From a0d30ff9272aadd6cb0e6df0395a20aea49056ac Mon Sep 17 00:00:00 2001 From: Esta Nagy Date: Sat, 2 Sep 2023 11:11:34 +0200 Subject: [PATCH] Bugfix - Allow configuration of disableChallengeResourceVerification property of AKV SecretClient (#36603) * Allows configuration of disableChallengeResourceVerification property - Adds disableChallengeResourceVerification property to properties objects - Includes new property in mapping methods - Configures SecretClient in Factory when disableChallengeResourceVerification is set - Configures CertificateClient in Factory when disableChallengeResourceVerification is set - Updates/adds new tests - Updates Changelog Resolves #36561 Signed-off-by: Esta Nagy * Allows configuration of disableChallengeResourceVerification property - Code review fixes #1 - Renames disableChallengeResourceVerification to challengeResourceVerificationEnabled - Adds additional JavaDoc Resolves #36561 Signed-off-by: Esta Nagy * Allows configuration of disableChallengeResourceVerification property - Fix a missed JavaDoc Signed-off-by: Esta Nagy * Improve the configuration properties javadoc, and complete the additional-spring-configuration-metadata.json * Allows configuration of disableChallengeResourceVerification property - Code review fixes #3 - Simplifies factory method logic as per code review recommendation Resolves #36561 Signed-off-by: Esta Nagy --------- Signed-off-by: Esta Nagy Co-authored-by: Azure SDK Bot <53356347+azure-sdk@users.noreply.github.com> Co-authored-by: Xiaolu Dai --- sdk/spring/CHANGELOG.md | 8 ++++++ .../common/AzureKeyVaultProperties.java | 23 +++++++++++++++++ .../KeyVaultEnvironmentPostProcessor.java | 2 ++ ...AzureKeyVaultPropertySourceProperties.java | 23 +++++++++++++++++ ...itional-spring-configuration-metadata.json | 7 ++++++ ...aultCertificateAutoConfigurationTests.java | 5 +++- ...KeyVaultEnvironmentPostProcessorTests.java | 25 +++++++++++++++++++ ...eKeyVaultSecretAutoConfigurationTests.java | 2 ++ .../keyvault/KeyVaultProperties.java | 2 ++ .../CertificateClientBuilderFactory.java | 2 ++ .../secrets/SecretClientBuilderFactory.java | 2 ++ ...zureKeyVaultCertificateTestProperties.java | 11 ++++++++ .../CertificateClientBuilderFactoryTests.java | 8 +++--- .../AzureKeyVaultSecretTestProperties.java | 10 ++++++++ .../SecretClientBuilderFactoryTests.java | 2 ++ 15 files changed, 128 insertions(+), 4 deletions(-) diff --git a/sdk/spring/CHANGELOG.md b/sdk/spring/CHANGELOG.md index a70f6b0c82ea4..9d4dd0f323818 100644 --- a/sdk/spring/CHANGELOG.md +++ b/sdk/spring/CHANGELOG.md @@ -1,5 +1,13 @@ # Release History +## 5.6.0-beta.1 (Unreleased) + +### Spring Cloud Azure Autoconfigure +This section includes changes in `spring-cloud-azure-autoconfigure` module. + +#### Bugs Fixed +- Fix the issue that prevented the `disableChallengeResourceVerification` property of the AKV `SecretClient` to be configured [#36561](https://github.com/Azure/azure-sdk-for-java/issues/36561). + ## 5.5.0 (2023-08-28) - This release is compatible with Spring Boot 3.0.0-3.1.2. (Note: 3.1.x (x>2) should be supported, but they aren't tested with this release.) - This release is compatible with Spring Cloud 2022.0.0-2022.0.4. (Note: 2022.0.x (x>4) should be supported, but they aren't tested with this release.) diff --git a/sdk/spring/spring-cloud-azure-autoconfigure/src/main/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/common/AzureKeyVaultProperties.java b/sdk/spring/spring-cloud-azure-autoconfigure/src/main/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/common/AzureKeyVaultProperties.java index 7e7740f2dff32..e6951f7cc4f9d 100644 --- a/sdk/spring/spring-cloud-azure-autoconfigure/src/main/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/common/AzureKeyVaultProperties.java +++ b/sdk/spring/spring-cloud-azure-autoconfigure/src/main/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/common/AzureKeyVaultProperties.java @@ -19,6 +19,12 @@ public class AzureKeyVaultProperties extends AbstractAzureHttpConfigurationPrope */ private String endpoint; + /** + * Whether to enable the Azure Key Vault challenge resource verification, default: true. + * Calls the disableChallengeResourceVerification method of the Azure Key Vault Client Builder when set to false. + */ + private boolean challengeResourceVerificationEnabled = true; + /** * * @return The Azure Key Vault endpoint. @@ -34,4 +40,21 @@ public String getEndpoint() { public void setEndpoint(String endpoint) { this.endpoint = endpoint; } + + /** + * + * @return Whether we should keep the challenge resource verification for the Azure Key Vault Client + */ + public boolean isChallengeResourceVerificationEnabled() { + return challengeResourceVerificationEnabled; + } + + /** + * + * @param challengeResourceVerificationEnabled Whether we should keep Azure Key Vault challenge resource verification enabled + */ + public void setChallengeResourceVerificationEnabled( + boolean challengeResourceVerificationEnabled) { + this.challengeResourceVerificationEnabled = challengeResourceVerificationEnabled; + } } diff --git a/sdk/spring/spring-cloud-azure-autoconfigure/src/main/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/environment/KeyVaultEnvironmentPostProcessor.java b/sdk/spring/spring-cloud-azure-autoconfigure/src/main/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/environment/KeyVaultEnvironmentPostProcessor.java index 54e9bc7932b0c..9b8a54b8fdcb8 100644 --- a/sdk/spring/spring-cloud-azure-autoconfigure/src/main/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/environment/KeyVaultEnvironmentPostProcessor.java +++ b/sdk/spring/spring-cloud-azure-autoconfigure/src/main/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/environment/KeyVaultEnvironmentPostProcessor.java @@ -143,6 +143,7 @@ private AzureKeyVaultSecretProperties toAzureKeyVaultSecretProperties( AzurePropertiesUtils.copyAzureCommonProperties(propertySourceProperties, secretProperties); secretProperties.setEndpoint(propertySourceProperties.getEndpoint()); secretProperties.setServiceVersion(propertySourceProperties.getServiceVersion()); + secretProperties.setChallengeResourceVerificationEnabled(propertySourceProperties.isChallengeResourceVerificationEnabled()); return secretProperties; } @@ -197,6 +198,7 @@ private AzureKeyVaultPropertySourceProperties buildMergedProperties( mergedProperties.setCaseSensitive(propertySourceProperties.isCaseSensitive()); mergedProperties.setSecretKeys(propertySourceProperties.getSecretKeys()); mergedProperties.setRefreshInterval(propertySourceProperties.getRefreshInterval()); + mergedProperties.setChallengeResourceVerificationEnabled(propertySourceProperties.isChallengeResourceVerificationEnabled()); return mergedProperties; } diff --git a/sdk/spring/spring-cloud-azure-autoconfigure/src/main/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/secrets/properties/AzureKeyVaultPropertySourceProperties.java b/sdk/spring/spring-cloud-azure-autoconfigure/src/main/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/secrets/properties/AzureKeyVaultPropertySourceProperties.java index ef7cdbec49bbd..dd7202bd53dce 100644 --- a/sdk/spring/spring-cloud-azure-autoconfigure/src/main/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/secrets/properties/AzureKeyVaultPropertySourceProperties.java +++ b/sdk/spring/spring-cloud-azure-autoconfigure/src/main/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/secrets/properties/AzureKeyVaultPropertySourceProperties.java @@ -43,6 +43,12 @@ public class AzureKeyVaultPropertySourceProperties extends AbstractAzureHttpConf */ private Duration refreshInterval = DEFAULT_REFRESH_INTERVAL; + /** + * Whether to enable the Azure Key Vault challenge resource verification, default: true. + * Calls the disableChallengeResourceVerification method of the Azure Key Vault Client Builder when set to false. + */ + private boolean challengeResourceVerificationEnabled = true; + /** * * @return The name of this property source. @@ -138,4 +144,21 @@ public Duration getRefreshInterval() { public void setRefreshInterval(Duration refreshInterval) { this.refreshInterval = refreshInterval; } + + /** + * + * @return Whether we should keep Azure Key Vault challenge resource verification enabled + */ + public boolean isChallengeResourceVerificationEnabled() { + return challengeResourceVerificationEnabled; + } + + /** + * + * @param challengeResourceVerificationEnabled Whether we should keep Azure Key Vault challenge resource verification enabled + */ + public void setChallengeResourceVerificationEnabled( + boolean challengeResourceVerificationEnabled) { + this.challengeResourceVerificationEnabled = challengeResourceVerificationEnabled; + } } diff --git a/sdk/spring/spring-cloud-azure-autoconfigure/src/main/resources/META-INF/additional-spring-configuration-metadata.json b/sdk/spring/spring-cloud-azure-autoconfigure/src/main/resources/META-INF/additional-spring-configuration-metadata.json index 2fbf22be3e749..d529b1b715fe8 100644 --- a/sdk/spring/spring-cloud-azure-autoconfigure/src/main/resources/META-INF/additional-spring-configuration-metadata.json +++ b/sdk/spring/spring-cloud-azure-autoconfigure/src/main/resources/META-INF/additional-spring-configuration-metadata.json @@ -528,6 +528,13 @@ "description": "Secret service version used when making API requests.", "sourceType": "com.azure.spring.cloud.autoconfigure.implementation.keyvault.secrets.properties.AzureKeyVaultPropertySourceProperties" }, + { + "name": "spring.cloud.azure.keyvault.secret.property-sources[0].challenge-resource-verification-enabled", + "type": "java.lang.Boolean", + "description": "Whether to enable the Azure Key Vault challenge resource verification, default: true. Calls the disableChallengeResourceVerification method of the Azure Key Vault Client Builder when set to false.", + "sourceType": "com.azure.spring.cloud.autoconfigure.implementation.keyvault.secrets.properties.AzureKeyVaultPropertySourceProperties", + "defaultValue": true + }, { "name": "spring.datasource.azure.credential.client-id", "type": "java.lang.String", diff --git a/sdk/spring/spring-cloud-azure-autoconfigure/src/test/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/certificates/AzureKeyVaultCertificateAutoConfigurationTests.java b/sdk/spring/spring-cloud-azure-autoconfigure/src/test/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/certificates/AzureKeyVaultCertificateAutoConfigurationTests.java index 3d40ddd721733..33543a634e2d6 100644 --- a/sdk/spring/spring-cloud-azure-autoconfigure/src/test/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/certificates/AzureKeyVaultCertificateAutoConfigurationTests.java +++ b/sdk/spring/spring-cloud-azure-autoconfigure/src/test/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/certificates/AzureKeyVaultCertificateAutoConfigurationTests.java @@ -22,6 +22,7 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertFalse; class AzureKeyVaultCertificateAutoConfigurationTests extends AbstractAzureServiceConfigurationTests< CertificateClientBuilderFactory, AzureKeyVaultCertificateProperties> { @@ -139,13 +140,15 @@ void