From 745322bb426ff3ac27b4dcf7db8e8ec4c57124f6 Mon Sep 17 00:00:00 2001 From: Sean Leonard Date: Thu, 3 Nov 2022 17:00:49 -0700 Subject: [PATCH 1/7] Add AppServicesAuthenticationInformation class --- .../AppServicesAuthenticationInformation.cs | 48 +++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 src/Service/AuthenticationHelpers/AppServicesAuthenticationInformation.cs diff --git a/src/Service/AuthenticationHelpers/AppServicesAuthenticationInformation.cs b/src/Service/AuthenticationHelpers/AppServicesAuthenticationInformation.cs new file mode 100644 index 0000000000..d64fc01ec7 --- /dev/null +++ b/src/Service/AuthenticationHelpers/AppServicesAuthenticationInformation.cs @@ -0,0 +1,48 @@ +using System; + +namespace Azure.DataApiBuilder.Service.AuthenticationHelpers +{ + /// + /// Information about the App Services configuration on the host. + /// This class is an abridged mirror of Microsoft.Identity.Web's + /// AppServicesAuthenticationInformation.cs helper class used to + /// detect whether the app is running in an Azure App Service environment. + /// + /// + public static class AppServicesAuthenticationInformation + { + // Environment variables. + internal const string APPSERVICESAUTH_ENABLED_ENVIRONMENTVARIABLE = "WEBSITE_AUTH_ENABLED"; // True + internal const string APPSERVICESAUTH_OPENIDISSUER_ENVIRONMENTVARIABLE = "WEBSITE_AUTH_OPENID_ISSUER"; // for instance https://sts.windows.net// + internal const string APPSERVICESAUTH_CLIENTID_ENVIRONMENTVARIABLE = "WEBSITE_AUTH_CLIENT_ID"; // A GUID + internal const string APPSERVICESAUTH_CLIENTSECRET_ENVIRONMENTVARIABLE = "WEBSITE_AUTH_CLIENT_SECRET"; // A string + internal const string APPSERVICESAUTH_CLIENTSECRET_SETTINGNAME = "WEBSITE_AUTH_CLIENT_SECRET_SETTING_NAME"; // A string + internal const string APPSERVICESAUTH_LOGOUTPATH_ENVIRONMENTVARIABLE = "WEBSITE_AUTH_LOGOUT_PATH"; // /.auth/logout + internal const string APPSERVICESAUTH_IDENTITYPROVIDER_ENVIRONMENTVARIABLE = "WEBSITE_AUTH_DEFAULT_PROVIDER"; // AzureActiveDirectory + internal const string APPSERVICESAUTH_AZUREACTIVEDIRECTORY = "AzureActiveDirectory"; + internal const string APPSERVICESAUTH_AAD = "AAD"; + + /// + /// Returns whether App Services authentication is enabled? + /// + public static bool IsAppServicesAadAuthenticationEnabled + { + get + { + return + string.Equals( + Environment.GetEnvironmentVariable(APPSERVICESAUTH_ENABLED_ENVIRONMENTVARIABLE), + "true", + StringComparison.OrdinalIgnoreCase) && + (string.Equals( + Environment.GetEnvironmentVariable(APPSERVICESAUTH_IDENTITYPROVIDER_ENVIRONMENTVARIABLE), + APPSERVICESAUTH_AZUREACTIVEDIRECTORY, + StringComparison.OrdinalIgnoreCase) || + string.Equals( + Environment.GetEnvironmentVariable(APPSERVICESAUTH_IDENTITYPROVIDER_ENVIRONMENTVARIABLE), + APPSERVICESAUTH_AAD, + StringComparison.OrdinalIgnoreCase)); + } + } + } +} From 86d97a9084db49aa39eeb9a22bc7d4b373edc4fe Mon Sep 17 00:00:00 2001 From: Sean Leonard Date: Thu, 3 Nov 2022 17:08:17 -0700 Subject: [PATCH 2/7] conditional startup in production for production appservice/swa app. --- src/Service/Startup.cs | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/Service/Startup.cs b/src/Service/Startup.cs index b5c5b9f913..5f1057cf3e 100644 --- a/src/Service/Startup.cs +++ b/src/Service/Startup.cs @@ -402,6 +402,14 @@ private static void ConfigureAuthentication(IServiceCollection services, Runtime } else if (runtimeConfig.IsEasyAuthAuthenticationProvider()) { + if (!runtimeConfigurationProvider.IsDeveloperMode() && !AppServicesAuthenticationInformation.IsAppServicesAadAuthenticationEnabled) + { + throw