def test_http_error(self): tokenRequest = util.setup_expected_client_cred_token_request_response(403) with self.assertRaisesRegexp(Exception, "403"): adal.acquire_token_with_client_credentials( cp["authUrl"], cp["clientId"], cp["clientSecret"], cp["resource"] )
def test_http_error(self): tokenRequest = util.setup_expected_client_cred_token_request_response( 403) with self.assertRaisesRegexp(Exception, '403'): adal.acquire_token_with_client_credentials(cp['authUrl'], cp['clientId'], cp['clientSecret'], cp['resource'])
def test_success_with_junk_return(self): junkResponse = "This is not properly formated return value." tokenRequest = util.setup_expected_client_cred_token_request_response(200, junkResponse) with self.assertRaises(Exception): adal.acquire_token_with_client_credentials( cp["authUrl"], cp["clientId"], cp["clientSecret"], cp["resource"] )
def test_error_with_junk_return(self): junkResponse = 'This is not properly formated return value.' tokenRequest = util.setup_expected_client_cred_token_request_response( 400, junkResponse) with self.assertRaises(Exception): adal.acquire_token_with_client_credentials(cp['authUrl'], cp['clientId'], cp['clientSecret'], cp['resource'])
def test_oauth_error(self): errorResponse = { "error": "invalid_client", "error_description": "This is a test error description", "error_uri": "http://errordescription.com/invalid_client.html", } tokenRequest = util.setup_expected_client_cred_token_request_response(400, errorResponse) with self.assertRaisesRegexp(Exception, "Get Token request returned http error: 400 and server response:"): adal.acquire_token_with_client_credentials( cp["authUrl"], cp["clientId"], cp["clientSecret"], cp["resource"] )
def test_validation_error(self): returnDoc = { 'error' : 'invalid_instance', 'error_description' : 'the instance was invalid' } util.setup_expected_instance_discovery_request(400, cp['authorityHosts']['global'], returnDoc, self.nonHardCodedAuthorizeEndpoint) with self.assertRaisesRegexp(Exception, 'instance was invalid'): token_response = adal.acquire_token_with_client_credentials( self.nonHardCodedAuthority, cp['clientId'], cp['clientSecret'], cp['resource'])
async def test_connection(request): response = await request.read() data = json.loads(response.decode()) connection_data = data["data"] connection_id = data["id"] tenant_id = connection_data["tenantId"] client_id = connection_data["clientId"] client_secret = connection_data["clientSecret"] try: logging.error("Getting token for tenant %s and client id %s..." % (tenant_id, client_id)) token_response = adal.acquire_token_with_client_credentials( "https://login.microsoftonline.com/%s" % tenant_id, client_id, client_secret) logging.info("Access token acquired") response = await aiohttp.patch("%s/connections/%s" % (api, connection_id), data={"verified": "true"}) except Exception as ex: logging.error("Error getting token: %s" % ex) response = await aiohttp.patch("%s/connections/%s" % (api, connection_id), data={"verified": "false", "verificationError": ex}) return web.Response(body=b"{}")
def get_token_from_client_credentials(authority, client_id, secret): import adal token_response = adal.acquire_token_with_client_credentials( authority, client_id, secret, ) return token_response.get('accessToken')
def get_credentials_from_client_credentials(authority, client_id, secret): import adal token_response = adal.acquire_token_with_client_credentials( authority, client_id, secret, ) return token_response.get('accessToken')
def test_oauth_error(self): errorResponse = { 'error': 'invalid_client', 'error_description': 'This is a test error description', 'error_uri': 'http://errordescription.com/invalid_client.html' } tokenRequest = util.setup_expected_client_cred_token_request_response( 400, errorResponse) with self.assertRaisesRegexp( Exception, 'Get Token request returned http error: 400 and server response:' ): adal.acquire_token_with_client_credentials(cp['authUrl'], cp['clientId'], cp['clientSecret'], cp['resource'])
def test_happy_path(self): response_options = {"noRefresh": True} response = util.create_response(response_options) token_request = util.setup_expected_client_cred_token_request_response(200, response["wireResponse"]) token_response = adal.acquire_token_with_client_credentials( cp["authUrl"], cp["clientId"], cp["clientSecret"], response["resource"] ) self.assertTrue( util.is_match_token_response(response["cachedResponse"], token_response), "The response does not match what was expected.: " + str(token_response), )
def GetAzureAccessHeaders(): authority = 'https://login.microsoftonline.com/' + os.environ['AZURE_TENANT_ID'] client_id = os.environ['AZURE_CLIENT_ID'] client_secret = os.environ['AZURE_APPKEY'] token_response = adal.acquire_token_with_client_credentials( authority, client_id, client_secret ) access_token = token_response.get('accessToken') headers = {"Authorization": 'Bearer ' + access_token} return headers
