def test_no_matching_account_for_tenant_or_username(): """two cached accounts, username and tenant specified, one account matches each -> credential should raise""" refresh_token_a = "refresh-token-a" refresh_token_b = "refresh-token-b" upn_a = "a@foo" upn_b = "b@foo" tenant_a = "tenant-a" tenant_b = "tenant-b" account_a = get_account_event(username=upn_a, uid="uid_a", utid=tenant_a, refresh_token=refresh_token_a) account_b = get_account_event(username=upn_b, uid="uid_b", utid=tenant_b, refresh_token=refresh_token_b) cache = populated_cache(account_a, account_b) transport = Mock(side_effect=Exception()) # credential shouldn't use the network credential = SharedTokenCacheCredential(username=upn_a, tenant_id=tenant_b, _cache=cache, transport=transport) with pytest.raises(CredentialUnavailableError) as ex: credential.get_token("scope") assert ex.value.message.startswith(NO_MATCHING_ACCOUNTS[: NO_MATCHING_ACCOUNTS.index("{")]) assert upn_a in ex.value.message and tenant_b in ex.value.message credential = SharedTokenCacheCredential(username=upn_b, tenant_id=tenant_a, _cache=cache, transport=transport) with pytest.raises(CredentialUnavailableError) as ex: credential.get_token("scope") assert ex.value.message.startswith(NO_MATCHING_ACCOUNTS[: NO_MATCHING_ACCOUNTS.index("{")]) assert upn_b in ex.value.message and tenant_a in ex.value.message
def test_no_matching_account_for_tenant_and_username(): """one cached account, tenant and username specified, neither match -> credential should raise""" upn = "spam@eggs" tenant = "some-guid" account = get_account_event(username=upn, uid="uid", utid=tenant, refresh_token="refresh-token") cache = populated_cache(account) with pytest.raises(CredentialUnavailableError) as ex: SharedTokenCacheCredential(_cache=cache, tenant_id="not-" + tenant, username="******" + upn).get_token("scope") assert ex.value.message.startswith(NO_MATCHING_ACCOUNTS[: NO_MATCHING_ACCOUNTS.index("{")]) assert "not" + upn in ex.value.message and "not-" + tenant in ex.value.message
def test_no_matching_account_for_tenant(): """one cached account, tenant specified, tenant doesn't match -> credential should raise""" upn = "spam@eggs" tenant = "some-guid" account = get_account_event(username=upn, uid="uid", utid=tenant, refresh_token="refresh-token") cache = populated_cache(account) with pytest.raises(ClientAuthenticationError) as ex: SharedTokenCacheCredential(_cache=cache, tenant_id="not-" + tenant).get_token("scope") assert ex.value.message.startswith(NO_MATCHING_ACCOUNTS[: NO_MATCHING_ACCOUNTS.index("{")]) discovered_accounts = ex.value.message.splitlines()[-1] assert upn in discovered_accounts and tenant in discovered_accounts