new DataApiBuilderException( + message: "EasyAuth is configured in Production mode while AppService environment is not detected.", + statusCode: System.Net.HttpStatusCode.ServiceUnavailable, + subStatusCode: DataApiBuilderException.SubStatusCodes.ErrorInInitialization); + } + services.AddAuthentication(EasyAuthAuthenticationDefaults.AUTHENTICATIONSCHEME) .AddEasyAuthAuthentication( (EasyAuthType)Enum.Parse(typeof(EasyAuthType), From a9b7dd6ebabc4b02beeb37494c77d6d899839c1c Mon Sep 17 00:00:00 2001 From: Sean Leonard Date: Fri, 2 Dec 2022 09:50:44 -0800 Subject: [PATCH 3/7] updates to app service easyauth environment detection. --- .../AppServicesAuthenticationInformation.cs | 54 +++++++++---------- .../EasyAuthAuthenticationDefaults.cs | 4 +- src/Service/Startup.cs | 28 ++++++---- 3 files changed, 45 insertions(+), 41 deletions(-) diff --git a/src/Service/AuthenticationHelpers/AppServicesAuthenticationInformation.cs b/src/Service/AuthenticationHelpers/AppServicesAuthenticationInformation.cs index d64fc01ec7..54938feace 100644 --- a/src/Service/AuthenticationHelpers/AppServicesAuthenticationInformation.cs +++ b/src/Service/AuthenticationHelpers/AppServicesAuthenticationInformation.cs @@ -3,46 +3,42 @@ namespace Azure.DataApiBuilder.Service.AuthenticationHelpers { /// - /// Information about the App Services configuration on the host. - /// This class is an abridged mirror of Microsoft.Identity.Web's - /// AppServicesAuthenticationInformation.cs helper class used to + /// Information about the App Services configuration on the host. This class is an abridged mirror of + /// Microsoft.Identity.Web's AppServicesAuthenticationInformation.cs helper class used to /// detect whether the app is running in an Azure App Service environment. /// /// public static class AppServicesAuthenticationInformation { - // Environment variables. - internal const string APPSERVICESAUTH_ENABLED_ENVIRONMENTVARIABLE = "WEBSITE_AUTH_ENABLED"; // True - internal const string APPSERVICESAUTH_OPENIDISSUER_ENVIRONMENTVARIABLE = "WEBSITE_AUTH_OPENID_ISSUER"; // for instance https://sts.windows.net// - internal const string APPSERVICESAUTH_CLIENTID_ENVIRONMENTVARIABLE = "WEBSITE_AUTH_CLIENT_ID"; // A GUID - internal const string APPSERVICESAUTH_CLIENTSECRET_ENVIRONMENTVARIABLE = "WEBSITE_AUTH_CLIENT_SECRET"; // A string - internal const string APPSERVICESAUTH_CLIENTSECRET_SETTINGNAME = "WEBSITE_AUTH_CLIENT_SECRET_SETTING_NAME"; // A string - internal const string APPSERVICESAUTH_LOGOUTPATH_ENVIRONMENTVARIABLE = "WEBSITE_AUTH_LOGOUT_PATH"; // /.auth/logout - internal const string APPSERVICESAUTH_IDENTITYPROVIDER_ENVIRONMENTVARIABLE = "WEBSITE_AUTH_DEFAULT_PROVIDER"; // AzureActiveDirectory - internal const string APPSERVICESAUTH_AZUREACTIVEDIRECTORY = "AzureActiveDirectory"; - internal const string APPSERVICESAUTH_AAD = "AAD"; + /// + /// Environment variable key whose value represents whether AppService EasyAuth is enabled ("true" or "false"). + /// + private const string APPSERVICESAUTH_ENABLED_ENVIRONMENTVARIABLE = "WEBSITE_AUTH_ENABLED"; + /// + /// Environment variable key whose value represents Identity Provider such as "AzureActiveDirectory" + /// + private const string APPSERVICESAUTH_IDENTITYPROVIDER_ENVIRONMENTVARIABLE = "WEBSITE_AUTH_DEFAULT_PROVIDER"; /// - /// Returns whether App Services authentication is enabled? + /// Returns a best guess whether AppService is enabled in the environment by checking for + /// existence and value population of known AppService environment variables. + /// This