Fix RejectsBadSubject, test failure at startup on empty Subject

sbomer · sbomer · commit b96f6203b717 · 2025-04-25T22:05:47.000Z
diff --git a/src/Tests/Microsoft.Diagnostics.Monitoring.Tool.FunctionalTests/AuthenticationTests.cs b/src/Tests/Microsoft.Diagnostics.Monitoring.Tool.FunctionalTests/AuthenticationTests.cs
@@ -472,9 +472,6 @@ public async Task AllowsConfiguredIssuer()
         [Theory]
         // Guids that don't match should get rejected
         [InlineData("980d2b17-71e1-4313-a084-c077e962680c", "10253b7a-454d-41bb-a3f5-5f2e6b26ed93", HttpStatusCode.Forbidden)]
-        // Empty string isn't valid even when signed and configured correctly
-        [InlineData("", "", HttpStatusCode.Unauthorized)]
-        [InlineData("10253b7a-454d-41bb-a3f5-5f2e6b26ed93", "", HttpStatusCode.Unauthorized)]
         [InlineData("", "10253b7a-454d-41bb-a3f5-5f2e6b26ed93", HttpStatusCode.Forbidden)]
         public async Task RejectsBadSubject(string jwtSubject, string configSubject, HttpStatusCode expectedError)
         {
@@ -501,6 +498,25 @@ public async Task RejectsBadSubject(string jwtSubject, string configSubject, Htt
             Assert.Equal(expectedError, statusCodeException.StatusCode);
         }
 
