Skip to content

[Identity] Test improvements #15999

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
sadasant merged 4 commits into from
Jun 25, 2021
Merged

[Identity] Test improvements #15999

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
2d0b47e
[Identity] Test improvements
sadasant Jun 25, 2021
dccf43f
temporary node 16 fix
sadasant Jun 25, 2021
2bb1929
Since unhandled promise rejections are not supported in Node 16, tick…
sadasant Jun 25, 2021
43f4118
fix the test
HarshaNalluru Jun 25, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 11 additions & 19 deletions sdk/identity/identity/test/internal/node/managedIdentityCredential.spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,6 @@ interface AuthRequestDetails {
describe("ManagedIdentityCredential", function() {
let envCopy: string = "";
let sandbox: Sinon.SinonSandbox;
let clock: Sinon.SinonFakeTimers;

beforeEach(() => {
envCopy = JSON.stringify(process.env);
Expand All @@ -39,10 +38,6 @@ describe("ManagedIdentityCredential", function() {
delete process.env.IDENTITY_SERVER_THUMBPRINT;
delete process.env.IMDS_ENDPOINT;
sandbox = Sinon.createSandbox();
clock = sandbox.useFakeTimers({
now: Date.now(),
shouldAdvanceTime: true
});
});
afterEach(() => {
const env = JSON.parse(envCopy);
Expand All @@ -53,7 +48,6 @@ describe("ManagedIdentityCredential", function() {
process.env.IDENTITY_SERVER_THUMBPRINT = env.IDENTITY_SERVER_THUMBPRINT;
process.env.IMDS_ENDPOINT = env.IMDS_ENDPOINT;
sandbox.restore();
clock.restore();
});

it("sends an authorization request with a modified resource name", async function() {
Expand Down Expand Up @@ -232,12 +226,16 @@ describe("ManagedIdentityCredential", function() {
...mockHttpClient.tokenCredentialOptions
});

const promise = credential.getToken("scopes");
// Sinon's clock has some issues with Node 16.
// If we remove this conditional on Node 16, we get the following error:
// PromiseRejection HandledWarning: Promise rejection was handled asynchronously
// It will point to the `await promise` line below.
const clock = process.version.startsWith("v16") ? undefined : sandbox.useFakeTimers();
Copy link
Member

@richardpark-msft richardpark-msft Jun 25, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could be a nice follow up item to submit a bug to sinon.

Copy link
Contributor

@HarshaNalluru HarshaNalluru Jun 25, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is the point of using the clock?

Copy link
Contributor Author

@sadasant sadasant Jun 25, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am trying to narrow this down to an actual bug outside of our tests. It’s a bit challenging. Once I have it narrowed down, I’ll make an issue on Sinon (or perhaps do changes in our code to fix it? I don’t know yet).


imdsMsiRetryConfig.startDelayInMs = 80; // 800ms / 10
const promise = credential.getToken("scopes");

// 800ms -> 1600ms -> 3200ms, results in 6400ms, / 10 = 640ms
clock.tick(640);
// 800ms -> 1600ms -> 3200ms, results in 6400ms
await clock?.tickAsync(6400);
Copy link
Member

@richardpark-msft richardpark-msft Jun 25, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are the numbers retry timeouts or something? Some context on what you're advancing would be good.

Copy link
Contributor Author

@sadasant sadasant Jun 25, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This test checks that an error is thrown after we have a repeated number of responses with 404. The timeout comes from a exponential retry policy that applies for this IMDS MSI, that increases on each retry.


await assertRejects(
promise,
Expand All @@ -246,6 +244,8 @@ describe("ManagedIdentityCredential", function() {
`Failed to retrieve IMDS token after ${imdsMsiRetryConfig.maxRetries} retries.`
) > -1
);

clock?.restore();
});

// Unavailable exception throws while IMDS endpoint is unavailable. This test not valid.
Expand Down Expand Up @@ -397,15 +397,7 @@ describe("ManagedIdentityCredential", function() {
);

assert.equal(authRequest.headers.get("Authorization"), `Basic ${key}`);
if (authDetails.token) {
// We use Date.now underneath.
assert.equal(
Math.floor(authDetails.token.expiresOnTimestamp / 1000000),
Math.floor(Date.now() / 1000000)
);
} else {
assert.fail("No token was returned!");
}
assert.ok(authDetails.token?.expiresOnTimestamp);
Copy link
Contributor Author

@sadasant sadasant Jun 25, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There’s really no reason to test the contents of expiresOnTimestamp. We define this value in our test utilities. The processing of the request will take a variable time depending on the environment (Node, VM, etc)

} finally {
unlinkSync(tempFile);
rmdirSync(tempDir);
Expand Down
7 changes: 5 additions & 2 deletions sdk/identity/identity/test/public/node/clientSecretCredential.spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
/* eslint-disable @typescript-eslint/no-non-null-asserted-optional-chain */

import assert from "assert";
import { env, delay, isLiveMode } from "@azure/test-utils-recorder";
import { env, delay, isRecordMode } from "@azure/test-utils-recorder";
import { AbortController } from "@azure/abort-controller";
import { MsalTestCleanup, msalNodeTestSetup, testTracing } from "../../msalTestUtils";
import { ClientSecretCredential, RegionalAuthority } from "../../../src";
Expand Down Expand Up @@ -83,7 +83,10 @@ describe("ClientSecretCredential", function() {
);

it("supports specifying the regional authority", async function(this: Context) {
if (isLiveMode()) {
// This test is extremely slow. Let's skip it for now.
// I've tried Sinon's clock and it doesn't affect it.
// We have internal tests that check that the parameters are properly sent to MSAL, which should be enough from the perspective of the SDK.
if (!isRecordMode()) {
this.skip();
}

Expand Down