Entra - Make Source field in payload required (#37966)

* Marked empty/null actions as failed

* replaced tabs with spaces

* Updated spacing

* Replaced tab with spaces

* Updates based on feedback

* Updated Validation Logic

* WIP Added test cases for OneOrMoreRequiredAttribute

* Added test case for EnumberableItemsNotNull Attribute

* Feedback updates

* Updates based on PR feedback

* Sort 'using' lists and removed unapplicable data annotation

* Adding necessary updates to merge with azure main

* Removed xUnit reference now that we are using NUnit tests

* removed Update-Snippets.ps1 changes and will rebase

* Added null check and test for response before marking as failed

* Updated exception to validation exception and corrected test

* Changed back to argument null exception

* Added response validation exception type

* Update sdk/entra/Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents/src/AuthenticationEventResource.resx

Adding a missing period

Co-authored-by: Jesse Squire <[email protected]>

* Added period

* Added not null check for source field in payload

* Changed source attribute to required

* Sorted usings

* Added test scenarios for AuthenticationEventMetadata

* Added big fix to changelog

* Refactored test case for consistency with existing tests and added links to changelog

* Added assertions for exception messages and removed links to bugs

* Ran scripts to update netstandard2.0 class

---------

Co-authored-by: Jesse Squire <[email protected]>

Author: hakimms

sdk/entra/Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents/CHANGELOG.md

@@ -4,8 +4,9 @@
 
 ### Bugs Fixed
 
-- Updated ODataType signature - 2433332
-- Empty or null response actions will throw a bad response - 2161553
+- Updated ODataType signature
+- Empty or null response actions will throw a bad response
+- Made the source field in the request a required field
 
 ## 1.0.0-beta.3 (2022-12-13)
 

sdk/entra/Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents/api/Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.netstandard2.0.cs

@@ -130,6 +130,7 @@ protected CloudEventData() { }
         internal CloudEventRequest() { }
         [System.Text.Json.Serialization.JsonPropertyNameAttribute("oDataType")]
         public string ODataType { get { throw null; } set { } }
+        [System.ComponentModel.DataAnnotations.RequiredAttribute]
         [System.Text.Json.Serialization.JsonPropertyNameAttribute("source")]
         public string Source { get { throw null; } set { } }
     }

sdk/entra/Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents/src/Framework/CloudEventRequest.cs

@@ -1,9 +1,10 @@
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License.
 
-using Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.Framework.Validators;
+using System.ComponentModel.DataAnnotations;
 using System.Net.Http;
 using System.Text.Json.Serialization;
+using Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.Framework.Validators;
 
 namespace Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.Framework
 {
@@ -17,7 +18,7 @@ public abstract class CloudEventRequest<TResponse, TData> : AuthenticationEventR
         /// <summary>Gets or sets the source.</summary>
         /// <value>The source.</value>
         [JsonPropertyName("source")]
-        [RequireNonDefault]
+        [Required]
         public string Source { get; set; }
 
         /// <summary>Gets or sets the cloud event data type.</summary>

sdk/entra/Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents/tests/Framework/AuthenticationEventMetadataTests.cs

