diff --git a/sdk/keyvault/azure-security-keyvault-jca/CHANGELOG.md b/sdk/keyvault/azure-security-keyvault-jca/CHANGELOG.md index 6c31e6e4b512..eba467d77c9f 100644 --- a/sdk/keyvault/azure-security-keyvault-jca/CHANGELOG.md +++ b/sdk/keyvault/azure-security-keyvault-jca/CHANGELOG.md @@ -1,15 +1,15 @@ # Release History -## 2.9.0-beta.1 (Unreleased) +## 2.9.0-beta.1 (2024-05-15) ### Features Added - -### Breaking Changes - -### Bugs Fixed +- Added support for providing a custom login URI to get access tokens from via the system property `azure.login.uri`. ### Other Changes +#### Dependency Updates +- Upgraded `conscrypt-openjdk-uber` from `2.2.1` to version `2.5.2`. + ## 2.8.1 (2023-12-04) ### Other Changes diff --git a/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultKeyStore.java b/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultKeyStore.java index ce675a3d35ad..965f52365788 100644 --- a/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultKeyStore.java +++ b/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultKeyStore.java @@ -7,15 +7,16 @@ import com.azure.security.keyvault.jca.implementation.certificates.JreCertificates; import com.azure.security.keyvault.jca.implementation.certificates.KeyVaultCertificates; import com.azure.security.keyvault.jca.implementation.certificates.SpecificPathCertificates; + import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; +import java.security.Key; import java.security.KeyStore; +import java.security.KeyStoreException; import java.security.KeyStoreSpi; import java.security.NoSuchAlgorithmException; -import java.security.KeyStoreException; import java.security.UnrecoverableEntryException; -import java.security.Key; import java.security.cert.Certificate; import java.security.cert.CertificateException; import java.util.ArrayList; @@ -25,8 +26,8 @@ import java.util.Enumeration; import java.util.HashMap; import java.util.List; -import java.util.Objects; import java.util.Map; +import java.util.Objects; import java.util.Optional; import java.util.logging.Logger; import java.util.stream.Stream; @@ -123,6 +124,7 @@ public KeyVaultKeyStore() { LOGGER.log(FINE, "Constructing KeyVaultKeyStore."); creationDate = new Date(); String keyVaultUri = System.getProperty("azure.keyvault.uri"); + String loginUri = System.getProperty("azure.login.uri"); String tenantId = System.getProperty("azure.keyvault.tenant-id"); String clientId = System.getProperty("azure.keyvault.client-id"); String clientSecret = System.getProperty("azure.keyvault.client-secret"); @@ -140,7 +142,7 @@ public KeyVaultKeyStore() { customCertificates = SpecificPathCertificates.getSpecificPathCertificates(customPath); LOGGER.log(FINE, String.format("Loaded custom certificates: %s.", customCertificates.getAliases())); keyVaultCertificates = new KeyVaultCertificates( - refreshInterval, keyVaultUri, tenantId, clientId, clientSecret, managedIdentity); + refreshInterval, keyVaultUri, loginUri, tenantId, clientId, clientSecret, managedIdentity); LOGGER.log(FINE, String.format("Loaded Key Vault certificates: %s.", keyVaultCertificates.getAliases())); classpathCertificates = new ClasspathCertificates(); LOGGER.log(FINE, String.format("Loaded classpath certificates: %s.", classpathCertificates.getAliases())); @@ -171,11 +173,14 @@ public static KeyStore getKeyVaultKeyStoreBySystemProperty() throws CertificateE KeyStore keyStore = KeyStore.getInstance(KeyVaultJcaProvider.PROVIDER_NAME); KeyVaultLoadStoreParameter parameter = new KeyVaultLoadStoreParameter( System.getProperty("azure.keyvault.uri"), + System.getProperty("azure.login.uri"), System.getProperty("azure.keyvault.tenant-id"), System.getProperty("azure.keyvault.client-id"), System.getProperty("azure.keyvault.client-secret"), System.getProperty("azure.keyvault.managed-identity")); + keyStore.load(parameter); + return