Пример #1
0
    async def test_emulator_msa_header_correct_app_id_and_service_url_should_validate(
        self,
    ):
        header = (
            "Bearer "
            + MicrosoftAppCredentials(
                "2cd87869-38a0-4182-9251-d056e8f0ac24", "2.30Vs3VQLKt974F"
            ).get_access_token()
        )
        credentials = SimpleCredentialProvider(
            "2cd87869-38a0-4182-9251-d056e8f0ac24", ""
        )
        result = await JwtTokenValidation.validate_auth_header(
            header, credentials, "", "https://webchat.botframework.com/"
        )

        result_with_provider = await JwtTokenValidation.validate_auth_header(
            header,
            credentials,
            SimpleChannelProvider(),
            "https://webchat.botframework.com/",
        )

        assert result
        assert result_with_provider
Пример #2
0
    async def test_connector_auth_header_with_different_bot_app_id_should_not_validate(
        self,
    ):
        header = (
            "Bearer "
            + MicrosoftAppCredentials(
                "2cd87869-38a0-4182-9251-d056e8f0ac24", "2.30Vs3VQLKt974F"
            ).get_access_token()
        )
        credentials = SimpleCredentialProvider(
            "00000000-0000-0000-0000-000000000000", ""
        )
        with pytest.raises(Exception) as excinfo:
            await JwtTokenValidation.validate_auth_header(
                header, credentials, "", "https://webchat.botframework.com/"
            )
        assert "Unauthorized" in str(excinfo.value)

        with pytest.raises(Exception) as excinfo2:
            await JwtTokenValidation.validate_auth_header(
                header,
                credentials,
                SimpleChannelProvider(),
                "https://webchat.botframework.com/",
            )
        assert "Unauthorized" in str(excinfo2.value)
    async def test_empty_header_and_no_credential_should_throw(self):
        header = ""
        credentials = SimpleCredentialProvider("", "")
        with pytest.raises(Exception) as excinfo:
            await JwtTokenValidation.validate_auth_header(
                header, credentials, "", None)
        assert "auth_header" in str(excinfo.value)

        with pytest.raises(Exception) as excinfo2:
            await JwtTokenValidation.validate_auth_header(
                header, credentials, SimpleChannelProvider(), None)
        assert "auth_header" in str(excinfo2.value)
Пример #4
0
    def __init__(
        self,
        app_id: str,
        app_password: str = None,
        channel_auth_tenant: str = None,
        oauth_endpoint: str = None,
        open_id_metadata: str = None,
        channel_provider: ChannelProvider = None,
        auth_configuration: AuthenticationConfiguration = None,
        app_credentials: AppCredentials = None,
        credential_provider: CredentialProvider = None,
    ):
        """
        Contains the settings used to initialize a :class:`BotFrameworkAdapter` instance.

        :param app_id: The bot application ID.
        :type app_id: str
        :param app_password: The bot application password.
        the value os the `MicrosoftAppPassword` parameter in the `config.py` file.
        :type app_password: str
        :param channel_auth_tenant: The channel tenant to use in conversation
        :type channel_auth_tenant: str
        :param oauth_endpoint:
        :type oauth_endpoint: str
        :param open_id_metadata:
        :type open_id_metadata: str
        :param channel_provider: The channel provider
        :type channel_provider: :class:`botframework.connector.auth.ChannelProvider`.  Defaults to SimpleChannelProvider
        if one isn't specified.
        :param auth_configuration:
        :type auth_configuration: :class:`botframework.connector.auth.AuthenticationConfiguration`
        :param credential_provider: Defaults to SimpleCredentialProvider if one isn't specified.
        :param app_credentials: Allows for a custom AppCredentials.  Used, for example, for CertificateAppCredentials.
        """

        self.app_id = app_id
        self.app_password = app_password
        self.app_credentials = app_credentials
        self.channel_auth_tenant = channel_auth_tenant
        self.oauth_endpoint = oauth_endpoint
        self.channel_provider = (channel_provider if channel_provider else
                                 SimpleChannelProvider())
        self.credential_provider = (credential_provider if credential_provider
                                    else SimpleCredentialProvider(
                                        self.app_id, self.app_password))
        self.auth_configuration = auth_configuration or AuthenticationConfiguration(
        )

