From 104541bfb040f277e125f447a5f50d84c100e6e7 Mon Sep 17 00:00:00 2001
From: Julien Stroheker <juliens@microsoft.com>
Date: Wed, 2 Aug 2023 00:50:45 -0400
Subject: [PATCH] Update existing tests

---
 apps/confidential/confidential_test.go                     | 5 ++++-
 apps/internal/base/base_test.go                            | 7 +++++--
 apps/internal/base/internal/storage/items_test.go          | 3 ++-
 .../base/internal/storage/partitioned_storage_test.go      | 4 ++++
 apps/internal/base/internal/storage/storage_test.go        | 6 ++++--
 apps/internal/mock/mock.go                                 | 2 +-
 6 files changed, 20 insertions(+), 7 deletions(-)

diff --git a/apps/confidential/confidential_test.go b/apps/confidential/confidential_test.go
index ec94decf..638c4d04 100644
--- a/apps/confidential/confidential_test.go
+++ b/apps/confidential/confidential_test.go
@@ -108,6 +108,7 @@ func fakeClient(tk accesstokens.TokenResponse, credential Credential, options ..
 			fakeTokenEndpoint, "https://fake_authority/fake/jwt", "fake_authority"),
 	}
 	client.base.Token.WSTrust = &fake.WSTrust{}
+	client.base.AuthParams.AuthnScheme = &authority.BearerAuthenticationScheme{}
 	return client, nil
 }
 
@@ -136,6 +137,7 @@ func TestAcquireTokenByCredential(t *testing.T) {
 			ExpiresOn:     internalTime.DurationTime{T: time.Now().Add(1 * time.Hour)},
 			ExtExpiresOn:  internalTime.DurationTime{T: time.Now().Add(1 * time.Hour)},
 			GrantedScopes: accesstokens.Scopes{Slice: tokenScope},
+			TokenType:     "Bearer",
 		}, cred)
 		if err != nil {
 			t.Fatal(err)
@@ -1238,6 +1240,7 @@ func TestWithAuthenticationScheme(t *testing.T) {
 		ExpiresOn:     internalTime.DurationTime{T: time.Now().Add(1 * time.Hour)},
 		ExtExpiresOn:  internalTime.DurationTime{T: time.Now().Add(1 * time.Hour)},
 		GrantedScopes: accesstokens.Scopes{Slice: tokenScope},
+		TokenType:     "TokenType",
 	}, cred)
 	if err != nil {
 		t.Fatal(err)
@@ -1250,7 +1253,7 @@ func TestWithAuthenticationScheme(t *testing.T) {
 	if err != nil {
 		t.Fatal(err)
 	}
-	if result.AccessToken != "FormatedAccessToken" {
+	if result.AccessToken != token+"-formated" {
 		t.Fatalf(`unexpected access token "%s"`, result.AccessToken)
 	}
 }
diff --git a/apps/internal/base/base_test.go b/apps/internal/base/base_test.go
index d980b4f0..0757d6e8 100644
--- a/apps/internal/base/base_test.go
+++ b/apps/internal/base/base_test.go
@@ -179,6 +179,7 @@ func TestAcquireTokenSilentGrantedScopes(t *testing.T) {
 			AccessToken:   expectedToken,
 			ExpiresOn:     internalTime.DurationTime{T: time.Now().Add(time.Hour)},
 			GrantedScopes: accesstokens.Scopes{Slice: grantedScopes},
+			TokenType:     "Bearer",
 		},
 	)
 	if err != nil {
@@ -273,6 +274,7 @@ func TestCacheIOErrors(t *testing.T) {
 				ClientID:      fakeClientID,
 				HomeAccountID: hid,
 				Scopes:        testScopes,
+				AuthnScheme:   &authority.BearerAuthenticationScheme{},
 			},
 			accesstokens.TokenResponse{
 				AccessToken:   "at",
@@ -457,8 +459,9 @@ func TestApplyAuthnScheme(t *testing.T) {
 			},
 		},
 		{
-			desc: "Should returns passed AuthResult if no AuthnScheme is set",
-			at:   "noAutnScheme",
+			desc:   "Should returns passed AuthResult if no AuthnScheme is set. (defaulted to Bearer)",
+			at:     "noAutnScheme",
+			scheme: &authority.BearerAuthenticationScheme{},
 			want: AuthResult{
 				AccessToken: "noAutnScheme",
 			},
diff --git a/apps/internal/base/internal/storage/items_test.go b/apps/internal/base/internal/storage/items_test.go
index e2b32235..e3100466 100644
--- a/apps/internal/base/internal/storage/items_test.go
+++ b/apps/internal/base/internal/storage/items_test.go
@@ -38,6 +38,7 @@ var (
 		ExpiresOn:         internalTime.Unix{T: expiresOn},
 		ExtendedExpiresOn: internalTime.Unix{T: extExpiresOn},
 		CachedAt:          internalTime.Unix{T: cachedAt},
+		TokenType:         "Bearer",
 	}
 )
 
