From 498a386a351a5caefa8533bd9539f2bcfbff1c00 Mon Sep 17 00:00:00 2001 From: Marcelo Rodriguez Date: Mon, 27 Nov 2017 20:49:28 -0300 Subject: [PATCH] Azure AD Support for Azure Media Services (#959) * Update AMS API Version to 2.17 + Fix integration tests * Add AzureAD support (WIP) * Update samples and unit test to use Azure AD Service Princial authentication * Add User/Pass authentication + Access Token Cache * Update README.md * Fix typo * Fix typo * Remove old unit test + dead code * Updated README document of Azure Media Services samples to include Azure AD authentication scenarios * Fix MediaServicesSettings unit tests * Remove group annotation * Fix AuthenticationFilter unit tests --- README.md | 87 +++--- examples/MediaServices/README.md | 5 +- .../analyticsworkflow_indexer.php | 13 +- .../MediaServices/azuread_asymmetrickey.php | 66 +++++ .../MediaServices/azuread_symmetrickey.php | 59 ++++ examples/MediaServices/azuread_userpass.php | 59 ++++ .../MediaServices/liveworkflow_features.php | 43 +-- .../MediaServices/scale_encoding_units.php | 12 +- examples/MediaServices/userconfig.php | 10 +- examples/MediaServices/vodworkflow_aes.php | 12 +- .../vodworkflow_drm_fairplay.php | 22 +- .../vodworkflow_drm_playready_widevine.php | 12 +- .../Internal/Filters/AuthenticationFilter.php | 17 +- src/Common/Internal/MediaServicesSettings.php | 203 +------------ src/Common/Internal/Resources.php | 12 +- src/Common/ServicesBuilder.php | 18 +- .../Authentication/AccessToken.php | 97 ++++++ .../Authentication/AzureAdClient.php | 277 ++++++++++++++++++ .../AzureAdClientAsymmetricKey.php | 116 ++++++++ .../AzureAdClientSymmetricKey.php | 88 ++++++ .../AzureAdClientUserCredentials.php | 88 ++++++ .../AzureAdTokenCredentialType.php | 62 ++++ .../AzureAdTokenCredentials.php | 139 +++++++++ .../Authentication/AzureAdTokenProvider.php | 166 +++++++++++ .../Authentication/AzureEnvironment.php | 130 ++++++++ .../AzureEnvironmentConstants.php | 97 ++++++ .../Authentication/AzureEnvironments.php | 114 +++++++ .../Authentication/ITokenProvider.php | 51 ++++ src/MediaServices/MediaServicesRestProxy.php | 16 +- .../MediaServicesRestProxyTestBase.php | 16 +- tests/framework/TestResources.php | 11 +- .../MediaServicesFunctionalTest.php | 2 +- .../Authentication/OAuthSchemeTest.php | 66 ----- .../Filters/AuthenticationFilterTest.php | 53 +--- .../Internal/MediaServicesSettingsTest.php | 210 ++----------- .../Common/Internal/OAuthRestProxyTest.php | 75 ----- .../Common/ServicesBuilderTest.php | 18 -- .../MediaServicesRestProxyTest.php | 78 ++--- 38 files changed, 1867 insertions(+), 753 deletions(-) create mode 100644 examples/MediaServices/azuread_asymmetrickey.php create mode 100644 examples/MediaServices/azuread_symmetrickey.php create mode 100644 examples/MediaServices/azuread_userpass.php create mode 100644 src/MediaServices/Authentication/AccessToken.php create mode 100644 src/MediaServices/Authentication/AzureAdClient.php create mode 100644 src/MediaServices/Authentication/AzureAdClientAsymmetricKey.php create mode 100644 src/MediaServices/Authentication/AzureAdClientSymmetricKey.php create mode 100644 src/MediaServices/Authentication/AzureAdClientUserCredentials.php create mode 100644 src/MediaServices/Authentication/AzureAdTokenCredentialType.php create mode 100644 src/MediaServices/Authentication/AzureAdTokenCredentials.php create mode 100644 src/MediaServices/Authentication/AzureAdTokenProvider.php create mode 100644 src/MediaServices/Authentication/AzureEnvironment.php create mode 100644 src/MediaServices/Authentication/AzureEnvironmentConstants.php create mode 100644 src/MediaServices/Authentication/AzureEnvironments.php create mode 100644 src/MediaServices/Authentication/ITokenProvider.php delete mode 100644 tests/unit/WindowsAzure/Common/Internal/OAuthRestProxyTest.php diff --git a/README.md b/README.md index 10e4156b8..7240955ff 100644 --- a/README.md +++ b/README.md @@ -40,7 +40,7 @@ Microsoft Azure tables, blobs, queues, service bus (queues and topics), service * deployment: create, get, delete, swap, change configuration, update status, upgrade, rollback * role instance: reboot, reimage * REST API Version: 2011-10-01 -* Media Services +* Media Services * Connection * Ingest asset, upload files * Encoding / process asset, create job, job templates @@ -51,7 +51,7 @@ Microsoft Azure tables, blobs, queues, service bus (queues and topics), service * Live streaming: live encoding and pass-through channels, programs and all their operations * REST API Version: 2.13 - + # Getting Started ## Download Source Code @@ -63,7 +63,7 @@ cd ./azure-sdk-for-php ``` > **Note** -> +> > The recommended way to resolve dependencies is to install them using the [Composer package manager](http://getcomposer.org). ## Install via Composer @@ -72,9 +72,9 @@ cd ./azure-sdk-for-php ```json { - "require": { + "require": { "microsoft/windowsazure": "^0.5" - } + } } ``` @@ -94,14 +94,14 @@ cd ./azure-sdk-for-php ## Getting Started -There are four basic steps that have to be performed before you can make a call to any Microsoft Azure API when using the libraries. +There are four basic steps that have to be performed before you can make a call to any Microsoft Azure API when using the libraries. * First, include the autoloader script: ```PHP require_once "vendor/autoload.php"; ``` - + * Include the namespaces you are going to use. To create any Microsoft Azure service client you need to use the **ServicesBuilder** class: @@ -115,17 +115,17 @@ There are four basic steps that have to be performed before you can make a call ```PHP use WindowsAzure\Common\ServiceException; ``` - -* To instantiate the service client you will also need a valid connection string. The format is: + +* To instantiate the service client you will also need a valid connection string. The format is: * For accessing a live storage service (tables, blobs, queues): - + ``` DefaultEndpointsProtocol=[http|https];AccountName=[yourAccount];AccountKey=[yourKey] ``` - + * For accessing the emulator storage: - + ``` UseDevelopmentStorage=true ``` @@ -170,8 +170,19 @@ There are four basic steps that have to be performed before you can make a call * For Media Services: ```PHP - $mediaServicesRestProxy = ServicesBuilder->getInstance()->createMediaServicesService(new MediaServicesSettings([YourAccountName], [YourPrimaryOrSecondaryAccessKey])); + // 1 - Instantiate the credentials + $credentials = new AzureAdTokenCredentials( + '', + new AzureAdClientSymmetricKey('', ''), + AzureEnvironments::AZURE_CLOUD_ENVIRONMENT()); + + // 2 - Instantiate a token provider + $provider = new AzureAdTokenProvider($credentials); + + // 3 - Connect to Azure Media Services + $mediaServicesRestProxy = ServicesBuilder::getInstance()->createMediaServicesService(new MediaServicesSettings('', $provider)); ``` + You can find more examples for Media Services Authentication on the [examples](examples/MediaServices/) folder. ## Table Storage @@ -250,9 +261,9 @@ The following are examples of common operations performed with the Blob serivce. ```PHP // OPTIONAL: Set public access policy and metadata. // Create container options object. -$createContainerOptions = new CreateContainerOptions(); +$createContainerOptions = new CreateContainerOptions(); -// Set public access policy. Possible values are +// Set public access policy. Possible values are // PublicAccessType::CONTAINER_AND_BLOBS and PublicAccessType::BLOBS_ONLY. // CONTAINER_AND_BLOBS: full public read access for container and blob data. // BLOBS_ONLY: public read access for blobs. Container data not available. @@ -306,7 +317,7 @@ try { // List blobs. $blob_list = $blobRestProxy->listBlobs("mycontainer"); $blobs = $blob_list->getBlobs(); - + foreach($blobs as $blob) { echo $blob->getName().": ".$blob->getUrl()."
"; @@ -346,7 +357,7 @@ try { ``` [Error Codes and Messages for Queues](http://msdn.microsoft.com/en-us/library/windowsazure/dd179446.aspx) - + ### Add a message to a queue @@ -427,20 +438,20 @@ try { ``` ## Service Bus Queues -The current PHP Service Bus APIs only support ACS connection strings. You need to use PowerShell to create a new ACS Service Bus namespace at the present time. -First, make sure you have Azure PowerShell installed, then in a PowerShell command prompt, run +The current PHP Service Bus APIs only support ACS connection strings. You need to use PowerShell to create a new ACS Service Bus namespace at the present time. +First, make sure you have Azure PowerShell installed, then in a PowerShell command prompt, run ```PowerShell Add-AzureAccount # this will sign you in New-AzureSBNamespace -CreateACSNamespace $true -Name 'mytestbusname' -Location 'West US' -NamespaceType 'Messaging' ``` If it is sucessful, you will get the connection string in the PowerShell output. If you get connection errors with it and the conection string looks like Endpoint=sb://..., change it to **Endpoint=https://...** - + ### Create a Queue ```PHP try { $queueInfo = new QueueInfo("myqueue"); - + // Create queue. $serviceBusRestProxy->createQueue($queueInfo); } catch(ServiceException $e){ @@ -483,14 +494,14 @@ try { // Set the receive mode to PeekLock (default is ReceiveAndDelete). $options = new ReceiveMessageOptions(); $options->setPeekLock(true); - + // Receive message. $message = $serviceBusRestProxy->receiveQueueMessage("myqueue", $options); echo "Body: ".$message->getBody()."
"; echo "MessageID: ".$message->getMessageId()."
