File: test_live.py

package info (click to toggle)
python-azure 20250603%2Bgit-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 851,724 kB
  • sloc: python: 7,362,925; ansic: 804; javascript: 287; makefile: 195; sh: 145; xml: 109
file content (126 lines) | stat: -rw-r--r-- 4,500 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
 
# ------------------------------------
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT License.
# ------------------------------------
from itertools import product
import pytest

from azure.identity import (
    DefaultAzureCredential,
    CertificateCredential,
    ClientSecretCredential,
    DeviceCodeCredential,
    UsernamePasswordCredential,
    AzureCliCredential,
    AzurePowerShellCredential,
    AzureDeveloperCliCredential,
)
from azure.identity._constants import DEVELOPER_SIGN_ON_CLIENT_ID

from helpers import get_token_payload_contents, GET_TOKEN_METHODS

GRAPH_SCOPE = "https://graph.microsoft.com/.default"


def get_token(credential, method, **kwargs):
    token = getattr(credential, method)(GRAPH_SCOPE, **kwargs)
    assert token
    assert token.token
    assert token.expires_on
    return token


@pytest.mark.parametrize(
    "certificate_fixture,get_token_method", product(("live_pem_certificate", "live_pfx_certificate"), GET_TOKEN_METHODS)
)
def test_certificate_credential(certificate_fixture, get_token_method, request):
    cert = request.getfixturevalue(certificate_fixture)

    tenant_id = cert["tenant_id"]
    client_id = cert["client_id"]

    credential = CertificateCredential(tenant_id, client_id, cert["cert_path"])
    get_token(credential, get_token_method)

    credential = CertificateCredential(tenant_id, client_id, certificate_data=cert["cert_bytes"])
    token = get_token(credential, get_token_method, enable_cae=True)
    parsed_payload = get_token_payload_contents(token.token)
    assert "xms_cc" in parsed_payload and "CP1" in parsed_payload["xms_cc"]

    if "password" in cert:
        credential = CertificateCredential(
            tenant_id, client_id, cert["cert_with_password_path"], password=cert["password"]
        )
        get_token(credential, get_token_method)

        credential = CertificateCredential(
            tenant_id, client_id, certificate_data=cert["cert_with_password_bytes"], password=cert["password"]
        )
        get_token(credential, get_token_method)


@pytest.mark.parametrize("get_token_method", GET_TOKEN_METHODS)
def test_client_secret_credential(live_service_principal, get_token_method):
    credential = ClientSecretCredential(
        live_service_principal["tenant_id"],
        live_service_principal["client_id"],
        live_service_principal["client_secret"],
    )
    kwargs = {"enable_cae": True}
    if get_token_method == "get_token_info":
        kwargs = {"options": kwargs}
    token = get_token(credential, get_token_method, **kwargs)
    parsed_payload = get_token_payload_contents(token.token)
    assert "xms_cc" in parsed_payload and "CP1" in parsed_payload["xms_cc"]


@pytest.mark.parametrize("get_token_method", GET_TOKEN_METHODS)
def test_default_credential(live_service_principal, get_token_method):
    credential = DefaultAzureCredential()
    get_token(credential, get_token_method)


@pytest.mark.parametrize("get_token_method", GET_TOKEN_METHODS)
def test_username_password_auth(live_user_details, get_token_method):
    credential = UsernamePasswordCredential(
        client_id=live_user_details["client_id"],
        username=live_user_details["username"],
        password=live_user_details["password"],
        tenant_id=live_user_details["tenant"],
    )
    get_token(credential, get_token_method)


@pytest.mark.manual
@pytest.mark.parametrize("get_token_method", GET_TOKEN_METHODS)
def test_cli_credential(get_token_method):
    credential = AzureCliCredential()
    get_token(credential, get_token_method)


@pytest.mark.manual
@pytest.mark.parametrize("get_token_method", GET_TOKEN_METHODS)
def test_dev_cli_credential(get_token_method):
    credential = AzureDeveloperCliCredential()
    get_token(credential, get_token_method)


@pytest.mark.manual
@pytest.mark.parametrize("get_token_method", GET_TOKEN_METHODS)
def test_powershell_credential(get_token_method):
    credential = AzurePowerShellCredential()
    get_token(credential, get_token_method)


@pytest.mark.manual
@pytest.mark.prints
@pytest.mark.parametrize("get_token_method", GET_TOKEN_METHODS)
def test_device_code(get_token_method):
    import webbrowser

    def prompt(url, user_code, _):
        print("opening a browser to '{}', enter device code {}".format(url, user_code))
        webbrowser.open_new_tab(url)

    credential = DeviceCodeCredential(client_id=DEVELOPER_SIGN_ON_CLIENT_ID, prompt_callback=prompt, timeout=40)
    get_token(credential, get_token_method)