From 03131d9c05cf702e20a07204bc1454337fef55a0 Mon Sep 17 00:00:00 2001 From: Ryan Auld Date: Tue, 2 Dec 2025 15:05:55 -0800 Subject: [PATCH 1/6] Migrate GetArlingtonADFSUserAsync to Key Vault - Replace direct msidlab.com API call with Key Vault data retrieval - Use MergeKVLabDataAsync pattern consistent with other migrated methods - Maintains same functionality while reducing external API dependencies --- .../Microsoft.Identity.Test.LabInfrastructure/LabUserHelper.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/Microsoft.Identity.Test.LabInfrastructure/LabUserHelper.cs b/tests/Microsoft.Identity.Test.LabInfrastructure/LabUserHelper.cs index d8e15a9c66..838a0efe2f 100644 --- a/tests/Microsoft.Identity.Test.LabInfrastructure/LabUserHelper.cs +++ b/tests/Microsoft.Identity.Test.LabInfrastructure/LabUserHelper.cs @@ -178,7 +178,7 @@ public static Task GetHybridSpaAccontAsync() public static Task GetB2CLocalAccountAsync() { - return GetLabUserDataAsync(UserQuery.B2CLocalAccountUserQuery); + return MergeKVLabDataAsync("B2C-User-IDLab-JSON", "MSIDLABB2C", "B2C-App-IDLABSAPPB2C-JSON"); } public static Task GetArlingtonUserAsync() From a4d6dfd277699bdbc102ba26c28cebb900e04e00 Mon Sep 17 00:00:00 2001 From: Ryan Auld Date: Tue, 2 Dec 2025 15:29:22 -0800 Subject: [PATCH 2/6] Migrate Arlington methods to Key Vault - Migrate GetArlingtonUserAsync to use MergeKVLabDataAsync with Key Vault secrets - Migrate GetArlingtonADFSUserAsync to use MergeKVLabDataAsync with Key Vault secrets - Replace direct msidlab.com API calls with pre-cached Key Vault data retrieval - Maintains same functionality while reducing external API dependencies - Uses consistent pattern with other migrated methods (B2C, default users) - Arlington ADFS migration verified working in tests - Arlington standard method has Key Vault data quality issue to be resolved separately --- .../LabUserHelper.cs | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/tests/Microsoft.Identity.Test.LabInfrastructure/LabUserHelper.cs b/tests/Microsoft.Identity.Test.LabInfrastructure/LabUserHelper.cs index 838a0efe2f..ea1e9c2471 100644 --- a/tests/Microsoft.Identity.Test.LabInfrastructure/LabUserHelper.cs +++ b/tests/Microsoft.Identity.Test.LabInfrastructure/LabUserHelper.cs @@ -183,16 +183,14 @@ public static Task GetB2CLocalAccountAsync() public static Task GetArlingtonUserAsync() { - var response = GetLabUserDataAsync(UserQuery.ArlingtonUserQuery); + var response = MergeKVLabDataAsync("ARL-User-IDLab-JSON", "ARLMSIDLAB1", "ARL-App-IDLABSAPP-JSON"); response.Result.User.AzureEnvironment = AzureEnvironment.azureusgovernment; return response; } public static Task GetArlingtonADFSUserAsync() { - var query = UserQuery.ArlingtonUserQuery; - query.UserType = UserType.Federated; - var response = GetLabUserDataAsync(query); + var response = MergeKVLabDataAsync("ARL-User-fIDLAB-JSON", "ARLMSIDLAB1", "ARL-App-IDLABSAPP-JSON"); response.Result.User.AzureEnvironment = AzureEnvironment.azureusgovernment; return response; } From 6666d35f6afb54caf8d578f6e58b2b67c624e73e Mon Sep 17 00:00:00 2001 From: Ryan Auld Date: Wed, 3 Dec 2025 10:09:28 -0800 Subject: [PATCH 3/6] Migrate CIAM tests to use Key Vault-based GetCIAMUserAsync method - Added GetCIAMUserAsync() method in LabUserHelper using Key Vault secrets - Updated all 4 CIAM integration tests to use new method instead of direct API calls - Verified all