"; - + // *** Process message here *** - + // Delete message. $serviceBusRestProxy->deleteMessage($message); } catch(ServiceException $e){ @@ -505,7 +516,7 @@ try { ### Create a Topic ```PHP -try { +try { // Create topic. $topicInfo = new TopicInfo("mytopic"); $serviceBusRestProxy->createTopic($topicInfo); @@ -553,7 +564,7 @@ try { The primary way to receive messages from a subscription is to use a **ServiceBusRestProxy->receiveSubscriptionMessage** method. Received messages can work in two different modes: **ReceiveAndDelete** (the default) and **PeekLock** similarly to Service Bus Queues. -The example below demonstrates how a message can be received and processed using **ReceiveAndDelete** mode (the default mode). +The example below demonstrates how a message can be received and processed using **ReceiveAndDelete** mode (the default mode). ```PHP try { @@ -562,8 +573,8 @@ try { $options->setReceiveAndDelete(); // Get message. - $message = $serviceBusRestProxy->receiveSubscriptionMessage("mytopic", - "mysubscription", + $message = $serviceBusRestProxy->receiveSubscriptionMessage("mytopic", + "mysubscription", $options); echo "Body: ".$message->getBody()."
"; echo "MessageID: ".$message->getMessageId()."
"; @@ -578,18 +589,18 @@ try { ### Set-up certificates -You need to create two certificates, one for the server (a .cer file) and one for the client (a .pem file). To create the .pem file using [OpenSSL](http://www.openssl.org), execute this: +You need to create two certificates, one for the server (a .cer file) and one for the client (a .pem file). To create the .pem file using [OpenSSL](http://www.openssl.org), execute this: ``` openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout mycert.pem -out mycert.pem ``` -To create the .cer certificate, execute this: +To create the .cer certificate, execute this: ``` openssl x509 -inform pem -in mycert.pem -outform der -out mycert.cer ``` ### List Available Locations -```PHP +```PHP $serviceManagementRestProxy->listLocations(); $locations = $result->getLocations(); foreach($locations as $location){ @@ -608,11 +619,11 @@ $options = new CreateStorageServiceOptions(); $options->setLocation('West US'); $result = $serviceManagementRestProxy->createStorageService($name, $label, $options); -``` - +``` + ### Create a Cloud Service -A cloud service is also known as a hosted service (from earlier versions of Microsoft Azure). The **createHostedServices** method allows you to create a new hosted service by providing a hosted service name (which must be unique in Microsoft Azure), a label (the base 64-endcoded hosted service name), and a **CreateServiceOptions** object which allows you to set the location *or* the affinity group for your service. +A cloud service is also known as a hosted service (from earlier versions of Microsoft Azure). The **createHostedServices** method allows you to create a new hosted service by providing a hosted service name (which must be unique in Microsoft Azure), a label (the base 64-endcoded hosted service name), and a **CreateServiceOptions** object which allows you to set the location *or* the affinity group for your service. ```PHP $name = "myhostedservice"; @@ -648,7 +659,7 @@ echo "Operation status: ".$status->getStatus()."
"; ``` ## Media Services - + ### Create new asset with file To create an asset with a file you need to create an empty asset, create access policy with write permission, create a locator joining your asset and access policy, perform actual upload and generate file info. @@ -713,11 +724,11 @@ $streamingUrl = $originLocator->getPath() . '[Manifest file name]' . "/manifest" ### Manage media services entities -Media services CRUD operations are performed through media services rest proxy class. It has methods like “createAsset”, “createLocator”, “createJob” and etc. for entities creations. +Media services CRUD operations are performed through media services rest proxy class. It has methods like “createAsset”, “createLocator”, “createJob” and etc. for entities creations. -To retrieve all entities list you may use methods “getAssetList”, “getAccessPolicyList”, “getLocatorList”, “getJobList” and etc. For getting single entity data use methods “getAsset”, “getJob”, “getTask” and etc. passing the entity identifier or entity data model object with non-empty identifier as a parameter. +To retrieve all entities list you may use methods “getAssetList”, “getAccessPolicyList”, “getLocatorList”, “getJobList” and etc. For getting single entity data use methods “getAsset”, “getJob”, “getTask” and etc. passing the entity identifier or entity data model object with non-empty identifier as a parameter. -Update entities with methods like “updateLocator”, “updateAsset”, “updateAssetFile” and etc. passing the entity data model object as a parameter. It is important to have valid entity identifier specified in data model object. +Update entities with methods like “updateLocator”, “updateAsset”, “updateAssetFile” and etc. passing the entity data model object as a parameter. It is important to have valid entity identifier specified in data model object. Erase entities with methods like “deleteAsset”, “deleteAccessPolicy”, “deleteJob” and etc. passing the entity identifier or entity data model object with non-empty identifier as a parameter. diff --git a/examples/MediaServices/README.md b/examples/MediaServices/README.md index 5b032a889..dbe07c682 100644 --- a/examples/MediaServices/README.md +++ b/examples/MediaServices/README.md @@ -1,4 +1,4 @@ -This folder contains the following Azure Media Service PHP SDK samples: +This folder contains the following Azure Media Services PHP SDK samples: * vodworkflow_aes.php: End-to-end VOD workflow that applies AES content protection. * vodworkflow_drm_playready_widevine.php: End-to-end VOD workflow that applies DRM (PlayReady + Widevine) content protection. @@ -6,4 +6,7 @@ * scale_encoding_units.php: Scales the encoding reserved units. * analyticsworkflow_indexer.php: End-to-end analitycs workflow to index a media file. * liveworkflow_features.php: End-to-end live event workflow with configuration options to cover multiple scenarios. +* azuread_userpass.php: Azure AD authentication with user credentials (username/password). +* azuread_symmetrickey.php: Azure AD authentication with service principal (client symmetric key). +* azuread_asymmetrickey: Azure AD authentication with service principal (client certificate). * userconfig.php: Common file used to store the Azure Media Services account credentials to execute all the samples. diff --git a/examples/MediaServices/analyticsworkflow_indexer.php b/examples/MediaServices/analyticsworkflow_indexer.php index bea0f6a01..5e1278fda 100644 --- a/examples/MediaServices/analyticsworkflow_indexer.php +++ b/examples/MediaServices/analyticsworkflow_indexer.php @@ -27,6 +27,10 @@ use WindowsAzure\Common\ServicesBuilder; use WindowsAzure\Common\Internal\MediaServicesSettings; use WindowsAzure\MediaServices\MediaServicesRestProxy; +use WindowsAzure\MediaServices\Authentication\AzureAdTokenCredentials; +use WindowsAzure\MediaServices\Authentication\AzureAdClientSymmetricKey; +use WindowsAzure\MediaServices\Authentication\AzureAdTokenProvider; +use WindowsAzure\MediaServices\Authentication\AzureEnvironments; use WindowsAzure\MediaServices\Models\Asset; use WindowsAzure\MediaServices\Models\AccessPolicy; use WindowsAzure\MediaServices\Models\Locator; @@ -51,9 +55,12 @@ echo "Azure SDK for PHP - Media Analytics Sample (Indexer)".PHP_EOL; -// 0 - Set up the MediaServicesService object to call into the Media Services REST API. -$restProxy = ServicesBuilder::getInstance()->createMediaServicesService( - new MediaServicesSettings($account, $secret)); +// 0 - Instantiate the credentials, the token provider and connect to Azure Media Services +$credentials = new AzureAdTokenCredentials( + $tenant, new AzureAdClientSymmetricKey($clientId, $clientKey), + AzureEnvironments::AZURE_CLOUD_ENVIRONMENT()); +$provider = new AzureAdTokenProvider($credentials); +$restProxy = ServicesBuilder::getInstance()->createMediaServicesService(new MediaServicesSettings($restApiEndpoint, $provider)); // 1 - Upload the mezzanine $sourceAsset = uploadFileAndCreateAsset($restProxy, $mediaFileName); diff --git a/examples/MediaServices/azuread_asymmetrickey.php b/examples/MediaServices/azuread_asymmetrickey.php new file mode 100644 index 000000000..f433f3178 --- /dev/null +++ b/examples/MediaServices/azuread_asymmetrickey.php @@ -0,0 +1,66 @@ + + * @copyright 2012 Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @link https://github.com/windowsazure/azure-sdk-for-php + */ +require_once __DIR__.'/../../vendor/autoload.php'; + +use WindowsAzure\Common\ServicesBuilder; +use WindowsAzure\Common\Internal\MediaServicesSettings; +use WindowsAzure\Common\Internal\Utilities; +use WindowsAzure\MediaServices\MediaServicesRestProxy; +use WindowsAzure\MediaServices\Authentication\AzureAdTokenCredentials; +use WindowsAzure\MediaServices\Authentication\AzureAdClientAsymmetricKey; +use WindowsAzure\MediaServices\Authentication\AzureAdTokenProvider; +use WindowsAzure\MediaServices\Authentication\AzureEnvironments; +use WindowsAzure\MediaServices\Models\Asset; + +// read user settings from config +include_once 'userconfig.php'; + +echo "Azure SDK for PHP - AzureAD Asymmetric Key Authentication Sample".PHP_EOL; + +// 0 - Open the certificate file +if ((!$cert_store = file_get_contents($pfxFileName)) || + (!openssl_pkcs12_read($cert_store, $cert_info, $pfxPassword))) { + echo "Error: Unable to read the cert file\n"; + exit; +} + +// 1 - Instantiate the credentials +$credentials = new AzureAdTokenCredentials( + $tenant, + new AzureAdClientAsymmetricKey($clientId, $cert_info), + AzureEnvironments::AZURE_CLOUD_ENVIRONMENT()); + +// 2 - Instantiate a token provider +$provider = new AzureAdTokenProvider($credentials); + +// 3 - Connect to Azure Media Services +$restProxy = ServicesBuilder::getInstance()->createMediaServicesService(new MediaServicesSettings($restApiEndpoint, $provider)); + +// 4 - List assets (sample operation) +print('Listing Assets:' . PHP_EOL); +foreach($restProxy->getAssetList() as $asset) +{ + print('Asset Id=' . $asset->getId() . ' Name=' . $asset->getName() . PHP_EOL); +} diff --git a/examples/MediaServices/azuread_symmetrickey.php b/examples/MediaServices/azuread_symmetrickey.php new file mode 100644 index 000000000..f9f26c8ec --- /dev/null +++ b/examples/MediaServices/azuread_symmetrickey.php @@ -0,0 +1,59 @@ + + * @copyright 2012 Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @link https://github.com/windowsazure/azure-sdk-for-php + */ +require_once __DIR__.'