configurationPropertiesShouldBind() { this.contextRunner .withPropertyValues( "spring.cloud.azure.keyvault.certificate.endpoint=" + endpoint, - "spring.cloud.azure.keyvault.certificate.service-version=V7_2" + "spring.cloud.azure.keyvault.certificate.service-version=V7_2", + "spring.cloud.azure.keyvault.certificate.challenge-resource-verification-enabled=false" ) .run(context -> { assertThat(context).hasSingleBean(AzureKeyVaultCertificateProperties.class); AzureKeyVaultCertificateProperties properties = context.getBean(AzureKeyVaultCertificateProperties.class); assertEquals(endpoint, properties.getEndpoint()); assertEquals(CertificateServiceVersion.V7_2, properties.getServiceVersion()); + assertFalse(properties.isChallengeResourceVerificationEnabled()); }); } diff --git a/sdk/spring/spring-cloud-azure-autoconfigure/src/test/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/environment/KeyVaultEnvironmentPostProcessorTests.java b/sdk/spring/spring-cloud-azure-autoconfigure/src/test/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/environment/KeyVaultEnvironmentPostProcessorTests.java index af46cdccd5960..923d3aa3c5a53 100644 --- a/sdk/spring/spring-cloud-azure-autoconfigure/src/test/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/environment/KeyVaultEnvironmentPostProcessorTests.java +++ b/sdk/spring/spring-cloud-azure-autoconfigure/src/test/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/environment/KeyVaultEnvironmentPostProcessorTests.java @@ -275,6 +275,31 @@ void specificPropertiesHasHigherPriorityThanGlobalPropertiesTest() { assertEquals(specificMaxRetries, properties.getRetry().getFixed().getMaxRetries()); } + @Test + void challengeResourceVerificationEnabledCanBeSetAsFalseTest() { + environment.setProperty("spring.cloud.azure.keyvault.secret.property-source-enabled", "true"); + environment.setProperty("spring.cloud.azure.keyvault.secret.property-sources[0].challenge-resource-verification-enabled", "false"); + environment.setProperty("spring.cloud.azure.keyvault.secret.property-sources[0].enabled", "true"); + environment.setProperty("spring.cloud.azure.keyvault.secret.property-sources[0].name", NAME_0); + environment.setProperty("spring.cloud.azure.keyvault.secret.property-sources[0].endpoint", ENDPOINT_0); + AzureKeyVaultSecretProperties secretProperties = processor.loadProperties(environment); + AzureKeyVaultPropertySourceProperties properties = secretProperties.getPropertySources().get(0); + assertTrue(secretProperties.isChallengeResourceVerificationEnabled()); + assertFalse(properties.isChallengeResourceVerificationEnabled()); + } + + @Test + void challengeResourceVerificationEnabledIsSetByDefaultTest() { + environment.setProperty("spring.cloud.azure.keyvault.secret.property-source-enabled", "true"); + environment.setProperty("spring.cloud.azure.keyvault.secret.property-sources[0].enabled", "true"); + environment.setProperty("spring.cloud.azure.keyvault.secret.property-sources[0].name", NAME_0); + environment.setProperty("spring.cloud.azure.keyvault.secret.property-sources[0].endpoint", ENDPOINT_0); + AzureKeyVaultSecretProperties secretProperties = processor.loadProperties(environment); + AzureKeyVaultPropertySourceProperties properties = secretProperties.getPropertySources().get(0); + assertTrue(secretProperties.isChallengeResourceVerificationEnabled()); + assertTrue(properties.isChallengeResourceVerificationEnabled()); + } + @Disabled("Disable it to unblock Azure Dev Ops pipeline: https://dev.azure.com/azure-sdk/public/_build/results?buildId=1434354&view=logs&j=c1fb1ddd-7688-52ac-4c5f-1467e51181f3") @Test void buildKeyVaultPropertySourceWithExceptionTest() { diff --git