Use Test Scope Configurations in Identity (Azure#33987)

Use Test Scope Configurations in Identity

Author: alzimmermsft

sdk/identity/azure-identity/pom.xml

@@ -13,7 +13,7 @@
   <url>https://github.com/Azure/azure-sdk-for-java</url>
 
   <properties>
-    <jacoco.min.branchcoverage>0.28</jacoco.min.branchcoverage>
+    <jacoco.min.branchcoverage>0.35</jacoco.min.branchcoverage>
     <!-- Configures the Java 9+ run to perform the required module exports, opens, and reads that are necessary for testing but shouldn't be part of the module-info. -->
     <javaModulesSurefireArgLine>
       --add-opens java.xml/jdk.xml.internal=ALL-UNNAMED
@@ -50,6 +50,12 @@
       <artifactId>msal4j-persistence-extension</artifactId>
       <version>1.1.0</version> <!-- {x-version-update;com.microsoft.azure:msal4j-persistence-extension;external_dependency} -->
     </dependency>
+    <dependency>
+      <groupId>com.azure</groupId>
+      <artifactId>azure-core-test</artifactId>
+      <version>1.15.0</version> <!-- {x-version-update;com.azure:azure-core-test;dependency} -->
+      <scope>test</scope>
+    </dependency>
     <dependency>
       <groupId>junit</groupId>
       <artifactId>junit</artifactId>

sdk/identity/azure-identity/src/test/java/com/azure/identity/AzureApplicationCredentialTest.java

@@ -4,6 +4,7 @@
 package com.azure.identity;
 
 import com.azure.core.credential.TokenRequestContext;
+import com.azure.core.test.utils.TestConfigurationSource;
 import com.azure.core.util.Configuration;
 import com.azure.core.util.ConfigurationBuilder;
 import com.azure.identity.implementation.IdentityClient;
@@ -29,17 +30,17 @@ public class AzureApplicationCredentialTest {
     private static final String CLIENT_ID = UUID.randomUUID().toString();
 
     @Test
-    public void testUseEnvironmentCredential() throws Exception {
-        Configuration configuration = Configuration.getGlobalConfiguration().clone();
-
+    public void testUseEnvironmentCredential() {
         // setup
         String secret = "secret";
         String token1 = "token1";
         TokenRequestContext request1 = new TokenRequestContext().addScopes("https://management.azure.com");
         OffsetDateTime expiresOn = OffsetDateTime.now(ZoneOffset.UTC).plusHours(1);
-        configuration.put("AZURE_CLIENT_ID", CLIENT_ID);
-        configuration.put("AZURE_CLIENT_SECRET", secret);
-        configuration.put("AZURE_TENANT_ID", TENANT_ID);
+
+        Configuration configuration = TestUtils.createTestConfiguration(new TestConfigurationSource()
+            .put("AZURE_CLIENT_ID", CLIENT_ID)
+            .put("AZURE_CLIENT_SECRET", secret)
+            .put("AZURE_TENANT_ID", TENANT_ID));
 
         // mock
         try (MockedConstruction<IdentityClient> identityClientMock = mockConstruction(IdentityClient.class, (identityClient, context) -> {
@@ -57,7 +58,7 @@ public void testUseEnvironmentCredential() throws Exception {
     }
 
     @Test
-    public void testUseManagedIdentityCredential() throws Exception {
+    public void testUseManagedIdentityCredential() {
         // setup
         String token1 = "token1";
         TokenRequestContext request = new TokenRequestContext().addScopes("https://management.azure.com");
@@ -84,7 +85,7 @@ public void testUseManagedIdentityCredential() throws Exception {
     }
 
     @Test
-    public void testNoCredentialWorks() throws Exception {
+    public void testNoCredentialWorks() {
         // setup
         TokenRequestContext request = new TokenRequestContext().addScopes("https://management.azure.com");
         EmptyEnvironmentConfigurationSource source = new EmptyEnvironmentConfigurationSource();
@@ -105,7 +106,7 @@ public void testNoCredentialWorks() throws Exception {
     }
 