@@ -0,0 +1,56 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+using System.Collections.Generic;
+using System.ComponentModel.DataAnnotations;
+using System.Net.Http;
+using Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.Framework;
+using NUnit.Framework;
+using Payload = Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.Tests.Payloads.TokenIssuanceStart;
+
+namespace Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.Tests.Framework
+{
+    [TestFixture]
+    public class AuthenticationEventMetadataTests
+    {
+        [Test]
+        [TestCaseSource(nameof(TestScenarios))]
+        public void TestRequestCreateInstance(object testObject, string message, bool success, string exceptionMessage)
+        {
+            string payload = testObject.ToString();
+            AuthenticationEventMetadata eventMetadata = AuthenticationEventMetadataLoader.GetEventMetadata(payload);
+            HttpRequestMessage requestMessage = new HttpRequestMessage(HttpMethod.Post, $"http://localhost:7278/runtime/webhooks/customauthenticationextension?code=opVsbQul8-MsRuM9x6yVoghE2Xda5G-MeV_Ybv1MdEfuAzFuVtpEpg==&functionName=onTokenIssuanceStart");
+
+            if (success == false)
+            {
+                var ex = Assert.Throws<ValidationException>(() => eventMetadata.CreateEventRequestValidate(requestMessage, payload, string.Empty));
+                Assert.AreEqual(exceptionMessage, ex.Message);
+            }
+            else
+            {
+                Assert.DoesNotThrow(() => eventMetadata.CreateEventRequestValidate(requestMessage, payload, string.Empty));
+            }
+        }
+
+        private static IEnumerable<object[]> TestScenarios()
+        {
+#region Invalid
+            yield return new TestCaseStructure()
+            {
+                Test = Payload.TokenIssuanceStart.RequestWithoutSourcePayload,
+                Message = "Testing request payload without source field passed and verifies it throws an error",
+                ExceptionMessage = "TokenIssuanceStartRequest: The Source field is required."
+            }.ToArray;
+#endregion
+
+#region Valid
+            yield return new TestCaseStructure()
+            {
+                Test = Payload.TokenIssuanceStart.ValidRequestPayload,
+                Message = "Testing valid full request payload",
+                Success = true,
+            }.ToArray;
+#endregion
+        }
+    }
+}

sdk/entra/Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents/tests/Framework/Validators/EnumerableItemsNotNullAttributeTests.cs

@@ -1,4 +1,7 @@
-using System.Collections.Generic;
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+using System.Collections.Generic;
 using System.ComponentModel.DataAnnotations;
 using Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.Framework.Validators;
 using NUnit.Framework;
@@ -13,13 +16,14 @@ public class EnumerableItemsNotNullAttributeTests
     {
         [Test]
         [TestCaseSource(nameof(TestScenarios))]
-        public void EnumberableItemsNotNullIsValidWithTestCase(object testObject, string message, bool success)
+        public void EnumberableItemsNotNullIsValidWithTestCase(object testObject, string message, bool success, string exceptionMessage)
         {
             DummyClass dummyObj = new() { Obj = testObject };
 
             if (success == false)
             {
-                Assert.Throws<ValidationException>(() => Validator.ValidateObject(dummyObj, new ValidationContext(dummyObj), true), AuthenticationEventResource.Ex_Null_Action_Items);
+                var ex = Assert.Throws<ValidationException>(() => Validator.ValidateObject(dummyObj, new ValidationContext(dummyObj), true));
+                Assert.AreEqual(exceptionMessage, ex.Message);
             }
             else
             {
@@ -43,30 +47,35 @@ private static IEnumerable<object[]> TestScenarios()
             {
                 Test = null,
                 Message = "Testing null",
+                ExceptionMessage = AuthenticationEventResource.Ex_Null_Action_Items,
             }.ToArray;
             yield return new TestCaseStructure()
             {
                 Test = new object(),
                 Message = "Testing object",
+                ExceptionMessage = AuthenticationEventResource.Ex_Null_Action_Items,
             }.ToArray;
             yield return new TestCaseStructure()
             {
                 Test = new List<object>() { null },
                 Message = "Testing object list with null item",
+                ExceptionMessage = AuthenticationEventResource.Ex_Null_Action_Items,
             }.ToArray;
             yield return new TestCaseStructure()
             {
                 Test = new List<object>() { new(), null, new() },
                 Message = "Testing object list with multiple items with one null",
+                ExceptionMessage = AuthenticationEventResource.Ex_Null_Action_Items,
             }.ToArray;
             yield return new TestCaseStructure()
             {
                 Test = new object[1],
                 Message = "Testing single null item array",
+                ExceptionMessage = AuthenticationEventResource.Ex_Null_Action_Items,
             }.ToArray;
-#endregion
+            #endregion
 
-#region Valid
+            #region Valid
             yield return new TestCaseStructure()
             {
                 Test = new List<object>() { new(), new() },

sdk/entra/Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents/tests/Framework/Validators/OneOrMoreRequiredAttributeTests.cs