def test_happy_path(self): response_options = {'noRefresh': True} response = util.create_response(response_options) token_request = util.setup_expected_client_cred_token_request_response( 200, response['wireResponse']) token_response = adal.acquire_token_with_client_credentials( cp['authUrl'], cp['clientId'], cp['clientSecret'], response['resource']) self.assertTrue( util.is_match_token_response(response['cachedResponse'], token_response), 'The response does not match what was expected.: ' + str(token_response))
def performStaticInstanceDiscovery(self, authorityHost, callback): hardCodedAuthority = 'https://' + authorityHost + '/' + cp['tenant'] responseOptions = { 'authority' : hardCodedAuthority } response = util.create_response(responseOptions) wireResponse = response['wireResponse'] tokenRequest = util.setup_expected_client_cred_token_request_response(200, wireResponse, hardCodedAuthority) token_response = adal.acquire_token_with_client_credentials( hardCodedAuthority, cp['clientId'], cp['clientSecret'], response['resource']) self.assertTrue( util.is_match_token_response(response['cachedResponse'], token_response), 'The response does not match what was expected.: ' + str(token_response) )
def get_data(self, external_id): import httplib, urllib, base64, adal, os, json, pprint, time LOG.debug('Invoke get_data') url = self.baseUrlAuth + self.tenantId azureResource = self.baseUrlGraph LOG.debug('AuthUrl: ' + url) try: authresp = adal.acquire_token_with_client_credentials(url,self.clientId,self.clientKey,azureResource) token=authresp.get('accessToken') except Exception as e: raise Exception("Can't fetch authentication token from: "+ url) headers = {"Authorization": 'Bearer ' + token} params = urllib.urlencode({ 'api-version': '1.6' }) try: conn = httplib.HTTPSConnection(self.baseUrlGraph.replace("https://","").rstrip("/")) conn.request("GET", self.baseUrlGraph + "myorganization/users/"+external_id+"?%s" % params, "", headers) response = conn.getresponse() data = json.load(response) conn.close() except Exception as e: print(e) attributes = [ ] roles = self._get_roles(data, token, external_id) # On Demand provisioning of the user oid = self.get_oid(external_id) self.provision_user(oid, external_id) return { 'username': oid, 'first_name': data['givenName'], 'last_name': data['surname'], 'roles': roles, 'attributes': attributes }
def test_success_dynamic_instance_discovery(self): instanceDiscoveryRequest = util.setup_expected_instance_discovery_request( 200, cp['authorityHosts']['global'], {'tenant_discovery_endpoint' : 'http://foobar'}, self.nonHardCodedAuthorizeEndpoint ) responseOptions = { 'authority' : self.nonHardCodedAuthority} response = util.create_response(responseOptions) wireResponse = response['wireResponse'] util.setup_expected_client_cred_token_request_response(200, wireResponse, self.nonHardCodedAuthority) token_response = adal.acquire_token_with_client_credentials( self.nonHardCodedAuthority, cp['clientId'], cp['clientSecret'], response['resource']) self.assertTrue( util.is_match_token_response(response['cachedResponse'], token_response), 'The response does not match what was expected.: ' + str(token_response) )
from time import sleep, ctime import sys test_passed = True appName = 'azureTesting' authority = 'https://login.microsoftonline.com/' + os.environ['AZURE_TENANT_ID'] client_id = os.environ['AZURE_CLIENT_ID'] client_secret = os.environ['AZURE_APPKEY'] subscription_id = os.environ['AZURE_SUBSCRIPTION_ID'] clouddriver_host = 'http://localhost:7002' azure_creds = os.getenv('AZURE_CREDENTIALS', 'azure-cred1') token_response = adal.acquire_token_with_client_credentials( authority, client_id, client_secret ) access_token = token_response.get('accessToken') headers = {"Authorization": 'Bearer ' + access_token} security_group_endpoint = 'https://management.azure.com/subscriptions/' + subscription_id + '/resourceGroups/' + appName + '-westus/providers/Microsoft.Network/networkSecurityGroups/' + appName + '-st1-d1?api-version=2015-05-01-preview' deployment_endpoint = 'https://management.azure.com/subscriptions/' + subscription_id + '/resourceGroups/' + appName + '-westus/providers/microsoft.resources/deployments/' + appName + '-st1-d1-deployment?api-version=2015-11-01' print ctime(), ' - Check for existing security group' sys.stdout.flush() r = requests.get(security_group_endpoint, headers=headers) #the next line will fail if there is not 'error' as the first element. #this should pass if the security group has not been created yet
def test_acquire_token_with_client_creds(self): token_response = adal.acquire_token_with_client_credentials( client_cred_params['authority'], client_cred_params['client_id'], client_cred_params['secret']) self.validate_token_response_client_credentials(token_response)
def test_http_error(self): util.setup_expected_instance_discovery_request(500, cp['authorityHosts']['global'], None, self.nonHardCodedAuthorizeEndpoint) with self.assertRaisesRegexp(Exception, '500'): token_response = adal.acquire_token_with_client_credentials( self.nonHardCodedAuthority, cp['clientId'], cp['clientSecret'], cp['resource'])
def get_access_token(tenant_id, application_id, application_secret): token_response = adal.acquire_token_with_client_credentials( authentication_endpoint + tenant_id, application_id, application_secret) return token_response.get('accessToken')