more tests

Author: ndyakov

identity/managed_identity_provider.go

@@ -52,7 +52,7 @@ type ManagedIdentityProvider struct {
 
 // realManagedIdentityClient is a wrapper around the real mi.Client that implements our interface
 type realManagedIdentityClient struct {
-	client mi.Client
+	client ManagedIdentityClient
 }
 
 func (c *realManagedIdentityClient) AcquireToken(ctx context.Context, resource string, opts ...mi.AcquireTokenOption) (public.AuthResult, error) {

identity/managed_identity_provider_test.go

@@ -216,3 +216,90 @@ func TestRequestToken_ErrorCases(t *testing.T) {
 		})
 	}
 }
+
+// MockMIClient is a mock implementation of the mi.Client interface
+type MockMIClient struct {
+	mock.Mock
+}
+
+func (m *MockMIClient) AcquireToken(ctx context.Context, resource string, opts ...mi.AcquireTokenOption) (public.AuthResult, error) {
+	args := m.Called(ctx, resource)
+	return args.Get(0).(public.AuthResult), args.Error(1)
+}
+
+func (m *MockMIClient) Close() error {
+	args := m.Called()
+	return args.Error(0)
+}
+
+func TestRealManagedIdentityClient(t *testing.T) {
+	// Create a mock managed identity client
+	mockMIClient := new(MockManagedIdentityClient)
+	client := &realManagedIdentityClient{client: mockMIClient}
+
+	tests := []struct {
+		name          string
+		resource      string
+		setupMock     func(*MockManagedIdentityClient)
+		expectedError string
+	}{
+		{
+			name:     "Success with default resource",
+			resource: RedisResource,
+			setupMock: func(m *MockManagedIdentityClient) {
+				m.On("AcquireToken", mock.Anything, RedisResource, mock.Anything).
+					Return(public.AuthResult{
+						AccessToken: "test-token",
+						ExpiresOn:   time.Now().Add(time.Hour),
+					}, nil)
+			},
+		},
+		{
+			name:     "Success with custom resource",
+			resource: "custom-resource",
+			setupMock: func(m *MockManagedIdentityClient) {
+				m.On("AcquireToken", mock.Anything, "custom-resource", mock.Anything).
+					Return(public.AuthResult{
+						AccessToken: "test-token",
+						ExpiresOn:   time.Now().Add(time.Hour),
+					}, nil)
+			},
+		},
+		{
+			name:     "Error from underlying client",
+			resource: RedisResource,
+			setupMock: func(m *MockManagedIdentityClient) {
+				m.On("AcquireToken", mock.Anything, RedisResource, mock.Anything).
+					Return(public.AuthResult{}, errors.New("underlying client error"))
+			},
+			expectedError: "underlying client error",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			// Reset the mock for each test
+			mockMIClient.ExpectedCalls = nil
+			mockMIClient.Calls = nil
+
+			// Set up the mock
+			tt.setupMock(mockMIClient)
+
+			// Call AcquireToken with empty options slice to match mock setup
+			result, err := client.AcquireToken(context.Background(), tt.resource, []mi.AcquireTokenOption{}...)
+
+			if tt.expectedError != "" {
+				assert.Error(t, err)
+				assert.Contains(t, err.Error(), tt.expectedError)
+				assert.Equal(t, public.AuthResult{}, result)
+			} else {
+				assert.NoError(t, err)
+				assert.NotEqual(t, public.AuthResult{}, result)
+				assert.Equal(t, "test-token", result.AccessToken)
+			}
+
+			// Verify mock expectations
+			mockMIClient.AssertExpectations(t)
+		})
+	}
+}

providers_test.go

@@ -2,6 +2,7 @@ package entraid
 
 import (
 	"errors"
+	"sync"
 	"testing"
 	"time"
 
@@ -504,3 +505,96 @@ func TestCredentialsProviderInterface(t *testing.T) {
 		})
 	}
 }
+
+func TestCredentialsProviderSubscribe(t *testing.T) {
+	// Create a test token
+	testToken := token.New(
+		"test",
+		"test",
+		"mock-token",
+		time.Now().Add(time.Hour),
+		time.Now(),
+		int64(time.Hour),
+	)
+
+	// Create a test provider
+	options := ConfidentialCredentialsProviderOptions{
+		CredentialsProviderOptions: CredentialsProviderOptions{
+			ClientID: "test-client-id",
+			TokenManagerOptions: manager.TokenManagerOptions{
+				ExpirationRefreshRatio: 0.7,
+			},
+		},
+		ConfidentialIdentityProviderOptions: identity.ConfidentialIdentityProviderOptions{
+			ClientID:        "test-client-id",
+			CredentialsType: identity.ClientSecretCredentialType,
+			ClientSecret:    "test-secret",
+			Scopes:          []string{identity.RedisScopeDefault},
+			Authority:       identity.AuthorityConfiguration{},
+		},
+	}
+
+	// Set the token manager factory in the options
+	options.tokenManagerFactory = testTokenManagerFactory(testToken, nil)
+
+	provider, err := NewConfidentialCredentialsProvider(options)
+	require.NoError(t, err)
+	require.NotNil(t, provider)
+
+	t.Run("concurrent subscribe and cancel", func(t *testing.T) {
+		const numListeners = 10
+		var wg sync.WaitGroup
+		listeners := make([]*mockCredentialsListener, numListeners)
+		cancels := make([]auth.CancelProviderFunc, numListeners)
+
+		// Subscribe multiple listeners concurrently
+		for i := 0; i < numListeners; i++ {
+			wg.Add(1)
+			go func(idx int) {
+				defer wg.Done()
+				listener := &mockCredentialsListener{
+					LastTokenCh: make(chan string, 1),
+					LastErrCh:   make(chan error, 1),
+				}
+				listeners[idx] = listener
+				_, cancel, err := provider.Subscribe(listener)
+				require.NoError(t, err)
+				cancels[idx] = cancel
+			}(i)
+		}
+		wg.Wait()
+
+		// Verify all listeners received the token
+		for i, listener := range listeners {
+			select {
+			case token := <-listener.LastTokenCh:
+				assert.Equal(t, "mock-token", token, "listener %d received wrong token", i)
+			case err := <-listener.LastErrCh:
+				t.Fatalf("listener %d received error: %v", i, err)
+			}
+		}
+
+		// Cancel all subscriptions concurrently
+		for i := 0; i < numListeners; i++ {
+			wg.Add(1)
+			go func(idx int) {
+				defer wg.Done()
+				err := cancels[idx]()
+				require.NoError(t, err)
+			}(i)
+		}
+		wg.Wait()
+
+		// Verify no more tokens are sent after cancellation
+		for i, listener := range listeners {
+			select {
+			case token := <-listener.LastTokenCh:
+				t.Fatalf("listener %d received unexpected token after cancellation: %s", i, token)
+			case err := <-listener.LastErrCh:
+				t.Fatalf("listener %d received unexpected error after cancellation: %v", i, err)
+			default:
+				// No message received, which is expected
+			}
+		}
+	})
+}