Fixed flaky Key Vault live tests. (Azure#24606)

* Removed the `createRsaKeyWithPublicExponent()` test from `KeyClientTest` and `KeyAsyncClientTest`, as setting a public exponent is currently only available for Managed HSM.

* Added a call to `sleepIfRunningAgainstService()` in `KeyAsyncClientTest`'s `updateKey()` and `updateDisabledKey()` to avoid calling `getKey()` before the service has had a chance to update a given key.

* Removed sleep call and refactored 'updateKey' tests instead.

Author: vcolin7

sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/KeyAsyncClientTest.java

@@ -139,21 +139,15 @@ public void setKeyNull(HttpClient httpClient, KeyServiceVersion serviceVersion)
     @MethodSource("getTestParameters")
     public void updateKey(HttpClient httpClient, KeyServiceVersion serviceVersion) {
         createKeyAsyncClient(httpClient, serviceVersion);
-        updateKeyRunner((original, updated) -> {
-            StepVerifier.create(client.createKey(original))
-                .assertNext(response -> assertKeyEquals(original, response))
-                .verifyComplete();
-
-            StepVerifier.create(client.getKey(original.getName())
-                    .flatMap(keyToUpdate ->
-                        client.updateKeyProperties(keyToUpdate.getProperties().setExpiresOn(updated.getExpiresOn()))))
-                .assertNext(response -> {
-                    assertNotNull(response);
-                    assertEquals(original.getName(), response.getName());
-                }).verifyComplete();
-
-            StepVerifier.create(client.getKey(original.getName()))
-                .assertNext(updatedKeyResponse -> assertKeyEquals(updated, updatedKeyResponse))
+        updateKeyRunner((createKeyOptions, updateKeyOptions) -> {
+            StepVerifier.create(client.createKey(createKeyOptions)
+                    .flatMap(createdKey -> {
+                        assertKeyEquals(createKeyOptions, createdKey);
+
+                        return client.updateKeyProperties(createdKey.getProperties()
+                            .setExpiresOn(updateKeyOptions.getExpiresOn()));
+                    }))
+                .assertNext(updatedKey -> assertKeyEquals(updateKeyOptions, updatedKey))
                 .verifyComplete();
         });
     }
@@ -165,21 +159,15 @@ public void updateKey(HttpClient httpClient, KeyServiceVersion serviceVersion) {
     @MethodSource("getTestParameters")
     public void updateDisabledKey(HttpClient httpClient, KeyServiceVersion serviceVersion) {
         createKeyAsyncClient(httpClient, serviceVersion);
-        updateDisabledKeyRunner((original, updated) -> {
-            StepVerifier.create(client.createKey(original))
-                .assertNext(response -> assertKeyEquals(original, response))
-                .verifyComplete();
+        updateDisabledKeyRunner((createKeyOptions, updateKeyOptions) -> {
+            StepVerifier.create(client.createKey(createKeyOptions)
+                    .flatMap(createdKey -> {
+                        assertKeyEquals(createKeyOptions, createdKey);
 
-            StepVerifier.create(client.getKey(original.getName())
-                    .flatMap(keyToUpdate ->
-                        client.updateKeyProperties(keyToUpdate.getProperties().setExpiresOn(updated.getExpiresOn()))))
-                .assertNext(response -> {
-                    assertNotNull(response);
-                    assertEquals(original.getName(), response.getName());
-                }).verifyComplete();
-
-            StepVerifier.create(client.getKey(original.getName()))
-                .assertNext(updatedKeyResponse -> assertKeyEquals(updated, updatedKeyResponse))
+                        return client.updateKeyProperties(createdKey.getProperties()
+                            .setExpiresOn(updateKeyOptions.getExpiresOn()));
+                    }))
+                .assertNext(updatedKey -> assertKeyEquals(updateKeyOptions, updatedKey))
                 .verifyComplete();
         });
     }
@@ -553,25 +541,6 @@ public void releaseKey(HttpClient httpClient, KeyServiceVersion serviceVersion)
         });
     }
 