+        /// <summary>
+        /// This tests that an empty configured subject fails on startup.
+        /// </summary>
+        [Fact]
+        public async Task DoesNotStart_With_EmptySubject()
+        {
+            var configSubject = "";
+            await using MonitorCollectRunner toolRunner = new(_outputHelper);
+            toolRunner.DisableMetricsViaCommandLine = true;
+
+            _outputHelper.WriteLine("Generating API key.");
+
+            JwtPayload newPayload = GetJwtPayload(AuthConstants.ApiKeyJwtAudience, configSubject, AuthConstants.ApiKeyJwtInternalIssuer, AuthConstants.ApiKeyJwtDefaultExpiration);
+
+            toolRunner.ConfigurationFromEnvironment.UseApiKey(SecurityAlgorithms.EcdsaSha384, configSubject, newPayload, out string token);
+
+            await Assert.ThrowsAsync<InvalidOperationException>(toolRunner.StartAsync);
+        }
+
         [Fact]
         public async Task RejectsMissingExpiration()
         {
diff --git a/src/Tools/dotnet-monitor/ValidatableInfoResolver.cs b/src/Tools/dotnet-monitor/ValidatableInfoResolver.cs
@@ -1,4 +1,4 @@
-#nullable enable annotations
+﻿#nullable enable annotations
 //------------------------------------------------------------------------------
 // <auto-generated>
 //     This code was generated by a tool.
@@ -129,7 +129,7 @@ private ValidatableTypeInfo CreateMetricProvider()
                         containingType: typeof(global::Microsoft.Diagnostics.Monitoring.WebApi.MetricProvider),
                         propertyType: typeof(string),
                         name: "ProviderName",
-                        displayName: "Microsoft.Diagnostics.Monitoring.WebApi.OptionsDisplayStrings"
+                        displayName: "ProviderName"
                     ),
                 ]
             );
@@ -143,13 +143,13 @@ private ValidatableTypeInfo CreateMetricsOptions()
                         containingType: typeof(global::Microsoft.Diagnostics.Monitoring.WebApi.MetricsOptions),
                         propertyType: typeof(int?),
                         name: "MetricCount",
-                        displayName: "Microsoft.Diagnostics.Monitoring.WebApi.OptionsDisplayStrings"
+                        displayName: "MetricCount"
                     ),
                     new GeneratedValidatablePropertyInfo(
                         containingType: typeof(global::Microsoft.Diagnostics.Monitoring.WebApi.MetricsOptions),
                         propertyType: typeof(global::System.Collections.Generic.List<global::Microsoft.Diagnostics.Monitoring.WebApi.MetricProvider>),
                         name: "Providers",
-                        displayName: "Microsoft.Diagnostics.Monitoring.WebApi.OptionsDisplayStrings"
+                        displayName: "Providers"
                     ),
                 ]
             );
@@ -163,13 +163,13 @@ private ValidatableTypeInfo CreateMonitorApiKeyOptions()
                         containingType: typeof(global::Microsoft.Diagnostics.Tools.Monitor.MonitorApiKeyOptions),
                         propertyType: typeof(string),
                         name: "Subject",
-                        displayName: "Microsoft.Diagnostics.Monitoring.WebApi.OptionsDisplayStrings"
+                        displayName: "Subject"
                     ),
                     new GeneratedValidatablePropertyInfo(
                         containingType: typeof(global::Microsoft.Diagnostics.Tools.Monitor.MonitorApiKeyOptions),
                         propertyType: typeof(string),
                         name: "PublicKey",
-                        displayName: "Microsoft.Diagnostics.Monitoring.WebApi.OptionsDisplayStrings"
+                        displayName: "PublicKey"
                     ),
                 ]
             );
@@ -183,25 +183,25 @@ private ValidatableTypeInfo CreateAzureAdOptions()
                         containingType: typeof(global::Microsoft.Diagnostics.Tools.Monitor.AzureAdOptions),
                         propertyType: typeof(string),
                         name: "TenantId",
-                        displayName: "Microsoft.Diagnostics.Monitoring.WebApi.OptionsDisplayStrings"
+                        displayName: "TenantId"
                     ),
                     new GeneratedValidatablePropertyInfo(
                         containingType: typeof(global::Microsoft.Diagnostics.Tools.Monitor.AzureAdOptions),
                         propertyType: typeof(string),
                         name: "ClientId",
-                        displayName: "Microsoft.Diagnostics.Monitoring.WebApi.OptionsDisplayStrings"
+                        displayName: "ClientId"
                     ),
                     new GeneratedValidatablePropertyInfo(
                         containingType: typeof(global::Microsoft.Diagnostics.Tools.Monitor.AzureAdOptions),
                         propertyType: typeof(global::System.Uri),
                         name: "AppIdUri",
-                        displayName: "Microsoft.Diagnostics.Monitoring.WebApi.OptionsDisplayStrings"
+                        displayName: "AppIdUri"
                     ),
                     new GeneratedValidatablePropertyInfo(
                         containingType: typeof(global::Microsoft.Diagnostics.Tools.Monitor.AzureAdOptions),
                         propertyType: typeof(string),
                         name: "RequiredRole",
-                        displayName: "Microsoft.Diagnostics.Monitoring.WebApi.OptionsDisplayStrings"
+                        displayName: "RequiredRole"
                     ),
                 ]
             );
@@ -215,13 +215,13 @@ private ValidatableTypeInfo CreateAuthenticationOptions()
                         containingType: typeof(global::Microsoft.Diagnostics.Tools.Monitor.AuthenticationOptions),
                         propertyType: typeof(global::Microsoft.Diagnostics.Tools.Monitor.MonitorApiKeyOptions),
                         name: "MonitorApiKey",
-                        displayName: "Microsoft.Diagnostics.Monitoring.WebApi.OptionsDisplayStrings"
+                        displayName: "MonitorApiKey"
                     ),
                     new GeneratedValidatablePropertyInfo(
                         containingType: typeof(global::Microsoft.Diagnostics.Tools.Monitor.AuthenticationOptions),
                         propertyType: typeof(global::Microsoft.Diagnostics.Tools.Monitor.AzureAdOptions),
                         name: "AzureAd",
-                        displayName: "Microsoft.Diagnostics.Monitoring.WebApi.OptionsDisplayStrings"
+                        displayName: "AzureAd"
                     ),
                 ]
             );
@@ -260,8 +260,8 @@ static class MyExtensions
     [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.AspNetCore.Http.ValidationsGenerator, Version=10.0.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60", "10.0.0.0")]
     file static class GeneratedServiceCollectionExtensions
     {
-        // [global::System.Runtime.CompilerServices.InterceptsLocationAttribute(1, "M2kOaR09/X9mJ22GvhUC4+4FAABTdGFydHVwLmNz")]
-        public static global::Microsoft.Extensions.DependencyInjection.IServiceCollection AddValidation(this global::Microsoft.Extensions.DependencyInjection.IServiceCollection services, global::System.Action<ValidationOptions>? configureOptions = null)
+        // [global::System.Runtime.CompilerServices.InterceptsLocationAttribute(1, "tgKaeQ8w+KgICFY1OfbdmEk4AABWYWxpZGF0YWJsZUluZm9SZXNvbHZlci5jcw==")]
+        public static global::Microsoft.Extensions.DependencyInjection.IServiceCollection AddValidation(this global::Microsoft.Extensions.DependencyInjection.IServiceCollection services, global::System.Action<global::Microsoft.AspNetCore.Http.Validation.ValidationOptions>? configureOptions = null)
         {
             // Use non-extension method to avoid infinite recursion.
             return global::Microsoft.Extensions.DependencyInjection.ValidationServiceCollectionExtensions.AddValidation(services, options =>
@@ -288,13 +288,39 @@ private sealed record CacheKey([property: global::System.Diagnostics.CodeAnalysi
             var key = new CacheKey(containingType, propertyName);
             return _cache.GetOrAdd(key, static k =>
             {
+                var results = new global::System.Collections.Generic.List<global::System.ComponentModel.DataAnnotations.ValidationAttribute>();
+
+                // Get attributes from the property
                 var property = k.ContainingType.GetProperty(k.PropertyName);
-                if (property == null)
+                if (property != null)
                 {
-                    return [];
+                    var propertyAttributes = global::System.Reflection.CustomAttributeExtensions
+                        .GetCustomAttributes<global::System.ComponentModel.DataAnnotations.ValidationAttribute>(property, inherit: true);
+
+                    results.AddRange(propertyAttributes);
+                }
+
+                // Check constructors for parameters that match the property name
+                // to handle record scenarios
+                foreach (var constructor in k.ContainingType.GetConstructors())
+                {
+                    // Look for parameter with matching name (case insensitive)
+                    var parameter = global::System.Linq.Enumerable.FirstOrDefault(
+                        constructor.GetParameters(),
+                        p => string.Equals(p.Name, k.PropertyName, global::System.StringComparison.OrdinalIgnoreCase));
+
+                    if (parameter != null)
+                    {
+                        var paramAttributes = global::System.Reflection.CustomAttributeExtensions
+                            .GetCustomAttributes<global::System.ComponentModel.DataAnnotations.ValidationAttribute>(parameter, inherit: true);
+
+                        results.AddRange(paramAttributes);
+
+                        break;
+                    }
                 }
 
-                return [.. global::System.Reflection.CustomAttributeExtensions.GetCustomAttributes<global::System.ComponentModel.DataAnnotations.ValidationAttribute>(property, inherit: true)];
+                return results.ToArray();
             });
         }
     }