        # If no open_id_metadata values were passed in the settings, check the
        # process' Environment Variable.
        self.open_id_metadata = (
            open_id_metadata if open_id_metadata else os.environ.get(
                AuthenticationConstants.BOT_OPEN_ID_METADATA_KEY))
    async def __process_activity_creates_correct_creds_and_client(
        self,
        bot_app_id: str,
        expected_caller_id: str,
        channel_service: str,
        expected_scope: str,
        expected_app_credentials_count: int,
        expected_client_credentials_count: int,
    ):
        identity = ClaimsIdentity({}, True)
        if bot_app_id:
            identity.claims = {
                AuthenticationConstants.AUDIENCE_CLAIM: bot_app_id,
                AuthenticationConstants.APP_ID_CLAIM: bot_app_id,
                AuthenticationConstants.VERSION_CLAIM: "1.0",
            }

        credential_provider = SimpleCredentialProvider(bot_app_id, None)
        service_url = "https://smba.trafficmanager.net/amer/"

        async def callback(context: TurnContext):
            TestBotFrameworkAdapter.get_creds_and_assert_values(
                context,
                bot_app_id,
                expected_scope,
                expected_app_credentials_count,
            )
            TestBotFrameworkAdapter.get_client_and_assert_values(
                context,
                bot_app_id,
                expected_scope,
                service_url,
                expected_client_credentials_count,
            )

            assert context.activity.caller_id == expected_caller_id

        settings = BotFrameworkAdapterSettings(
            bot_app_id,
            credential_provider=credential_provider,
            channel_provider=SimpleChannelProvider(channel_service),
        )
        sut = BotFrameworkAdapter(settings)
        await sut.process_activity_with_identity(
            Activity(
                channel_id="emulator",
                service_url=service_url,
                text="test",
            ),
            identity,
            callback,
        )
    async def test_emulator_auth_header_correct_app_id_and_service_url_with_private_channel_service_should_validate(
        self, ):
        await jwt_token_validation_validate_auth_header_with_channel_service_succeeds(
            "2cd87869-38a0-4182-9251-d056e8f0ac24",  # emulator creds
            "2.30Vs3VQLKt974F",
            "TheChannel",
        )

        await jwt_token_validation_validate_auth_header_with_channel_service_succeeds(
            "2cd87869-38a0-4182-9251-d056e8f0ac24",  # emulator creds
            "2.30Vs3VQLKt974F",
            SimpleChannelProvider("TheChannel"),
        )
    async def test_emulator_auth_header_correct_app_id_and_service_url_with_gov_channel_service_should_validate(
        self, ):
        await jwt_token_validation_validate_auth_header_with_channel_service_succeeds(
            "2cd87869-38a0-4182-9251-d056e8f0ac24",  # emulator creds
            "2.30Vs3VQLKt974F",
            GovernmentConstants.CHANNEL_SERVICE,
        )

        await jwt_token_validation_validate_auth_header_with_channel_service_succeeds(
            "2cd87869-38a0-4182-9251-d056e8f0ac24",  # emulator creds
            "2.30Vs3VQLKt974F",
            SimpleChannelProvider(GovernmentConstants.CHANNEL_SERVICE),
        )
    async def test_emulator_msa_header_and_no_credential_should_not_validate(
            self):
        # pylint: disable=protected-access
        header = (
            "Bearer " +
            MicrosoftAppCredentials("2cd87869-38a0-4182-9251-d056e8f0ac24",
                                    "2.30Vs3VQLKt974F").get_access_token())
        credentials = SimpleCredentialProvider(
            "00000000-0000-0000-0000-000000000000", "")
        with pytest.raises(Exception) as excinfo:
            await JwtTokenValidation.validate_auth_header(
                header, credentials, "", None)
        assert "Unauthorized" in str(excinfo._excinfo)

        with pytest.raises(Exception) as excinfo2:
            await JwtTokenValidation.validate_auth_header(
                header, credentials, SimpleChannelProvider(), None)
        assert "Unauthorized" in str(excinfo2._excinfo)