diff --git a/tests/E2E Tests/OidcIdPSignedAssertionProviderTests/OidCIdPSignedAssertionProviderExtensibilityTests.cs b/tests/E2E Tests/OidcIdPSignedAssertionProviderTests/OidCIdPSignedAssertionProviderExtensibilityTests.cs index c149115b4..ea031bad8 100644 --- a/tests/E2E Tests/OidcIdPSignedAssertionProviderTests/OidCIdPSignedAssertionProviderExtensibilityTests.cs +++ b/tests/E2E Tests/OidcIdPSignedAssertionProviderTests/OidCIdPSignedAssertionProviderExtensibilityTests.cs @@ -3,14 +3,17 @@ using System; using System.Collections.Generic; +using System.Diagnostics; using System.IdentityModel.Tokens.Jwt; using System.Linq; using System.Net.Http; using System.Text.Json; using System.Threading.Tasks; +using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Options; using Microsoft.Identity.Abstractions; +using Microsoft.Identity.Lab.Api; using Microsoft.Identity.Web; using Microsoft.Identity.Web.Test.Common; using Microsoft.Identity.Web.Test.Common.Mocks; @@ -35,11 +38,14 @@ public class OidCIdPSignedAssertionProviderExtensibilityTests [OnlyOnAzureDevopsFact] public async Task CrossCloudFicIntegrationTest() { + // Arrange TokenAcquirerFactoryTesting.ResetTokenAcquirerFactoryInTest(); TokenAcquirerFactory tokenAcquirerFactory = TokenAcquirerFactory.GetDefaultInstance(); tokenAcquirerFactory.Services.AddOidcFic(); + UpdateClientSecret(tokenAcquirerFactory); // for test only - get secret from KeyVault + // this is how the authentication options can be configured in code rather than // in the appsettings file, though using the appsettings file is recommended /* @@ -78,6 +84,42 @@ public async Task CrossCloudFicIntegrationTest() Assert.Contains("cp1", xmsCcValues); } + private static void UpdateClientSecret(TokenAcquirerFactory tokenAcquirerFactory) + { + KeyVaultSecretsProvider ksp = new KeyVaultSecretsProvider(); + var secret = ksp.GetSecretByName("ARLMSIDLAB1-IDLASBS-App-CC-Secret").Value; + + + var configuration = new ConfigurationBuilder() + .SetBasePath(AppContext.BaseDirectory) + .AddJsonFile("appsettings.json", optional: false, reloadOnChange: true) + .AddEnvironmentVariables() + .Build(); + + tokenAcquirerFactory.Services.AddSingleton(configuration); + + // Bind the AzureAd2 section into the named options. + tokenAcquirerFactory.Services.Configure( + "AzureAd2", + configuration.GetSection("AzureAd2")); + + // Apply any dynamic overrides after the JSON bind. + tokenAcquirerFactory.Services.PostConfigure( + "AzureAd2", + options => + { + options.ClientCredentials = new[] + { + new CredentialDescription + { + SourceType = CredentialSource.ClientSecret, + ClientSecret = secret + } + }; + + }); + } + //[Fact(Skip ="Does not run if run with the E2E test")] [Theory] [InlineData(false)] diff --git a/tests/E2E Tests/OidcIdPSignedAssertionProviderTests/appsettings.json b/tests/E2E Tests/OidcIdPSignedAssertionProviderTests/appsettings.json index 2d7bd7b7d..0778b20ee 100644 --- a/tests/E2E Tests/OidcIdPSignedAssertionProviderTests/appsettings.json +++ b/tests/E2E Tests/OidcIdPSignedAssertionProviderTests/appsettings.json @@ -19,14 +19,13 @@ "AzureAd2": { "Instance": "https://login.microsoftonline.us/", "TenantId": "45ff0c17-f8b5-489b-b7fd-2fedebbec0c4", - "ClientId": "f13080ee-01fe-48c1-8e9f-f0dd6f69ac7b", + "ClientId": "c0555d2d-02f2-4838-802e-3463422e571d", "ExtraQueryParameters": { "dc": "ESTS-PUB-WEULR1-AZ1-FD000-TEST1" }, "SendX5C": true, "ClientCredentials": [ { - "SourceType": "StoreWithDistinguishedName", - "CertificateStorePath": "CurrentUser/My", - "CertificateDistinguishedName": "CN=LabAuth.MSIDLab.com" + "SourceType": "ClientSecret", + "ClientSecret": "placeholder" } ] }