     @Test
-    public void testCredentialUnavailable() throws Exception {
+    public void testCredentialUnavailable() {
         // setup
         TokenRequestContext request = new TokenRequestContext().addScopes("https://management.azure.com");
         EmptyEnvironmentConfigurationSource source = new EmptyEnvironmentConfigurationSource();

sdk/identity/azure-identity/src/test/java/com/azure/identity/DefaultAzureCredentialTest.java

@@ -5,6 +5,7 @@
 
 import com.azure.core.credential.TokenRequestContext;
 import com.azure.core.exception.ClientAuthenticationException;
+import com.azure.core.test.utils.TestConfigurationSource;
 import com.azure.core.util.Configuration;
 import com.azure.core.util.ConfigurationBuilder;
 import com.azure.identity.implementation.IdentityClient;
@@ -13,8 +14,6 @@
 import com.microsoft.aad.msal4j.MsalServiceException;
 import org.junit.Assert;
 import org.junit.Test;
-
-
 import org.mockito.MockedConstruction;
 import reactor.core.publisher.Mono;
 import reactor.test.StepVerifier;
@@ -34,18 +33,17 @@ public class DefaultAzureCredentialTest {
     private static final String CLIENT_ID = UUID.randomUUID().toString();
 
     @Test
-    public void testUseEnvironmentCredential() throws Exception {
-        Configuration configuration = Configuration.getGlobalConfiguration().clone();
-
+    public void testUseEnvironmentCredential() {
         // setup
         String secret = "secret";
         String token1 = "token1";
         TokenRequestContext request1 = new TokenRequestContext().addScopes("https://management.azure.com");
         OffsetDateTime expiresOn = OffsetDateTime.now(ZoneOffset.UTC).plusHours(1);
-        configuration.put("AZURE_CLIENT_ID", CLIENT_ID);
-        configuration.put("AZURE_CLIENT_SECRET", secret);
-        configuration.put("AZURE_TENANT_ID", TENANT_ID);
 
+        Configuration configuration = TestUtils.createTestConfiguration(new TestConfigurationSource()
+            .put("AZURE_CLIENT_ID", CLIENT_ID)
+            .put("AZURE_CLIENT_SECRET", secret)
+            .put("AZURE_TENANT_ID", TENANT_ID));
 
         try (MockedConstruction<IdentityClient> mocked = mockConstruction(IdentityClient.class, (identityClient, context) -> {
             when(identityClient.authenticateWithAzureDeveloperCli(request1)).thenReturn(Mono.empty());
@@ -63,7 +61,7 @@ public void testUseEnvironmentCredential() throws Exception {
     }
 
     @Test
-    public void testUseManagedIdentityCredential() throws Exception {
+    public void testUseManagedIdentityCredential() {
         // setup
         String token1 = "token1";
         TokenRequestContext request = new TokenRequestContext().addScopes("https://management.azure.com");
@@ -89,16 +87,15 @@ public void testUseManagedIdentityCredential() throws Exception {
     }
 
