Change AsymmetricKeyCredential to ClientCertificate

sgonzalezMSFT · sgonzalezMSFT · commit e8c10a55f667 · 2019-10-31T16:16:27.000-07:00
diff --git a/src/integrationtest/java/com.microsoft.aad.msal4j/ClientCredentialsIT.java b/src/integrationtest/java/com.microsoft.aad.msal4j/ClientCredentialsIT.java
@@ -18,14 +18,13 @@
 import java.security.cert.X509Certificate;
 import java.util.Collections;
 
-import static com.microsoft.aad.msal4j.TestConstants.GRAPH_DEFAULT_SCOPE;
 import static com.microsoft.aad.msal4j.TestConstants.KEYVAULT_DEFAULT_SCOPE;
 
 @Test
 public class ClientCredentialsIT {
 
     @Test
-    public void acquireTokenClientCredentials_AsymmetricKeyCredential() throws Exception{
+    public void acquireTokenClientCredentials_ClientCertificate() throws Exception{
         String clientId = "55e7e5af-ca53-482d-9aa3-5cb1cc8eecb5";
         IClientCredential credential = getCertificateFromKeyStore();
         assertAcquireTokenCommon(clientId, credential);
@@ -48,7 +47,7 @@ public void acquireTokenClientCredentials_ClientAssertion() throws Exception{
 
         ClientAssertion clientAssertion = JwtHelper.buildJwt(
                 clientId,
-                (AsymmetricKeyCredential) certificateFromKeyStore,
+                (ClientCertificate) certificateFromKeyStore,
                 "https://login.microsoftonline.com/common/oauth2/v2.0/token");
 
 
@@ -73,7 +72,6 @@ private void assertAcquireTokenCommon(String clientId, IClientCredential credent
         Assert.assertNotNull(result.accessToken());
     }
 
-
     private IClientCredential getCertificateFromKeyStore() throws
             NoSuchProviderException, KeyStoreException, IOException, NoSuchAlgorithmException,
             CertificateException, UnrecoverableKeyException {
diff --git a/src/main/java/com/microsoft/aad/msal4j/ClientCertificate.java b/src/main/java/com/microsoft/aad/msal4j/ClientCertificate.java
@@ -24,7 +24,7 @@
 import lombok.experimental.Accessors;
 import org.apache.commons.codec.binary.Base64;
 
-final class AsymmetricKeyCredential implements IAsymmetricKeyCredential  {
+final class ClientCertificate implements IClientCertificate {
 
     private final static int MIN_KEY_SIZE_IN_BITS = 2048;
 
@@ -34,7 +34,7 @@ final class AsymmetricKeyCredential implements IAsymmetricKeyCredential  {
 
     private final X509Certificate publicCertificate;
 
-    private AsymmetricKeyCredential(final PrivateKey key, final X509Certificate publicCertificate) {
+    private ClientCertificate(final PrivateKey key, final X509Certificate publicCertificate) {
         if (key == null) {
             throw new NullPointerException("PrivateKey is null or empty");
         }
@@ -71,15 +71,15 @@ else if("sun.security.mscapi.RSAPrivateKey".equals(key.getClass().getName())){
 
     public String publicCertificateHash()
             throws CertificateEncodingException, NoSuchAlgorithmException {
-        return Base64.encodeBase64String(AsymmetricKeyCredential
+        return Base64.encodeBase64String(ClientCertificate
                 .getHash(this.publicCertificate.getEncoded()));
     }
 
     public String publicCertificate() throws CertificateEncodingException {
         return Base64.encodeBase64String(this.publicCertificate.getEncoded());
     }
 
-    static AsymmetricKeyCredential create(final InputStream pkcs12Certificate, final String password)
+    static ClientCertificate create(final InputStream pkcs12Certificate, final String password)
             throws KeyStoreException, NoSuchProviderException,
             NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableKeyException {
         final KeyStore keystore = KeyStore.getInstance("PKCS12", "SunJSSE");
@@ -93,8 +93,8 @@ static AsymmetricKeyCredential create(final InputStream pkcs12Certificate, final
         return create(key, publicCertificate);
     }
 
-    static AsymmetricKeyCredential create(final PrivateKey key, final X509Certificate publicCertificate) {
-        return new AsymmetricKeyCredential(key, publicCertificate);
+    static ClientCertificate create(final PrivateKey key, final X509Certificate publicCertificate) {
+        return new ClientCertificate(key, publicCertificate);
     }
 
     private static byte[] getHash(final byte[] inputBytes) throws NoSuchAlgorithmException {
diff --git a/src/main/java/com/microsoft/aad/msal4j/ClientCredentialFactory.java b/src/main/java/com/microsoft/aad/msal4j/ClientCredentialFactory.java
@@ -24,31 +24,31 @@ public static IClientSecret createFromSecret(String secret){
     }
 
