Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added support for MSI Token API v2019-08-01 #329

Open
wants to merge 19 commits into
base: main
Choose a base branch
from
Open

Added support for MSI Token API v2019-08-01 #329

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
c659ab3
Added support for MSI Token API v2019-08-01
lsuarez5280 Jun 17, 2024
bb96703
Update mocks for MSI v2019 support
lsuarez5280 Jun 17, 2024
bf09a5e
Missed API version query mock.
lsuarez5280 Jun 17, 2024
4196bdb
Added an MSI v2019 test case
lsuarez5280 Jun 17, 2024
5291c6e
Added MSI fallback test
lsuarez5280 Jun 17, 2024
e46fc96
Merge branch 'main' into main
lsuarez5280 Jun 19, 2024
3765813
Merge branch 'main' into main
lsuarez5280 Jun 21, 2024
cb8bad0
Merge branch 'main' into main
lsuarez5280 Jun 24, 2024
c5ccaed
Merge branch 'main' into main
lsuarez5280 Jun 25, 2024
e756523
Merge branch 'main' into main
lsuarez5280 Jun 27, 2024
9cfd8dc
Merge branch 'main' into main
lsuarez5280 Jul 1, 2024
7dc075f
Merge branch 'main' into main
lsuarez5280 Jul 4, 2024
dbad948
Merge branch 'main' into main
lsuarez5280 Jul 8, 2024
253f3fb
Merge branch 'main' into main
lsuarez5280 Jul 13, 2024
02af7c8
Merge branch 'main' into main
lsuarez5280 Jul 19, 2024
e9074e8
Merge branch 'main' into main
lsuarez5280 Jul 31, 2024
edcfa67
Merge branch 'main' into main
lsuarez5280 Aug 9, 2024
0fa267d
Merge branch 'main' into main
lsuarez5280 Aug 17, 2024
2415211
Merge branch 'main' into main
lsuarez5280 Aug 27, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 11 additions & 5 deletions common-npm-packages/azure-arm-rest/Tests/azure-arm-app-service-tests.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@ import { AzureEndpoint } from '../azureModels';
import * as querystring from 'querystring';
import tl = require('azure-pipelines-task-lib/task');
var endpoint = getMockEndpoint();
var msi2018endpoint = getMockEndpoint("ManagedServiceIdentity");
var msi2019endpoint = getMockEndpoint("ManagedServiceIdentity", null, true);

mockAzureAppServiceTests();

Expand Down Expand Up @@ -114,8 +116,8 @@ class AzureAppServiceTests {
});
}

public static async get() {
var appSerivce: AzureAppService = new AzureAppService(endpoint, "MOCK_RESOURCE_GROUP_NAME", "MOCK_APP_SERVICE_NAME");
public static async get(testEndpoint: AzureEndpoint) {
var appSerivce: AzureAppService = new AzureAppService(testEndpoint, "MOCK_RESOURCE_GROUP_NAME", "MOCK_APP_SERVICE_NAME");
try {
var value = await appSerivce.get();
console.log('MOCK_APP_SERVICE_NAME ID: ' + value.id);
Expand All @@ -125,7 +127,7 @@ class AzureAppServiceTests {
tl.setResult(tl.TaskResult.Failed, 'AzureAppServiceTests.get() should have passed but failed');
}

var appSerivceSlot: AzureAppService = new AzureAppService(endpoint, "MOCK_RESOURCE_GROUP_NAME", "MOCK_APP_SERVICE_NAME", "MOCK_SLOT_NAME");
var appSerivceSlot: AzureAppService = new AzureAppService(testEndpoint, "MOCK_RESOURCE_GROUP_NAME", "MOCK_APP_SERVICE_NAME", "MOCK_SLOT_NAME");
try {
await appSerivceSlot.get();
tl.setResult(tl.TaskResult.Failed, 'AzureAppServiceTests.get() should have failed but passed');
Expand Down Expand Up @@ -368,7 +370,7 @@ async function RUNTESTS() {
await AzureAppServiceTests.swap();
await AzureAppServiceTests.swapSlotWithPreview();
await AzureAppServiceTests.cancelSwapSlotWithPreview();
await AzureAppServiceTests.get();
await AzureAppServiceTests.get(endpoint);
await AzureAppServiceTests.getPublishingProfileWithSecrets();
await AzureAppServiceTests.getPublishingCredentials();
await AzureAppServiceTests.getApplicationSettings();
Expand All @@ -378,6 +380,10 @@ async function RUNTESTS() {
await AzureAppServiceTests.patchConfiguration();
await AzureAppServiceTests.getMetadata();
await AzureAppServiceTests.updateMetadata();