-    /**
-     * Tests that an RSA key with a public exponent can be created in the key vault.
-     */
-    @ParameterizedTest(name = DISPLAY_NAME_WITH_ARGUMENTS)
-    @MethodSource("getTestParameters")
-    public void createRsaKeyWithPublicExponent(HttpClient httpClient, KeyServiceVersion serviceVersion) {
-        createKeyAsyncClient(httpClient, serviceVersion);
-        createRsaKeyWithPublicExponentRunner((createRsaKeyOptions) ->
-            StepVerifier.create(client.createRsaKey(createRsaKeyOptions))
-                .assertNext(rsaKey -> {
-                    assertKeyEquals(createRsaKeyOptions, rsaKey);
-                    // TODO: Investigate why the KV service sets the JWK's "e" parameter to "AQAB" instead of "Aw".
-                    /*assertEquals(BigInteger.valueOf(createRsaKeyOptions.getPublicExponent()),
-                        toBigInteger(rsaKey.getKey().getE()));*/
-                    assertEquals(createRsaKeyOptions.getKeySize(), rsaKey.getKey().getN().length * 8);
-                })
-                .verifyComplete());
-    }
-
     /**
      * Tests that fetching the key rotation policy of a non-existent key throws.
      */

sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/KeyClientManagedHsmTestBase.java

@@ -7,6 +7,9 @@
 import org.junit.jupiter.api.Test;
 
 public interface KeyClientManagedHsmTestBase {
+    @Test
+    void createRsaKeyWithPublicExponent(HttpClient httpClient, KeyServiceVersion serviceVersion);
+
     @Test
     void createOctKeyWithDefaultSize(HttpClient httpClient, KeyServiceVersion serviceVersion);
 

sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/KeyClientTest.java

@@ -135,11 +135,15 @@ public void setKeyNull(HttpClient httpClient, KeyServiceVersion serviceVersion)
     @MethodSource("getTestParameters")
     public void updateKey(HttpClient httpClient, KeyServiceVersion serviceVersion) {
         createKeyClient(httpClient, serviceVersion);
-        updateKeyRunner((original, updated) -> {
-            assertKeyEquals(original, client.createKey(original));
-            KeyVaultKey keyToUpdate = client.getKey(original.getName());
-            client.updateKeyProperties(keyToUpdate.getProperties().setExpiresOn(updated.getExpiresOn()));
-            assertKeyEquals(updated, client.getKey(original.getName()));
+        updateKeyRunner((createKeyOptions, updateKeyOptions) -> {
+            KeyVaultKey createdKey = client.createKey(createKeyOptions);
+
+            assertKeyEquals(createKeyOptions, createdKey);
+
+            KeyVaultKey updatedKey =
+                client.updateKeyProperties(createdKey.getProperties().setExpiresOn(updateKeyOptions.getExpiresOn()));
+
+            assertKeyEquals(updateKeyOptions, updatedKey);
         });
     }
 
@@ -150,11 +154,15 @@ public void updateKey(HttpClient httpClient, KeyServiceVersion serviceVersion) {
     @MethodSource("getTestParameters")
     public void updateDisabledKey(HttpClient httpClient, KeyServiceVersion serviceVersion) {
         createKeyClient(httpClient, serviceVersion);
-        updateDisabledKeyRunner((original, updated) -> {
-            assertKeyEquals(original, client.createKey(original));
-            KeyVaultKey keyToUpdate = client.getKey(original.getName());
-            client.updateKeyProperties(keyToUpdate.getProperties().setExpiresOn(updated.getExpiresOn()));
-            assertKeyEquals(updated, client.getKey(original.getName()));
+        updateDisabledKeyRunner((createKeyOptions, updateKeyOptions) -> {
+            KeyVaultKey createdKey = client.createKey(createKeyOptions);
+
+            assertKeyEquals(createKeyOptions, createdKey);
+
+            KeyVaultKey updatedKey =
+                client.updateKeyProperties(createdKey.getProperties().setExpiresOn(updateKeyOptions.getExpiresOn()));
+
+            assertKeyEquals(updateKeyOptions, updatedKey);
         });
     }
 
@@ -466,24 +474,6 @@ public void listKeyVersions(HttpClient httpClient, KeyServiceVersion serviceVers
         });
     }
 