keyStore; } @@ -363,17 +368,19 @@ public boolean engineIsKeyEntry(String alias) { /** * Loads the keystore using the given {@code KeyStore.LoadStoreParameter}. * - * @param param the {@code KeyStore.LoadStoreParameter} - * that specifies how to load the keystore, - * which may be {@code null} + * @param param the {@code KeyStore.LoadStoreParameter} that specifies how to load the keystore, which may be + * {@code null}. */ @Override public void engineLoad(KeyStore.LoadStoreParameter param) { if (param instanceof KeyVaultLoadStoreParameter) { KeyVaultLoadStoreParameter parameter = (KeyVaultLoadStoreParameter) param; - keyVaultCertificates.updateKeyVaultClient(parameter.getUri(), parameter.getTenantId(), - parameter.getClientId(), parameter.getClientSecret(), parameter.getManagedIdentity()); + + keyVaultCertificates.updateKeyVaultClient( + parameter.getUri(), parameter.getLoginUri(), parameter.getTenantId(), parameter.getClientId(), + parameter.getClientSecret(), parameter.getManagedIdentity()); } + classpathCertificates.loadCertificatesFromClasspath(); } diff --git a/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultLoadStoreParameter.java b/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultLoadStoreParameter.java index c39012b098d3..e70a14be3f5f 100644 --- a/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultLoadStoreParameter.java +++ b/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultLoadStoreParameter.java @@ -13,9 +13,14 @@ public final class KeyVaultLoadStoreParameter implements KeyStore.LoadStoreParameter { /** - * Stores the URI. + * Stores the Key Vault URI. */ - private final String uri; + private final String keyVaultUri; + + /** + * Stores the Azure login URI. + */ + private final String loginUri; /** * Stores the tenant id. @@ -23,7 +28,7 @@ public final class KeyVaultLoadStoreParameter implements KeyStore.LoadStoreParam private final String tenantId; /** - * Stores the client ID. + * Stores the client id. */ private final String clientId; @@ -33,52 +38,67 @@ public final class KeyVaultLoadStoreParameter implements KeyStore.LoadStoreParam private final String clientSecret; /** - * Stores the user-assigned identity. + * Stores the user-assigned Managed Identity. */ private final String managedIdentity; /** * Constructor. * - * @param uri the Azure Key Vault URI. + * @param keyVaultUri The Azure Key Vault URI. */ - public KeyVaultLoadStoreParameter(String uri) { - this(uri, null, null, null, null); + public KeyVaultLoadStoreParameter(String keyVaultUri) { + this(keyVaultUri, null, null, null, null, null); } /** * Constructor. * - * @param uri the Azure Key Vault URI. - * @param managedIdentity the managed identity. + * @param keyVaultUri the Azure Key Vault URI. + * @param managedIdentity The Managed Identity. */ - public KeyVaultLoadStoreParameter(String uri, String managedIdentity) { - this(uri, null, null, null, managedIdentity); + public KeyVaultLoadStoreParameter(String keyVaultUri, String managedIdentity) { + this(keyVaultUri, null, null, null, null, managedIdentity); } /** * Constructor. * - * @param uri the Azure Key Vault URI. - * @param tenantId the tenant ID. - * @param clientId the client ID. - * @param clientSecret the client secret. + * @param keyVaultUri the Azure Key Vault URI. + * @param tenantId The tenant id. + * @param clientId The client id. + * @param clientSecret The client secret. */ - public KeyVaultLoadStoreParameter(String uri, String tenantId, String clientId, String clientSecret) { - this(uri, tenantId, clientId, clientSecret, null); + public KeyVaultLoadStoreParameter(String keyVaultUri, String