check is determined to be "best guess" because environment variables could be + /// manually added or overridden. + /// This check's purpose is to help warn developers that an AppService environment is not detected + /// where the DataApiBuilder service is executing and DataApiBuilder is configured to use AppService + /// as the identity provider. /// - public static bool IsAppServicesAadAuthenticationEnabled + public static bool AreExpectedAppServiceEnvVarsPresent() { - get + string? appServiceEnabled = Environment.GetEnvironmentVariable(APPSERVICESAUTH_ENABLED_ENVIRONMENTVARIABLE); + string? appServiceIdentityProvider = Environment.GetEnvironmentVariable(APPSERVICESAUTH_IDENTITYPROVIDER_ENVIRONMENTVARIABLE); + + if (string.IsNullOrEmpty(appServiceEnabled) || string.IsNullOrEmpty(appServiceIdentityProvider)) { - return - string.Equals( - Environment.GetEnvironmentVariable(APPSERVICESAUTH_ENABLED_ENVIRONMENTVARIABLE), - "true", - StringComparison.OrdinalIgnoreCase) && - (string.Equals( - Environment.GetEnvironmentVariable(APPSERVICESAUTH_IDENTITYPROVIDER_ENVIRONMENTVARIABLE), - APPSERVICESAUTH_AZUREACTIVEDIRECTORY, - StringComparison.OrdinalIgnoreCase) || - string.Equals( - Environment.GetEnvironmentVariable(APPSERVICESAUTH_IDENTITYPROVIDER_ENVIRONMENTVARIABLE), - APPSERVICESAUTH_AAD, - StringComparison.OrdinalIgnoreCase)); + return false; } + + return appServiceEnabled.Equals(value: "true", comparisonType: StringComparison.OrdinalIgnoreCase); } } } diff --git a/src/Service/AuthenticationHelpers/EasyAuthAuthenticationDefaults.cs b/src/Service/AuthenticationHelpers/EasyAuthAuthenticationDefaults.cs index acf036e248..4d6cc322ae 100644 --- a/src/Service/AuthenticationHelpers/EasyAuthAuthenticationDefaults.cs +++ b/src/Service/AuthenticationHelpers/EasyAuthAuthenticationDefaults.cs @@ -1,12 +1,12 @@ namespace Azure.DataApiBuilder.Service.AuthenticationHelpers { /// - /// Default values related to StaticWebAppAuthentication handler. + /// Default values related to EasyAuthAuthentication handler. /// public static class EasyAuthAuthenticationDefaults { /// - /// The default value used for StaticWebAppAuthenticationOptions.AuthenticationScheme. + /// The default value used for EasyAuthAuthenticationOptions.AuthenticationScheme. /// public const string AUTHENTICATIONSCHEME = "EasyAuthAuthentication"; diff --git a/src/Service/Startup.cs b/src/Service/Startup.cs index 8efa75fac4..37e6b47476 100644 --- a/src/Service/Startup.cs +++ b/src/Service/Startup.cs @@ -383,7 +383,7 @@ public void Configure(IApplicationBuilder app, IWebHostEnvironment env, RuntimeC /// /// The service collection where authentication services are added. /// The provider used to load runtime configuration. - private static void ConfigureAuthentication(IServiceCollection services, RuntimeConfigProvider runtimeConfigurationProvider) + private void ConfigureAuthentication(IServiceCollection services, RuntimeConfigProvider runtimeConfigurationProvider) { if (runtimeConfigurationProvider.TryGetRuntimeConfiguration(out RuntimeConfig? runtimeConfig) && runtimeConfig.AuthNConfig != null) { @@ -404,19 +404,27 @@ private static void ConfigureAuthentication(IServiceCollection services, Runtime } else if (runtimeConfig.IsEasyAuthAuthenticationProvider()) { - if (!runtimeConfigurationProvider.IsDeveloperMode() && !AppServicesAuthenticationInformation.IsAppServicesAadAuthenticationEnabled) + EasyAuthType easyAuthType = (EasyAuthType)Enum.Parse(typeof(EasyAuthType), runtimeConfig.AuthNConfig.Provider, ignoreCase: true); + bool isProductionMode = !runtimeConfigurationProvider.IsDeveloperMode(); + bool appServiceEnvironmentDetected = AppServicesAuthenticationInformation.AreExpectedAppServiceEnvVarsPresent(); + + if (easyAuthType == EasyAuthType.AppService && !appServiceEnvironmentDetected) { - throw new DataApiBuilderException( - message: "EasyAuth is configured in Production mode while AppService environment is not detected.", - statusCode: System.Net.HttpStatusCode.ServiceUnavailable, - subStatusCode: DataApiBuilderException.SubStatusCodes.ErrorInInitialization); + if (isProductionMode) + { + throw new DataApiBuilderException( + message: "AppService environment not detected while runtime is in production mode.", + statusCode: System.Net.HttpStatusCode.ServiceUnavailable, + subStatusCode: DataApiBuilderException.SubStatusCodes.ErrorInInitialization); + } + else + { + _logger.LogWarning($"AppService environment not detected, EasyAuth authentication may not behave as expected."); + } } services.AddAuthentication(EasyAuthAuthenticationDefaults.AUTHENTICATIONSCHEME) - .AddEasyAuthAuthentication( - (EasyAuthType)Enum.Parse(typeof(EasyAuthType), - runtimeConfig.AuthNConfig.Provider, - ignoreCase: true)); + .AddEasyAuthAuthentication(easyAuthAuthenticationProvider: easyAuthType); } else if (runtimeConfigurationProvider.IsDeveloperMode() && runtimeConfig.IsAuthenticationSimulatorEnabled()) { From c0b48cd225a9153a1cd9993c481f09466a7911fe Mon Sep 17 00:00:00 2001 From: Sean Leonard Date: Fri, 2 Dec 2022 13:18:31 -0800 Subject: [PATCH 4/7] Add startup integration tests. --- .../Configuration/ConfigurationTests.cs | 58 +++++++++++++++++++ ...=> AppServiceAuthenticationInformation.cs} | 15 +++-- src/Service/Startup.cs | 6 +- 3 files changed, 70 insertions(+), 9 deletions(-) rename src/Service/AuthenticationHelpers/{AppServicesAuthenticationInformation.cs => AppServiceAuthenticationInformation.cs} (71%) diff --git a/src/Service.Tests/Configuration/ConfigurationTests.cs b/src/Service.Tests/Configuration/ConfigurationTests.cs index d1ecd6d0f6..6613024cee 100644 --- a/src/Service.Tests/Configuration/ConfigurationTests.cs +++ b/src/Service.Tests/Configuration/ConfigurationTests.cs @@ -9,6 +9,7 @@ using System.Threading; using System.Threading.Tasks; using Azure.DataApiBuilder.Config; +using Azure.DataApiBuilder.Service.AuthenticationHelpers; using Azure.DataApiBuilder.Service.Authorization; using Azure.DataApiBuilder.Service.Configurations; using Azure.DataApiBuilder.Service.Controllers; @@ -810,6 +811,63 @@ public async Task TestPathRewriteMiddlewareForGraphQL( } } + /// + /// Tests that Startup.cs properly handles EasyAuth authentication configuration. + /// AppService as Identity Provider while in Production mode will result in startup error. + /// An Azure AppService environment has environment variables on the host which indicate + /// the environment is, in fact, an AppService environment. + /// + /// HostMode in Runtime config - Development or Production. + /// EasyAuth auth type - AppService or StaticWebApps. + /// Whether to set the AppService host environment variables. + /// Whether an error is expected. + [DataTestMethod] + [DataRow(HostModeType.Development, EasyAuthType.AppService, false, false, DisplayName = "AppService Dev - No EnvVars - No Error")] + [DataRow(HostModeType.Development, EasyAuthType.AppService, true, false, DisplayName = "AppService Dev - EnvVars - No Error")] + [DataRow(HostModeType.Production, EasyAuthType.AppService, false, true, DisplayName = "AppService Prod - No EnvVars - Error")] + [DataRow(HostModeType.Production, EasyAuthType.AppService, true, false, DisplayName = "AppService Prod - EnvVars - Error")] + [DataRow(HostModeType.Development, EasyAuthType.StaticWebApps, false, false, DisplayName = "SWA Dev - No EnvVars - No Error")] + [DataRow(HostModeType.Development, EasyAuthType.StaticWebApps, true, false, DisplayName = "SWA Dev - EnvVars - No Error")] + [DataRow(HostModeType.Production, EasyAuthType.StaticWebApps, false, false, DisplayName = "SWA Prod - No EnvVars - No Error")] + [DataRow(HostModeType.Production, EasyAuthType.StaticWebApps, true, false, DisplayName = "SWA Prod - EnvVars - No Error")] + public void TestProductionModeAppServiceEnvironmentCheck(HostModeType hostMode, EasyAuthType authType, bool setEnvVars, bool expectError) + { + // Clears or sets App Service Environment Variables based on test input. + Environment.SetEnvironmentVariable(AppServiceAuthenticationInfo.APPSERVICESAUTH_ENABLED_ENVVAR, setEnvVars ? "true" : null); + Environment.SetEnvironmentVariable(AppServiceAuthenticationInfo.APPSERVICESAUTH_IDENTITYPROVIDER_ENVVAR, setEnvVars ? "AzureActiveDirectory" : null); + + RuntimeConfigProvider configProvider = TestHelper.GetRuntimeConfigProvider(MSSQL_ENVIRONMENT); + RuntimeConfig config = configProvider.GetRuntimeConfiguration(); + + // Setup configuration + AuthenticationConfig authenticationConfig = new(Provider: authType.ToString()); + HostGlobalSettings customHostGlobalSettings = config.HostGlobalSettings with { Mode = hostMode, Authentication = authenticationConfig }; + JsonElement serializedCustomHostGlobalSettings = JsonSerializer.SerializeToElement(customHostGlobalSettings, RuntimeConfig.SerializerOptions); + Dictionary customRuntimeSettings = new(config.RuntimeSettings); + customRuntimeSettings.Remove(GlobalSettingsType.Host); + customRuntimeSettings.Add(GlobalSettingsType.Host, serializedCustomHostGlobalSettings); + RuntimeConfig configWithCustomHostMode = config with { RuntimeSettings = customRuntimeSettings }; + + const string CUSTOM_CONFIG = "custom-config.json"; + File.WriteAllText(path: CUSTOM_CONFIG, contents: JsonSerializer.Serialize(configWithCustomHostMode, RuntimeConfig.SerializerOptions)); + string[] args = new[] + { + $"--ConfigFileName={CUSTOM_CONFIG}" + }; + + // This test only checks for startup errors, so no requests are sent to the test server. + try + { + using TestServer server = new(Program.CreateWebHostBuilder(args)); + Assert.IsFalse(expectError, message: "Expected error faulting AppService config in production mode." ); + } + catch(DataApiBuilderException ex) + { + Assert.IsTrue(expectError, message: ex.Message); + Assert.AreEqual(AppServiceAuthenticationInfo.APPSERVICE_PROD_MISSING_ENV_CONFIG, ex.Message); + } + } + /// /// Integration test that validates schema introspection requests fail /// when allow-introspection is false in the runtime configuration. diff --git a/src/Service/AuthenticationHelpers/AppServicesAuthenticationInformation.cs b/src/Service/AuthenticationHelpers/AppServiceAuthenticationInformation.cs similarity index 71% rename from src/Service/AuthenticationHelpers/AppServicesAuthenticationInformation.cs rename to src/Service/AuthenticationHelpers/AppServiceAuthenticationInformation.cs index 54938feace..e6200d2ed3 100644 --- a/src/Service/AuthenticationHelpers/AppServicesAuthenticationInformation.cs +++ b/src/Service/AuthenticationHelpers/AppServiceAuthenticationInformation.cs @@ -3,21 +3,24 @@ namespace Azure.DataApiBuilder.Service.AuthenticationHelpers { /// - /// Information about the App Services configuration on the host. This class is an abridged mirror of + /// Info about the App Services configuration on the host. This class is an abridged mirror of /// Microsoft.Identity.Web's AppServicesAuthenticationInformation.cs helper class used to /// detect whether the app is running in an Azure App Service environment. /// /// - public static class AppServicesAuthenticationInformation + public static class AppServiceAuthenticationInfo { /// /// Environment variable key whose value represents whether AppService EasyAuth is enabled ("true" or "false"). /// - private const string APPSERVICESAUTH_ENABLED_ENVIRONMENTVARIABLE = "WEBSITE_AUTH_ENABLED"; + public const string APPSERVICESAUTH_ENABLED_ENVVAR = "WEBSITE_AUTH_ENABLED"; /// /// Environment variable key whose value represents Identity Provider such as "AzureActiveDirectory" /// - private const string APPSERVICESAUTH_IDENTITYPROVIDER_ENVIRONMENTVARIABLE = "WEBSITE_AUTH_DEFAULT_PROVIDER"; + public const string APPSERVICESAUTH_IDENTITYPROVIDER_ENVVAR = "WEBSITE_AUTH_DEFAULT_PROVIDER"; + + public const string APPSERVICE_PROD_MISSING_ENV_CONFIG = "AppService environment not detected while runtime is in production mode."; + public const string APPSERVICE_DEV_MISSING_ENV_CONFIG = "AppService environment not detected, EasyAuth authentication may not behave as expected."; /// /// Returns a best guess whether AppService is enabled in the environment by checking for @@ -30,8 +33,8 @@ public static class AppServicesAuthenticationInformation /// public static bool AreExpectedAppServiceEnvVarsPresent() { - string? appServiceEnabled = Environment.GetEnvironmentVariable(APPSERVICESAUTH_ENABLED_ENVIRONMENTVARIABLE); - string? appServiceIdentityProvider = Environment.GetEnvironmentVariable(APPSERVICESAUTH_IDENTITYPROVIDER_ENVIRONMENTVARIABLE); + string? appServiceEnabled = Environment.GetEnvironmentVariable(APPSERVICESAUTH_ENABLED_ENVVAR); + string? appServiceIdentityProvider = Environment.GetEnvironmentVariable(APPSERVICESAUTH_IDENTITYPROVIDER_ENVVAR); if (string.IsNullOrEmpty(appServiceEnabled) || string.IsNullOrEmpty(appServiceIdentityProvider)) { diff --git a/src/Service/Startup.cs b/src/Service/Startup.cs index 37e6b47476..272c06c67d 100644 --- a/src/Service/Startup.cs +++ b/src/Service/Startup.cs @@ -406,20 +406,20 @@ private void ConfigureAuthentication(IServiceCollection services, RuntimeConfigP { EasyAuthType easyAuthType = (EasyAuthType)Enum.Parse(typeof(EasyAuthType), runtimeConfig.AuthNConfig.Provider, ignoreCase: true); bool isProductionMode = !runtimeConfigurationProvider.IsDeveloperMode(); - bool appServiceEnvironmentDetected = AppServicesAuthenticationInformation.AreExpectedAppServiceEnvVarsPresent(); + bool appServiceEnvironmentDetected = AppServiceAuthenticationInfo.AreExpectedAppServiceEnvVarsPresent(); if (easyAuthType == EasyAuthType.AppService && !appServiceEnvironmentDetected) { if (isProductionMode) { throw new DataApiBuilderException( - message: "AppService environment not detected while runtime is in production mode.", + message: AppServiceAuthenticationInfo.APPSERVICE_PROD_MISSING_ENV_CONFIG, statusCode: System.Net.HttpStatusCode.ServiceUnavailable, subStatusCode: DataApiBuilderException.SubStatusCodes.ErrorInInitialization); } else { - _logger.LogWarning($"AppService environment not detected, EasyAuth authentication may not behave as expected."); + _logger.LogWarning(AppServiceAuthenticationInfo.APPSERVICE_DEV_MISSING_ENV_CONFIG); } } From d2862358e7807a767fdcff8179bf006ef22d52c3 Mon Sep 17 00:00:00 2001 From: Sean Leonard Date: Fri, 2 Dec 2022 13:27:30 -0800 Subject: [PATCH 5/7] Updated constant