@@ -1,4 +1,7 @@
-using System.Collections.Generic;
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+using System.Collections.Generic;
 using System.ComponentModel.DataAnnotations;
 using Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.Framework.Validators;
 using NUnit.Framework;
@@ -13,13 +16,14 @@ public class OneOrMoreRequiredAttributeTests
     {
         [Test]
         [TestCaseSource(nameof(TestScenarios))]
-       public void OneOrMoreRequiredIsValidWithTestCase(object testObject, string message, bool success)
+       public void OneOrMoreRequiredIsValidWithTestCase(object testObject, string message, bool success, string exceptionMessage)
         {
             DummyClass dummyObj = new() { Obj = testObject };
 
             if (success == false)
             {
-                Assert.Throws<ValidationException>(() => Validator.ValidateObject(dummyObj, new ValidationContext(dummyObj), true), AuthenticationEventResource.Ex_No_Action);
+                var ex = Assert.Throws<ValidationException>(() => Validator.ValidateObject(dummyObj, new ValidationContext(dummyObj), true));
+                Assert.AreEqual(exceptionMessage, ex.Message);
             }
             else
             {
@@ -43,21 +47,25 @@ private static IEnumerable<object[]> TestScenarios()
             {
                 Test = null,
                 Message = "Testing null",
+                ExceptionMessage = AuthenticationEventResource.Ex_No_Action,
             }.ToArray;
             yield return new TestCaseStructure()
             {
                 Test = new object(),
                 Message = "Testing object",
+                ExceptionMessage = AuthenticationEventResource.Ex_No_Action,
             }.ToArray;
             yield return new TestCaseStructure()
             {
                 Test = new List<object>(),
                 Message = "Testing initialized object",
+                ExceptionMessage = AuthenticationEventResource.Ex_No_Action,
             }.ToArray;
             yield return new TestCaseStructure()
             {
                 Test = new object[0],
                 Message = "Testing empty array",
+                ExceptionMessage = AuthenticationEventResource.Ex_No_Action,
             }.ToArray;
 #endregion
 

sdk/entra/Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents/tests/Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.Tests.csproj

@@ -10,6 +10,8 @@
 		<None Remove="Payloads\TokenIssuanceStart\InvalidActionResponse.json" />
 		<None Remove="Payloads\TokenIssuanceStart\NoActionResponse.json" />
 		<None Remove="Payloads\TokenIssuanceStart\QueryParameters.json" />
+		<None Remove="Payloads\TokenIssuanceStart\RequestMissingSource.json" />
+		<None Remove="Payloads\TokenIssuanceStart\ValidRequest.json" />
 	</ItemGroup>
 
 	<ItemGroup>
@@ -19,6 +21,8 @@
 		<EmbeddedResource Include="Payloads\TokenIssuanceStart\ConversionPayload.json" />
 		<EmbeddedResource Include="Payloads\TokenIssuanceStart\InvalidActionResponse.json" />
 		<EmbeddedResource Include="Payloads\TokenIssuanceStart\NoActionResponse.json" />
+		<EmbeddedResource Include="Payloads\TokenIssuanceStart\RequestMissingSource.json" />
+		<EmbeddedResource Include="Payloads\TokenIssuanceStart\ValidRequest.json" />
 		<EmbeddedResource Include="Payloads\TokenIssuanceStart\NullResponse.json" />
 		<EmbeddedResource Include="Payloads\TokenIssuanceStart\ExpectedPayload.json" />
 		<EmbeddedResource Include="Payloads\TokenIssuanceStart\QueryParameters.json" />

sdk/entra/Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents/tests/Payloads/TokenIssuanceStart/RequestMissingSource.json

