.keys()) == set(["baseUrl", "url", "token"])
assert f"access_token={token['token']}" == urlparse(token["url"]).query
token = token['token']
decoded_token = _decode_token(client, token)
assert decoded_token['aud'] == f"{client._config.endpoint}/client/hubs/hub"
# default expire should be around 5 minutes
assert decoded_token['exp'] - decoded_token[
'iat'] >= minutes_to_expire * 60 - 5
assert decoded_token['exp'] - decoded_token[
'iat'] <= minutes_to_expire * 60 + 5
if user_id:
assert decoded_token['sub'] == user_id
else:
assert not decoded_token.get('sub')
if roles:
assert decoded_token['role'] == roles
else:
assert not decoded_token.get('role')
async def test_pass_in_jwt_headers(connection_string):
client = WebPubSubServiceClient.from_connection_string(
connection_string, "hub")
kid = '1234567890'
token = (await
client.get_client_access_token(jwt_headers={"kid": kid}))['token']
assert jwt.get_unverified_header(token)['kid'] == kid
async def main():
# Set the values of the client ID, tenant ID, and client secret of the AAD application as environment variables:
# AZURE_CLIENT_ID, AZURE_TENANT_ID, AZURE_CLIENT_SECRET, WEBPUBSUB_ENDPOINT, WEBPUBSUB_CONNECTION_STRING
try:
endpoint = os.environ["WEBPUBSUB_ENDPOINT"]
connection_string = os.environ['WEBPUBSUB_CONNECTION_STRING']
except KeyError:
LOG.error(
"Missing environment variable 'WEBPUBSUB_ENDPOINT' or 'WEBPUBSUB_CONNECTION_STRING' - please set if before running the example"
)
exit()
# Build a client through AAD(async)
async with DefaultAzureCredential() as credential:
async with WebPubSubServiceClientAsync(
endpoint=endpoint, hub='hub',
credential=credential) as client_aad_async:
# Build authentication token(async)
token_aad_async = await client_aad_async.get_client_access_token()
print('token by AAD(async): {}'.format(token_aad_async))
# Build a client through connection string(async)
async with WebPubSubServiceClientAsync.from_connection_string(
connection_string, hub='hub') as client_key_async:
# Build authentication token(async)
token_key_async = await client_key_async.get_client_access_token()
print('token by access key(async): {}'.format(token_key_async))
def create_client(self, endpoint=None, hub=None, reverse_proxy_endpoint=None, **kwargs):
if kwargs.get("connection_string"):
return WebPubSubServiceClient.from_connection_string(kwargs.pop("connection_string"), hub)
credential = self.get_credential(WebPubSubServiceClient, is_async=True)
return self.create_client_from_credential(
WebPubSubServiceClient,
credential=credential,
endpoint=endpoint,
hub=hub,
reverse_proxy_endpoint=reverse_proxy_endpoint
)
async def test_reverse_proxy_endpoint_redirection_identity():
def _callback(pipeline_request):
assert pipeline_request.http_request.url.startswith(
"https://apim.contoso.com/")
raise ValueError("Success!")
wps_endpoint = "https://wps.contoso.com/"
apim_endpoint = "https://apim.contoso.com/"
credential = AsyncFakeCredential()
request = build_send_to_all_request('Hub',
content='test_webpubsub_send_request',
content_type='text/plain')
async with WebPubSubServiceClient(
wps_endpoint, "Hub", credential,
reverse_proxy_endpoint=apim_endpoint) as client:
with pytest.raises(ValueError) as ex:
await client.send_request(request, raw_request_hook=_callback)
assert "Success!" in str(ex.value)
async def test_generate_url_use_same_kid_with_same_key(connection_string, hub,
expected_url):
client = WebPubSubServiceClient.from_connection_string(
connection_string, hub)
url_1 = (await client.get_client_access_token())['url']
url_2 = (await client.get_client_access_token())['url']
assert url_1.split("?")[0] == url_2.split("?")[0] == expected_url
token_1 = urlparse(url_1).query[len("access_token="):]
token_2 = urlparse(url_2).query[len("access_token="):]
decoded_token_1 = _decode_token(client, token_1)
decoded_token_2 = _decode_token(client, token_2)
assert len(decoded_token_1) == len(decoded_token_2) == 3
assert decoded_token_1['aud'] == decoded_token_2[
'aud'] == expected_url.replace('ws', 'http')
assert abs(decoded_token_1['iat'] - decoded_token_2['iat']) < 5
assert abs(decoded_token_1['exp'] - decoded_token_2['exp']) < 5
def test_parse_connection_string(connection_string, endpoint):
client = WebPubSubServiceClient.from_connection_string(
connection_string, "hub")
assert client._config.endpoint == endpoint
assert isinstance(client._config.credential, AzureKeyCredential)
assert client._config.credential.key == access_key