token based lab api access (#148)

* token based lab api access

Author: SomkaPe

src/integrationtest/java/com.microsoft.aad.msal4j/TestConstants.java

@@ -7,6 +7,7 @@
 
 public class TestConstants {
     public final static String KEYVAULT_DEFAULT_SCOPE = "https://vault.azure.net/.default";
+    public final static String MSIDLAB_DEFAULT_SCOPE = "https://msidlab.com/.default";
     public final static String GRAPH_DEFAULT_SCOPE = "https://graph.windows.net/.default";
     public final static String USER_READ_SCOPE = "user.read";
     public final static String B2C_LAB_SCOPE = "https://msidlabb2c.onmicrosoft.com/msaapp/user_impersonation";

src/integrationtest/java/labapi/AppIdentityProvider.java

@@ -13,11 +13,11 @@ public AppIdentityProvider(){
     }
 
     public String getDefaultLabId(){
-        return keyVaultSecretsProvider.getSecret(LabConstants.APP_ID_URL);
+        return keyVaultSecretsProvider.getSecret(LabConstants.APP_ID_KEY_VAULT_SECRET);
     }
 
     public String getDefaultLabPassword(){
-        return keyVaultSecretsProvider.getSecret(LabConstants.APP_PASSWORD_URL);
+        return keyVaultSecretsProvider.getSecret(LabConstants.APP_PASSWORD_KEY_VAULT_SECRET);
     }
 
     public String getOboPassword(){

src/integrationtest/java/labapi/HttpClientHelper.java

@@ -15,19 +15,22 @@
 
 class HttpClientHelper {
 
-    static String sendRequestToLab(String url, Map<String, String> queryMap) throws
+    static String sendRequestToLab(String url, Map<String, String> queryMap, String accessToken) throws
             IOException {
-        return sendRequestToLab(buildUrl(url, queryMap));
+        return sendRequestToLab(buildUrl(url, queryMap), accessToken);
     }
 
-    static String sendRequestToLab(String url, String id) throws
+    static String sendRequestToLab(String url, String id, String accessToken) throws
             IOException {
-        return sendRequestToLab(new URL(url + "/" + id));
+        return sendRequestToLab(new URL(url + "/" + id), accessToken);
     }
 
-    static String sendRequestToLab(URL labUrl) throws
+    static String sendRequestToLab(URL labUrl, String accessToken) throws
             IOException {
         HttpsURLConnection conn = (HttpsURLConnection) labUrl.openConnection();
+
+        conn.setRequestProperty("Authorization", "Bearer " + accessToken);
+
         conn.setReadTimeout(20000);
         conn.setConnectTimeout(20000);
 

src/integrationtest/java/labapi/LabConstants.java

@@ -9,8 +9,8 @@ public class LabConstants {
     public final static String LAB_APP_ENDPOINT = "https://msidlab.com/api/App";
     public final static String LAB_LAB_ENDPOINT = "https://msidlab.com/api/Lab";
 
-    public final static String APP_ID_URL = "https://msidlabs.vault.azure.net/secrets/LabVaultAppID/4032a45f48dc424d8edd445a42d25960";
-    public final static String APP_PASSWORD_URL = "https://msidlabs.vault.azure.net/secrets/LabVaultAppSecret/c2be68b1f01d4861819d6afde2ec71e3";
+    public final static String APP_ID_KEY_VAULT_SECRET = "https://msidlabs.vault.azure.net/secrets/LabVaultAppID/4032a45f48dc424d8edd445a42d25960";
+    public final static String APP_PASSWORD_KEY_VAULT_SECRET = "https://msidlabs.vault.azure.net/secrets/LabVaultAppSecret/c2be68b1f01d4861819d6afde2ec71e3";
     public final static String USER_MSA_USERNAME_URL = "https://msidlabs.vault.azure.net/secrets/MSA-MSIDLAB4-UserName/a6df85b08cf54347a64db17fe34d9a5f";
     public final static String USER_MSA_PASSWORD_URL= "https://msidlabs.vault.azure.net/secrets/MSA-MSIDLAB4-Password/69850200618d43cf86c5b51e4cf8a7e5";
     public final static String OBO_APP_PASSWORD_URL = "https://msidlabs.vault.azure.net/secrets/TodoListServiceV2-OBO/c58ba97c34ca4464886943a847d1db56";

src/integrationtest/java/labapi/LabService.java

@@ -4,16 +4,45 @@
 package labapi;
 
 import com.google.gson.Gson;
+import com.microsoft.aad.msal4j.*;
 