     @Test
-    public void testUseWorkloadIdentityCredentialWithManagedIdentityClientId() throws Exception {
+    public void testUseWorkloadIdentityCredentialWithManagedIdentityClientId() {
         // setup
         String token1 = "token1";
         TokenRequestContext request = new TokenRequestContext().addScopes("https://management.azure.com");
         OffsetDateTime expiresAt = OffsetDateTime.now(ZoneOffset.UTC).plusHours(1);
-        EmptyEnvironmentConfigurationSource source = new EmptyEnvironmentConfigurationSource();
-        Configuration configuration = new ConfigurationBuilder(source, source, source).build();
-        configuration.put(Configuration.PROPERTY_AZURE_AUTHORITY_HOST, AzureAuthorityHosts.AZURE_PUBLIC_CLOUD);
-        configuration.put(Configuration.PROPERTY_AZURE_TENANT_ID, "dummy-tenant");
-        configuration.put(ManagedIdentityCredential.AZURE_FEDERATED_TOKEN_FILE, "dummy-path");
+        Configuration configuration = TestUtils.createTestConfiguration(new TestConfigurationSource()
+            .put(Configuration.PROPERTY_AZURE_AUTHORITY_HOST, AzureAuthorityHosts.AZURE_PUBLIC_CLOUD)
+            .put(Configuration.PROPERTY_AZURE_TENANT_ID, "dummy-tenant")
+            .put(ManagedIdentityCredential.AZURE_FEDERATED_TOKEN_FILE, "dummy-path"));
 
         // mock
         try (MockedConstruction<IdentityClient> mocked = mockConstruction(IdentityClient.class, (identityClient, context) -> {
@@ -121,16 +118,15 @@ public void testUseWorkloadIdentityCredentialWithManagedIdentityClientId() throw
     }
 
     @Test
-    public void testUseWorkloadIdentityCredentialWithWorkloadClientId() throws Exception {
+    public void testUseWorkloadIdentityCredentialWithWorkloadClientId() {
         // setup
         String token1 = "token1";
         TokenRequestContext request = new TokenRequestContext().addScopes("https://management.azure.com");
         OffsetDateTime expiresAt = OffsetDateTime.now(ZoneOffset.UTC).plusHours(1);
-        EmptyEnvironmentConfigurationSource source = new EmptyEnvironmentConfigurationSource();
-        Configuration configuration = new ConfigurationBuilder(source, source, source).build();
-        configuration.put(Configuration.PROPERTY_AZURE_AUTHORITY_HOST, AzureAuthorityHosts.AZURE_PUBLIC_CLOUD);
-        configuration.put(Configuration.PROPERTY_AZURE_TENANT_ID, "dummy-tenant");
-        configuration.put(ManagedIdentityCredential.AZURE_FEDERATED_TOKEN_FILE, "dummy-path");
+        Configuration configuration = TestUtils.createTestConfiguration(new TestConfigurationSource()
+            .put(Configuration.PROPERTY_AZURE_AUTHORITY_HOST, AzureAuthorityHosts.AZURE_PUBLIC_CLOUD)
+            .put(Configuration.PROPERTY_AZURE_TENANT_ID, "dummy-tenant")
+            .put(ManagedIdentityCredential.AZURE_FEDERATED_TOKEN_FILE, "dummy-path"));
 
         // mock
         try (MockedConstruction<IdentityClient> mocked = mockConstruction(IdentityClient.class, (identityClient, context) -> {
@@ -148,13 +144,12 @@ public void testUseWorkloadIdentityCredentialWithWorkloadClientId() throws Excep
     }
 
     @Test
-    public void testUseWorkloadIdentityCredentialWithClientIdFlow() throws Exception {
+    public void testUseWorkloadIdentityCredentialWithClientIdFlow() {
         // setup
-        EmptyEnvironmentConfigurationSource source = new EmptyEnvironmentConfigurationSource();
-        Configuration configuration = new ConfigurationBuilder(source, source, source).build();
-        configuration.put(Configuration.PROPERTY_AZURE_AUTHORITY_HOST, AzureAuthorityHosts.AZURE_PUBLIC_CLOUD);
-        configuration.put(Configuration.PROPERTY_AZURE_TENANT_ID, "dummy-tenant");
-        configuration.put(ManagedIdentityCredential.AZURE_FEDERATED_TOKEN_FILE, "dummy-path");
+        Configuration configuration = TestUtils.createTestConfiguration(new TestConfigurationSource()
+            .put(Configuration.PROPERTY_AZURE_AUTHORITY_HOST, AzureAuthorityHosts.AZURE_PUBLIC_CLOUD)
+            .put(Configuration.PROPERTY_AZURE_TENANT_ID, "dummy-tenant")
+            .put(ManagedIdentityCredential.AZURE_FEDERATED_TOKEN_FILE, "dummy-path"));
 