@@ -0,0 +1,41 @@
+{
+  "type": "microsoft.graph.authenticationEvent.tokenIssuanceStart",
+  "data": {
+    "@odata.type": "microsoft.graph.onTokenIssuanceStartCalloutData",
+    "tenantId": "d33b1c3f-49c2-8cb3-963b-ca195de1e704",
+    "authenticationEventListenerId": "6fd9cb25-ff72-304b-7b27-5fd793aa3c2f",
+    "customAuthenticationExtensionId": "ce1b2217-fdf9-a19f-2f46-a639514a4107",
+    "authenticationContext": {
+      "correlationId": "1dc14bea-414b-a99e-64de-b4702d82ab59",
+      "client": {
+        "ip": "30.51.176.110",
+        "locale": "en-us",
+        "market": "en-us"
+      },
+      "protocol": "OAUTH2.0",
+      "clientServicePrincipal": {
+        "id": "1dc14bea-414b-a99e-64de-b4702d82ab59",
+        "appId": "d56ef0c3-a4e8-b26c-484c-8873b560eab3",
+        "appDisplayName": "My Test application",
+        "displayName": "My Test application"
+      },
+      "resourceServicePrincipal": {
+        "id": "8de396f3-6559-a65c-398e-43a2fc6a2141",
+        "appId": "d56ef0c3-a4e8-b26c-484c-8873b560eab3",
+        "appDisplayName": "My Test application",
+        "displayName": "My Test application"
+      },
+      "user": {
+        "createdDateTime": "2016-03-01T15:23:40Z",
+        "displayName": "Bob",
+        "givenName": "Bob Smith",
+        "id": "90847c2a-e29d-4d2f-9f54-c5b4d3f26471",
+        "mail": "[email protected]",
+        "preferredLanguage": "en-us",
+        "surname": "Smith",
+        "userPrincipalName": "[email protected]",
+        "userType": "Member"
+      }
+    }
+  }
+}

sdk/entra/Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents/tests/Payloads/TokenIssuanceStart/TokenIssuanceStart.cs

@@ -70,5 +70,23 @@ public static string NullResponsePayload
                 return PayloadHelper.GetPayload("TokenIssuanceStart.NullResponse.json");
             }
         }
+
+        /// <summary> Gets the valid request payload </summary>
+        public static string ValidRequestPayload
+        {
+            get
+            {
+                return PayloadHelper.GetPayload("TokenIssuanceStart.ValidRequest.json");
+            }
+        }
+
+        /// <summary> Gets the request payload without source field </summary>
+        public static string RequestWithoutSourcePayload
+        {
+            get
+            {
+                return PayloadHelper.GetPayload("TokenIssuanceStart.RequestMissingSource.json");
+            }
+        }
     }
 }

sdk/entra/Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents/tests/Payloads/TokenIssuanceStart/ValidRequest.json

@@ -0,0 +1,42 @@
+{
+  "type": "microsoft.graph.authenticationEvent.tokenIssuanceStart",
+  "source": "/tenants/d33b1c3f-49c2-8cb3-963b-ca195de1e704/applications/d56ef0c3-a4e8-b26c-484c-8873b560eab3",
+  "data": {
+    "@odata.type": "microsoft.graph.onTokenIssuanceStartCalloutData",
+    "tenantId": "d33b1c3f-49c2-8cb3-963b-ca195de1e704",
+    "authenticationEventListenerId": "6fd9cb25-ff72-304b-7b27-5fd793aa3c2f",
+    "customAuthenticationExtensionId": "ce1b2217-fdf9-a19f-2f46-a639514a4107",
+    "authenticationContext": {
+      "correlationId": "1dc14bea-414b-a99e-64de-b4702d82ab59",
+      "client": {
+        "ip": "30.51.176.110",
+        "locale": "en-us",
+        "market": "en-us"
+      },
+      "protocol": "OAUTH2.0",
+      "clientServicePrincipal": {
+        "id": "1dc14bea-414b-a99e-64de-b4702d82ab59",
+        "appId": "d56ef0c3-a4e8-b26c-484c-8873b560eab3",
+        "appDisplayName": "My Test application",
+        "displayName": "My Test application"
+      },
+      "resourceServicePrincipal": {
+        "id": "8de396f3-6559-a65c-398e-43a2fc6a2141",
+        "appId": "d56ef0c3-a4e8-b26c-484c-8873b560eab3",
+        "appDisplayName": "My Test application",
+        "displayName": "My Test application"
+      },
+      "user": {
+        "createdDateTime": "2016-03-01T15:23:40Z",
+        "displayName": "Bob",
+        "givenName": "Bob Smith",
+        "id": "90847c2a-e29d-4d2f-9f54-c5b4d3f26471",
+        "mail": "[email protected]",
+        "preferredLanguage": "en-us",
+        "surname": "Smith",
+        "userPrincipalName": "[email protected]",
+        "userType": "Member"
+      }
+    }
+  }
+}