     /**
-     * Static method to create a {@link AsymmetricKeyCredential} instance from a certificate
+     * Static method to create a {@link ClientCertificate} instance from a certificate
      * @param pkcs12Certificate InputStream containing PCKS12 formatted certificate
      * @param password certificate password
-     * @return {@link AsymmetricKeyCredential}
+     * @return {@link ClientCertificate}
      * @throws CertificateException
      * @throws UnrecoverableKeyException
      * @throws NoSuchAlgorithmException
      * @throws KeyStoreException
      * @throws NoSuchProviderException
      * @throws IOException
      */
-    public static IAsymmetricKeyCredential createFromCertificate(final InputStream pkcs12Certificate, final String password)
+    public static IClientCertificate createFromCertificate(final InputStream pkcs12Certificate, final String password)
             throws CertificateException, UnrecoverableKeyException, NoSuchAlgorithmException,
             KeyStoreException, NoSuchProviderException, IOException {
-        return AsymmetricKeyCredential.create(pkcs12Certificate, password);
+        return ClientCertificate.create(pkcs12Certificate, password);
     }
 
     /**
-     * Static method to create a {@link AsymmetricKeyCredential} instance.
+     * Static method to create a {@link ClientCertificate} instance.
      * @param key  RSA private key to sign the assertion.
      * @param publicCertificate x509 public certificate used for thumbprint
-     * @return {@link AsymmetricKeyCredential}
+     * @return {@link ClientCertificate}
      */
-    public static IAsymmetricKeyCredential createFromCertificate(final PrivateKey key, final X509Certificate publicCertificate) {
-        return AsymmetricKeyCredential.create(key, publicCertificate);
+    public static IClientCertificate createFromCertificate(final PrivateKey key, final X509Certificate publicCertificate) {
+        return ClientCertificate.create(key, publicCertificate);
     }
 
     /**
diff --git a/src/main/java/com/microsoft/aad/msal4j/ConfidentialClientApplication.java b/src/main/java/com/microsoft/aad/msal4j/ConfidentialClientApplication.java
@@ -67,10 +67,10 @@ private void initClientAuthentication(IClientCredential clientCredential) {
             clientAuthentication = new ClientSecretPost(
                     new ClientID(clientId()),
                     new Secret(((ClientSecret) clientCredential).clientSecret()));
-        } else if (clientCredential instanceof AsymmetricKeyCredential) {
+        } else if (clientCredential instanceof ClientCertificate) {
             ClientAssertion clientAssertion = JwtHelper.buildJwt(
                     clientId(),
-                    (AsymmetricKeyCredential) clientCredential,
+                    (ClientCertificate) clientCredential,
                     this.authenticationAuthority.selfSignedJwtAudience());
 
             clientAuthentication = createClientAuthFromClientAssertion(clientAssertion);
diff --git a/src/main/java/com/microsoft/aad/msal4j/IClientCertificate.java b/src/main/java/com/microsoft/aad/msal4j/IClientCertificate.java
@@ -10,7 +10,7 @@
 /**
  * Credential type containing X509 public certificate and RSA private key.
  */
-public interface IAsymmetricKeyCredential extends IClientCredential{
+public interface IClientCertificate extends IClientCredential{
 
     /**
      * Returns private key of the credential.
diff --git a/src/main/java/com/microsoft/aad/msal4j/JwtHelper.java b/src/main/java/com/microsoft/aad/msal4j/JwtHelper.java
@@ -20,7 +20,7 @@
 
 final class JwtHelper {
 
-    static ClientAssertion buildJwt(String clientId, final AsymmetricKeyCredential credential,
+    static ClientAssertion buildJwt(String clientId, final ClientCertificate credential,
             final String jwtAudience) throws MsalClientException {
         if (StringHelper.isBlank(clientId)) {
             throw new IllegalArgumentException("clientId is null or empty");
diff --git a/src/test/java/com/microsoft/aad/msal4j/ClientCertificateTest.java b/src/test/java/com/microsoft/aad/msal4j/ClientCertificateTest.java
@@ -16,11 +16,11 @@
 
 @Test(groups = { "checkin" })
 @PrepareForTest({ RSAPrivateKey.class })
-public class AsymmetricKeyCredentialTest extends AbstractMsalTests {
+public class ClientCertificateTest extends AbstractMsalTests {
 
     @Test(expectedExceptions = NullPointerException.class, expectedExceptionsMessageRegExp = "PrivateKey is null or empty")
     public void testNullKey() {
-        AsymmetricKeyCredential.create((PrivateKey) null, null);
+        ClientCertificate.create((PrivateKey) null, null);
     }
 
     @Test(expectedExceptions = IllegalArgumentException.class, expectedExceptionsMessageRegExp = "certificate key size must be at least 2048")
@@ -30,7 +30,7 @@ public void testInvalidKeysize() {
         EasyMock.expect(modulus.bitLength()).andReturn(2047).times(1);
         EasyMock.expect(key.getModulus()).andReturn(modulus).times(1);
         EasyMock.replay(modulus, key);
-        AsymmetricKeyCredential.create(key, null);
+        ClientCertificate.create(key, null);
     }
 
