Fixing issue causing deadlocks in AuthorizationLevelAttribute

Author: fabiocav

src/WebJobs.Script.WebHost/Filters/AuthorizationLevelAttribute.cs

@@ -88,7 +88,7 @@ internal static async Task<AuthorizationLevel> GetAuthorizationLevelAsync(HttpRe
                 // if there is a function specific key specified try to match against that
                 if (functionName != null)
                 {
-                    IDictionary<string, string> functionSecrets = secretManager.GetFunctionSecretsAsync(functionName).GetAwaiter().GetResult();
+                    IDictionary<string, string> functionSecrets = await secretManager.GetFunctionSecretsAsync(functionName);
                     if (functionSecrets != null &&
                         functionSecrets.Values.Any(s => Key.SecretValueEquals(keyValue, s)))
                     {

test/WebJobs.Script.Tests.Integration/FunctionGeneratorEndToEndTests.cs

@@ -16,6 +16,7 @@
 using Microsoft.Azure.WebJobs.Script.Config;
 using Microsoft.Azure.WebJobs.Script.Description;
 using Microsoft.Azure.WebJobs.Script.WebHost;
+using Microsoft.WebJobs.Script.Tests;
 using Xunit;
 
 namespace Microsoft.Azure.WebJobs.Script.Tests
@@ -160,30 +161,5 @@ await TestHelpers.Await(() =>
                 }
             }
         }
-
-        private sealed class SingleThreadSynchronizationContext : SynchronizationContext
-        {
-            private readonly ConcurrentQueue<Tuple<SendOrPostCallback, object>> _workItems =
-                new ConcurrentQueue<Tuple<SendOrPostCallback, object>>();
-
-            public override void Post(SendOrPostCallback d, object state)
-            {
-                _workItems.Enqueue(new Tuple<SendOrPostCallback, object>(d, state));
-            }
-
-            public override void Send(SendOrPostCallback d, object state)
-            {
-                throw new NotSupportedException();
-            }
-
-            public void Run()
-            {
-                Tuple<SendOrPostCallback, object> item;
-                while (_workItems.TryDequeue(out item))
-                {
-                    item.Item1(item.Item2);
-                }
-            }
-        }
     }
 }

test/WebJobs.Script.Tests.Integration/SamplesEndToEndTests.cs

@@ -10,8 +10,10 @@
 using System.Net.Http.Headers;
 using System.Reflection;
 using System.Text;
+using System.Threading;
 using System.Threading.Tasks;
 using System.Web.Http;
+using System.Web.Http.Hosting;
 using System.Xml.Linq;
 using Microsoft.Azure.WebJobs.Host;
 using Microsoft.Azure.WebJobs.Script.Config;
@@ -20,13 +22,15 @@
 using Microsoft.Azure.WebJobs.Script.WebHost.Models;
 using Microsoft.ServiceBus;
 using Microsoft.ServiceBus.Messaging;
+using Microsoft.WebJobs.Script.Tests;
 using Microsoft.WindowsAzure.Storage;
 using Microsoft.WindowsAzure.Storage.Blob;
 using Microsoft.WindowsAzure.Storage.Queue;
 using Microsoft.WindowsAzure.Storage.Table;
 using Newtonsoft.Json;
 using Newtonsoft.Json.Linq;
 using Xunit;
+using static Microsoft.Azure.WebJobs.Script.Tests.FunctionGeneratorTests;
 
 namespace Microsoft.Azure.WebJobs.Script.Tests
 {

test/WebJobs.Script.Tests.Shared/SingleThreadedSynchronizationContext.cs

@@ -0,0 +1,51 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the MIT License. See License.txt in the project root for license information.
+
+using System;
+using System.Collections.Concurrent;
+using System.Collections.Generic;
+using System.Text;
+using System.Threading;
+
+namespace Microsoft.WebJobs.Script.Tests
+{
+    internal sealed class SingleThreadSynchronizationContext : SynchronizationContext
+    {
+        private readonly ConcurrentQueue<Tuple<SendOrPostCallback, object>> _workItems =
+            new ConcurrentQueue<Tuple<SendOrPostCallback, object>>();
+        private readonly bool _runOnEmptyQueue;
+        private bool _stopped;
+
+        public SingleThreadSynchronizationContext(bool runOnEmptyQueue = false)
+        {
+            _runOnEmptyQueue = runOnEmptyQueue;
+        }
+
+        public override void Post(SendOrPostCallback d, object state)
+        {
+            _workItems.Enqueue(new Tuple<SendOrPostCallback, object>(d, state));
+        }
+
+        public override void Send(SendOrPostCallback d, object state)
+        {
+            throw new NotSupportedException();
+        }
+
+        public void Stop()
+        {
+            _stopped = true;
+        }
+
+        public void Run()
+        {
+            Tuple<SendOrPostCallback, object> item;
+            while (!_stopped && (_workItems.TryDequeue(out item) || _runOnEmptyQueue))
+            {
+                if (item != null)
+                {
+                    item.Item1(item.Item2);
+                }
+            }
+        }
+    }
+}

