Fix Sasl Plain Authenticator (#903)

* Fix Sasl Plain Authenticator * Add comment
Azure · Mar 11, 2019 · bb6c327 · bb6c327
1 parent afabd86
commit bb6c327
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 4 deletions.
diff --git a/edge-hub/src/Microsoft.Azure.Devices.Edge.Hub.Amqp/EdgeSaslPlainAuthenticator.cs b/edge-hub/src/Microsoft.Azure.Devices.Edge.Hub.Amqp/EdgeSaslPlainAuthenticator.cs
@@ -38,9 +38,13 @@ public async Task<IPrincipal> AuthenticateAsync(string identity, string password
                     throw new EdgeHubConnectionException("Identity does not contain device ID.");
                 }
 
-                if (!this.iotHubHostName.Equals(iotHubName))
+                // iotHubName can be a segment of the full iotHubHostName.
+                // For example, if iotHubHostName = testhub1.azure-devices.net,
+                // then iotHubName = testhub1 is valid.
+                if (!this.iotHubHostName.StartsWith(iotHubName, StringComparison.OrdinalIgnoreCase) ||
+                    this.iotHubHostName[iotHubName.Length] != '.')
                 {
-                    throw new EdgeHubConnectionException($"Identity contains an invalid IotHubHostName {iotHubName}, expected value {this.iotHubHostName}.");
+                    throw new EdgeHubConnectionException($"Identity contains an invalid IotHubHostName {iotHubName}.");
                 }
 
                 // TODO: Figure out where the device client type parameter value should come from.

diff --git a/edge-hub/test/Microsoft.Azure.Devices.Edge.Hub.Amqp.Test/EdgeSaslPlainAuthenticatorTest.cs b/edge-hub/test/Microsoft.Azure.Devices.Edge.Hub.Amqp.Test/EdgeSaslPlainAuthenticatorTest.cs
@@ -85,11 +85,11 @@ public async void TestAuthFailed()
 
         [Fact]
         [Unit]
-        public async void TestAuthSucceeds()
+        public async void TestAuthSucceeds_Module()
         {
             var authenticator = Mock.Of<IAuthenticator>();
             var clientCredentialsFactory = Mock.Of<IClientCredentialsFactory>();
-            var saslAuthenticator = new EdgeSaslPlainAuthenticator(authenticator, clientCredentialsFactory, "hub1");
+            var saslAuthenticator = new EdgeSaslPlainAuthenticator(authenticator, clientCredentialsFactory, "hub1.azure-devices.net");
             var identity = new ModuleIdentity("hub1", "dev1", "mod1");
             var clientCredentials = Mock.Of<IClientCredentials>(c => c.Identity == identity);
             const string UserId = "dev1/modules/[email protected]";
@@ -109,5 +109,32 @@ public async void TestAuthSucceeds()
             bool isAuthenticated = await amqpAuthenticator.AuthenticateAsync("dev1/mod1");
             Assert.True(isAuthenticated);
         }
+
+        [Fact]
+        [Unit]
+        public async void TestAuthSucceeds_Device()
+        {
+            var authenticator = Mock.Of<IAuthenticator>();
+            var clientCredentialsFactory = Mock.Of<IClientCredentialsFactory>();
+            var saslAuthenticator = new EdgeSaslPlainAuthenticator(authenticator, clientCredentialsFactory, "hub1.azure-devices.net");
+            var identity = new DeviceIdentity("hub1", "dev1");
+            var clientCredentials = Mock.Of<IClientCredentials>(c => c.Identity == identity);
+            const string UserId = "[email protected]";
+            const string Password = "pwd";
+
+            Mock.Get(clientCredentialsFactory).Setup(f => f.GetWithSasToken("dev1", string.Empty, string.Empty, Password, false))
+                .Returns(clientCredentials);
+            Mock.Get(authenticator).Setup(a => a.AuthenticateAsync(clientCredentials))
+                .ReturnsAsync(true);
+
+            IPrincipal principal = await saslAuthenticator.AuthenticateAsync(UserId, Password);
+            Assert.NotNull(principal);
+
+            var amqpAuthenticator = principal as IAmqpAuthenticator;
+            Assert.NotNull(amqpAuthenticator);
+
+            bool isAuthenticated = await amqpAuthenticator.AuthenticateAsync("dev1");
+            Assert.True(isAuthenticated);
+        }
     }
 }