         // test
         String clientId = "dummy-client-id";
@@ -174,7 +169,11 @@ public void testUseWorkloadIdentityCredentialWithClientIdFlow() throws Exception
         Assert.assertNotNull(workloadIdentityCredential);
         Assert.assertEquals(clientId, workloadIdentityCredential.getClientId());
 
-        configuration.put(Configuration.PROPERTY_AZURE_CLIENT_ID, clientId);
+        configuration = TestUtils.createTestConfiguration(new TestConfigurationSource()
+            .put(Configuration.PROPERTY_AZURE_AUTHORITY_HOST, AzureAuthorityHosts.AZURE_PUBLIC_CLOUD)
+            .put(Configuration.PROPERTY_AZURE_TENANT_ID, "dummy-tenant")
+            .put(ManagedIdentityCredential.AZURE_FEDERATED_TOKEN_FILE, "dummy-path")
+            .put(Configuration.PROPERTY_AZURE_CLIENT_ID, clientId));
         credential = new DefaultAzureCredentialBuilder()
             .configuration(configuration)
             .build();
@@ -186,7 +185,7 @@ public void testUseWorkloadIdentityCredentialWithClientIdFlow() throws Exception
 
 
     @Test
-    public void testUseAzureCliCredential() throws Exception {
+    public void testUseAzureCliCredential() {
         // setup
         String token1 = "token1";
         TokenRequestContext request = new TokenRequestContext().addScopes("https://management.azure.com");
@@ -215,7 +214,7 @@ public void testUseAzureCliCredential() throws Exception {
     }
 
     @Test
-    public void testUseAzureDeveloperCliCredential() throws Exception {
+    public void testUseAzureDeveloperCliCredential() {
         // setup
         String token1 = "token1";
         TokenRequestContext request = new TokenRequestContext().addScopes("https://management.azure.com");
@@ -244,7 +243,7 @@ public void testUseAzureDeveloperCliCredential() throws Exception {
     }
 
     @Test
-    public void testNoCredentialWorks() throws Exception {
+    public void testNoCredentialWorks() {
         // setup
         TokenRequestContext request = new TokenRequestContext().addScopes("https://management.azure.com");
         EmptyEnvironmentConfigurationSource source = new EmptyEnvironmentConfigurationSource();
@@ -278,7 +277,7 @@ public void testNoCredentialWorks() throws Exception {
     }
 
     @Test
-    public void testCredentialUnavailable() throws Exception {
+    public void testCredentialUnavailable() {
         TokenRequestContext request = new TokenRequestContext().addScopes("https://management.azure.com");
         EmptyEnvironmentConfigurationSource source = new EmptyEnvironmentConfigurationSource();
         Configuration configuration = new ConfigurationBuilder(source, source, source).build();
@@ -307,7 +306,7 @@ public void testCredentialUnavailable() throws Exception {
     }
 
     @Test
-    public void testCredentialUnavailableSync() throws Exception {
+    public void testCredentialUnavailableSync() {
         TokenRequestContext request = new TokenRequestContext().addScopes("https://management.azure.com");
         EmptyEnvironmentConfigurationSource source = new EmptyEnvironmentConfigurationSource();
         Configuration configuration = new ConfigurationBuilder(source, source, source).build();
@@ -349,57 +348,63 @@ public void testInvalidIdCombination() {
     }
 
