Clean ups based on code review

microsoft · Jan 2, 2019 · a4f2666 · a4f2666
1 parent 6a71089
commit a4f2666
Show file tree

Hide file tree

Showing 4 changed files with 20 additions and 47 deletions.
diff --git a/src/Microsoft.Health.Fhir.Web/DevelopmentIdentityProviderRegistrationExtensions.cs b/src/Microsoft.Health.Fhir.Web/DevelopmentIdentityProviderRegistrationExtensions.cs
@@ -23,6 +23,8 @@ namespace Microsoft.Health.Fhir.Web
 {
     public static class DevelopmentIdentityProviderRegistrationExtensions
     {
+        private const string WRONGAUDIENCECLIENT = "wrongaudienceclient";
+
         /// <summary>
         /// Adds an in-process identity provider if enabled in configuration.
         /// </summary>
@@ -54,7 +56,7 @@ public static IServiceCollection AddDevelopmentIdentityProvider(this IServiceCol
                             UserClaims = { authorizationConfiguration.RolesClaim },
                         },
                         new ApiResource(
-                        "wrongaudienceclient",
+                        WRONGAUDIENCECLIENT,
                         claimTypes: new List<string>() { authorizationConfiguration.RolesClaim, ClaimTypes.Name, ClaimTypes.NameIdentifier })
                         {
                             UserClaims = { authorizationConfiguration.RolesClaim },

diff --git a/test/Microsoft.Health.Fhir.Tests.E2E/Common/AuthenticationScenarios.cs b/test/Microsoft.Health.Fhir.Tests.E2E/Common/AuthenticationScenarios.cs
diff --git a/test/Microsoft.Health.Fhir.Tests.E2E/Common/FhirClient.cs b/test/Microsoft.Health.Fhir.Tests.E2E/Common/FhirClient.cs
@@ -90,10 +90,10 @@ public async Task RunAsUser(TestUser user, TestApplication clientApplication)
             await SetupAuthenticationAsync(clientApplication, user);
         }
 
-        public async Task RunAsClientApplication(TestApplication clientApplication, AuthenticationScenarios authenticationScenarios = AuthenticationScenarios.VALIDAUTH)
+        public async Task RunAsClientApplication(TestApplication clientApplication)
         {
             EnsureArg.IsNotNull(clientApplication, nameof(clientApplication));
-            await SetupAuthenticationAsync(clientApplication, null, authenticationScenarios);
+            await SetupAuthenticationAsync(clientApplication, null);
         }
 
         public Task<FhirResponse<T>> CreateAsync<T>(T resource)
@@ -268,7 +268,7 @@ private async Task<FhirResponse<T>> CreateResponseAsync<T>(HttpResponseMessage r
                 string.IsNullOrWhiteSpace(content) ? null : (T)_deserialize(content));
         }
 
-        private async Task SetupAuthenticationAsync(TestApplication clientApplication, TestUser user = null, AuthenticationScenarios authenticationScenarios = AuthenticationScenarios.VALIDAUTH)
+        private async Task SetupAuthenticationAsync(TestApplication clientApplication, TestUser user = null)
         {
             await GetSecuritySettings("metadata");
 
@@ -278,22 +278,27 @@ private async Task SetupAuthenticationAsync(TestApplication clientApplication, T
 
                 if (!_bearerTokens.TryGetValue(tokenKey, out string bearerToken))
                 {
-                    bearerToken = await GetBearerToken(clientApplication, user, authenticationScenarios);
+                    bearerToken = await GetBearerToken(clientApplication, user);
                     _bearerTokens[tokenKey] = bearerToken;
                 }
 
                 HttpClient.SetBearerToken(bearerToken);
             }
         }
 
-        private async Task<string> GetBearerToken(TestApplication clientApplication, TestUser user, AuthenticationScenarios authenticationScenarios)
+        private async Task<string> GetBearerToken(TestApplication clientApplication, TestUser user)
         {
-            var formContent = new FormUrlEncodedContent(user == null ? GetAppSecuritySettings(clientApplication, authenticationScenarios) : GetUserSecuritySettings(clientApplication, user));
+            var formContent = new FormUrlEncodedContent(user == null ? GetAppSecuritySettings(clientApplication) : GetUserSecuritySettings(clientApplication, user));
 