a/sdk/spring/spring-cloud-azure-autoconfigure/src/test/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/secrets/AzureKeyVaultSecretAutoConfigurationTests.java b/sdk/spring/spring-cloud-azure-autoconfigure/src/test/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/secrets/AzureKeyVaultSecretAutoConfigurationTests.java index a61ac4e15643e..b53ba7442e2b2 100644 --- a/sdk/spring/spring-cloud-azure-autoconfigure/src/test/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/secrets/AzureKeyVaultSecretAutoConfigurationTests.java +++ b/sdk/spring/spring-cloud-azure-autoconfigure/src/test/java/com/azure/spring/cloud/autoconfigure/implementation/keyvault/secrets/AzureKeyVaultSecretAutoConfigurationTests.java @@ -145,6 +145,7 @@ void configurationPropertiesShouldBind() { .withPropertyValues( "spring.cloud.azure.keyvault.secret.endpoint=" + endpoint, "spring.cloud.azure.keyvault.secret.service-version=V7_2", + "spring.cloud.azure.keyvault.secret.challenge-resource-verification-enabled=false", "spring.cloud.azure.keyvault.secret.property-source-enabled=false", "spring.cloud.azure.keyvault.secret.property-sources[0].endpoint=" + endpoint + "-1", @@ -161,6 +162,7 @@ void configurationPropertiesShouldBind() { assertEquals(endpoint, properties.getEndpoint()); assertFalse(properties.isPropertySourceEnabled()); assertEquals(SecretServiceVersion.V7_2, properties.getServiceVersion()); + assertFalse(properties.isChallengeResourceVerificationEnabled()); AzureKeyVaultPropertySourceProperties propertySourceProperties = properties.getPropertySources().get(0); assertEquals(endpoint + "-1", propertySourceProperties.getEndpoint()); diff --git a/sdk/spring/spring-cloud-azure-service/src/main/java/com/azure/spring/cloud/service/implementation/keyvault/KeyVaultProperties.java b/sdk/spring/spring-cloud-azure-service/src/main/java/com/azure/spring/cloud/service/implementation/keyvault/KeyVaultProperties.java index 8b14dc6e7f9b8..6da8ebe42252c 100644 --- a/sdk/spring/spring-cloud-azure-service/src/main/java/com/azure/spring/cloud/service/implementation/keyvault/KeyVaultProperties.java +++ b/sdk/spring/spring-cloud-azure-service/src/main/java/com/azure/spring/cloud/service/implementation/keyvault/KeyVaultProperties.java @@ -13,4 +13,6 @@ public interface KeyVaultProperties extends AzureProperties, RetryOptionsProvide String getEndpoint(); + boolean isChallengeResourceVerificationEnabled(); + } diff --git a/sdk/spring/spring-cloud-azure-service/src/main/java/com/azure/spring/cloud/service/implementation/keyvault/certificates/CertificateClientBuilderFactory.java b/sdk/spring/spring-cloud-azure-service/src/main/java/com/azure/spring/cloud/service/implementation/keyvault/certificates/CertificateClientBuilderFactory.java index b0bb32520de55..3800529018f41 100644 --- a/sdk/spring/spring-cloud-azure-service/src/main/java/com/azure/spring/cloud/service/implementation/keyvault/certificates/CertificateClientBuilderFactory.java +++ b/sdk/spring/spring-cloud-azure-service/src/main/java/com/azure/spring/cloud/service/implementation/keyvault/certificates/CertificateClientBuilderFactory.java @@ -88,6 +88,8 @@ protected void configureService(CertificateClientBuilder builder) { PropertyMapper map = new PropertyMapper(); map.from(certificateClientProperties.getEndpoint()).to(builder::vaultUrl); map.from(certificateClientProperties.getServiceVersion()).to(builder::serviceVersion); + map.from(certificateClientProperties.isChallengeResourceVerificationEnabled()) + .whenFalse().to(enabled -> builder.disableChallengeResourceVerification()); } @Override diff --git a/sdk/spring/spring-cloud-azure-service/src/main/java/com/azure/spring/cloud/service/implementation/keyvault/secrets/SecretClientBuilderFactory.java