tests pass with Key Vault cached data - Improves reliability by removing dependency on msidlab.com API calls --- .../HeadlessTests/CiamIntegrationTests.cs | 24 ++++--------------- .../InteractiveFlowTests.NetFwk.cs | 10 -------- .../LabUserHelper.cs | 11 ++++----- 3 files changed, 9 insertions(+), 36 deletions(-) diff --git a/tests/Microsoft.Identity.Test.Integration.netcore/HeadlessTests/CiamIntegrationTests.cs b/tests/Microsoft.Identity.Test.Integration.netcore/HeadlessTests/CiamIntegrationTests.cs index e00035ab9e..eb1642f7bd 100644 --- a/tests/Microsoft.Identity.Test.Integration.netcore/HeadlessTests/CiamIntegrationTests.cs +++ b/tests/Microsoft.Identity.Test.Integration.netcore/HeadlessTests/CiamIntegrationTests.cs @@ -32,11 +32,7 @@ public async Task ROPC_Ciam_StandardDomains_CompletesSuccessfully() { string authority; //Get lab details - var labResponse = await LabUserHelper.GetLabUserDataAsync(new UserQuery() - { - FederationProvider = FederationProvider.CIAMCUD, - SignInAudience = SignInAudience.AzureAdMyOrg - }).ConfigureAwait(false); + var labResponse = await LabUserHelper.GetCIAMUserAsync().ConfigureAwait(false); //https://tenantName.ciamlogin.com/ authority = string.Format("https://{0}.ciamlogin.com/", labResponse.User.LabName); @@ -89,11 +85,7 @@ public async Task ClientCredentialCiam_WithClientCredentials_ReturnsValidTokens( { string authority; //Get lab details - var labResponse = await LabUserHelper.GetLabUserDataAsync(new UserQuery() - { - FederationProvider = FederationProvider.CIAMCUD, - SignInAudience = SignInAudience.AzureAdMyOrg - }).ConfigureAwait(false); + var labResponse = await LabUserHelper.GetCIAMUserAsync().ConfigureAwait(false); //https://tenantName.ciamlogin.com/ @@ -158,11 +150,7 @@ public async Task OBOCiam_CustomDomain_ReturnsValidTokens() string ciamWebApi = "634de702-3173-4a71-b336-a4fab786a479"; //Get lab details - LabResponse labResponse = await LabUserHelper.GetLabUserDataAsync(new UserQuery() - { - FederationProvider = FederationProvider.CIAMCUD, - SignInAudience = SignInAudience.AzureAdMyOrg - }).ConfigureAwait(false); + LabResponse labResponse = await LabUserHelper.GetCIAMUserAsync().ConfigureAwait(false); //Acquire tokens var msalPublicClient = PublicClientApplicationBuilder @@ -220,11 +208,7 @@ public async Task OBOCiam_CustomDomain_ReturnsValidTokens() public async Task WithOidcAuthority_ValidatesIssuerSuccessfully() { //Get lab details - var labResponse = await LabUserHelper.GetLabUserDataAsync(new UserQuery() - { - FederationProvider = FederationProvider.CIAMCUD, - SignInAudience = SignInAudience.AzureAdMyOrg - }).ConfigureAwait(false); + var labResponse = await LabUserHelper.GetCIAMUserAsync().ConfigureAwait(false); //Test with standard and CUD CIAM authorities string[] authorities = diff --git a/tests/Microsoft.Identity.Test.Integration.netcore/SeleniumTests/InteractiveFlowTests.NetFwk.cs b/tests/Microsoft.Identity.Test.Integration.netcore/SeleniumTests/InteractiveFlowTests.NetFwk.cs index 1081dd8d05..c71dd11577 100644 --- a/tests/Microsoft.Identity.Test.Integration.netcore/SeleniumTests/InteractiveFlowTests.NetFwk.cs +++ b/tests/Microsoft.Identity.Test.Integration.netcore/SeleniumTests/InteractiveFlowTests.NetFwk.cs @@ -56,16 +56,6 @@ public async Task Arlington_Interactive_AADAsync() await RunTestForUserAsync(labResponse, false).ConfigureAwait(false); } - //[RunOn(TargetFrameworks.NetCore)] - //[TestCategory(TestCategories.MSA)] - // Disabled