// Test MSI behaviors
await AzureAppServiceTests.get(msi2018endpoint);
await AzureAppServiceTests.get(msi2019endpoint);
}

RUNTESTS();
RUNTESTS();
23 changes: 16 additions & 7 deletions common-npm-packages/azure-arm-rest/Tests/mock_utils.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ import * as querystring from "querystring";
import { ApplicationTokenCredentials } from '../azure-arm-common';
export var nock = require('nock');

export function getMockEndpoint(scheme?: string, msiClientId?: string) {
export function getMockEndpoint(scheme?: string, msiClientId?: string, mockMsi2019: boolean = false) {
process.env["AZURE_HTTP_USER_AGENT"] = "TEST_AGENT";

var endpoint: AzureEndpoint = {
Expand Down Expand Up @@ -37,13 +37,22 @@ export function getMockEndpoint(scheme?: string, msiClientId?: string) {
access_token: "DUMMY_ACCESS_TOKEN"
}).persist();

let apiVersion = "2018-02-01";
const tokenEndpoint = "http://169.254.169.254/metadata/identity/oauth2/token";
const reqheaders = {
"Metadata": true
};

if (mockMsi2019) {
const identityHeader = "00000000-0000-0000-0000-000000000000";
process.env["IDENTITY_ENDPOINT"] = tokenEndpoint;
process.env["IDENTITY_HEADER"] = identityHeader;
reqheaders["X-Identity-Header"] = identityHeader;
}
let apiVersion = mockMsi2019 ? "2019-08-01" : "2018-02-01";
let msiClientIdUrl = msiClientId ? "&client_id=" + msiClientId : "";
var msiUrl = "http://169.254.169.254/metadata/identity/oauth2/token?api-version=" + apiVersion + "&resource=https://management.azure.com/" + msiClientIdUrl;
var msiUrl = tokenEndpoint + "?api-version=" + apiVersion + "&resource=https://management.azure.com/" + msiClientIdUrl;
nock(msiUrl, {
reqheaders: {
"Metadata": true
}
reqheaders: reqheaders
})
.get("/oauth2/token?resource=https://management.azure.com/")
.reply(200, {
Expand Down Expand Up @@ -718,4 +727,4 @@ export function mockAzureARMResourcesTests() {
properties: {}
}]
}).persist();
}
}
13 changes: 9 additions & 4 deletions common-npm-packages/azure-arm-rest/azure-arm-common.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -366,11 +366,16 @@ export class ApplicationTokenCredentials {
// same for MSAL
let webRequest = new webClient.WebRequest();
webRequest.method = "GET";
let apiVersion = "2018-02-01";
webRequest.uri = "http://169.254.169.254/metadata/identity/oauth2/token?api-version=" + apiVersion + "&resource=" + resourceId;
const useMsi2019 = process.env.IDENTITY_ENDPOINT && process.env.IDENTITY_HEADER;
const apiVersion = useMsi2019 ? "2019-08-01" : "2018-02-01";
const tokenEndpoint = useMsi2019 ? process.env.IDENTITY_ENDPOINT : "http://169.254.169.254/metadata/identity/oauth2/token";
webRequest.uri = `${tokenEndpoint}?api-version=${apiVersion}&resource=${resourceId}`;
webRequest.headers = {
"Metadata": true
};
};
if (useMsi2019) {
webRequest.headers["X-Identity-Header"] = process.env.IDENTITY_HEADER;
}

webClient.sendRequest(webRequest).then(
(response: webClient.WebResponse) => {
Expand Down Expand Up @@ -703,4 +708,4 @@ function getJWT(url: string, clientId: string, tenantId: string, pemFilePath: st

var token = jwt.sign(jwtObject, pemFileContent, { algorithm: 'RS256', header: additionalHeaders });
return token;
}
}
Loading