@@ -63,7 +64,7 @@ func TestCreateAccessToken(t *testing.T) {
 }
 
 func TestKeyForAccessToken(t *testing.T) {
-	const want = "testhid-env-accesstoken-clientid-realm-user.read"
+	const want = "testhid-env-accesstoken-clientid-realm-user.read-bearer"
 	got := atCacheEntity.Key()
 	if got != want {
 		t.Errorf("TestKeyForAccessToken: got %s, want %s", got, want)
diff --git a/apps/internal/base/internal/storage/partitioned_storage_test.go b/apps/internal/base/internal/storage/partitioned_storage_test.go
index 965abee9..b2ce6c48 100644
--- a/apps/internal/base/internal/storage/partitioned_storage_test.go
+++ b/apps/internal/base/internal/storage/partitioned_storage_test.go
@@ -52,6 +52,7 @@ func TestOBOAccessTokenScopes(t *testing.T) {
 			Scopes:            scope,
 			UserAssertion:     upn + "-assertion",
 			Username:          idt.PreferredUsername,
+			AuthnScheme:       &authority.BearerAuthenticationScheme{},
 		}
 		_, err := mgr.Write(
 			ap,
@@ -62,6 +63,7 @@ func TestOBOAccessTokenScopes(t *testing.T) {
 				GrantedScopes: accesstokens.Scopes{Slice: scope},
 				IDToken:       idt,
 				RefreshToken:  upn + "-rt",
+				TokenType:     "Bearer",
 			},
 		)
 		if err != nil {
@@ -112,6 +114,7 @@ func TestOBOPartitioning(t *testing.T) {
 			Scopes:            scopes,
 			UserAssertion:     upn + "-assertion",
 			Username:          idt.PreferredUsername,
+			AuthnScheme:       &authority.BearerAuthenticationScheme{},
 		}
 		account, err := mgr.Write(
 			authParams[i],
@@ -122,6 +125,7 @@ func TestOBOPartitioning(t *testing.T) {
 				GrantedScopes: accesstokens.Scopes{Slice: scopes},
 				IDToken:       idt,
 				RefreshToken:  upn + "-rt",
+				TokenType:     "Bearer",
 			},
 		)
 		if err != nil {
diff --git a/apps/internal/base/internal/storage/storage_test.go b/apps/internal/base/internal/storage/storage_test.go
index 5fd10001..fa230848 100644
--- a/apps/internal/base/internal/storage/storage_test.go
+++ b/apps/internal/base/internal/storage/storage_test.go
@@ -726,7 +726,7 @@ func TestRead(t *testing.T) {
 		time.Now(),
 		"openid profile",
 		"secret",
-		"tokenType",
+		"Bearer",
 		"",
 	)
 	testIDToken := NewIDToken("hid", "env", "realm", "cid", "secret")
@@ -761,6 +761,7 @@ func TestRead(t *testing.T) {
 		AuthorityInfo: authInfo,
 		ClientID:      "cid",
 		Scopes:        []string{"openid", "profile"},
+		AuthnScheme:   &authority.BearerAuthenticationScheme{},
 	}
 
 	tests := []struct {
@@ -848,6 +849,7 @@ func TestWrite(t *testing.T) {
 		GrantedScopes: accesstokens.Scopes{Slice: []string{"openid", "profile"}},
 		ExpiresOn:     expiresOn,
 		ExtExpiresOn:  internalTime.DurationTime{T: now},
+		TokenType:     "Bearer",
 	}
 	authInfo := authority.Info{Host: "env", Tenant: "realm", AuthorityType: accAuth}
 	authParams := authority.AuthParams{
@@ -872,7 +874,7 @@ func TestWrite(t *testing.T) {
 		now,
 		"openid profile",
 		"accessToken",
-		"tokenType",
+		"Bearer",
 		"",
 	)
 
diff --git a/apps/internal/mock/mock.go b/apps/internal/mock/mock.go
index 0599b4a8..0766e5e9 100644
--- a/apps/internal/mock/mock.go
+++ b/apps/internal/mock/mock.go
@@ -78,7 +78,7 @@ func (*Client) CloseIdleConnections() {}
 
 func GetAccessTokenBody(accessToken, idToken, refreshToken, clientInfo string, expiresIn int) []byte {
 	body := fmt.Sprintf(
-		`{"access_token": "%s","expires_in": %d,"expires_on": %d`,
+		`{"access_token": "%s","expires_in": %d,"expires_on": %d,"token_type": "Bearer"`,
 		accessToken, expiresIn, time.Now().Add(time.Duration(expiresIn)*time.Second).Unix(),
 	)
 	if clientInfo != "" {