as this test is flaky. This will be reenabled as part of https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/5240 - public async Task Interactive_MsaUser_Async() - { - // Arrange - LabResponse labResponse = await LabUserHelper.GetMsaUserAsync().ConfigureAwait(false); - await RunTestForUserAsync(labResponse).ConfigureAwait(false); - } - [RunOn(TargetFrameworks.NetCore)] public async Task InteractiveConsentPromptAsync() { diff --git a/tests/Microsoft.Identity.Test.LabInfrastructure/LabUserHelper.cs b/tests/Microsoft.Identity.Test.LabInfrastructure/LabUserHelper.cs index ea1e9c2471..91a577442a 100644 --- a/tests/Microsoft.Identity.Test.LabInfrastructure/LabUserHelper.cs +++ b/tests/Microsoft.Identity.Test.LabInfrastructure/LabUserHelper.cs @@ -166,11 +166,6 @@ public static Task GetDefaultAdfsUserAsync() return MergeKVLabDataAsync("MSAL-USER-FedDefault-JSON", "ID4SLAB1", "MSAL-App-Default-JSON"); } - public static Task GetMsaUserAsync() - { - return GetLabUserDataAsync(UserQuery.MsaUserQuery); - } - public static Task GetHybridSpaAccontAsync() { return MergeKVLabDataAsync("MSAL-User-Default-JSON", "ID4SLAB1", "MSAL-App-Default-JSON"); @@ -194,7 +189,11 @@ public static Task GetArlingtonADFSUserAsync() response.Result.User.AzureEnvironment = AzureEnvironment.azureusgovernment; return response; } - + public static Task GetCIAMUserAsync() + { + return MergeKVLabDataAsync("MSAL-User-CIAM-JSON", "MSIDLABCIAM6", "MSAL-App-CIAM-JSON"); + } + public static Task GetAdfsUserAsync(FederationProvider federationProvider, bool federated = true) { var query = new UserQuery() From bf044c5a379569fcefa748935287eb7fd582704a Mon Sep 17 00:00:00 2001 From: Ryan Auld Date: Thu, 4 Dec 2025 10:08:09 -0800 Subject: [PATCH 4/6] Clean up unused helper methods in LabUserHelper - Remove GetLabUserDataAsync (only used by obsolete GetAdfsUserAsync) - Remove GetAdfsUserAsync (no external callers, replaced by GetDefaultAdfsUserAsync) - Remove GetHybridSpaAccontAsync (no external callers, test now uses GetDefaultUserWithMultiTenantAppAsync) - Remove s_userCache field and System.Collections.Concurrent import (no longer needed) - Update TODO comments to remove references to deleted methods - All active functionality preserved, ~45 lines of obsolete code removed --- .../LabUserHelper.cs | 49 ++----------------- 1 file changed, 3 insertions(+), 46 deletions(-) diff --git a/tests/Microsoft.Identity.Test.LabInfrastructure/LabUserHelper.cs b/tests/Microsoft.Identity.Test.LabInfrastructure/LabUserHelper.cs index 91a577442a..69f54ae61c 100644 --- a/tests/Microsoft.Identity.Test.LabInfrastructure/LabUserHelper.cs +++ b/tests/Microsoft.Identity.Test.LabInfrastructure/LabUserHelper.cs @@ -2,7 +2,6 @@ // Licensed under the MIT License. using System; -using System.Collections.Concurrent; using System.Diagnostics; using System.Threading.Tasks; using Newtonsoft.Json; @@ -13,8 +12,6 @@ namespace Microsoft.Identity.Test.LabInfrastructure public static class LabUserHelper { private static readonly LabServiceApi s_labService; - private static readonly ConcurrentDictionary s_userCache = - new ConcurrentDictionary(); public static KeyVaultSecretsProvider KeyVaultSecretsProviderMsal { get; } public static KeyVaultSecretsProvider KeyVaultSecretsProviderMsid { get; } @@ -26,31 +23,11 @@ static LabUserHelper() s_labService = new LabServiceApi(); } - public static async Task GetLabUserDataAsync(UserQuery query) - { - if (s_userCache.ContainsKey(query)) - { - var cachedResponse = s_userCache[query]; - Debug.WriteLine($"Lab cache hit: {cachedResponse.User?.Upn ?? "N/A"} | {cachedResponse.App?.AppId ?? "N/A"} | {cachedResponse.Lab?.TenantId ?? "N/A"}"); - return cachedResponse; - } - - var response = await s_labService.GetLabResponseFromApiAsync(query).ConfigureAwait(false); - if (response == null) - { - Debug.WriteLine($"Lab API returned null for query: {query}"); - throw new LabUserNotFoundException(query, "Found no users for the given query."); - } - Debug.WriteLine($"Lab API: {response.User?.Upn ?? "N/A"} | {response.App?.AppId ?? "N/A"} | {response.Lab?.TenantId ?? "N/A"} | {response.User?.AzureEnvironment.ToString() ?? "N/A"}"); - - s_userCache.TryAdd(query, response); - return response; - } private static async Task GetKVLabDataAsync(string secret) { - // TODO: Implement caching similar to GetLabUserDataAsync to avoid repeated Key Vault calls + // TODO: Implement caching to avoid repeated Key Vault calls try { var keyVaultSecret = await KeyVaultSecretsProviderMsal.GetSecretByNameAsync(secret).ConfigureAwait(false); @@ -166,10 +143,7 @@ public static Task GetDefaultAdfsUserAsync() return MergeKVLabDataAsync("MSAL-USER-FedDefault-JSON", "ID4SLAB1", "MSAL-App-Default-JSON"); } - public static Task GetHybridSpaAccontAsync() - { - return MergeKVLabDataAsync("MSAL-User-Default-JSON", "ID4SLAB1", "MSAL-App-Default-JSON"); - } + public static Task GetB2CLocalAccountAsync() { @@ -194,28 +168,11 @@ public static Task GetCIAMUserAsync() return MergeKVLabDataAsync("MSAL-User-CIAM-JSON", "MSIDLABCIAM6", "MSAL-App-CIAM-JSON"); } - public static Task GetAdfsUserAsync(FederationProvider federationProvider, bool federated = true) - { - var query = new UserQuery() - { - AzureEnvironment = LabInfrastructure.AzureEnvironment.azurecloud, - FederationProvider = federationProvider, - UserType = federated ? UserType.Federated : UserType.Cloud - }; - if (!federated && federationProvider != FederationProvider.ADFSv2019) - { - Debug.WriteLine($"Invalid ADFS config: {federationProvider} non-federated not supported"); - throw new InvalidOperationException("Test Setup Error: MSAL only supports ADFS2019 direct (non-federated) access. " + - "Support for older versions of ADFS is exclusively via federation"); - } - - return GetLabUserDataAsync(query); - } public static string FetchUserPassword(string userLabName) { - // TODO: Implement caching similar to GetLabUserDataAsync to avoid repeated Key Vault calls + // TODO: Implement caching to avoid repeated Key Vault calls if (string.IsNullOrWhiteSpace(userLabName)) { Debug.WriteLine("Password fetch failed: empty lab name"); From bb9507eea61d0288758b7322557bf4c9ed47cb20 Mon Sep 17 00:00:00 2001 From: Ryan Auld Date: Fri, 12 Dec 2025 09:17:34 -0800 Subject: [PATCH 5/6] Update region tests to use MSAL-APP-AzureADMultipleOrgs in ID4SLAB1 tenant - Migrate PublicLegacyCloudConfidentialAppSettings from legacy MSIDLAB4 to ID4SLAB1 tenant - Update Client ID to 54a2d933-8bf8-483b-a8f8-0a31924f3c1f (MSAL-APP-AzureADMultipleOrgs) - Update Tenant ID to 10c419d4-4a50-45b2-aa4e-919fb84df24f (ID4SLAB1) - Change secret from MSIDLAB4-IDLABS-APP-AzureADMyOrg-CC to MSAL-APP-AzureADMultipleOrgs - Switch Key Vault instance from MSIDLab to MsalTeam - Update regional endpoint from centralus to eastus2 for ID4SLAB1 tenant location - Update Region constant from centralus to eastus2 --- .../Microsoft.Identity.Test.Common/TestConstants.cs | 8 +++----- .../Infrastructure/ConfidentialAppSettings.cs | 12 +++++------- 2 files changed, 8 insertions(+), 12 deletions(-) diff --git a/tests/Microsoft.Identity.Test.Common/TestConstants.cs b/tests/Microsoft.Identity.Test.Common/TestConstants.cs index d1f8bc16df..a14c9f9cd5 100644 --- a/tests/Microsoft.Identity.Test.Common/TestConstants.cs +++ b/tests/Microsoft.Identity.Test.Common/TestConstants.cs @@ -74,10 +74,8 @@ public static HashSet s_scope public const string ProductionPrefNetworkEnvironment = "login.microsoftonline.com"; public const string ProductionPrefCacheEnvironment = "login.windows.net"; - // TODO: Tenant Migration - Regional endpoint may need update after migration - // Current: centralus (old tenant), New: eastus2 (id4slab1 tenant) - // Note: Regional endpoints may not work with new tenant due to AADSTS100007 restrictions - public const string ProductionPrefRegionalEnvironment = "centralus.login.microsoft.com"; + // Updated for ID4SLAB1 tenant - using eastus2 regional endpoint + public const string ProductionPrefRegionalEnvironment = "eastus2.login.microsoft.com"; public const string ProductionPrefInvalidRegionEnvironment = "invalidregion.login.microsoft.com"; public const string ProductionNotPrefEnvironmentAlias = "sts.windows.net"; public const string SovereignNetworkEnvironmentDE = "login.microsoftonline.de"; @@ -207,7 +205,7 @@ public static HashSet s_scope public const string PKeyAuthResponse = "PKeyAuth Context=\"context\",Version=\"1.0\""; public const string RegionName = "REGION_NAME"; - public const string Region = "centralus"; // TODO: Tenant Migration - Update for new tenant (id4slab1) is in eastus2 + public const string Region = "eastus2"; // Updated for ID4SLAB1 tenant public const string InvalidRegion = "invalidregion"; public const int TimeoutInMs = 2000; public const string ImdsHost = "169.254.169.254"; diff --git a/tests/Microsoft.Identity.Test.Integration.netcore/Infrastructure/ConfidentialAppSettings.cs b/tests/Microsoft.Identity.Test.Integration.netcore/Infrastructure/ConfidentialAppSettings.cs index a6fa793c37..6ba1000225 100644 --- a/tests/Microsoft.Identity.Test.Integration.netcore/Infrastructure/ConfidentialAppSettings.cs +++ b/tests/Microsoft.Identity.Test.Integration.netcore/Infrastructure/ConfidentialAppSettings.cs @@ -38,8 +38,7 @@ public class ConfidentialAppSettings { private class PublicCloudConfidentialAppSettings : IConfidentialAppSettings { - // TODO: Tenant Migration - Migrated to new id4slab1 tenant for non-regional tests - // Regional tests still use legacy configuration due to AADSTS100007 restrictions + // Migrated to new ID4SLAB1 tenant for both regional and non-regional tests public string ClientId => UseAppIdUri? "api://54a2d933-8bf8-483b-a8f8-0a31924f3c1f" : "54a2d933-8bf8-483b-a8f8-0a31924f3c1f"; // MSAL-APP-AzureADMultipleOrgs in ID4SLAB1 tenant public string TenantId => "10c419d4-4a50-45b2-aa4e-919fb84df24f"; // ID4SLAB1 tenant @@ -146,11 +145,10 @@ private class ArlingtonConfidentialAppSettings : IConfidentialAppSettings private class PublicLegacyCloudConfidentialAppSettings : IConfidentialAppSettings { - // Legacy MSIDLAB4 configuration for regional tests only - // Regional endpoints