             HttpResponseMessage tokenResponse = await HttpClient.PostAsync(SecuritySettings.TokenUrl, formContent);
 
             var tokenJson = JObject.Parse(await tokenResponse.Content.ReadAsStringAsync());
 
+            if (clientApplication.Equals(TestApplications.InvalidClient))
+            {
+                return null;
+            }
+
             if (tokenJson["access_token"] != null)
             {
                 return tokenJson["access_token"].Value<string>();
@@ -302,10 +307,10 @@ private async Task<string> GetBearerToken(TestApplication clientApplication, Tes
             return null;
         }
 
-        private List<KeyValuePair<string, string>> GetAppSecuritySettings(TestApplication clientApplication, AuthenticationScenarios authenticationScenarios)
+        private List<KeyValuePair<string, string>> GetAppSecuritySettings(TestApplication clientApplication)
         {
-            string scope = authenticationScenarios == AuthenticationScenarios.AUTHWITHWRONGAUDIENCE ? clientApplication.ClientId : AuthenticationSettings.Scope;
-            string resource = authenticationScenarios == AuthenticationScenarios.AUTHWITHWRONGAUDIENCE ? clientApplication.ClientId : AuthenticationSettings.Resource;
+            string scope = clientApplication == TestApplications.WrongAudienceClient ? clientApplication.ClientId : AuthenticationSettings.Scope;
+            string resource = clientApplication == TestApplications.WrongAudienceClient ? clientApplication.ClientId : AuthenticationSettings.Resource;
 
             return new List<KeyValuePair<string, string>>
             {
@@ -351,10 +356,5 @@ private async Task GetSecuritySettings(string fhirServerMetadataUrl)
 
             SecuritySettings = (false, null, null);
         }
-
-        public void SetBearerToken(string invalidToken)
-        {
-            HttpClient.SetBearerToken(invalidToken);
-        }
     }
 }
diff --git a/test/Microsoft.Health.Fhir.Tests.E2E/Rest/BasicAuthTests.cs b/test/Microsoft.Health.Fhir.Tests.E2E/Rest/BasicAuthTests.cs
@@ -5,6 +5,7 @@
 
 using System;
 using System.Net;
+using System.Net.Http;
 using System.Threading.Tasks;
 using Hl7.Fhir.Model;
 using Microsoft.Health.Fhir.Tests.Common;
@@ -142,7 +143,7 @@ public async Task WhenCreatingAResource_GivenAClientWithNoAuthToken_TheServerSho
         public async Task WhenCreatingAResource_GivenAClientWithInvalidAuthToken_TheServerShouldReturnUnauthorized()
         {
             await Client.RunAsClientApplication(TestApplications.InvalidClient);
-            Client.SetBearerToken(Invalidtoken);
+            Client.HttpClient.SetBearerToken(Invalidtoken);
             FhirException fhirException = await Assert.ThrowsAsync<FhirException>(async () => await Client.CreateAsync(Samples.GetDefaultObservation()));
             Assert.Equal(UnauthorizedMessage, fhirException.Message);
             Assert.Equal(HttpStatusCode.Unauthorized, fhirException.StatusCode);
@@ -152,7 +153,7 @@ public async Task WhenCreatingAResource_GivenAClientWithInvalidAuthToken_TheServ
         [Trait(Traits.Priority, Priority.One)]
         public async Task WhenCreatingAResource_GivenAClientWithWrongAudience_TheServerShouldReturnUnauthorized()
         {
-            await Client.RunAsClientApplication(TestApplications.WrongAudienceClient, AuthenticationScenarios.AUTHWITHWRONGAUDIENCE);
+            await Client.RunAsClientApplication(TestApplications.WrongAudienceClient);
             FhirException fhirException = await Assert.ThrowsAsync<FhirException>(async () => await Client.CreateAsync(Samples.GetDefaultObservation()));
             Assert.Equal(UnauthorizedMessage, fhirException.Message);
             Assert.Equal(HttpStatusCode.Unauthorized, fhirException.StatusCode);