/../../vendor/autoload.php'; + +use WindowsAzure\Common\ServicesBuilder; +use WindowsAzure\Common\Internal\MediaServicesSettings; +use WindowsAzure\Common\Internal\Utilities; +use WindowsAzure\MediaServices\MediaServicesRestProxy; +use WindowsAzure\MediaServices\Authentication\AzureAdTokenCredentials; +use WindowsAzure\MediaServices\Authentication\AzureAdClientSymmetricKey; +use WindowsAzure\MediaServices\Authentication\AzureAdTokenProvider; +use WindowsAzure\MediaServices\Authentication\AzureEnvironments; +use WindowsAzure\MediaServices\Models\Asset; + +// read user settings from config +include_once 'userconfig.php'; + +echo "Azure SDK for PHP - AzureAD Symmetric Key Authentication Sample".PHP_EOL; + +// 1 - Instantiate the credentials +$credentials = new AzureAdTokenCredentials( + $tenant, + new AzureAdClientSymmetricKey($clientId, $clientKey), + AzureEnvironments::AZURE_CLOUD_ENVIRONMENT()); + +// 2 - Instantiate a token provider +$provider = new AzureAdTokenProvider($credentials); + +// 3 - Connect to Azure Media Services +$restProxy = ServicesBuilder::getInstance()->createMediaServicesService(new MediaServicesSettings($restApiEndpoint, $provider)); + +// 4 - List assets (sample operation) +print('Listing Assets:' . PHP_EOL); +foreach($restProxy->getAssetList() as $asset) +{ + print('Asset Id=' . $asset->getId() . ' Name=' . $asset->getName() . PHP_EOL); +} diff --git a/examples/MediaServices/azuread_userpass.php b/examples/MediaServices/azuread_userpass.php new file mode 100644 index 000000000..a89ab499e --- /dev/null +++ b/examples/MediaServices/azuread_userpass.php @@ -0,0 +1,59 @@ + + * @copyright 2012 Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @link https://github.com/windowsazure/azure-sdk-for-php + */ +require_once __DIR__.'/../../vendor/autoload.php'; + +use WindowsAzure\Common\ServicesBuilder; +use WindowsAzure\Common\Internal\MediaServicesSettings; +use WindowsAzure\Common\Internal\Utilities; +use WindowsAzure\MediaServices\MediaServicesRestProxy; +use WindowsAzure\MediaServices\Authentication\AzureAdTokenCredentials; +use WindowsAzure\MediaServices\Authentication\AzureAdClientUserCredentials; +use WindowsAzure\MediaServices\Authentication\AzureAdTokenProvider; +use WindowsAzure\MediaServices\Authentication\AzureEnvironments; +use WindowsAzure\MediaServices\Models\Asset; + +// read user settings from config +include_once 'userconfig.php'; + +echo "Azure SDK for PHP - AzureAD User/Password Authentication Sample".PHP_EOL; + +// 1 - Instantiate the credentials +$credentials = new AzureAdTokenCredentials( + $tenant, + new AzureAdClientUserCredentials($username, $password), + AzureEnvironments::AZURE_CLOUD_ENVIRONMENT()); + +// 2 - Instantiate a token provider +$provider = new AzureAdTokenProvider($credentials); + +// 3 - Connect to Azure Media Services +$restProxy = ServicesBuilder::getInstance()->createMediaServicesService(new MediaServicesSettings($restApiEndpoint, $provider)); + +// 4 - List assets (sample operation) +print('Listing Assets:' . PHP_EOL); +foreach($restProxy->getAssetList() as $asset) +{ + print('Asset Id=' . $asset->getId() . ' Name=' . $asset->getName() . PHP_EOL); +} diff --git a/examples/MediaServices/liveworkflow_features.php b/examples/MediaServices/liveworkflow_features.php index e88007a81..142152bc8 100644 --- a/examples/MediaServices/liveworkflow_features.php +++ b/examples/MediaServices/liveworkflow_features.php @@ -28,6 +28,10 @@ use WindowsAzure\Common\Internal\MediaServicesSettings; use WindowsAzure\Common\Internal\Utilities; use WindowsAzure\MediaServices\MediaServicesRestProxy; +use WindowsAzure\MediaServices\Authentication\AzureAdTokenCredentials; +use WindowsAzure\MediaServices\Authentication\AzureAdClientSymmetricKey; +use WindowsAzure\MediaServices\Authentication\AzureAdTokenProvider; +use WindowsAzure\MediaServices\Authentication\AzureEnvironments; use WindowsAzure\MediaServices\Models\Asset; use WindowsAzure\MediaServices\Models\AccessPolicy; use WindowsAzure\MediaServices\Models\Locator; @@ -81,22 +85,25 @@ $options->encodingType = EncodingType::None; $options->ingestProtocol = StreamingProtocol::RTMP; -// Encoding Standard Options +// Encoding Standard Options $options->archiveWindowLenght = new \DateInterval("PT1H"); -// AES Dynamic Encription Options +// AES Dynamic Encription Options $options->aesDynamicEncription = true; $options->tokenRestriction = true; $options->tokenType = TokenType::JWT; // Archive options -$options->deleteArchiveAsset = true; // change this to false to keep the asset archive +$options->deleteArchiveAsset = true; // change this to false to keep the asset archive echo "Azure SDK for PHP - Live Features".PHP_EOL; -// 0 - set up the MediaServicesService object to call into the Media Services REST API. -$restProxy = ServicesBuilder::getInstance()->createMediaServicesService( - new MediaServicesSettings($account, $secret)); +// 0 - Instantiate the credentials, the token provider and connect to Azure Media Services +$credentials = new AzureAdTokenCredentials( + $tenant, new AzureAdClientSymmetricKey($clientId, $clientKey), + AzureEnvironments::AZURE_CLOUD_ENVIRONMENT()); +$provider = new AzureAdTokenProvider($credentials); +$restProxy = ServicesBuilder::getInstance()->createMediaServicesService(new MediaServicesSettings($restApiEndpoint, $provider)); // 1 - Create and Start new Channel. $channel = createAndStartChannel($restProxy, $options); @@ -139,7 +146,7 @@ */ function createAndStartChannel(MediaServicesRestProxy $restProxy, $options) { - // 1 - prepare the channel template + // 1 - prepare the channel template $channelData = createChannelData($options); // 2 - create the channel @@ -159,7 +166,7 @@ function createAsset(MediaServicesRestProxy $restProxy, $options) { $result = new stdClass(); - // 1 - prepare the program asset + // 1 - prepare the program asset $result->asset = new Asset(Asset::OPTIONS_NONE); $result->asset->setName($options->programName); $result->asset = $restProxy->createAsset($result->asset); @@ -199,7 +206,7 @@ function createAndStartProgram( // 2 - start the program echo "Done!".PHP_EOL."Starting program... "; $restProxy->startProgram($program); - + echo "Done!".PHP_EOL; return $restProxy->getProgram($program); } @@ -209,17 +216,17 @@ function cleanup(MediaServicesRestProxy $restProxy, $channel, Program $program, // cleanup program echo "Stopping program... "; $restProxy->stopProgram($program); - + echo "Done!".PHP_EOL."Deleting program... "; $restProxy->deleteProgram($program); // cleanup channel echo "Done!".PHP_EOL."Stopping channel... "; $restProxy->stopChannel($channel); - + echo "Done!".PHP_EOL."Deleting channel... "; $restProxy->deleteChannel($channel); - + echo "Done!".PHP_EOL; // cleanup asset @@ -247,9 +254,9 @@ function cleanup(MediaServicesRestProxy $restProxy, $channel, Program $program, $authPolicyId = $key->getAuthorizationPolicyId(); $restProxy->deleteContentKeyAuthorizationPolicy($authPolicyId); } - + $restProxy->deleteAsset($asset); - + echo "Done!".PHP_EOL; } else { echo "Archive asset was not removed."; @@ -271,7 +278,7 @@ function applyAesDynamicEncryption (MediaServicesRestProxy $restProxy, $asset, $ if ($options->tokenRestriction) { // 2.1 - Apply Token restriction $template = addTokenRestrictedAuthorizationPolicy($restProxy, $contentKey, $options->tokenType); - + // 2.2 - Generate Test Token $testToken = generateTestToken($template, $contentKey); } else { @@ -293,11 +300,11 @@ function applyNonDynamicEncription(MediaServicesRestProxy $restProxy, $asset) $policy->setAssetDeliveryPolicyType(AssetDeliveryPolicyType::NO_DYNAMIC_ENCRYPTION); $policy = $restProxy->createAssetDeliveryPolicy($policy); - $restProxy->linkDeliveryPolicyToAsset($asset, $policy); + $restProxy->linkDeliveryPolicyToAsset($asset, $policy); } function createChannelData($options) -{ +{ $channel = new Channel(); $channel->setName($options->channelName); @@ -323,7 +330,7 @@ function createChannelData($options) $channelEncoding = new ChannelEncoding(); $channelEncoding->setSystemPreset(ChannelEncodingPresets::Default720p); $channel->setEncoding($channelEncoding); - } else { + } else { $channel->setEncodingType(EncodingType::None); } diff --git a/examples/MediaServices/scale_encoding_units.php b/examples/MediaServices/scale_encoding_units.php index 05e429c70..8607d9bc0 100644 --- a/examples/MediaServices/scale_encoding_units.php +++ b/examples/MediaServices/scale_encoding_units.php @@ -26,6 +26,10 @@ use WindowsAzure\Common\ServicesBuilder; use WindowsAzure\Common\Internal\MediaServicesSettings; +use WindowsAzure\MediaServices\Authentication\AzureAdTokenCredentials; +use WindowsAzure\MediaServices\Authentication\AzureAdClientSymmetricKey; +use WindowsAzure\MediaServices\Authentication\AzureAdTokenProvider; +use WindowsAzure\MediaServices\Authentication\AzureEnvironments; use WindowsAzure\MediaServices\Models\EncodingReservedUnitType; // read user settings from config @@ -37,8 +41,12 @@ echo "Azure SDK for PHP - Scale Encoding Units Sample".PHP_EOL; -// 1. set up the MediaServicesService object to call into the Media Services REST API -$restProxy = ServicesBuilder::getInstance()->createMediaServicesService(new MediaServicesSettings($account, $secret)); +// 1. Instantiate the credentials, the token provider and connect to Azure Media Services +$credentials = new AzureAdTokenCredentials( + $tenant, new AzureAdClientSymmetricKey($clientId, $clientKey), + AzureEnvironments::AZURE_CLOUD_ENVIRONMENT()); +$provider = new