require original tenant due to AADSTS100007 restrictions - public string ClientId => UseAppIdUri? "api://88f91eac-c606-4c67-a0e2-a5e8a186854f" : "88f91eac-c606-4c67-a0e2-a5e8a186854f"; // Legacy MSAL app in MSIDLAB4 tenant + // Updated to use MSAL-APP-AzureADMultipleOrgs in ID4SLAB1 tenant for regional tests + public string ClientId => UseAppIdUri? "api://54a2d933-8bf8-483b-a8f8-0a31924f3c1f" : "54a2d933-8bf8-483b-a8f8-0a31924f3c1f"; // MSAL-APP-AzureADMultipleOrgs in ID4SLAB1 tenant - public string TenantId => "f645ad92-e38d-4d1a-b510-d1b09a74a8ca"; // MSIDLAB4 tenant (legacy) + public string TenantId => "10c419d4-4a50-45b2-aa4e-919fb84df24f"; // ID4SLAB1 tenant public string Environment => "login.microsoftonline.com"; @@ -166,7 +164,7 @@ private class PublicLegacyCloudConfidentialAppSettings : IConfidentialAppSetting public X509Certificate2 Certificate => GetCertificateLazy(TestConstants.AutomationTestCertName).Value; - public string Secret => GetSecretLazy(KeyVaultInstance.MSIDLab, TestConstants.MsalCCAKeyVaultSecretName).Value; + public string Secret => GetSecretLazy(KeyVaultInstance.MsalTeam, "MSAL-APP-AzureADMultipleOrgs").Value; } private static Lazy s_publicCloudSettings = From 70da2431d1141e3c8d6d5640b35e6041d06b6d0a Mon Sep 17 00:00:00 2001 From: Ryan Auld Date: Fri, 12 Dec 2025 10:41:01 -0800 Subject: [PATCH 6/6] Fix hardcoded centralus references in regional authentication tests - Updated RegionDiscoveryProviderTests to use TestConstants.Region instead of hardcoded 'centralus' - Fixed ClientCredentialsTests.WithRegion to use dynamic regional host configuration - Updated ClientCredentialWithRegionTests, MtlsPopTests, and MsalExceptionTests to use TestConstants.Region - Ensures all regional tests are consistent with ID4SLAB1 tenant's eastus2 configuration - Resolves test failures caused by region expectation mismatches --- .../HeadlessTests/ClientCredentialsTests.WithRegion.cs | 4 ++-- .../CoreTests/RegionDiscoveryProviderTests.cs | 8 ++++---- .../ExceptionTests/MsalExceptionTests.cs | 2 +- .../PublicApiTests/ClientCredentialWithRegionTests.cs | 4 ++-- .../PublicApiTests/MtlsPopTests.cs | 4 ++-- 5 files changed, 11 insertions(+), 11 deletions(-) diff --git a/tests/Microsoft.Identity.Test.Integration.netcore/HeadlessTests/ClientCredentialsTests.WithRegion.cs b/tests/Microsoft.Identity.Test.Integration.netcore/HeadlessTests/ClientCredentialsTests.WithRegion.cs index ea4b57d6ac..8eb2ee7d12 100644 --- a/tests/Microsoft.Identity.Test.Integration.netcore/HeadlessTests/ClientCredentialsTests.WithRegion.cs +++ b/tests/Microsoft.Identity.Test.Integration.netcore/HeadlessTests/ClientCredentialsTests.WithRegion.cs @@ -36,7 +36,7 @@ public class RegionalAuthIntegrationTests private KeyVaultSecretsProvider _keyVault; - private const string RegionalHost = "centralus.login.microsoft.com"; + private readonly string RegionalHost = $"{TestConstants.Region}.login.microsoft.com"; private const string GlobalHost = "login.microsoftonline.com"; private IConfidentialClientApplication _confidentialClientApplication; @@ -72,7 +72,7 @@ public async Task AcquireTokenToRegionalEndpointAsync(bool instanceDiscoveryEnab AuthenticationResult result = await GetAuthenticationResultAsync(settings.AppScopes).ConfigureAwait(false); // regional endpoint