-    /**
-     * Tests that an RSA key with a public exponent can be created in the key vault.
-     */
-    @ParameterizedTest(name = DISPLAY_NAME_WITH_ARGUMENTS)
-    @MethodSource("getTestParameters")
-    public void createRsaKeyWithPublicExponent(HttpClient httpClient, KeyServiceVersion serviceVersion) {
-        createKeyClient(httpClient, serviceVersion);
-        createRsaKeyWithPublicExponentRunner((createRsaKeyOptions) -> {
-            KeyVaultKey rsaKey = client.createRsaKey(createRsaKeyOptions);
-
-            assertKeyEquals(createRsaKeyOptions, rsaKey);
-            // TODO: Investigate why the KV service sets the JWK's "e" parameter to "AQAB" instead of "Aw".
-            /*assertEquals(BigInteger.valueOf(createRsaKeyOptions.getPublicExponent()),
-                toBigInteger(rsaKey.getKey().getE()));*/
-            assertEquals(createRsaKeyOptions.getKeySize(), rsaKey.getKey().getN().length * 8);
-        });
-    }
-
     /**
      * Tests that an existing key can be released.
      */

sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/KeyClientTestBase.java

@@ -449,9 +449,6 @@ void releaseKeyRunner(BiConsumer<CreateRsaKeyOptions, String> testRunner) {
         testRunner.accept(keyToRelease, attestationUrl);
     }
 
-    @Test
-    public abstract void createRsaKeyWithPublicExponent(HttpClient httpClient, KeyServiceVersion serviceVersion);
-
     @Test
     public abstract void getKeyRotationPolicyOfNonExistentKey(HttpClient httpClient, KeyServiceVersion serviceVersion);
 

sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/KeyAsyncClientTest.createRsaKeyWithPublicExponent[1].json