tenantId, String clientId, String clientSecret) { + this(keyVaultUri, null, tenantId, clientId, clientSecret, null); } /** * Constructor. * - * @param uri the Azure Key Vault URI. - * @param tenantId the tenant ID. - * @param clientId the client ID. - * @param clientSecret the client secret. - * @param managedIdentity the managedIdentity. - */ - public KeyVaultLoadStoreParameter(String uri, String tenantId, String clientId, String clientSecret, String managedIdentity) { - this.uri = uri; + * @param keyVaultUri the Azure Key Vault URI. + * @param tenantId The tenant id. + * @param clientId The client id. + * @param clientSecret The client secret. + * @param managedIdentity The Managed Identity. + */ + public KeyVaultLoadStoreParameter(String keyVaultUri, String tenantId, String clientId, String clientSecret, String managedIdentity) { + this(keyVaultUri, null, tenantId, clientId, clientSecret, managedIdentity); + } + + /** + * Constructor. + * + * @param keyVaultUri the Azure Key Vault URI. + * @param loginUri The Azure login URI. + * @param tenantId The tenant id. + * @param clientId The client id. + * @param clientSecret The client secret. + * @param managedIdentity The Managed Identity. + */ + public KeyVaultLoadStoreParameter(String keyVaultUri, String loginUri, String tenantId, String clientId, String clientSecret, String managedIdentity) { + this.keyVaultUri = keyVaultUri; + this.loginUri = loginUri; this.tenantId = tenantId; this.clientId = clientId; this.clientSecret = clientSecret; @@ -88,7 +108,7 @@ public KeyVaultLoadStoreParameter(String uri, String tenantId, String clientId, /** * Get the protection parameter. * - * @return null + * @return {@code null}. */ @Override public KeyStore.ProtectionParameter getProtectionParameter() { @@ -98,7 +118,7 @@ public KeyStore.ProtectionParameter getProtectionParameter() { /** * Get the client id. * - * @return the client id. + * @return The client id. */ public String getClientId() { return clientId; @@ -107,7 +127,7 @@ public String getClientId() { /** * Get the client secret. * - * @return the client secret. + * @return The client secret. */ public String getClientSecret() { return clientSecret; @@ -116,7 +136,7 @@ public String getClientSecret() { /** * Get the managed identity. * - * @return the managed identity. + * @return The Managed Identity. */ public String getManagedIdentity() { return managedIdentity; @@ -125,18 +145,27 @@ public String getManagedIdentity() { /** * Get the tenant id. * - * @return the tenant id. + * @return The tenant id. */ public String getTenantId() { return tenantId; } /** - * Get the uri. + * Get the Azure Key Vault URI. * - * @return the URI. + * @return The Azure Key Vault URI. */ public String getUri() { - return uri; + return keyVaultUri; + } + + /** + * Get the Azure login URI. + * + * @return The Azure login URI. + */ + public String getLoginUri() { + return loginUri; } } diff --git a/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/implementation/KeyVaultClient.java b/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/implementation/KeyVaultClient.java index ee1885e8adec..3f93ebbb5223 100644 --- a/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/implementation/KeyVaultClient.java +++ b/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/implementation/KeyVaultClient.java @@ -18,6 +18,8 @@ import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.StringReader; +import java.net.URI; +import java.net.URISyntaxException; import java.net.URLEncoder; import java.security.Key; import java.security.KeyFactory; @@ -88,14 +90,14 @@ public static String getAADLoginURIByKeyVaultBaseUri(String keyVaultBaseUri) { private final String keyVaultBaseUri; /** - * Stores the