     @Test
@@ -40,7 +40,7 @@ public void testGetClient() {
         EasyMock.expect(modulus.bitLength()).andReturn(2048).times(1);
         EasyMock.expect(key.getModulus()).andReturn(modulus).times(1);
         EasyMock.replay(modulus, key);
-        final AsymmetricKeyCredential kc = AsymmetricKeyCredential.create(key, null);
+        final ClientCertificate kc = ClientCertificate.create(key, null);
         assertNotNull(kc);
     }
 
@@ -51,7 +51,7 @@ public void testGetKey() {
         EasyMock.expect(modulus.bitLength()).andReturn(2048).times(1);
         EasyMock.expect(key.getModulus()).andReturn(modulus).times(1);
         EasyMock.replay(modulus, key);
-        final AsymmetricKeyCredential kc = AsymmetricKeyCredential.create(key, null);
+        final ClientCertificate kc = ClientCertificate.create(key, null);
         assertNotNull(kc);
     }
 }
diff --git a/src/test/java/com/microsoft/aad/msal4j/ConfidentialClientApplicationTest.java b/src/test/java/com/microsoft/aad/msal4j/ConfidentialClientApplicationTest.java
@@ -26,7 +26,7 @@
 @PowerMockIgnore({"javax.net.ssl.*"})
 @Test(groups = { "checkin" })
 @PrepareForTest({ ConfidentialClientApplication.class,
-        AsymmetricKeyCredential.class, UserDiscoveryRequest.class })
+        ClientCertificate.class, UserDiscoveryRequest.class })
 public class ConfidentialClientApplicationTest extends PowerMockTestCase {
 
     private ConfidentialClientApplication app = null;
diff --git a/src/test/java/com/microsoft/aad/msal4j/OAuthRequestValidationTest.java b/src/test/java/com/microsoft/aad/msal4j/OAuthRequestValidationTest.java
@@ -74,11 +74,25 @@ public class OAuthRequestValidationTest extends PowerMockTestCase {
 
     private static String query;
 
-    public OAuthRequestValidationTest() throws MalformedURLException {
-    }
-
+    @SuppressWarnings("unchecked")
     @BeforeMethod
-    public void init() {
+    public void init() throws Exception{
+
+        PowerMock.mockStatic(HttpHelper.class);
+
+        EasyMock.expect(
+                HttpHelper.executeHttpRequest(
+                        EasyMock.isA(Logger.class),
+                        EasyMock.isA(HttpMethod.class),
+                        EasyMock.isA(String.class),
+                        EasyMock.isA(Map.class),
+                        EasyMock.isNull(),
+                        EasyMock.isA(RequestContext.class),
+                        EasyMock.isA(ServiceBundle.class)))
+                .andReturn(INSTANCE_DISCOVERY_RESPONSE);
+
+        PowerMock.replay(HttpHelper.class);
+
         replace(method(OAuthHttpRequest.class, "send")).
                 with(new InvocationHandler() {
                     @Override
@@ -176,24 +190,8 @@ public void oAuthRequest_for_acquireTokenByUserAssertion() throws Exception {
         Assert.assertEquals(CLIENT_INFO_VALUE, queryParams.get("client_info"));
     }
 
-    @SuppressWarnings("unchecked")
     @Test
-    public void oAuthRequest_for_acquireTokenByAsymmetricKeyCredential() throws Exception {
-        PowerMock.mockStatic(HttpHelper.class);
-
-        EasyMock.expect(
-                HttpHelper.executeHttpRequest(
-                        EasyMock.isA(Logger.class),
-                        EasyMock.isA(HttpMethod.class),
-                        EasyMock.isA(String.class),
-                        EasyMock.isA(Map.class),
-                        EasyMock.isNull(),
-                        EasyMock.isA(RequestContext.class),
-                        EasyMock.isA(ServiceBundle.class)))
-                .andReturn(INSTANCE_DISCOVERY_RESPONSE);
-
-
-        PowerMock.replay(HttpHelper.class);
+    public void oAuthRequest_for_acquireTokenByClientCertificate() throws Exception {
 
         try {
             final KeyStore keystore = KeyStore.getInstance("PKCS12", "SunJSSE");
@@ -245,7 +243,7 @@ public void oAuthRequest_for_acquireTokenByAsymmetricKeyCredential() throws Exce
 
     @Test
     public void oAuthRequest_for_acquireTokenByClientAssertion() throws Exception {
-        //String rsaJwt = getRSAjwt();
+
         try {
             final KeyStore keystore = KeyStore.getInstance("PKCS12", "SunJSSE");
             keystore.load(
diff --git a/src/test/java/com/microsoft/aad/msal4j/PublicClientApplicationTest.java b/src/test/java/com/microsoft/aad/msal4j/PublicClientApplicationTest.java
@@ -19,7 +19,7 @@
 @PowerMockIgnore({"javax.net.ssl.*"})
 @Test(groups = { "checkin" })
 @PrepareForTest({ PublicClientApplication.class,
-        AsymmetricKeyCredential.class, UserDiscoveryRequest.class})
+        ClientCertificate.class, UserDiscoveryRequest.class})
 public class PublicClientApplicationTest extends PowerMockTestCase {
 
     private PublicClientApplication app = null;