@@ -1,108 +1,56 @@
 {
   "networkCallRecords" : [ {
     "Method" : "POST",
-    "Uri" : "https://REDACTED.vault.azure.net/keys/testkey255915b59/create?api-version=7.3-preview",
+    "Uri" : "https://REDACTED.vault.azure.net/keys/testkey2986032b8/create?api-version=7.3-preview",
     "Headers" : {
       "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)",
       "Content-Type" : "application/json"
     },
     "Response" : {
-      "content-length" : "427",
+      "content-length" : "416",
       "X-Content-Type-Options" : "nosniff",
       "Pragma" : "no-cache",
       "retry-after" : "0",
       "StatusCode" : "200",
-      "Date" : "Tue, 05 Oct 2021 01:54:23 GMT",
+      "Date" : "Thu, 07 Oct 2021 02:34:29 GMT",
       "Strict-Transport-Security" : "max-age=31536000;includeSubDomains",
       "Cache-Control" : "no-cache",
-      "x-ms-keyvault-region" : "centralus",
+      "x-ms-keyvault-region" : "westus",
       "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=174.127.169.154;act_addr_fam=InterNetwork;",
       "Expires" : "-1",
-      "x-ms-request-id" : "c7ce2095-8533-40eb-ab05-99f3c5de455c",
+      "x-ms-request-id" : "7ee9176f-2381-4306-bda7-9107209f15ca",
       "x-ms-keyvault-service-version" : "1.9.132.3",
-      "Body" : "{\"key\":{\"kid\":\"https://azure-kv-tests2.vault.azure.net/keys/testkey255915b59/d209b2180d0642dbbb7ec4851278d211\",\"kty\":\"EC\",\"key_ops\":[\"sign\",\"verify\"],\"crv\":\"P-256\",\"x\":\"FeuTrI_mDAqfvodEzI7cUTNCvHzN9tGm3EtyWamrg_Y\",\"y\":\"AZXc2oUKZigV7yM1WJRI4YskH1O1J-19iSAhAPmR37M\"},\"attributes\":{\"enabled\":false,\"exp\":2537049600,\"created\":1633398863,\"updated\":1633398863,\"recoveryLevel\":\"CustomizedRecoverable+Purgeable\",\"recoverableDays\":7}}",
-      "Content-Type" : "application/json; charset=utf-8",
-      "X-Powered-By" : "ASP.NET"
-    },
-    "Exception" : null
-  }, {
-    "Method" : "GET",
-    "Uri" : "https://REDACTED.vault.azure.net/keys/testkey255915b59/?api-version=7.3-preview",
-    "Headers" : {
-      "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)",
-      "Content-Type" : "application/json"
-    },
-    "Response" : {
-      "content-length" : "427",
-      "X-Content-Type-Options" : "nosniff",
-      "Pragma" : "no-cache",
-      "retry-after" : "0",
-      "StatusCode" : "200",
-      "Date" : "Tue, 05 Oct 2021 01:54:23 GMT",
-      "Strict-Transport-Security" : "max-age=31536000;includeSubDomains",
-      "Cache-Control" : "no-cache",
-      "x-ms-keyvault-region" : "centralus",
-      "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=174.127.169.154;act_addr_fam=InterNetwork;",
-      "Expires" : "-1",
-      "x-ms-request-id" : "96f60166-ee2f-4bf0-9b9a-646309e626eb",
-      "x-ms-keyvault-service-version" : "1.9.132.3",
-      "Body" : "{\"key\":{\"kid\":\"https://azure-kv-tests2.vault.azure.net/keys/testkey255915b59/d209b2180d0642dbbb7ec4851278d211\",\"kty\":\"EC\",\"key_ops\":[\"sign\",\"verify\"],\"crv\":\"P-256\",\"x\":\"FeuTrI_mDAqfvodEzI7cUTNCvHzN9tGm3EtyWamrg_Y\",\"y\":\"AZXc2oUKZigV7yM1WJRI4YskH1O1J-19iSAhAPmR37M\"},\"attributes\":{\"enabled\":false,\"exp\":2537049600,\"created\":1633398863,\"updated\":1633398863,\"recoveryLevel\":\"CustomizedRecoverable+Purgeable\",\"recoverableDays\":7}}",
+      "Body" : "{\"key\":{\"kid\":\"https://azure-kv-tests2.vault.azure.net/keys/testkey2986032b8/c330063b2a144826bd258d8b6c88ec60\",\"kty\":\"EC\",\"key_ops\":[\"sign\",\"verify\"],\"crv\":\"P-256\",\"x\":\"mN_5P7JFoIG_7odyRnwRKMZvKfHHfBTNJ3sud3tyZYI\",\"y\":\"QwyOK5MRqMOepjRnNGoq7LJi4VDoacXb-DK2xIxJPGI\"},\"attributes\":{\"enabled\":false,\"exp\":2537049600,\"created\":1633574070,\"updated\":1633574070,\"recoveryLevel\":\"Recoverable+Purgeable\",\"recoverableDays\":90}}",
       "Content-Type" : "application/json; charset=utf-8",
       "X-Powered-By" : "ASP.NET"
     },
     "Exception" : null
   }, {
     "Method" : "PATCH",