test/WebJobs.Script.Tests.Shared/WebJobs.Script.Tests.Shared.projitems

@@ -9,6 +9,7 @@
     <Import_RootNamespace>Microsoft.WebJobs.Script.Tests</Import_RootNamespace>
   </PropertyGroup>
   <ItemGroup>
+    <Compile Include="$(MSBuildThisFileDirectory)SingleThreadedSynchronizationContext.cs" />
     <Compile Include="$(MSBuildThisFileDirectory)TempDirectory.cs" />
     <Compile Include="$(MSBuildThisFileDirectory)TestHelpers.cs" />
     <Compile Include="$(MSBuildThisFileDirectory)TestInvoker.cs" />

test/WebJobs.Script.Tests/Filters/AuthorizationLevelAttributeTests.cs

@@ -12,6 +12,7 @@
 using System.Web.Http.Dependencies;
 using Microsoft.Azure.WebJobs.Script.WebHost;
 using Microsoft.Azure.WebJobs.Script.WebHost.Filters;
+using Microsoft.WebJobs.Script.Tests;
 using Moq;
 using Xunit;
 
@@ -155,6 +156,102 @@ public async Task GetAuthorizationLevel_ValidKeyHeader_FunctionKey_ReturnsFuncti
             Assert.Equal(AuthorizationLevel.Function, level);
         }
 
+        [Fact]
+        public void GetAuthorizationLevelAsync_CalledWithSingleThreadedContext_ResolvingSecrets_DoesNotDeadlock()
+        {
+            // Test resolving secrets
+            var secretManager = CreateSecretManager(
+                async () =>
+                {
+                    await Task.Delay(500);
+                    return new HostSecretsInfo();
+                },
+                async () =>
+                {
+                    await Task.Delay(500);
+                    return new Dictionary<string, string> { { "default", TestFunctionKeyValue1 } };
+                });
+
+            bool methodReturned = GetAuthorizationLevelAsync_CalledWithSingleThreadedContext_DoesNotDeadlock(secretManager);
+
+            Assert.True(methodReturned, $"{nameof(AuthorizationLevelAttribute.GetAuthorizationLevelAsync)} resolving secrets did not return.");
+        }
+
+        [Fact]
+        public void GetAuthorizationLevelAsync_CalledWithSingleThreadedContext_AndCachedHostSecrets_DoesNotDeadlock()
+        {
+            var secretManager = CreateSecretManager(() => Task.FromResult(new HostSecretsInfo()), async () =>
+            {
+                await Task.Delay(500);
+                return new Dictionary<string, string> { { "default", TestFunctionKeyValue1 } };
+            });
+
+            var methodReturned = GetAuthorizationLevelAsync_CalledWithSingleThreadedContext_DoesNotDeadlock(secretManager);
+
+            Assert.True(methodReturned, $"{nameof(AuthorizationLevelAttribute.GetAuthorizationLevelAsync)} with cached host secrets did not return.");
+        }
+
+        [Fact]
+        public void GetAuthorizationLevelAsync_CalledWithSingleThreadedContext_AndCachedSecrets_DoesNotDeadlock()
+        {
+            var secretManager = CreateSecretManager(() => Task.FromResult(new HostSecretsInfo()), () => Task.FromResult(new Dictionary<string, string> { { "default", TestFunctionKeyValue1 } }));
+
+            var methodReturned = GetAuthorizationLevelAsync_CalledWithSingleThreadedContext_DoesNotDeadlock(secretManager);
+
+            Assert.True(methodReturned, $"{nameof(AuthorizationLevelAttribute.GetAuthorizationLevelAsync)} with cached secrets did not return.");
+        }
+
+        private ISecretManager CreateSecretManager(Func<Task<HostSecretsInfo>> hostSecrets, Func<Task<Dictionary<string, string>>> functionSecrets)
+        {
+            var secretManagerMock = new Mock<ISecretManager>();
+
+            secretManagerMock.Setup(m => m.GetHostSecretsAsync())
+            .Returns(() => Task.FromResult(new HostSecretsInfo()));
+
+            secretManagerMock.Setup(m => m.GetFunctionSecretsAsync(It.IsAny<string>(), false))
+            .Returns(async () =>
+            {
+                await Task.Delay(500);
+                return new Dictionary<string, string> { { "default", TestFunctionKeyValue1 } };
+            });
+
+            return secretManagerMock.Object;
+        }
+
+        private bool GetAuthorizationLevelAsync_CalledWithSingleThreadedContext_DoesNotDeadlock(ISecretManager secretManager)
+        {
+            var resetEvent = new ManualResetEvent(false);
+
+            var thread = new Thread(() =>
+            {
+                HttpRequestMessage request = new HttpRequestMessage();
+                request = new HttpRequestMessage();
+                request.Headers.Add(AuthorizationLevelAttribute.FunctionsKeyHeaderName, TestFunctionKeyValue1);
+
+                var context = new SingleThreadSynchronizationContext(true);
+                SynchronizationContext.SetSynchronizationContext(context);
+
+                AuthorizationLevelAttribute.GetAuthorizationLevelAsync(request, secretManager, functionName: "TestFunction")
+                .ContinueWith(t =>
+                {
+                    context.Stop();
+
+                    resetEvent.Set();
+                });
+
+                context.Run();
+            });
+
+            thread.IsBackground = true;
+            thread.Start();
+
+            bool eventSignaled = resetEvent.WaitOne(TimeSpan.FromSeconds(5));
+
+            thread.Abort();
+
+            return eventSignaled;
+        }
+
         [Fact]
         public async Task GetAuthorizationLevel_InvalidKeyHeader_ReturnsAnonymous()
         {