     @Test
-    public void testInvalidAdditionalTenant() throws Exception {
+    public void testInvalidAdditionalTenant() {
         // setup
-        Configuration.getGlobalConfiguration()
+        Configuration configuration = TestUtils.createTestConfiguration(new TestConfigurationSource()
             .put(Configuration.PROPERTY_AZURE_CLIENT_ID, "foo")
             .put(Configuration.PROPERTY_AZURE_CLIENT_SECRET, "bar")
-            .put(Configuration.PROPERTY_AZURE_TENANT_ID, "baz");
+            .put(Configuration.PROPERTY_AZURE_TENANT_ID, "baz"));
 
         TokenRequestContext request = new TokenRequestContext().addScopes("https://vault.azure.net/.default")
             .setTenantId("newTenant");
 
-        DefaultAzureCredential credential =
-            new DefaultAzureCredentialBuilder().additionallyAllowedTenants("RANDOM").build();
+        DefaultAzureCredential credential = new DefaultAzureCredentialBuilder()
+            .additionallyAllowedTenants("RANDOM")
+            .configuration(configuration)
+            .build();
 
         StepVerifier.create(credential.getToken(request))
-            .expectErrorMatches(e -> e instanceof ClientAuthenticationException && (e.getMessage().contains("The current credential is not configured to")))
-            .verify();
+            .verifyErrorMatches(e -> e instanceof ClientAuthenticationException
+                && (e.getMessage().contains("The current credential is not configured to")));
     }
 
     @Test
-    public void testInvalidMultiTenantAuth() throws Exception {
+    public void testInvalidMultiTenantAuth() {
         // setup
-        Configuration.getGlobalConfiguration()
+        Configuration configuration = TestUtils.createTestConfiguration(new TestConfigurationSource()
             .put(Configuration.PROPERTY_AZURE_CLIENT_ID, "foo")
             .put(Configuration.PROPERTY_AZURE_CLIENT_SECRET, "bar")
-            .put(Configuration.PROPERTY_AZURE_TENANT_ID, "baz");
+            .put(Configuration.PROPERTY_AZURE_TENANT_ID, "baz"));
 
         TokenRequestContext request = new TokenRequestContext().addScopes("https://vault.azure.net/.default")
             .setTenantId("newTenant");
 
-        DefaultAzureCredential credential =
-            new DefaultAzureCredentialBuilder().build();
+        DefaultAzureCredential credential = new DefaultAzureCredentialBuilder()
+            .configuration(configuration)
+            .build();
+
         StepVerifier.create(credential.getToken(request))
-            .expectErrorMatches(e -> e instanceof ClientAuthenticationException && (e.getMessage().contains("The current credential is not configured to")))
-            .verify();
+            .verifyErrorMatches(e -> e instanceof ClientAuthenticationException
+                && (e.getMessage().contains("The current credential is not configured to")));
     }
 
     @Test
-    public void testValidMultiTenantAuth() throws Exception {
+    public void testValidMultiTenantAuth() {
         // setup
-        Configuration.getGlobalConfiguration()
+        Configuration configuration = TestUtils.createTestConfiguration(new TestConfigurationSource()
             .put(Configuration.PROPERTY_AZURE_CLIENT_ID, "foo")
             .put(Configuration.PROPERTY_AZURE_CLIENT_SECRET, "bar")
-            .put(Configuration.PROPERTY_AZURE_TENANT_ID, "baz");
+            .put(Configuration.PROPERTY_AZURE_TENANT_ID, "baz"));
 
         TokenRequestContext request = new TokenRequestContext().addScopes("https://vault.azure.net/.default")
             .setTenantId("newTenant");
 
-        DefaultAzureCredential credential =
-            new DefaultAzureCredentialBuilder().additionallyAllowedTenants("*").build();
+        DefaultAzureCredential credential = new DefaultAzureCredentialBuilder()
+            .additionallyAllowedTenants("*")
+            .configuration(configuration)
+            .build();
+
         StepVerifier.create(credential.getToken(request))
-            .expectErrorMatches(e -> e.getCause() instanceof MsalServiceException)
-            .verify();
+            .verifyErrorMatches(e -> e.getCause() instanceof MsalServiceException);
     }
 }