+import java.net.MalformedURLException;
+import java.util.Collections;
 import java.util.HashMap;
 import java.util.Map;
+import java.util.concurrent.ExecutionException;
 
 public class LabService {
 
+    static ConfidentialClientApplication labApp;
+
+    static void initLabApp() throws MalformedURLException {
+        KeyVaultSecretsProvider keyVaultSecretsProvider = new KeyVaultSecretsProvider();
+
+        String appID = keyVaultSecretsProvider.getSecret(LabConstants.APP_ID_KEY_VAULT_SECRET);
+        String appSecret = keyVaultSecretsProvider.getSecret(LabConstants.APP_PASSWORD_KEY_VAULT_SECRET);
+
+        labApp = ConfidentialClientApplication.builder(
+                appID, ClientCredentialFactory.createFromSecret(appSecret)).
+                authority(TestConstants.MICROSOFT_AUTHORITY).
+                build();
+    }
+
+    static String getLabAccessToken() throws MalformedURLException, ExecutionException, InterruptedException {
+        if(labApp == null){
+            initLabApp();
+        }
+        return labApp.acquireToken(ClientCredentialParameters
+                .builder(Collections.singleton(TestConstants.MSIDLAB_DEFAULT_SCOPE))
+                .build()).
+                get().accessToken();
+    }
+
     User getUser(UserQueryParameters query){
         try {
             Map<String, String> queryMap = query.parameters;
-            String result = HttpClientHelper.sendRequestToLab(LabConstants.LAB_USER_ENDPOINT, queryMap);
+            String result = HttpClientHelper.sendRequestToLab(
+                    LabConstants.LAB_USER_ENDPOINT, queryMap, getLabAccessToken());
 
             User[] users = new Gson().fromJson(result, User[].class);
             User user = users[0];
@@ -31,18 +60,20 @@ User getUser(UserQueryParameters query){
 
     public static App getApp(String appId){
         try {
-            String result = HttpClientHelper.sendRequestToLab(LabConstants.LAB_APP_ENDPOINT, appId);
+            String result = HttpClientHelper.sendRequestToLab(
+                    LabConstants.LAB_APP_ENDPOINT, appId, getLabAccessToken());
             App[] apps = new Gson().fromJson(result, App[].class);
             return apps[0];
         } catch (Exception ex) {
             throw new RuntimeException("Error getting app from lab: " + ex.getMessage());
         }
     }
 
-    public static Lab getLab(String labId){
+    public static Lab getLab(String labId) {
         String result;
         try {
-            result = HttpClientHelper.sendRequestToLab(LabConstants.LAB_LAB_ENDPOINT, labId);
+            result = HttpClientHelper.sendRequestToLab(
+                    LabConstants.LAB_LAB_ENDPOINT, labId, getLabAccessToken());
             Lab[] labs = new Gson().fromJson(result, Lab[].class);
             return labs[0];
         } catch (Exception ex) {
@@ -55,7 +86,8 @@ private String getUserSecret(String labName){
         try {
             Map<String, String> queryMap = new HashMap<>();
             queryMap.put("secret", labName);
-            result = HttpClientHelper.sendRequestToLab(LabConstants.LAB_USER_SECRET_ENDPOINT, queryMap);
+            result = HttpClientHelper.sendRequestToLab(
+                    LabConstants.LAB_USER_SECRET_ENDPOINT, queryMap, getLabAccessToken());
 
             return new Gson().fromJson(result, UserSecret.class).value;
         } catch (Exception ex) {