AzureAdTokenProvider($credentials); +$restProxy = ServicesBuilder::getInstance()->createMediaServicesService(new MediaServicesSettings($restApiEndpoint, $provider)); // 2. retrieve the current configuration of Encoding Units $encodingUnits = $restProxy->getEncodingReservedUnit(); diff --git a/examples/MediaServices/userconfig.php b/examples/MediaServices/userconfig.php index 47ebdc73a..55349f836 100644 --- a/examples/MediaServices/userconfig.php +++ b/examples/MediaServices/userconfig.php @@ -3,5 +3,11 @@ set_time_limit(600); //set timeout to 10 minutes, or you can set max_execution_time in php.ini date_default_timezone_set('America/Los_Angeles'); -$account = ''; -$secret = ''; +$tenant = ".onmicrosoft.com"; +$username = 'user@domain.com'; +$password = 'userkey'; +$clientId = ""; +$clientKey = "createMediaServicesService(new MediaServicesSettings($account, $secret)); +// 0 - Instantiate the credentials, the token provider and connect to Azure Media Services +$credentials = new AzureAdTokenCredentials( + $tenant, new AzureAdClientSymmetricKey($clientId, $clientKey), + AzureEnvironments::AZURE_CLOUD_ENVIRONMENT()); +$provider = new AzureAdTokenProvider($credentials); +$restProxy = ServicesBuilder::getInstance()->createMediaServicesService(new MediaServicesSettings($restApiEndpoint, $provider)); // 1 - Upload the mezzanine $sourceAsset = uploadFileAndCreateAsset($restProxy, $mezzanineFileName); diff --git a/examples/MediaServices/vodworkflow_drm_fairplay.php b/examples/MediaServices/vodworkflow_drm_fairplay.php index 355b77f0d..5053c3781 100644 --- a/examples/MediaServices/vodworkflow_drm_fairplay.php +++ b/examples/MediaServices/vodworkflow_drm_fairplay.php @@ -28,6 +28,10 @@ use WindowsAzure\Common\Internal\MediaServicesSettings; use WindowsAzure\Common\Internal\Utilities; use WindowsAzure\MediaServices\MediaServicesRestProxy; +use WindowsAzure\MediaServices\Authentication\AzureAdTokenCredentials; +use WindowsAzure\MediaServices\Authentication\AzureAdClientSymmetricKey; +use WindowsAzure\MediaServices\Authentication\AzureAdTokenProvider; +use WindowsAzure\MediaServices\Authentication\AzureEnvironments; use WindowsAzure\MediaServices\Models\Asset; use WindowsAzure\MediaServices\Models\AccessPolicy; use WindowsAzure\MediaServices\Models\Locator; @@ -60,7 +64,7 @@ $tokenRestriction = true; $tokenType = TokenType::JWT; -// FairPlay +// FairPlay $fairPlayASK = ''; $fairPlayPFXFile = ''; $fairPlayPFXPassword = ''; @@ -68,8 +72,12 @@ echo "Azure SDK for PHP - FairPlay Dynamic Encryption Sample".PHP_EOL; -// 0 - set up the MediaServicesService object to call into the Media Services REST API. -$restProxy = ServicesBuilder::getInstance()->createMediaServicesService(new MediaServicesSettings($account, $secret)); +// 0 - Instantiate the credentials, the token provider and connect to Azure Media Services +$credentials = new AzureAdTokenCredentials( + $tenant, new AzureAdClientSymmetricKey($clientId, $clientKey), + AzureEnvironments::AZURE_CLOUD_ENVIRONMENT()); +$provider = new AzureAdTokenProvider($credentials); +$restProxy = ServicesBuilder::getInstance()->createMediaServicesService(new MediaServicesSettings($restApiEndpoint, $provider)); // 1 - Upload the mezzanine $sourceAsset = uploadFileAndCreateAsset($restProxy, $mezzanineFileName); @@ -307,7 +315,7 @@ function createAssetDeliveryPolicy(MediaServicesRestProxy $restProxy, $encodedAs { // 5.1 Get the acquisition URL $acquisitionUrl = $restProxy->getKeyDeliveryUrl($contentKey, ContentKeyDeliveryType::FAIRPLAY); - + $acquisitionUrl = str_replace_first("https", "skd", $acquisitionUrl); // remove query string @@ -371,7 +379,7 @@ function publishEncodedAsset(MediaServicesRestProxy $restProxy, $encodedAsset) function configureFairPlayPolicyOptions($restProxy, $fairPlayASK, $fairPlayPfxPassword, $fairPlayPfxFile, $fairPlayIV) { - + $askContentKey = createFairPlayAskTypeContentKey($restProxy, $fairPlayASK); $pfxPasswordContentKey = createFairPlayPfxPasswordTypeContentKey($restProxy, $fairPlayPfxPassword); @@ -379,7 +387,7 @@ function configureFairPlayPolicyOptions($restProxy, $fairPlayASK, $fairPlayPfxPa // open the pfx file $strAskContentKey = substr($askContentKey->getId(), strlen("nb:kid:UUID:")); - $strPassContentKey = substr($pfxPasswordContentKey->getId(), strlen("nb:kid:UUID:")); + $strPassContentKey = substr($pfxPasswordContentKey->getId(), strlen("nb:kid:UUID:")); $certData = file_get_contents($fairPlayPfxFile); openssl_pkcs12_read($certData, $certsOut, $fairPlayPfxPassword); @@ -390,7 +398,7 @@ function configureFairPlayPolicyOptions($restProxy, $fairPlayASK, $fairPlayPfxPa function createFairPlayAskTypeContentKey(MediaServicesRestProxy $restProxy, $fairPlayASK) { - // 3.1 Convert the ASK to binary representation + // 3.1 Convert the ASK to binary representation $askKey = hex2bin($fairPlayASK); // 3.2 Get the protection key id for ContentKey diff --git a/examples/MediaServices/vodworkflow_drm_playready_widevine.php b/examples/MediaServices/vodworkflow_drm_playready_widevine.php index 4a94117f8..5dfcb3213 100644 --- a/examples/MediaServices/vodworkflow_drm_playready_widevine.php +++ b/examples/MediaServices/vodworkflow_drm_playready_widevine.php @@ -28,6 +28,10 @@ use WindowsAzure\Common\Internal\MediaServicesSettings; use WindowsAzure\Common\Internal\Utilities; use WindowsAzure\MediaServices\MediaServicesRestProxy; +use WindowsAzure\MediaServices\Authentication\AzureAdTokenCredentials; +use WindowsAzure\MediaServices\Authentication\AzureAdClientSymmetricKey; +use WindowsAzure\MediaServices\Authentication\AzureAdTokenProvider; +use WindowsAzure\MediaServices\Authentication\AzureEnvironments; use WindowsAzure\MediaServices\Models\Asset; use WindowsAzure\MediaServices\Models\AccessPolicy; use WindowsAzure\MediaServices\Models\Locator; @@ -71,8 +75,12 @@ echo "Azure SDK for PHP - PlayReady + Widevine Dynamic Encryption Sample".PHP_EOL; -// 0 - set up the MediaServicesService object to call into the Media Services REST API. -$restProxy = ServicesBuilder::getInstance()->createMediaServicesService(new MediaServicesSettings($account, $secret)); +// 0 - Instantiate the credentials, the token provider and connect to Azure Media Services +$credentials = new AzureAdTokenCredentials( + $tenant, new AzureAdClientSymmetricKey($clientId, $clientKey), + AzureEnvironments::AZURE_CLOUD_ENVIRONMENT()); +$provider = new AzureAdTokenProvider($credentials); +$restProxy = ServicesBuilder::getInstance()->createMediaServicesService(new MediaServicesSettings($restApiEndpoint, $provider)); // 1 - Upload the mezzanine $sourceAsset = uploadFileAndCreateAsset($restProxy, $mezzanineFileName); diff --git a/src/Common/Internal/Filters/AuthenticationFilter.php b/src/Common/Internal/Filters/AuthenticationFilter.php index c0f433842..2184e2c41 100644 --- a/src/Common/Internal/Filters/AuthenticationFilter.php +++ b/src/Common/Internal/Filters/AuthenticationFilter.php @@ -28,7 +28,7 @@ use WindowsAzure\Common\Internal\Resources; use WindowsAzure\Common\Internal\IServiceFilter; use WindowsAzure\Common\Internal\Http\IHttpClient; -use WindowsAzure\Common\Internal\Authentication\IAuthScheme; +use WindowsAzure\MediaServices\Authentication\ITokenProvider; use Psr\Http\Message\ResponseInterface; /** @@ -49,16 +49,16 @@ class AuthenticationFilter implements IServiceFilter /** * @var IAuthScheme */ - private $_authenticationScheme; + private $_azureAdTokenProvider; /** * Creates AuthenticationFilter with the passed scheme. * - * @param IAuthScheme $authenticationScheme The authentication scheme + * @param ITokenProvider $authenticationScheme The authentication scheme */ - public function __construct(IAuthScheme $authenticationScheme) + public function __construct(ITokenProvider $azureAdTokenProvider) { - $this->_authenticationScheme = $authenticationScheme; + $this->_azureAdTokenProvider = $azureAdTokenProvider; } /** @@ -70,11 +70,8 @@ public function __construct(IAuthScheme $authenticationScheme) */ public function handleRequest(IHttpClient $request) { - $signedKey = $this->_authenticationScheme->getAuthorizationHeader( - $request->getHeaders(), $request->getUrl(), - $request->getUrl()->getQueryVariables(), $request->getMethod() - ); - $request->setHeader(Resources::AUTHENTICATION, $signedKey); + $signedKey = $this->_azureAdTokenProvider->getAccessToken(); + $request->setHeader(Resources::AUTHENTICATION, "Bearer " . $signedKey->getAccessToken()); return $request; } diff --git a/src/Common/Internal/MediaServicesSettings.php b/src/Common/Internal/MediaServicesSettings.php index 2df460d5e..16228fee8 100644 --- a/src/Common/Internal/MediaServicesSettings.php +++ b/src/Common/Internal/MediaServicesSettings.php @@ -25,6 +25,9 @@ namespace WindowsAzure\Common\Internal; +use WindowsAzure\MediaServices\Authentication\ITokenProvider; +use WindowsAzure\MediaServices\Authentication\AzureAdTokenProvider; + /** * Represents the settings used to sign and access a request against the service * management. @@ -41,207 +44,31 @@ */ class MediaServicesSettings extends ServiceSettings { - /** - * @var string - */ - private $_accountName; - - /** - * @var string - */ - private $_accessKey; - /** * @var string */ private $_endpointUri; /** - * @var string - */ - private $_oauthEndpointUri; - - /** - * Validator for the MediaServicesAccountName setting. It has to be provided. - * - * @var array - */ - private static $_accountNameSetting; - - /** - * Validator for the MediaServicesAccessKey setting. It has to be provided. - * - * @var array - */ - private static $_accessKeySetting; - - /** - * Validator for the MediaServicesEndpoint setting. Must be a valid Uri. - * - * @var array - */ - private static $_endpointUriSetting; - - /** - * Validator for the MediaServicesOAuthEndpoint setting. Must be a valid Uri. - * - * @var array - */ - private static $_oauthEndpointUriSetting; - - /** - * @var bool - */ - protected static $isInitialized = false; - - /** - * Holds the expected setting keys. - * - * @var array - */ - protected static $validSettingKeys = []; - - /** - * Initializes static members of the class. + * @var ITokenProvider */ - protected static function init() - { - self::$_endpointUriSetting = self::settingWithFunc( - Resources::MEDIA_SERVICES_ENDPOINT_URI_NAME, - Validate::getIsValidUri() - ); - - self::$_oauthEndpointUriSetting = self::settingWithFunc( - Resources::MEDIA_SERVICES_OAUTH_ENDPOINT_URI_NAME, - Validate::getIsValidUri() - ); - - self::$_accountNameSetting = self::setting( - Resources::MEDIA_SERVICES_ACCOUNT_NAME - ); - - self::$_accessKeySetting = self::setting( - Resources::MEDIA_SERVICES_ACCESS_KEY - ); - - self::$validSettingKeys[] = Resources::MEDIA_SERVICES_ENDPOINT_URI_NAME; - self::$validSettingKeys[] = Resources::MEDIA_SERVICES_OAUTH_ENDPOINT_URI_NAME; - self::$validSettingKeys[] = Resources::MEDIA_SERVICES_ACCOUNT_NAME; - self::$validSettingKeys[] = Resources::MEDIA_SERVICES_ACCESS_KEY; - } + private $_tokenProvider; /** * Creates new media services settings instance. * - * @param string $accountName The user provided account name - * @param string $accessKey The user provided primary access key - * @param string $endpointUri The service management endpoint uri - * @param string $oauthEndpointUri The OAuth service endpoint uri + * @param string $endpointUri The account REST API endpoint + * @param ITokenProvider $tokenProvider The token provider */ public function __construct( - $accountName, - $accessKey, - $endpointUri = null, - $oauthEndpointUri = null + $endpointUri, + $tokenProvider = null ) { - Validate::notNullOrEmpty($accountName, 'accountName'); - Validate::notNullOrEmpty($accessKey, 'accountKey'); - Validate::isString($accountName, 'accountName'); - Validate::isString($accessKey, 'accountKey'); - - if ($endpointUri != null) { - Validate::isValidUri($endpointUri, 'endpointUri'); - } else { - $endpointUri = Resources::MEDIA_SERVICES_URL; - } + Validate::isValidUri($endpointUri, 'endpointUri'); + Validate::notNull($tokenProvider, 'tokenProvider'); - if ($oauthEndpointUri != null) { - Validate::isValidUri($oauthEndpointUri, 'oauthEndpointUri'); - } else { - $oauthEndpointUri = Resources::MEDIA_SERVICES_OAUTH_URL; - } - - $this->_accountName = $accountName; - $this->_accessKey = $accessKey; $this->_endpointUri = $endpointUri; - $this->_oauthEndpointUri = $oauthEndpointUri; - } - - /** - * Creates a MediaServicesSettings object from the given connection string. - * - * @param string $connectionString The media services settings connection string - * - * @return MediaServicesSettings - */ - public static function createFromConnectionString($connectionString) - { - $tokenizedSettings = self::parseAndValidateKeys($connectionString); - - $matchedSpecs = self::matchedSpecification( - $tokenizedSettings, - self::allRequired( - self::$_accountNameSetting, - self::$_accessKeySetting - ), - self::optional( - self::$_endpointUriSetting, - self::$_oauthEndpointUriSetting - ) - ); - if ($matchedSpecs) { - $endpointUri = Utilities::tryGetValueInsensitive( - Resources::MEDIA_SERVICES_ENDPOINT_URI_NAME, - $tokenizedSettings, - Resources::MEDIA_SERVICES_URL - ); - - $oauthEndpointUri = Utilities::tryGetValueInsensitive( - Resources::MEDIA_SERVICES_OAUTH_ENDPOINT_URI_NAME, - $tokenizedSettings, - Resources::MEDIA_SERVICES_OAUTH_URL - ); - - $accountName = Utilities::tryGetValueInsensitive( - Resources::MEDIA_SERVICES_ACCOUNT_NAME, - $tokenizedSettings - ); - - $accessKey = Utilities::tryGetValueInsensitive( - Resources::MEDIA_SERVICES_ACCESS_KEY, - $tokenizedSettings - ); - - return new self( - $accountName, - $accessKey, - $endpointUri, - $oauthEndpointUri - ); - } - - self::noMatch($connectionString); - return null; - } - - /** - * Gets media services account name. - * - * @return string - */ - public function getAccountName() - { - return $this->_accountName; - } - - /** - * Gets media services access key. - * - * @return string - */ - public function getAccessKey() - { - return $this->_accessKey; + $this->_tokenProvider = $tokenProvider; } /** @@ -257,10 +84,10 @@ public function getEndpointUri() /** * Gets media services OAuth endpoint uri. * - * @return string + * @return ITokenProvider */ - public function getOAuthEndpointUri() + public function getTokenProvider() { - return $this->_oauthEndpointUri; + return $this->_tokenProvider; } } diff --git a/src/Common/Internal/Resources.php b/src/Common/Internal/Resources.php index 5641f3a96..b9e674cb4 100644 --- a/src/Common/Internal/Resources.php +++ b/src/Common/Internal/Resources.php @@ -66,10 +66,6 @@ class Resources { const SHARED_SHARED_ACCESS_KEY_NAME = 'SharedAccessKeyName'; const SHARED_SHARED_ACCESS_KEY = 'SharedAccessKey'; const STS_ENDPOINT_NAME = 'StsEndpoint'; - const MEDIA_SERVICES_ENDPOINT_URI_NAME = 'MediaServicesEndpoint'; - const MEDIA_SERVICES_ACCOUNT_NAME = 'AccountName'; - const MEDIA_SERVICES_ACCESS_KEY = 'AccessKey'; - const MEDIA_SERVICES_OAUTH_ENDPOINT_URI_NAME = 'OAuthEndpoint'; // Messages const INVALID_TYPE_MSG = 'The provided variable should be of type: '; @@ -207,14 +203,20 @@ class Resources { const WRAP_SCOPE = 'wrap_scope'; // OAuth + const OAUTH_CLIENT_ASSERTION_TYPE = 'client_assertion_type'; + const OAUTH_CLIENT_ASSERTION = 'client_assertion'; + const OAUTH_RESOURCE = 'resource'; const OAUTH_GRANT_TYPE = 'grant_type'; const OAUTH_CLIENT_ID = 'client_id'; const OAUTH_CLIENT_SECRET = 'client_secret'; + const OAUTH_USERNAME = 'username'; + const OAUTH_PASSWORD = 'password'; const OAUTH_SCOPE = 'scope'; const OAUTH_GT_CLIENT_CREDENTIALS = 'client_credentials'; const OAUTH_ACCESS_TOKEN = 'access_token'; const OAUTH_EXPIRES_IN = 'expires_in'; const OAUTH_ACCESS_TOKEN_PREFIX = 'Bearer '; + const OAUTH_V1_ENDPOINT = '/oauth2/token'; // HTTP Methods const HTTP_GET = 'GET'; @@ -263,7 +265,7 @@ class Resources { const ATOM_FEED_CONTENT_TYPE = 'application/atom+xml;type=feed;charset=utf-8'; const ACCEPT_CHARSET_VALUE = 'utf-8'; const INT32_MAX = 2147483647; - const MEDIA_SERVICES_API_LATEST_VERSION = '2.13'; + const MEDIA_SERVICES_API_LATEST_VERSION = '2.17'; const MEDIA_SERVICES_DATA_SERVICE_VERSION_VALUE = '3.0;NetFx'; const MEDIA_SERVICES_MAX_DATA_SERVICE_VERSION_VALUE = '3.0;NetFx'; diff --git a/src/Common/ServicesBuilder.php b/src/Common/ServicesBuilder.php index 79e6a8a11..e4bc52097 100644 --- a/src/Common/ServicesBuilder.php +++ b/src/Common/ServicesBuilder.php @@ -55,6 +55,7 @@ use WindowsAzure\ServiceManagement\Internal\IServiceManagement; use WindowsAzure\ServiceManagement\ServiceManagementRestProxy; use WindowsAzure\MediaServices\MediaServicesRestProxy; +use WindowsAzure\MediaServices\Authentication\AzureAdClient; use WindowsAzure\Common\Internal\OAuthRestProxy; use WindowsAzure\Common\Internal\Authentication\OAuthScheme; @@ -300,7 +301,7 @@ public function createMediaServicesService(MediaServicesSettings $settings) $mediaServicesWrapper = new MediaServicesRestProxy( $httpClient, $uri, - $settings->getAccountName(), + Resources::EMPTY_STRING, $serializer ); @@ -322,19 +323,8 @@ public function createMediaServicesService(MediaServicesSettings $settings) $headersFilter = new HeadersFilter($headers); $mediaServicesWrapper = $mediaServicesWrapper->withFilter($headersFilter); - // Adding OAuth filter - $oauthService = new OAuthRestProxy( - new HttpClient(), - $settings->getOAuthEndpointUri() - ); - $authentication = new OAuthScheme( - $settings->getAccountName(), - $settings->getAccessKey(), - Resources::OAUTH_GT_CLIENT_CREDENTIALS, - Resources::MEDIA_SERVICES_OAUTH_SCOPE, - $oauthService - ); - $authenticationFilter = new AuthenticationFilter($authentication); + // Adding Azure Active Directory Authentication filter + $authenticationFilter = new AuthenticationFilter($settings->getTokenProvider()); $mediaServicesWrapper = $mediaServicesWrapper->withFilter( $authenticationFilter ); diff --git a/src/MediaServices/Authentication/AccessToken.php b/src/MediaServices/Authentication/AccessToken.php new file mode 100644 index 000000000..9251a457c --- /dev/null +++ b/src/MediaServices/Authentication/AccessToken.php @@ -0,0 +1,97 @@ + + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @link https://github.com/WindowsAzure/azure-sdk-for-php + */ + +namespace WindowsAzure\MediaServices\Authentication; + +/** + * Represents a Bearer Token + * + * @category Microsoft + * + * @author Azure PHP SDK + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @version Release: 0.5.0_2016-11 + * + * @link https://github.com/WindowsAzure/azure-sdk-for-php + */ +class AccessToken +{ + /** + * Access Token + * + * @var string + */ + private $_access_token; + + /** + * Expiration time + * + * @var \DateTime + */ + private $_expiration_time; + + /** + * Create an Access Token. + * + * @param string $accessToken The access token + * @param \DateTime $expirationTime The expiration time of the access token + */ + public function __construct($accessToken, $expirationTime) + { + $this->_access_token = $accessToken; + $this->_expiration_time = $expirationTime; + } + + /** + * Get the access token + * + * @return string + */ + public function getAccessToken() + { + return $this->_access_token; + } + + /** + * Get the access token expiration time + * + * @return \DateTime + */ + public function getExpirationTime() + { + return $this->_expiration_time; + } + + /** + * Verify if the access token is still valid. + * + * @return int $margin seconds of margin after while to get a new access token + */ + public function isValid($margin = 120) { + return ($this->_expiration_time - $margin) > time(); + } +} diff --git a/src/MediaServices/Authentication/AzureAdClient.php b/src/MediaServices/Authentication/AzureAdClient.php new file mode 100644 index 000000000..f71109ab6 --- /dev/null +++ b/src/MediaServices/Authentication/AzureAdClient.php @@ -0,0 +1,277 @@ + + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @link https://github.com/windowsazure/azure-sdk-for-php + */ + +namespace WindowsAzure\MediaServices\Authentication; + +use Firebase\JWT\JWT; +use WindowsAzure\Common\Internal\ServiceRestProxy; +use WindowsAzure\Common\Internal\Resources; +use WindowsAzure\Common\Internal\Http\IHttpClient; +use WindowsAzure\Common\Internal\Serialization\JsonSerializer; +use WindowsAzure\MediaServices\Authentication\AccessToken; + +/** + * Azure AD rest proxy. + * + * @category Microsoft + * + * @author Azure PHP SDK + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @version Release: 0.5.0_2016-11 + * + * @link https://github.com/windowsazure/azure-sdk-for-php + */ +class AzureAdClient extends ServiceRestProxy +{ + /** + * Initializes new AzureAdRestProxy object. + * + * @param IHttpClient $channel The HTTP client used to send HTTP requests + * @param string $uri The Azure Ad endpoint + */ + public function __construct(IHttpClient $channel, $azureAdEndpoint) + { + parent::__construct( + $channel, + $azureAdEndpoint, + '', + new JsonSerializer() + ); + } + + /** + * Acquire an Azure AD access token given the Client ID and Client Secret + * + * @param string $resource AzureAD resource asking for access to + * @param string $clientId AzureAD client Id + * @param string $clientSecret OAuth request client_secret field value + * + * @return OAuthAccessToken + */ + public function acquireTokenWithSymmetricKey($resource, $clientId, $clientSecret) + { + $method = Resources::HTTP_POST; + $headers = []; + $queryParams = []; + $postParameters = []; + $statusCode = Resources::STATUS_OK; + + $postParameters = $this->addPostParameter( + $postParameters, + Resources::OAUTH_RESOURCE, + $resource + ); + + $postParameters = $this->addPostParameter( + $postParameters, + Resources::OAUTH_GRANT_TYPE, + 'client_credentials' + ); + + $postParameters = $this->addPostParameter( + $postParameters, + Resources::OAUTH_SCOPE, + 'openid' + ); + + $postParameters = $this->addPostParameter( + $postParameters, + Resources::OAUTH_CLIENT_SECRET, + $clientSecret + ); + + $postParameters = $this->addPostParameter( + $postParameters, + Resources::OAUTH_CLIENT_ID, + $clientId + ); + + $response = $this->sendHttp( + $method, + $headers, + $queryParams, + $postParameters, + Resources::EMPTY_STRING, + $statusCode + ); + + $data = $this->dataSerializer->unserialize($response->getBody()); + + $accessToken = $data['access_token']; + $expirationTime = time() + intval($data['expires_in']); + return new AccessToken($accessToken, $expirationTime); + } + + /** + * Get access token using an asymmetric key + * + * @param string $grantType OAuth request grant_type field value + * @param string $credentials Asymmetrict Credentials + * + * @return OAuthAccessToken + */ + public function acquireTokenWithAsymmetricKey($resource, $credentials) + { + $method = Resources::HTTP_POST; + $headers = []; + $queryParams = []; + $postParameters = []; + $statusCode = Resources::STATUS_OK; + + $postParameters = $this->addPostParameter( + $postParameters, + Resources::OAUTH_CLIENT_ASSERTION_TYPE, + 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer' + ); + + $postParameters = $this->addPostParameter( + $postParameters, + Resources::OAUTH_RESOURCE, + $resource + ); + + $postParameters = $this->addPostParameter( + $postParameters, + Resources::OAUTH_GRANT_TYPE, + 'client_credentials' + ); + + $postParameters = $this->addPostParameter( + $postParameters, + Resources::OAUTH_SCOPE, + 'openid' + ); + + $postParameters = $this->addPostParameter( + $postParameters, + Resources::OAUTH_CLIENT_ASSERTION, + $this->encodeCertificateAsJWT($credentials) + ); + + $response = $this->sendHttp( + $method, + $headers, + $queryParams, + $postParameters, + Resources::EMPTY_STRING, + $statusCode + ); + + $data = $this->dataSerializer->unserialize($response->getBody()); + + $accessToken = $data['access_token']; + $expirationTime = time() + intval($data['expires_in']); + return new AccessToken($accessToken, $expirationTime); + } + + /** + * Acquire an Azure AD access token given the username and password + * + * @param string $resource AzureAD resource asking for access to + * @param string $clientId AzureAD client Id + * @param string $username Username + * @param string $password Password + * + * @return OAuthAccessToken + */ + public function acquireTokenWithUserCredentials($resource, $clientId, $username, $password) + { + $method = Resources::HTTP_POST; + $headers = []; + $queryParams = []; + $postParameters = []; + $statusCode = Resources::STATUS_OK; + + $postParameters = $this->addPostParameter( + $postParameters, + Resources::OAUTH_RESOURCE, + $resource + ); + + $postParameters = $this->addPostParameter( + $postParameters, + Resources::OAUTH_GRANT_TYPE, + 'password' + ); + + $postParameters = $this->addPostParameter( + $postParameters, + Resources::OAUTH_SCOPE, + 'openid' + ); + + $postParameters = $this->addPostParameter( + $postParameters, + Resources::OAUTH_USERNAME, + $username + ); + + $postParameters = $this->addPostParameter( + $postParameters, + Resources::OAUTH_PASSWORD, + $password + ); + + $postParameters = $this->addPostParameter( + $postParameters, + Resources::OAUTH_CLIENT_ID, + $clientId + ); + + $response = $this->sendHttp( + $method, + $headers, + $queryParams, + $postParameters, + Resources::EMPTY_STRING, + $statusCode + ); + + $data = $this->dataSerializer->unserialize($response->getBody()); + + $accessToken = $data['access_token']; + $expirationTime = time() + intval($data['expires_in']); + return new AccessToken($accessToken, $expirationTime); + } + + private function encodeCertificateAsJWT($credentials) { + + $head = []; + $head['x5t'] = $credentials->getFingerprint(); + $head['x5c'] = [ $credentials->getCertificate() ]; + + $token = []; + + $token['aud'] = $this->getUri(); + $token['sub'] = $credentials->getClientId(); + $token['iss'] = $credentials->getClientId(); + $token['nbf'] = (string)((new \DateTime("now", new \DateTimeZone('UTC')))->getTimestamp() - 60); + $token['exp'] = (string)((new \DateTime("now", new \DateTimeZone('UTC')))->getTimestamp() + 520); + + return JWT::encode($token, $credentials->getPrivateKey(), 'RS256', null, $head); + } +} \ No newline at end of file diff --git a/src/MediaServices/Authentication/AzureAdClientAsymmetricKey.php b/src/MediaServices/Authentication/AzureAdClientAsymmetricKey.php new file mode 100644 index 000000000..173ea0c2b --- /dev/null +++ b/src/MediaServices/Authentication/AzureAdClientAsymmetricKey.php @@ -0,0 +1,116 @@ + + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @link https://github.com/WindowsAzure/azure-sdk-for-php + */ + +namespace WindowsAzure\MediaServices\Authentication; + +use Herrera\Json\Exception\Exception; + + +/** + * Represents an Azure AD client asymmetric key + * + * @category Microsoft + * + * @author Azure PHP SDK + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @version Release: 0.5.0_2016-11 + * + * @link https://github.com/WindowsAzure/azure-sdk-for-php + */ +class AzureAdClientAsymmetricKey +{ + /** + * client id + * + * @var string + */ + private $_clientId; + + /** + * client certificates + * + * @var string + */ + private $_certs; + + /** + * Create an AzureAdClientSymmetricKey + * + * @param string $clientId The client id + * @param string $certs client certificates + */ + public function __construct($clientId, $certs) + { + $this->_clientId = $clientId; + if (!isset($certs['cert']) || !isset($certs['pkey'])) { + throw new Exception('The client certificate is invalid. Use the output of `openssl_pkcs12_read`'); + } + $this->_certs = $certs; + } + + /** + * Get the client id + * + * @return string + */ + public function getClientId() + { + return $this->_clientId; + } + + /** + * Get the X.509 certificate fingerprint + * + * @return string X.509 certificate fingerprint encoded as Base64 + */ + public function getFingerprint() + { + return base64_encode(pack('H*', openssl_x509_fingerprint($this->_certs['cert']))); + } + + /** + * Get the X.509 certificate + * @param boolean $justbase64 if true (the default), returns the certificate as plain base64 string (without headers nor formatting) + * @return string the certificate + */ + public function getCertificate($justbase64 = true) + { + if ($justbase64) { + $str=str_replace("\n", "", $this->_certs['cert']); + $str = str_replace("-----BEGIN CERTIFICATE-----","", $str); + $str = str_replace("-----END CERTIFICATE-----","", $str); + return $str; + } + + return $this->_certs['cert']; + } + + public function getPrivateKey() + { + return $this->_certs['pkey']; + } +} diff --git a/src/MediaServices/Authentication/AzureAdClientSymmetricKey.php b/src/MediaServices/Authentication/AzureAdClientSymmetricKey.php new file mode 100644 index 000000000..3776289a0 --- /dev/null +++ b/src/MediaServices/Authentication/AzureAdClientSymmetricKey.php @@ -0,0 +1,88 @@ + + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @link https://github.com/WindowsAzure/azure-sdk-for-php + */ + +namespace WindowsAzure\MediaServices\Authentication; + +/** + * Represents an Azure AD client symmetric key + * + * @category Microsoft + * + * @author Azure PHP SDK + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @version Release: 0.5.0_2016-11 + * + * @link https://github.com/WindowsAzure/azure-sdk-for-php + */ +class AzureAdClientSymmetricKey +{ + /** + * client id + * + * @var string + */ + private $_clientId; + + /** + * client secret + * + * @var string + */ + private $_clientSecret; + + /** + * Create an AzureAdClientSymmetricKey + * + * @param string $clientId The client id + * @param string $clientSecret The client secret + */ + public function __construct($clientId, $clientSecret) + { + $this->_clientId = $clientId; + $this->_clientSecret = $clientSecret; + } + + /** + * Get the client id + * + * @return string + */ + public function getClientId() + { + return $this->_clientId; + } + + /** + * Get the client secret + * + * @return string + */ + public function getClientSecret() + { + return $this->_clientSecret; + } +} diff --git a/src/MediaServices/Authentication/AzureAdClientUserCredentials.php b/src/MediaServices/Authentication/AzureAdClientUserCredentials.php new file mode 100644 index 000000000..d4ce2e8cf --- /dev/null +++ b/src/MediaServices/Authentication/AzureAdClientUserCredentials.php @@ -0,0 +1,88 @@ + + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @link https://github.com/WindowsAzure/azure-sdk-for-php + */ + +namespace WindowsAzure\MediaServices\Authentication; + +/** + * Represents an Azure AD client username & password + * + * @category Microsoft + * + * @author Azure PHP SDK + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @version Release: 0.5.0_2016-11 + * + * @link https://github.com/WindowsAzure/azure-sdk-for-php + */ +class AzureAdClientUserCredentials +{ + /** + * Username + * + * @var string + */ + private $_username; + + /** + * Password + * + * @var string + */ + private $_password; + + /** + * Create an AzureAdClientUserCredentials + * + * @param string $username The username + * @param string $password The password + */ + public function __construct($username, $password) + { + $this->_username = $username; + $this->_password = $password; + } + + /** + * Get the username + * + * @return string + */ + public function getUsername() + { + return $this->_username; + } + + /** + * Get the password + * + * @return string + */ + public function getPassword() + { + return $this->_password; + } +} diff --git a/src/MediaServices/Authentication/AzureAdTokenCredentialType.php b/src/MediaServices/Authentication/AzureAdTokenCredentialType.php new file mode 100644 index 000000000..fd3b35b64 --- /dev/null +++ b/src/MediaServices/Authentication/AzureAdTokenCredentialType.php @@ -0,0 +1,62 @@ + + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @link https://github.com/WindowsAzure/azure-sdk-for-php + */ + +namespace WindowsAzure\MediaServices\Authentication; + +/** + * Enumerate types of Azure AD Credentials + * + * @category Microsoft + * + * @author Azure PHP SDK + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @version Release: 0.5.0_2016-11 + * + * @link https://github.com/WindowsAzure/azure-sdk-for-php + */ +class AzureAdTokenCredentialType { + + /** + * User Credential by prompting user for user name and password. + */ + const USER_CREDENTIAL = 0; + + /** + * User Secret Credential by providing user name and password via configuration. + */ + const USER_SECRET_CREDENTIAL = 1; + + /** + * Service Principal with the symmetric key credential. + */ + const SERVICE_PRINCIPAL_WITH_CLIENT_SYMMETRIC_KEY = 2; + + /** + * Service Principal with the certificate credential. + */ + const SERVICE_PRINCIPAL_WITH_CERTIFICATE = 3; +} diff --git a/src/MediaServices/Authentication/AzureAdTokenCredentials.php b/src/MediaServices/Authentication/AzureAdTokenCredentials.php new file mode 100644 index 000000000..a61b7e161 --- /dev/null +++ b/src/MediaServices/Authentication/AzureAdTokenCredentials.php @@ -0,0 +1,139 @@ + + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @link https://github.com/WindowsAzure/azure-sdk-for-php + */ + +namespace WindowsAzure\MediaServices\Authentication; + +use WindowsAzure\MediaServices\Authentication\AzureEnvironment; +use WindowsAzure\MediaServices\Authentication\AzureAdClientUsernamePassword; +use WindowsAzure\MediaServices\Authentication\AzureAdClientAsymmetricKey; +use WindowsAzure\MediaServices\Authentication\AzureAdClientSymmetricKey; +use WindowsAzure\MediaServices\Authentication\AzureAdClientUserCredentials; + +/** + * Represents an Azure AD Credential for Azure Media Services + * + * @category Microsoft + * + * @author Azure PHP SDK + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @version Release: 0.5.0_2016-11 + * + * @link https://github.com/WindowsAzure/azure-sdk-for-php + */ +class AzureAdTokenCredentials { + + /** + * @var string + */ + private $_tenant; + + /** + * @var int + */ + private $_credentialType; + + /** + * @var object + */ + private $_credential; + + /** + * @var AzureEnvironment + */ + private $_azureEnvironment; + + /** + * Initializes a new instance of the AzureEnvironment class. + * + * @param string $tenant The tenant domain name. + * @param object $credential The credential. + * @param AzureEnvironment $azureEnvironment The Azure environment data. + */ + public function __construct( + $tenant, + $credential, + $azureEnvironment) { + + if ($tenant == NULL) { + throw new \InvalidArgumentException("tenant"); + } + + if ($credential == NULL) { + throw new \InvalidArgumentException("credential"); + } + + if ($azureEnvironment == NULL) { + throw new \InvalidArgumentException("azureEnvironment"); + } + + if ($credential instanceof AzureAdClientUserCredentials) { + $this->_credentialType = AzureAdTokenCredentialType::USER_SECRET_CREDENTIAL; + } else if ($credential instanceof AzureAdClientSymmetricKey) { + $this->_credentialType = AzureAdTokenCredentialType::SERVICE_PRINCIPAL_WITH_CLIENT_SYMMETRIC_KEY; + } else if ($credential instanceof AzureAdClientAsymmetricKey) { + $this->_credentialType = AzureAdTokenCredentialType::SERVICE_PRINCIPAL_WITH_CERTIFICATE; + } else { + throw new \InvalidArgumentException("the credential must be a valid type"); + } + + $this->_tenant = $tenant; + $this->_credential = $credential; + $this->_azureEnvironment = $azureEnvironment; + } + + /** + * Gets the tenant. + * @return string the tenant. + */ + public function getTenant() { + return $this->_tenant; + } + + /** + * Gets the credential. + * @return object the credential. + */ + public function getCredential() { + return $this->_credential; + } + + /** + * Gets the credential type. + * @return int the credential type. + */ + public function getCredentialType() { + return $this->_credentialType; + } + + /** + * Gets the environment. + * @return AzureEnvironment the environment. + */ + public function getAzureEnvironment() { + return $this->_azureEnvironment; + } +} diff --git a/src/MediaServices/Authentication/AzureAdTokenProvider.php b/src/MediaServices/Authentication/AzureAdTokenProvider.php new file mode 100644 index 000000000..725728d5e --- /dev/null +++ b/src/MediaServices/Authentication/AzureAdTokenProvider.php @@ -0,0 +1,166 @@ + + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @link https://github.com/WindowsAzure/azure-sdk-for-php + */ + +namespace WindowsAzure\MediaServices\Authentication; + +use Firebase\JWT\JWT; +use WindowsAzure\Common\Internal\Http\HttpClient; +use WindowsAzure\Common\Internal\Resources; +use WindowsAzure\MediaServices\Authentication\AccessToken; +use WindowsAzure\MediaServices\Authentication\ITokenProvider; +use WindowsAzure\MediaServices\Authentication\AzureAdClient; +use WindowsAzure\MediaServices\Authentication\AzureAdTokenCredentials; + +/** + * Represents an Azure AD Credential + * + * @category Microsoft + * + * @author Azure PHP SDK + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @version Release: 0.5.0_2016-11 + * + * @link https://github.com/WindowsAzure/azure-sdk-for-php + */ +class AzureAdTokenProvider implements ITokenProvider { + + /** + * @var AzureAdTokenCredentials + */ + private $_credentials; + + /** + * @var AzureAdClient + */ + private $_azureAdClient; + + /** + * @var string + */ + private $_cachedAccessToken; + + /** + * Initializes a new instance of the AzureAdTokenProvider class. + * + * @param AzureAdTokenCredentials $credentials The AzureAdTokenCredentials + */ + public function __construct($credentials) { + if ($credentials == NULL) { + throw new \InvalidArgumentException("credentials"); + } + + $this->_credentials = $credentials; + + $authority = $this->canonicalizeUri($credentials->getAzureEnvironment()->getActiveDirectoryEndpoint()); + $authority .= $credentials->getTenant(); + $authority .= Resources::OAUTH_V1_ENDPOINT; + + $this->_azureAdClient = new AzureAdClient( + new HttpClient(), + $authority + ); + + $this->_cachedAccessToken = null; + } + + /** + * Gets a valid access Token + * @return AccessToken the access token object + */ + public function getAccessToken() { + if (!is_null($this->_cachedAccessToken) && + $this->_cachedAccessToken->isValid()) { + return $this->_cachedAccessToken; + } + + $this->_cachedAccessToken = $this->acquireAccessToken(); + return $this->_cachedAccessToken; + } + + /** + * Gets a valid access Token + * @return AccessToken the access token object + */ + public function acquireAccessToken() { + + switch ($this->_credentials->getCredentialType()) { + case AzureAdTokenCredentialType::USER_SECRET_CREDENTIAL: + return $this->_azureAdClient->acquireTokenWithUserCredentials( + $this->_credentials->getAzureEnvironment()->getMediaServicesResource(), + $this->_credentials->getAzureEnvironment()->getMediaServicesSdkClientId(), + $this->_credentials->getCredential()->getUsername(), + $this->_credentials->getCredential()->getPassword()); + + case AzureAdTokenCredentialType::SERVICE_PRINCIPAL_WITH_CLIENT_SYMMETRIC_KEY: + return $this->_azureAdClient->acquireTokenWithSymmetricKey( + $this->_credentials->getAzureEnvironment()->getMediaServicesResource(), + $this->_credentials->getCredential()->getClientId(), + $this->_credentials->getCredential()->getClientSecret()); + + case AzureAdTokenCredentialType::SERVICE_PRINCIPAL_WITH_CERTIFICATE: + return $this->_azureAdClient->acquireTokenWithAsymmetricKey( + $this->_credentials->getAzureEnvironment()->getMediaServicesResource(), + $this->_credentials->getCredential()); + + case AzureAdTokenCredentialType::USER_CREDENTIAL: + throw new \Symfony\Component\DependencyInjection\Exception\RuntimeException( + "Interactive user credential is currently not supported by the php sdk"); + + default: + throw new \Symfony\Component\DependencyInjection\Exception\RuntimeException( + "Unknown token credential type"); + } + } + + /** + * @param string $uri the URI to be canonicalized. + */ + private function canonicalizeUri($uri) { + if ($uri != NULL && substr($uri, -1) !