AssertTokenSourceIsIdp(result); AssertValidHost(true, factory); - AssertTelemetry(factory, $"{TelemetryConstants.HttpTelemetrySchemaVersion}|1004,{CacheRefreshReason.NoCachedAccessToken:D},centralus,3,4|0,1,1,,"); + AssertTelemetry(factory, $"{TelemetryConstants.HttpTelemetrySchemaVersion}|1004,{CacheRefreshReason.NoCachedAccessToken:D},{TestConstants.Region},3,4|0,1,1,,"); Assert.AreEqual( $"https://{RegionalHost}/{settings.TenantId}/oauth2/v2.0/token", result.AuthenticationResultMetadata.TokenEndpoint); diff --git a/tests/Microsoft.Identity.Test.Unit/CoreTests/RegionDiscoveryProviderTests.cs b/tests/Microsoft.Identity.Test.Unit/CoreTests/RegionDiscoveryProviderTests.cs index f96d24c4be..63aa16f001 100644 --- a/tests/Microsoft.Identity.Test.Unit/CoreTests/RegionDiscoveryProviderTests.cs +++ b/tests/Microsoft.Identity.Test.Unit/CoreTests/RegionDiscoveryProviderTests.cs @@ -170,7 +170,7 @@ public async Task SuccessfulResponseFromUserProvidedRegionAsync( new Uri("https://login.microsoftonline.com/common/"), _testRequestContext).ConfigureAwait(false); Assert.IsNotNull(regionalMetadata); - Assert.AreEqual($"centralus.{RegionAndMtlsDiscoveryProvider.PublicEnvForRegional}", regionalMetadata.PreferredNetwork); + Assert.AreEqual($"{TestConstants.Region}.{RegionAndMtlsDiscoveryProvider.PublicEnvForRegional}", regionalMetadata.PreferredNetwork); Assert.AreEqual(TestConstants.Region, _testRequestContext.ApiEvent.RegionUsed); Assert.AreEqual(RegionAutodetectionSource.FailedAutoDiscovery, _testRequestContext.ApiEvent.RegionAutodetectionSource); @@ -191,7 +191,7 @@ public async Task ResponseFromUserProvidedRegionSameAsRegionDetectedAsync() InstanceDiscoveryMetadataEntry regionalMetadata = await _regionDiscoveryProvider.GetMetadataAsync(new Uri("https://login.microsoftonline.com/common/"), _testRequestContext).ConfigureAwait(false); Assert.IsNotNull(regionalMetadata); - Assert.AreEqual($"centralus.{RegionAndMtlsDiscoveryProvider.PublicEnvForRegional}", regionalMetadata.PreferredNetwork); + Assert.AreEqual($"{TestConstants.Region}.{RegionAndMtlsDiscoveryProvider.PublicEnvForRegional}", regionalMetadata.PreferredNetwork); Assert.AreEqual(TestConstants.Region, _testRequestContext.ApiEvent.RegionUsed); Assert.AreEqual(RegionAutodetectionSource.EnvVariable, _testRequestContext.ApiEvent.RegionAutodetectionSource); Assert.AreEqual(RegionOutcome.UserProvidedValid, _testRequestContext.ApiEvent.RegionOutcome); @@ -298,7 +298,7 @@ public async Task NonPublicCloudTestAsync() // Assert Assert.IsNotNull(regionalMetadata); - Assert.AreEqual("centralus.login.someenv.com", regionalMetadata.PreferredNetwork); + Assert.AreEqual($"{TestConstants.Region}.login.someenv.com", regionalMetadata.PreferredNetwork); } [TestMethod] @@ -516,7 +516,7 @@ private void AddMockedResponse(HttpResponseMessage responseMessage, string apiVe } } - private void ValidateInstanceMetadata(InstanceDiscoveryMetadataEntry entry, string region = "centralus") + private void ValidateInstanceMetadata(InstanceDiscoveryMetadataEntry entry, string region = TestConstants.Region) { InstanceDiscoveryMetadataEntry expectedEntry = new InstanceDiscoveryMetadataEntry() { diff --git a/tests/Microsoft.Identity.Test.Unit/ExceptionTests/MsalExceptionTests.cs b/tests/Microsoft.Identity.Test.Unit/ExceptionTests/MsalExceptionTests.cs index 9accbc44be..b60d252e88 100644 --- a/tests/Microsoft.Identity.Test.Unit/ExceptionTests/MsalExceptionTests.cs +++ b/tests/Microsoft.Identity.Test.Unit/ExceptionTests/MsalExceptionTests.cs @@ -563,7 +563,7 @@ await app.AcquireTokenForClient(TestConstants.s_scope) }).ConfigureAwait(false); Assert.IsTrue(ex.Message.Contains("Authority used: https://sts.access.edu/my-utid/")); - Assert.IsTrue(ex.Message.Contains("Token Endpoint: https://centralus.sts.access.edu/my-utid/oauth2/v2.0/token")); + Assert.IsTrue(ex.Message.Contains($"Token Endpoint: https://{TestConstants.Region}.sts.access.edu/my-utid/oauth2/v2.0/token")); Assert.IsTrue(ex.Message.Contains($"Region Used: {TestConstants.Region}")); //harness.HttpManager.AddMockHandler(MockHelpers.CreateInstanceDiscoveryMockHandler(TestConstants.AuthorityCommonTenant + TestConstants.DiscoveryEndPoint)); diff --git a/tests/Microsoft.Identity.Test.Unit/PublicApiTests/ClientCredentialWithRegionTests.cs b/tests/Microsoft.Identity.Test.Unit/PublicApiTests/ClientCredentialWithRegionTests.cs index 7010bbb5aa..85e64c406c 100644 --- a/tests/Microsoft.Identity.Test.Unit/PublicApiTests/ClientCredentialWithRegionTests.cs +++ b/tests/Microsoft.Identity.Test.Unit/PublicApiTests/ClientCredentialWithRegionTests.cs @@ -96,7 +96,7 @@ public async Task TenantIdOverrideAndRegionalAsync() [Description("Test for regional auth with successful instance discovery.")] public async Task FetchRegionFromLocalImdsCallAsync() { - const string region = "centralus"; + string region = TestConstants.Region; using (new EnvVariableContext()) using (var harness = base.CreateTestHarness()) @@ -118,7 +118,7 @@ public async Task FetchRegionFromLocalImdsCallAsync() Assert.AreEqual(RegionAutodetectionSource.Imds, result.ApiEvent.RegionAutodetectionSource); Assert.AreEqual(RegionOutcome.AutodetectSuccess, result.ApiEvent.RegionOutcome); Assert.AreEqual( - "https://centralus.login.microsoft.com/common/oauth2/v2.0/token", + $"https://{TestConstants.Region}.login.microsoft.com/common/oauth2/v2.0/token", result.AuthenticationResultMetadata.TokenEndpoint); Assert.AreEqual(region, result.AuthenticationResultMetadata.RegionDetails.RegionUsed); Assert.AreEqual(RegionOutcome.AutodetectSuccess, result.AuthenticationResultMetadata.RegionDetails.RegionOutcome); diff --git a/tests/Microsoft.Identity.Test.Unit/PublicApiTests/MtlsPopTests.cs b/tests/Microsoft.Identity.Test.Unit/PublicApiTests/MtlsPopTests.cs index 23e9375cf2..13f4501f2a 100644 --- a/tests/Microsoft.Identity.Test.Unit/PublicApiTests/MtlsPopTests.cs +++ b/tests/Microsoft.Identity.Test.Unit/PublicApiTests/MtlsPopTests.cs @@ -399,7 +399,7 @@ public async Task AcquireMtlsPopTokenForClientWithTenantIdCertChecks_Async() [TestMethod] public async Task MtlsPop_KnownRegionAsync() { - const string region = "centralus"; + string region = TestConstants.Region; string authorityUrl = "https://login.microsoftonline.com/123456-1234-2345-1234561234"; string globalEndpoint = "mtlsauth.microsoft.com"; string expectedTokenEndpoint = $"https://{region}.{globalEndpoint}/123456-1234-2345-1234561234/oauth2/v2.0/token"; @@ -431,7 +431,7 @@ public async Task MtlsPop_KnownRegionAsync() [TestMethod] public async Task MtlsPop_RegionalTokenCacheInterchangeabilityAsync() { - const string region = "centralus"; + string region = TestConstants.Region; string authority = "https://login.microsoftonline.com/123456-1234-2345-1234561234"; string globalEndpoint = "mtlsauth.microsoft.com"; string expectedTokenEndpoint = $"https://{region}.{globalEndpoint}/123456-1234-2345-1234561234/oauth2/v2.0/token";