diff --git a/.github/wordlist.txt b/.github/wordlist.txt index 32a6f7f..60ba15c 100644 --- a/.github/wordlist.txt +++ b/.github/wordlist.txt @@ -16,6 +16,8 @@ ClusterPipeline ClusterPubSub ConnectionPool CoreCommands +Entra +EntraID EVAL EVALSHA Failback @@ -30,6 +32,7 @@ GeoRadiusParam GeoRadiusStoreParam GeoUnit GraphCommands +Gradle Grokzen's HostAndPort HostnameVerifier @@ -41,6 +44,7 @@ JSONArray JSONCommands Jaeger Javadocs +Jedis ListPosition Ludovico Magnocavallo @@ -59,6 +63,7 @@ POJOs PubSub Queable READONLY +Reauthentication RediSearch RediSearchCommands RedisBloom diff --git a/entraid/src/main/java/redis/clients/authentication/entraid/EntraIDTokenAuthConfigBuilder.java b/entraid/src/main/java/redis/clients/authentication/entraid/EntraIDTokenAuthConfigBuilder.java index d74c002..6eeefc4 100644 --- a/entraid/src/main/java/redis/clients/authentication/entraid/EntraIDTokenAuthConfigBuilder.java +++ b/entraid/src/main/java/redis/clients/authentication/entraid/EntraIDTokenAuthConfigBuilder.java @@ -118,6 +118,11 @@ public TokenAuthConfig build() { throw new RedisEntraIDException( "Cannot have both customEntraIdAuthenticationSupplier and ServicePrincipal/ManagedIdentity!"); } + if (this.customEntraIdAuthenticationSupplier == null && spi == null && mii == null) { + throw new RedisEntraIDException( + "Missing configuration. One of customEntraIdAuthenticationSupplier, ServicePrincipal or ManagedIdentity must be configured!"); + } + if (spi != null) { super.identityProviderConfig( new EntraIDIdentityProviderConfig(spi, scopes, tokenRequestExecTimeoutInMs)); diff --git a/entraid/src/test/java/redis/clients/authentication/EntraIDUnitTests.java b/entraid/src/test/java/redis/clients/authentication/EntraIDUnitTests.java index 923080d..2a4d322 100644 --- a/entraid/src/test/java/redis/clients/authentication/EntraIDUnitTests.java +++ b/entraid/src/test/java/redis/clients/authentication/EntraIDUnitTests.java @@ -37,6 +37,8 @@ import java.util.concurrent.atomic.AtomicInteger; import java.util.function.Supplier; +import com.microsoft.aad.msal4j.IAccount; +import com.microsoft.aad.msal4j.ITenantProfile; import org.awaitility.Awaitility; import org.awaitility.Durations; import org.junit.Test; @@ -64,6 +66,7 @@ import redis.clients.authentication.entraid.EntraIDTokenAuthConfigBuilder; import redis.clients.authentication.entraid.JWToken; import redis.clients.authentication.entraid.ManagedIdentityInfo; +import redis.clients.authentication.entraid.RedisEntraIDException; import redis.clients.authentication.entraid.ServicePrincipalInfo; import redis.clients.authentication.entraid.ManagedIdentityInfo.UserManagedIdentityType; @@ -143,6 +146,28 @@ public void testConfigBuilder() { } } + @Test + public void testConfigBuilderThrowsErrorIfMissconfigured() { + + // Missing Configuration + assertThrows(RedisEntraIDException.class,() -> EntraIDTokenAuthConfigBuilder.builder().build()); + + // spi & mpi configured + assertThrows(RedisEntraIDException.class,() -> EntraIDTokenAuthConfigBuilder.builder() + .clientId("clientid") + .secret("secret") + .systemAssignedManagedIdentity() + .build()); + + // spi || mpi && customEntraIdAuthenticationSupplier configured + assertThrows(RedisEntraIDException.class,() -> EntraIDTokenAuthConfigBuilder.builder() + .clientId("clientid") + .secret("secret") + .customEntraIdAuthenticationSupplier(() -> mock(IAuthenticationResult.class)) + .build()); + } + + // T.1.2 // Implement a stubbed IdentityProvider and verify that the TokenManager works normally and handles: // network errors or other exceptions thrown from the IdentityProvider @@ -529,6 +554,7 @@ public void renewalTimingConfigTest() { int maxAttemptsToRetry = 6; int tokenRequestExecTimeoutInMs = 401; TokenAuthConfig tokenAuthConfig = EntraIDTokenAuthConfigBuilder.builder() + .clientId("testClientId").secret("testSecret") .expirationRefreshRatio(refreshRatio).delayInMsToRetry(delayInMsToRetry) .lowerRefreshBoundMillis(lowerRefreshBoundMillis) .maxAttemptsToRetry(maxAttemptsToRetry)