b/sdk/spring/spring-cloud-azure-service/src/main/java/com/azure/spring/cloud/service/implementation/keyvault/secrets/SecretClientBuilderFactory.java index 19b9809516125..3b009e141f6c8 100644 --- a/sdk/spring/spring-cloud-azure-service/src/main/java/com/azure/spring/cloud/service/implementation/keyvault/secrets/SecretClientBuilderFactory.java +++ b/sdk/spring/spring-cloud-azure-service/src/main/java/com/azure/spring/cloud/service/implementation/keyvault/secrets/SecretClientBuilderFactory.java @@ -88,6 +88,8 @@ protected void configureService(SecretClientBuilder builder) { PropertyMapper map = new PropertyMapper(); map.from(secretClientProperties.getEndpoint()).to(builder::vaultUrl); map.from(secretClientProperties.getServiceVersion()).to(builder::serviceVersion); + map.from(secretClientProperties.isChallengeResourceVerificationEnabled()) + .whenFalse().to(enabled -> builder.disableChallengeResourceVerification()); } @Override diff --git a/sdk/spring/spring-cloud-azure-service/src/test/java/com/azure/spring/cloud/service/implementation/keyvault/certificates/AzureKeyVaultCertificateTestProperties.java b/sdk/spring/spring-cloud-azure-service/src/test/java/com/azure/spring/cloud/service/implementation/keyvault/certificates/AzureKeyVaultCertificateTestProperties.java index 2e205fe304ac4..3f9159b025ecd 100644 --- a/sdk/spring/spring-cloud-azure-service/src/test/java/com/azure/spring/cloud/service/implementation/keyvault/certificates/AzureKeyVaultCertificateTestProperties.java +++ b/sdk/spring/spring-cloud-azure-service/src/test/java/com/azure/spring/cloud/service/implementation/keyvault/certificates/AzureKeyVaultCertificateTestProperties.java @@ -11,6 +11,8 @@ class AzureKeyVaultCertificateTestProperties extends AzureHttpSdkProperties impl private String endpoint; private CertificateServiceVersion serviceVersion; + private boolean challengeResourceVerificationEnabled = true; + @Override public String getEndpoint() { return endpoint; @@ -28,4 +30,13 @@ public CertificateServiceVersion getServiceVersion() { public void setServiceVersion(CertificateServiceVersion serviceVersion) { this.serviceVersion = serviceVersion; } + + @Override + public boolean isChallengeResourceVerificationEnabled() { + return challengeResourceVerificationEnabled; + } + + public void setChallengeResourceVerificationEnabled(boolean challengeResourceVerificationEnabled) { + this.challengeResourceVerificationEnabled = challengeResourceVerificationEnabled; + } } diff --git a/sdk/spring/spring-cloud-azure-service/src/test/java/com/azure/spring/cloud/service/implementation/keyvault/certificates/CertificateClientBuilderFactoryTests.java b/sdk/spring/spring-cloud-azure-service/src/test/java/com/azure/spring/cloud/service/implementation/keyvault/certificates/CertificateClientBuilderFactoryTests.java index a6901835b9de0..a03566ad92ad4 100644 --- a/sdk/spring/spring-cloud-azure-service/src/test/java/com/azure/spring/cloud/service/implementation/keyvault/certificates/CertificateClientBuilderFactoryTests.java +++ b/sdk/spring/spring-cloud-azure-service/src/test/java/com/azure/spring/cloud/service/implementation/keyvault/certificates/CertificateClientBuilderFactoryTests.java @@ -23,9 +23,9 @@ /** * */ -class CertificateClientBuilderFactoryTests extends +class CertificateClientBuilderFactoryTests extends AzureHttpClientBuilderFactoryBaseTests< - CertificateClientBuilder, + CertificateClientBuilder, AzureKeyVaultCertificateTestProperties, CertificateClientBuilderFactoryTests.CertificateClientBuilderFactoryExt> { @@ -52,11 +52,13 @@ protected void verifyServicePropertiesConfigured() { AzureKeyVaultCertificateTestProperties properties = new