comments. --- .../AppServiceAuthenticationInformation.cs | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/Service/AuthenticationHelpers/AppServiceAuthenticationInformation.cs b/src/Service/AuthenticationHelpers/AppServiceAuthenticationInformation.cs index e6200d2ed3..eb4675a91c 100644 --- a/src/Service/AuthenticationHelpers/AppServiceAuthenticationInformation.cs +++ b/src/Service/AuthenticationHelpers/AppServiceAuthenticationInformation.cs @@ -18,8 +18,13 @@ public static class AppServiceAuthenticationInfo /// Environment variable key whose value represents Identity Provider such as "AzureActiveDirectory" /// public const string APPSERVICESAUTH_IDENTITYPROVIDER_ENVVAR = "WEBSITE_AUTH_DEFAULT_PROVIDER"; - + /// + /// Error message used when AppService Authentication is configured in production mode in a non AppService Environment. + /// public const string APPSERVICE_PROD_MISSING_ENV_CONFIG = "AppService environment not detected while runtime is in production mode."; + /// + /// Warning message logged when AppService environment not detected (applicable to development mode). + /// public const string APPSERVICE_DEV_MISSING_ENV_CONFIG = "AppService environment not detected, EasyAuth authentication may not behave as expected."; /// From 0ecb57a251b59f5db96a8fac2c9e4b9bbfc4aae6 Mon Sep 17 00:00:00 2001 From: Sean Leonard Date: Fri, 2 Dec 2022 13:56:35 -0800 Subject: [PATCH 6/7] Add correct spacing. --- src/Service.Tests/Configuration/ConfigurationTests.cs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Service.Tests/Configuration/ConfigurationTests.cs b/src/Service.Tests/Configuration/ConfigurationTests.cs index 6613024cee..bc641f1d23 100644 --- a/src/Service.Tests/Configuration/ConfigurationTests.cs +++ b/src/Service.Tests/Configuration/ConfigurationTests.cs @@ -859,9 +859,9 @@ public void TestProductionModeAppServiceEnvironmentCheck(HostModeType hostMode, try { using TestServer server = new(Program.CreateWebHostBuilder(args)); - Assert.IsFalse(expectError, message: "Expected error faulting AppService config in production mode." ); + Assert.IsFalse(expectError, message: "Expected error faulting AppService config in production mode."); } - catch(DataApiBuilderException ex) + catch (DataApiBuilderException ex) { Assert.IsTrue(expectError, message: ex.Message); Assert.AreEqual(AppServiceAuthenticationInfo.APPSERVICE_PROD_MISSING_ENV_CONFIG, ex.Message); From b82da8f978a0c9a4e11deff3fe86d3d9a8e28ce8 Mon Sep 17 00:00:00 2001 From: Sean Leonard Date: Fri, 2 Dec 2022 16:21:07 -0800 Subject: [PATCH 7/7] add test category for CI/CD pipeline tests. --- src/Service.Tests/Configuration/ConfigurationTests.cs | 1 + 1 file changed, 1 insertion(+) diff --git a/src/Service.Tests/Configuration/ConfigurationTests.cs b/src/Service.Tests/Configuration/ConfigurationTests.cs index bc641f1d23..5692311c73 100644 --- a/src/Service.Tests/Configuration/ConfigurationTests.cs +++ b/src/Service.Tests/Configuration/ConfigurationTests.cs @@ -822,6 +822,7 @@ public async Task TestPathRewriteMiddlewareForGraphQL( /// Whether to set the AppService host environment variables. /// Whether an error is expected. [DataTestMethod] + [TestCategory(TestCategory.MSSQL)] [DataRow(HostModeType.Development, EasyAuthType.AppService, false, false, DisplayName = "AppService Dev - No EnvVars - No Error")] [DataRow(HostModeType.Development, EasyAuthType.AppService, true, false, DisplayName = "AppService Dev - EnvVars - No Error")] [DataRow(HostModeType.Production, EasyAuthType.AppService, false, true, DisplayName = "AppService Prod - No EnvVars - Error")]