Azure Key Vault URL. + * Stores the Azure Key Vault URI. */ - private final String keyVaultUrl; + private final String keyVaultUri; /** * Stores the AAD authentication URL (or null to default to Azure Public Cloud). */ - private final String aadAuthenticationUrl; + private final String aadAuthenticationUri; /** * Stores the tenant ID. @@ -129,7 +131,7 @@ public static String getAADLoginURIByKeyVaultBaseUri(String keyVaultBaseUri) { * @param managedIdentity the user-assigned managed identity object ID. */ KeyVaultClient(String keyVaultUri, String managedIdentity) { - this(keyVaultUri, null, null, null, managedIdentity); + this(keyVaultUri, null, null, null, null, managedIdentity); } /** @@ -141,7 +143,7 @@ public static String getAADLoginURIByKeyVaultBaseUri(String keyVaultBaseUri) { * @param clientSecret the client secret. */ public KeyVaultClient(String keyVaultUri, String tenantId, String clientId, String clientSecret) { - this(keyVaultUri, tenantId, clientId, clientSecret, null); + this(keyVaultUri, null, tenantId, clientId, clientSecret, null); } @@ -154,19 +156,25 @@ public KeyVaultClient(String keyVaultUri, String tenantId, String clientId, Stri * @param clientSecret the client secret. * @param managedIdentity the user-assigned managed identity object ID. */ - public KeyVaultClient(String keyVaultUri, String tenantId, String clientId, String clientSecret, String managedIdentity) { + public KeyVaultClient(String keyVaultUri, String loginUri, String tenantId, String clientId, String clientSecret, + String managedIdentity) { LOGGER.log(INFO, "Using Azure Key Vault: {0}", keyVaultUri); + if (!keyVaultUri.endsWith("/")) { keyVaultUri = keyVaultUri + "/"; } - this.keyVaultUrl = keyVaultUri; + + this.keyVaultUri = keyVaultUri; // Base Uri shouldn't end with a slash. String domainNameSuffix = Optional.of(keyVaultUri) .map(uri -> uri.split("\\.", 2)[1]) .map(suffix -> suffix.substring(0, suffix.length() - 1)) .orElse(null); - keyVaultBaseUri = HTTPS_PREFIX + domainNameSuffix; - aadAuthenticationUrl = getAADLoginURIByKeyVaultBaseUri(keyVaultBaseUri); + this.keyVaultBaseUri = validateUri(HTTPS_PREFIX + domainNameSuffix, "Key Vault URI"); + this.aadAuthenticationUri = addTrailingSlashIfRequired( + loginUri != null + ? validateUri(loginUri, "Login URI") // Validate any user-provided login URI. + : getAADLoginURIByKeyVaultBaseUri(keyVaultBaseUri)); // These are all valid URIs. this.tenantId = tenantId; this.clientId = clientId; @@ -176,11 +184,49 @@ public KeyVaultClient(String keyVaultUri, String tenantId, String clientId, Stri public static KeyVaultClient createKeyVaultClientBySystemProperty() { String keyVaultUri = System.getProperty("azure.keyvault.uri"); + String loginUri = System.getProperty("azure.login.uri"); String tenantId = System.getProperty("azure.keyvault.tenant-id"); String clientId = System.getProperty("azure.keyvault.client-id"); String clientSecret = System.getProperty("azure.keyvault.client-secret"); String managedIdentity = System.getProperty("azure.keyvault.managed-identity"); - return new KeyVaultClient(keyVaultUri, tenantId, clientId, clientSecret, managedIdentity); + + return new KeyVaultClient(keyVaultUri, loginUri, tenantId, clientId, clientSecret, managedIdentity); + } + + private String validateUri(String uri, String propertyName) { + if (uri == null) { // Should the login URI be allowed to be null to default to Azure Public Cloud? + StringBuilder messageBuilder = new StringBuilder(); + + if (propertyName != null) { + messageBuilder.append(propertyName); + } else { + messageBuilder.append("Provided URI "); + } + + messageBuilder.append("cannot be null."); + + throw new NullPointerException(messageBuilder.toString()); + } + + if (!uri.startsWith(HTTPS_PREFIX)) { + throw new IllegalArgumentException("Provided URI '" + uri + "' must start with 'https://'."); + } + + try { + new URI(uri); + } catch (URISyntaxException e) { + throw new IllegalArgumentException("Provided URI '" + uri + "' is not a valid URI."); + } + + return uri; + } + + private String addTrailingSlashIfRequired(String uri) { + if (!uri.endsWith("/")) { + return uri + "/"; + } + + return uri; } /** @@ -211,7 +257,7 @@ private AccessToken getAccessTokenByHttpRequest() { } if (tenantId != null && clientId != null && clientSecret != null) { - accessToken = AccessTokenUtil.getAccessToken(resource, aadAuthenticationUrl, tenantId, clientId, + accessToken = AccessTokenUtil.getAccessToken(resource, aadAuthenticationUri, tenantId, clientId, clientSecret); } else { accessToken = AccessTokenUtil.getAccessToken(resource, managedIdentity); @@ -232,7 +278,7 @@ public List getAliases() { ArrayList result = new ArrayList<>(); HashMap headers = new HashMap<>(); headers.put("Authorization", "Bearer " + getAccessToken()); - String url = String.format("%scertificates%s", keyVaultUrl, API_VERSION_POSTFIX); + String url = String.format("%scertificates%s", keyVaultUri, API_VERSION_POSTFIX); while (url != null && url.length() != 0) { String response = HttpUtil.get(url, headers); @@ -265,7 +311,7 @@ private CertificateBundle getCertificateBundle(String alias) { CertificateBundle result = null; HashMap headers = new HashMap<>(); headers.put("Authorization", "Bearer " + getAccessToken()); - String url = String.format("%scertificates/%s%s", keyVaultUrl, alias, API_VERSION_POSTFIX); + String url = String.format("%scertificates/%s%s", keyVaultUri, alias, API_VERSION_POSTFIX); String response = HttpUtil.get(url, headers); if (response != null) { result = (CertificateBundle) JsonConverterUtil.fromJson(response, CertificateBundle.class); @@ -442,7 +488,7 @@ String getKeyVaultBaseUri() { return keyVaultBaseUri; } - String getAadAuthenticationUrl() { - return aadAuthenticationUrl; + String getAadAuthenticationUri() { + return aadAuthenticationUri; } } diff --git a/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/implementation/certificates/KeyVaultCertificates.java b/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/implementation/certificates/KeyVaultCertificates.java index 46e529831e5f..5555d2b39620 100644 --- a/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/implementation/certificates/KeyVaultCertificates.java +++ b/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/implementation/certificates/KeyVaultCertificates.java @@ -45,13 +45,14 @@ public final class KeyVaultCertificates implements AzureCertificates { private final long refreshInterval; public KeyVaultCertificates(long refreshInterval, - String keyVaultUri, - String tenantId, - String clientId, - String clientSecret, - String managedIdentity) { + String keyVaultUri, + String loginUri, + String tenantId, + String clientId, + String clientSecret, + String managedIdentity) { this.refreshInterval = refreshInterval; - updateKeyVaultClient(keyVaultUri, tenantId, clientId, clientSecret, managedIdentity); + updateKeyVaultClient(keyVaultUri, loginUri, tenantId, clientId, clientSecret, managedIdentity); } public KeyVaultCertificates(long refreshInterval, KeyVaultClient keyVaultClient) { @@ -69,12 +70,14 @@ public KeyVaultCertificates(long refreshInterval, KeyVaultClient keyVaultClient) * @param managedIdentity managed identity */ public void updateKeyVaultClient(String keyVaultUri, + String loginUri, String tenantId, String clientId, String clientSecret, String managedIdentity) { if (keyVaultUri != null) { - keyVaultClient = new KeyVaultClient(keyVaultUri, tenantId, clientId, clientSecret, managedIdentity); + keyVaultClient = + new KeyVaultClient(keyVaultUri, loginUri, tenantId, clientId, clientSecret, managedIdentity); } else { keyVaultClient = null; } diff --git a/sdk/keyvault/azure-security-keyvault-jca/src/test/java/com/azure/security/keyvault/jca/implementation/KeyVaultClientTest.java b/sdk/keyvault/azure-security-keyvault-jca/src/test/java/com/azure/security/keyvault/jca/implementation/KeyVaultClientTest.java index c50dbafb3f6a..eb73b05ee495 100644 --- a/sdk/keyvault/azure-security-keyvault-jca/src/test/java/com/azure/security/keyvault/jca/implementation/KeyVaultClientTest.java +++ b/sdk/keyvault/azure-security-keyvault-jca/src/test/java/com/azure/security/keyvault/jca/implementation/KeyVaultClientTest.java @@ -37,6 +37,9 @@ public class KeyVaultClientTest { private static final String KEY_VAULT_TEST_URI_CN = "https://fake.vault.azure.cn/"; private static final String KEY_VAULT_TEST_URI_US = "https://fake.vault.usgovcloudapi.net/"; private static final String KEY_VAULT_TEST_URI_DE = "https://fake.vault.microsoftazure.de/"; + private static final String KEY_VAULT_TEST_URI_CUSTOM = "https://fake.vault.contoso.net/"; + private static final String KEY_VAULT_TEST_URI_BASE = "https://vault.contoso.net"; + private static final String LOGIN_TEST_URI = "https://fake.login.com"; private KeyVaultClient keyVaultClient; @@ -47,28 +50,42 @@ public class KeyVaultClientTest { public void testInitializationOfGlobalURI() { keyVaultClient = new KeyVaultClient(KEY_VAULT_TEST_URI_GLOBAL, null); Assertions.assertEquals(keyVaultClient.getKeyVaultBaseUri(), KEY_VAULT_BASE_URI_GLOBAL); - Assertions.assertEquals(keyVaultClient.getAadAuthenticationUrl(), AAD_LOGIN_URI_GLOBAL); + Assertions.assertEquals(keyVaultClient.getAadAuthenticationUri(), AAD_LOGIN_URI_GLOBAL); } @Test public void testInitializationOfCNURI() { keyVaultClient = new KeyVaultClient(KEY_VAULT_TEST_URI_CN, null); Assertions.assertEquals(keyVaultClient.getKeyVaultBaseUri(), KEY_VAULT_BASE_URI_CN); - Assertions.assertEquals(keyVaultClient.getAadAuthenticationUrl(), AAD_LOGIN_URI_CN); + Assertions.assertEquals(keyVaultClient.getAadAuthenticationUri(), AAD_LOGIN_URI_CN); } @Test public void testInitializationOfUSURI() { keyVaultClient = new KeyVaultClient(KEY_VAULT_TEST_URI_US, null); Assertions.assertEquals(keyVaultClient.getKeyVaultBaseUri(), KEY_VAULT_BASE_URI_US); - Assertions.assertEquals(keyVaultClient.getAadAuthenticationUrl(), AAD_LOGIN_URI_US); + Assertions.assertEquals(keyVaultClient.getAadAuthenticationUri(), AAD_LOGIN_URI_US); } @Test public void testInitializationOfDEURI() { keyVaultClient = new KeyVaultClient(KEY_VAULT_TEST_URI_DE, null); Assertions.assertEquals(keyVaultClient.getKeyVaultBaseUri(), KEY_VAULT_BASE_URI_DE); - Assertions.assertEquals(keyVaultClient.getAadAuthenticationUrl(), AAD_LOGIN_URI_DE); + Assertions.assertEquals(keyVaultClient.getAadAuthenticationUri(), AAD_LOGIN_URI_DE); + } + + @Test + public void testInitializationOfLoginURI() { + keyVaultClient = new KeyVaultClient(KEY_VAULT_TEST_URI_GLOBAL, LOGIN_TEST_URI, null, null, null, null); + Assertions.assertEquals(keyVaultClient.getKeyVaultBaseUri(), KEY_VAULT_BASE_URI_GLOBAL); + Assertions.assertEquals(keyVaultClient.getAadAuthenticationUri(), LOGIN_TEST_URI + "/"); // We add a trailing slash to the login URI if missing. + } + + @Test + public void testInitializationOfLoginURIWithCustomKeyVaultURI() { + keyVaultClient = new KeyVaultClient(KEY_VAULT_TEST_URI_CUSTOM, LOGIN_TEST_URI, null, null, null, null); + Assertions.assertEquals(keyVaultClient.getKeyVaultBaseUri(), KEY_VAULT_TEST_URI_BASE); + Assertions.assertEquals(keyVaultClient.getAadAuthenticationUri(), LOGIN_TEST_URI + "/"); // We add a trailing slash to the login URI if missing. } @Test