AzureKeyVaultCertificateTestProperties(); properties.setServiceVersion(CertificateServiceVersion.V7_0); properties.setEndpoint(ENDPOINT); + properties.setChallengeResourceVerificationEnabled(false); final CertificateClientBuilderFactoryExt factoryExt = new CertificateClientBuilderFactoryExt(properties); final CertificateClientBuilder builder = factoryExt.build(); verify(builder, times(1)).serviceVersion(CertificateServiceVersion.V7_0); verify(builder, times(1)).vaultUrl(ENDPOINT); + verify(builder, times(1)).disableChallengeResourceVerification(); } @Override @@ -88,7 +90,7 @@ protected HttpClientOptions getHttpClientOptions(CertificateClientBuilderFactory protected List getHttpPipelinePolicies(CertificateClientBuilderFactoryExt builderFactory) { return builderFactory.getHttpPipelinePolicies(); } - + static class CertificateClientBuilderFactoryExt extends CertificateClientBuilderFactory { diff --git a/sdk/spring/spring-cloud-azure-service/src/test/java/com/azure/spring/cloud/service/implementation/keyvault/secrets/AzureKeyVaultSecretTestProperties.java b/sdk/spring/spring-cloud-azure-service/src/test/java/com/azure/spring/cloud/service/implementation/keyvault/secrets/AzureKeyVaultSecretTestProperties.java index 4d9f78e8a5d0c..456aa9a70eca9 100644 --- a/sdk/spring/spring-cloud-azure-service/src/test/java/com/azure/spring/cloud/service/implementation/keyvault/secrets/AzureKeyVaultSecretTestProperties.java +++ b/sdk/spring/spring-cloud-azure-service/src/test/java/com/azure/spring/cloud/service/implementation/keyvault/secrets/AzureKeyVaultSecretTestProperties.java @@ -13,6 +13,7 @@ class AzureKeyVaultSecretTestProperties extends AzureHttpSdkProperties implement private String endpoint; private SecretServiceVersion serviceVersion; + private boolean challengeResourceVerificationEnabled = true; @Override public String getEndpoint() { @@ -31,4 +32,13 @@ public SecretServiceVersion getServiceVersion() { public void setServiceVersion(SecretServiceVersion serviceVersion) { this.serviceVersion = serviceVersion; } + + @Override + public boolean isChallengeResourceVerificationEnabled() { + return challengeResourceVerificationEnabled; + } + + public void setChallengeResourceVerificationEnabled(boolean challengeResourceVerificationEnabled) { + this.challengeResourceVerificationEnabled = challengeResourceVerificationEnabled; + } } diff --git a/sdk/spring/spring-cloud-azure-service/src/test/java/com/azure/spring/cloud/service/implementation/keyvault/secrets/SecretClientBuilderFactoryTests.java b/sdk/spring/spring-cloud-azure-service/src/test/java/com/azure/spring/cloud/service/implementation/keyvault/secrets/SecretClientBuilderFactoryTests.java index 278fab313e0a9..1bed40c7f2de9 100644 --- a/sdk/spring/spring-cloud-azure-service/src/test/java/com/azure/spring/cloud/service/implementation/keyvault/secrets/SecretClientBuilderFactoryTests.java +++ b/sdk/spring/spring-cloud-azure-service/src/test/java/com/azure/spring/cloud/service/implementation/keyvault/secrets/SecretClientBuilderFactoryTests.java @@ -78,12 +78,14 @@ protected void verifyServicePropertiesConfigured() { AzureKeyVaultSecretTestProperties properties = new AzureKeyVaultSecretTestProperties(); properties.setServiceVersion(SecretServiceVersion.V7_0); properties.setEndpoint(ENDPOINT); + properties.setChallengeResourceVerificationEnabled(false); final SecretClientBuilderFactoryExt factoryExt = new SecretClientBuilderFactoryExt(properties); final SecretClientBuilder builder = factoryExt.build(); verify(builder, times(1)).vaultUrl(ENDPOINT); verify(builder, times(1)).serviceVersion(SecretServiceVersion.V7_0); + verify(builder, times(1)).disableChallengeResourceVerification(); } static class SecretClientBuilderFactoryExt extends SecretClientBuilderFactory {