context("AAD tokens") test_that("normalize_cluster handles clusters with location", { cluster_name <- normalize_cluster("help", normalize_location("westus")) expect_equal(cluster_name, "help.westus") }) test_that("normalize_cluster handles clusters with location inside the cluster name", { cluster_name <- normalize_cluster("help.westus") expect_equal(cluster_name, "help.westus") }) test_that("normalize_cluster handles clusters without location", { cluster_name <- normalize_cluster("help") expect_equal(cluster_name, "help") }) tenant <- Sys.getenv("AZ_TEST_TENANT_ID") app <- Sys.getenv("AZ_TEST_APP_ID") password <- Sys.getenv("AZ_TEST_PASSWORD") if(tenant == "" || app == "" || password == "") skip("Tests skipped: ARM credentials not set") # use persistent testing server srvname <- Sys.getenv("AZ_TEST_KUSTO_SERVER") srvloc <- Sys.getenv("AZ_TEST_KUSTO_SERVER_LOCATION") if(srvname == "" || srvloc == "") skip("Token acquisition tests skipped: server info not set") if(!interactive()) skip("Token acquisition tests skipped: must be an interactive session") # remove all cached Kusto tokens before testing lapply(AzureAuth::list_azure_tokens(), function(token) { hash <- token$hash() name_suffix <- "kusto\\.windows\\.net" if((!is.null(token$resource) && grepl(name_suffix, token$resource)) || (!is.null(token$scope) && grepl(name_suffix, token$scope)) || (!is.null(token$credentials$resource) && grepl(name_suffix, token$credentials$resource))) file.remove(file.path(AzureAuth::AzureR_dir(), hash)) }) # should only get one devicecode prompt here test_that("Obtaining token from KustoClient works", { tok1 <- get_kusto_token(clustername=srvname, location=srvloc, tenant=tenant) expect_true(AzureAuth::is_azure_token(tok1)) srvuri <- sprintf("https://%s.%s.kusto.windows.net", srvname, srvloc) tok2 <- get_kusto_token(srvuri, tenant=tenant) expect_true(AzureAuth::is_azure_token(tok2)) expect_identical(tok1$hash(), tok2$hash()) expect_identical(tok1$hash(), tok2$hash()) Sys.setenv(AZ_TEST_KUSTO_TOKEN_HASH=tok1$hash()) expire <- as.numeric(tok1$credentials$expires_on) Sys.sleep(5) tok1$refresh() expect_true(as.numeric(tok1$credentials$expires_on) > expire) toks <- list_kusto_tokens() expect_true(is.list(toks) && all(sapply(toks, AzureAuth::is_azure_token))) }) test_that("Obtaining token from own app works", { tok1 <- get_kusto_token(clustername=srvname, location=srvloc, tenant=tenant, app=app, password=password) expect_true(AzureAuth::is_azure_token(tok1)) srvuri <- sprintf("https://%s.%s.kusto.windows.net", srvname, srvloc) tok2 <- get_kusto_token(srvuri, tenant=tenant, app=app, password=password) expect_true(AzureAuth::is_azure_token(tok2)) expect_identical(tok1$hash(), tok2$hash()) expect_identical(tok1$hash(), tok2$hash()) }) # should get one devicecode prompt here test_that("Obtaining token for common tenant works", { srvuri <- sprintf("https://%s.%s.kusto.windows.net", srvname, srvloc) tok <- get_kusto_token(srvuri) expect_true(AzureAuth::is_azure_token(tok)) }) Sys.unsetenv("AZ_TEST_KUSTO_TOKEN_HASH")