-    "Uri" : "https://REDACTED.vault.azure.net/keys/testkey255915b59/d209b2180d0642dbbb7ec4851278d211?api-version=7.3-preview",
-    "Headers" : {
-      "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)",
-      "Content-Type" : "application/json"
-    },
-    "Response" : {
-      "content-length" : "427",
-      "X-Content-Type-Options" : "nosniff",
-      "Pragma" : "no-cache",
-      "retry-after" : "0",
-      "StatusCode" : "200",
-      "Date" : "Tue, 05 Oct 2021 01:54:23 GMT",
-      "Strict-Transport-Security" : "max-age=31536000;includeSubDomains",
-      "Cache-Control" : "no-cache",
-      "x-ms-keyvault-region" : "centralus",
-      "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=174.127.169.154;act_addr_fam=InterNetwork;",
-      "Expires" : "-1",
-      "x-ms-request-id" : "9a92ad6d-06b8-4c6a-b418-579843669ab8",
-      "x-ms-keyvault-service-version" : "1.9.132.3",
-      "Body" : "{\"key\":{\"kid\":\"https://azure-kv-tests2.vault.azure.net/keys/testkey255915b59/d209b2180d0642dbbb7ec4851278d211\",\"kty\":\"EC\",\"key_ops\":[\"sign\",\"verify\"],\"crv\":\"P-256\",\"x\":\"FeuTrI_mDAqfvodEzI7cUTNCvHzN9tGm3EtyWamrg_Y\",\"y\":\"AZXc2oUKZigV7yM1WJRI4YskH1O1J-19iSAhAPmR37M\"},\"attributes\":{\"enabled\":false,\"exp\":2852668800,\"created\":1633398863,\"updated\":1633398864,\"recoveryLevel\":\"CustomizedRecoverable+Purgeable\",\"recoverableDays\":7}}",
-      "Content-Type" : "application/json; charset=utf-8",
-      "X-Powered-By" : "ASP.NET"
-    },
-    "Exception" : null
-  }, {
-    "Method" : "GET",
-    "Uri" : "https://REDACTED.vault.azure.net/keys/testkey255915b59/?api-version=7.3-preview",
+    "Uri" : "https://REDACTED.vault.azure.net/keys/testkey2986032b8/c330063b2a144826bd258d8b6c88ec60?api-version=7.3-preview",
     "Headers" : {
       "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)",
       "Content-Type" : "application/json"
     },
     "Response" : {
-      "content-length" : "427",
+      "content-length" : "416",
       "X-Content-Type-Options" : "nosniff",
       "Pragma" : "no-cache",
       "retry-after" : "0",
       "StatusCode" : "200",
-      "Date" : "Tue, 05 Oct 2021 01:54:24 GMT",
+      "Date" : "Thu, 07 Oct 2021 02:34:30 GMT",
       "Strict-Transport-Security" : "max-age=31536000;includeSubDomains",
       "Cache-Control" : "no-cache",
-      "x-ms-keyvault-region" : "centralus",
+      "x-ms-keyvault-region" : "westus",
       "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=174.127.169.154;act_addr_fam=InterNetwork;",
       "Expires" : "-1",
-      "x-ms-request-id" : "5ebc167f-d928-4966-9e8f-4f45fd053987",
+      "x-ms-request-id" : "00bc1d35-3d76-4334-80f5-bb0135c71e62",
       "x-ms-keyvault-service-version" : "1.9.132.3",
-      "Body" : "{\"key\":{\"kid\":\"https://azure-kv-tests2.vault.azure.net/keys/testkey255915b59/d209b2180d0642dbbb7ec4851278d211\",\"kty\":\"EC\",\"key_ops\":[\"sign\",\"verify\"],\"crv\":\"P-256\",\"x\":\"FeuTrI_mDAqfvodEzI7cUTNCvHzN9tGm3EtyWamrg_Y\",\"y\":\"AZXc2oUKZigV7yM1WJRI4YskH1O1J-19iSAhAPmR37M\"},\"attributes\":{\"enabled\":false,\"exp\":2852668800,\"created\":1633398863,\"updated\":1633398864,\"recoveryLevel\":\"CustomizedRecoverable+Purgeable\",\"recoverableDays\":7}}",
+      "Body" : "{\"key\":{\"kid\":\"https://azure-kv-tests2.vault.azure.net/keys/testkey2986032b8/c330063b2a144826bd258d8b6c88ec60\",\"kty\":\"EC\",\"key_ops\":[\"sign\",\"verify\"],\"crv\":\"P-256\",\"x\":\"mN_5P7JFoIG_7odyRnwRKMZvKfHHfBTNJ3sud3tyZYI\",\"y\":\"QwyOK5MRqMOepjRnNGoq7LJi4VDoacXb-DK2xIxJPGI\"},\"attributes\":{\"enabled\":false,\"exp\":2852668800,\"created\":1633574070,\"updated\":1633574070,\"recoveryLevel\":\"Recoverable+Purgeable\",\"recoverableDays\":90}}",
       "Content-Type" : "application/json; charset=utf-8",
       "X-Powered-By" : "ASP.NET"
     },
     "Exception" : null
   } ],
-  "variables" : [ "testkey255915b59" ]
+  "variables" : [ "testkey2986032b8" ]
 }