== '/') { + return $uri . '/'; + } + + return $uri; + } + + private function isJWTValid($jwt) { + $tks = explode('.', $jwt->getAccessToken()); + if (count($tks) != 3) { + throw new UnexpectedValueException('Wrong number of segments'); + } + list($headb64, $bodyb64, $cryptob64) = $tks; + if (null === ($header = static::jsonDecode(static::urlsafeB64Decode($headb64)))) { + throw new UnexpectedValueException('Invalid header encoding'); + } + if (null === $payload = static::jsonDecode(static::urlsafeB64Decode($bodyb64))) { + throw new UnexpectedValueException('Invalid claims encoding'); + } + + // Check if this token has expired. + return !(isset($payload->exp) && time() >= $payload->exp); + } +} diff --git a/src/MediaServices/Authentication/AzureEnvironment.php b/src/MediaServices/Authentication/AzureEnvironment.php new file mode 100644 index 000000000..d3f95f23c --- /dev/null +++ b/src/MediaServices/Authentication/AzureEnvironment.php @@ -0,0 +1,130 @@ + + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @link https://github.com/WindowsAzure/azure-sdk-for-php + */ + +namespace WindowsAzure\MediaServices\Authentication; + +/** + * Represents an Azure Media Services Environment + * + * @category Microsoft + * + * @author Azure PHP SDK + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @version Release: 0.5.0_2016-11 + * + * @link https://github.com/WindowsAzure/azure-sdk-for-php + */ +class AzureEnvironment { + + /** + * @var string + */ + private $_activeDirectoryEndpoint; + + /** + * @var string + */ + private $_mediaServicesResource; + + /** + * @var string + */ + private $_mediaServicesSdkClientId; + + /** + * @var string + */ + private $_mediaServicesSdkRedirectUri; + + /** + * Gets the Active Directory endpoint. + * @return string Active Directory endpoint. + */ + public function getActiveDirectoryEndpoint() { + return $this->_activeDirectoryEndpoint; + } + + /** + * Gets the Media Services resource. + * @return string Media Services resource + */ + public function getMediaServicesResource() { + return $this->_mediaServicesResource; + } + + /** + * Gets the Media Services SDK client ID. + * @return string Media Services SDK client ID + */ + public function getMediaServicesSdkClientId() { + return $this->_mediaServicesSdkClientId; + } + + /** + * Gets Media Services SDK application redirect URI. + * @return string Media Services SDK application redirect URI. + */ + public function getMediaServicesSdkRedirectUri() { + return $this->_this.mediaServicesSdkRedirectUri; + } + + /** + * Initializes a new instance of the AzureEnvironment class. + * + * @param string $activeDirectoryEndpoint The Active Directory endpoint. + * @param string $mediaServicesResource The Media Services resource. + * @param string $mediaServicesSdkClientId The Media Services SDK client ID. + * @param string $mediaServicesSdkRedirectUri The Media Services SDK redirect URI. + */ + public function __construct( + $activeDirectoryEndpoint, + $mediaServicesResource, + $mediaServicesSdkClientId, + $mediaServicesSdkRedirectUri) { + + if ($activeDirectoryEndpoint == NULL) { + throw new \InvalidArgumentException("activeDirectoryEndpoint"); + } + + if ($mediaServicesResource == NULL) { + throw new \InvalidArgumentException("mediaServicesResource"); + } + + if ($mediaServicesSdkClientId == NULL) { + throw new \InvalidArgumentException("mediaServicesSdkClientId"); + } + + if ($mediaServicesSdkRedirectUri == NULL) { + throw new \InvalidArgumentException("mediaServicesSdkRedirectUri"); + } + + $this->_activeDirectoryEndpoint = $activeDirectoryEndpoint; + $this->_mediaServicesResource = $mediaServicesResource; + $this->_mediaServicesSdkClientId = $mediaServicesSdkClientId; + $this->_mediaServicesSdkRedirectUri = $mediaServicesSdkRedirectUri; + } +} \ No newline at end of file diff --git a/src/MediaServices/Authentication/AzureEnvironmentConstants.php b/src/MediaServices/Authentication/AzureEnvironmentConstants.php new file mode 100644 index 000000000..7e7da1b70 --- /dev/null +++ b/src/MediaServices/Authentication/AzureEnvironmentConstants.php @@ -0,0 +1,97 @@ + + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @link https://github.com/WindowsAzure/azure-sdk-for-php + */ + +namespace WindowsAzure\MediaServices\Authentication; + +/** + * Holds the Azure Media Services Environmental constants + * + * @category Microsoft + * + * @author Azure PHP SDK + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @version Release: 0.5.0_2016-11 + * + * @link https://github.com/WindowsAzure/azure-sdk-for-php + */ +class AzureEnvironmentConstants { + + /** + * The Active Directory endpoint for Azure Cloud environment. + */ + const AZURE_CLOUD_ACTIVE_DIRECTORY_ENDPOINT = "https://login.microsoftonline.com/"; + + /** + * The Media Services resource for Azure Cloud environment. + */ + const AZURE_CLOUD_MEDIA_SERVICES_RESOURCE = "https://rest.media.azure.net"; + + /** + * The Active Directory endpoint for Azure China Cloud environment. + */ + const AZURE_CHINA_CLOUD_ACTIVE_DIRECTORY_ENDPOINT = "https://login.chinacloudapi.cn/"; + + /** + * The Media Services resource for Azure China Cloud environment. + */ + const AZURE_CHINA_CLOUD_MEDIA_SERVICES_RESOURCE = "https://rest.media.chinacloudapi.cn"; + + /** + * The Active Directory endpoint for Azure US Government environment. + */ + const AZURE_US_GOVERNMENT_ACTIVE_DIRECTORY_ENDPOINT = "https://login-us.microsoftonline.com/"; + + /** + * The Media Services resource for Azure US Government environment. + */ + const AZURE_US_GOVERNMENT_MEDIA_SERVICES_RESOURCE = "https://rest.media.usgovcloudapi.net"; + + /** + * The native SDK AAD application ID for Azure US Government environment. + */ + const AZURE_US_GOVERNMENT_SDK_AAD_APPLIATION_ID = "68dac91e-cab5-461b-ab4a-ec7dcff0bd67"; + + /** + * The Active Directory endpoint for Azure German cloud environment. + */ + const AZURE_GERMAN_CLOUD_ACTIVE_DIRECTORY_ENDPOINT = "https://login.microsoftonline.de/"; + + /** + * The Media Services resource for Azure German Cloud environment. + */ + const AZURE_GERMAN_CLOUD_MEDIA_SERVICES_RESOURCE = "https://rest.media.cloudapi.de"; + + /** + * The native SDK AAD application ID for Azure Cloud, Azure China Cloud and Azure German Cloud environment. + */ + const SDK_AAD_APPLICATION_ID = "d476653d-842c-4f52-862d-397463ada5e7"; + + /** + * The native SDK AAD application's redirect URL for all environments. + */ + const SDK_AAD_APPLICATION_REDIRECT_URI = "https://AzureMediaServicesNativeSDK"; +} diff --git a/src/MediaServices/Authentication/AzureEnvironments.php b/src/MediaServices/Authentication/AzureEnvironments.php new file mode 100644 index 000000000..1d0f10cba --- /dev/null +++ b/src/MediaServices/Authentication/AzureEnvironments.php @@ -0,0 +1,114 @@ + + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @link https://github.com/WindowsAzure/azure-sdk-for-php + */ + +namespace WindowsAzure\MediaServices\Authentication; + +use WindowsAzure\MediaServices\Authentication\AzureEnvironment; +use WindowsAzure\MediaServices\Authentication\AzureEnvironmentConstants; + +/** + * Holds all Azure Media Services Environments + * + * @category Microsoft + * + * @author Azure PHP SDK + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @version Release: 0.5.0_2016-11 + * + * @link https://github.com/WindowsAzure/azure-sdk-for-php + */ +class AzureEnvironments { + + /** + * Azure Cloud environment. + */ + private static $AZURE_CLOUD_ENVIRONMENT; + + /** + * Azure China Cloud environment. + */ + private static $AZURE_CHINA_CLOUD_ENVIRONMENT; + + /** + * Azure US Government environment. + */ + private static $AZURE_US_GOVERNMENT_ENVIRONMENT; + + /** + * Azure German Cloud environment. + */ + private static $AZURE_GERMAN_CLOUD_ENVIRONMENT; + + public static function AZURE_CLOUD_ENVIRONMENT() { + if (self::$AZURE_CLOUD_ENVIRONMENT == NULL) { + self::$AZURE_CLOUD_ENVIRONMENT = new AzureEnvironment( + AzureEnvironmentConstants::AZURE_CLOUD_ACTIVE_DIRECTORY_ENDPOINT, + AzureEnvironmentConstants::AZURE_CLOUD_MEDIA_SERVICES_RESOURCE, + AzureEnvironmentConstants::SDK_AAD_APPLICATION_ID, + AzureEnvironmentConstants::SDK_AAD_APPLICATION_REDIRECT_URI); + } + + return self::$AZURE_CLOUD_ENVIRONMENT; + } + + public static function AZURE_CHINA_CLOUD_ENVIRONMENT() { + if (self::$AZURE_CHINA_CLOUD_ENVIRONMENT == NULL) { + self::$AZURE_CHINA_CLOUD_ENVIRONMENT = new AzureEnvironment( + AzureEnvironmentConstants::AZURE_CHINA_CLOUD_ACTIVE_DIRECTORY_ENDPOINT, + AzureEnvironmentConstants::AZURE_CHINA_CLOUD_MEDIA_SERVICES_RESOURCE, + AzureEnvironmentConstants::SDK_AAD_APPLICATION_ID, + AzureEnvironmentConstants::SDK_AAD_APPLICATION_REDIRECT_URI); + } + + return self::$AZURE_CHINA_CLOUD_ENVIRONMENT; + } + + public static function AZURE_GERMAN_CLOUD_ENVIRONMENT() { + if (self::$AZURE_GERMAN_CLOUD_ENVIRONMENT == NULL) { + self::$AZURE_GERMAN_CLOUD_ENVIRONMENT = new AzureEnvironment( + AzureEnvironmentConstants::AZURE_GERMAN_CLOUD_ACTIVE_DIRECTORY_ENDPOINT, + AzureEnvironmentConstants::AZURE_GERMAN_CLOUD_MEDIA_SERVICES_RESOURCE, + AzureEnvironmentConstants::SDK_AAD_APPLICATION_ID, + AzureEnvironmentConstants::SDK_AAD_APPLICATION_REDIRECT_URI); + } + + return self::$AZURE_GERMAN_CLOUD_ENVIRONMENT; + } + + public static function AZURE_US_GOVERNMENT_ENVIRONMENT() { + if (self::$AZURE_US_GOVERNMENT_ENVIRONMENT == NULL) { + self::$AZURE_US_GOVERNMENT_ENVIRONMENT = new AzureEnvironment( + AzureEnvironmentConstants::AZURE_US_GOVERNMENT_ACTIVE_DIRECTORY_ENDPOINT, + AzureEnvironmentConstants::AZURE_US_GOVERNMENT_MEDIA_SERVICES_RESOURCE, + AzureEnvironmentConstants::AZURE_US_GOVERNMENT_SDK_AAD_APPLIATION_ID, + AzureEnvironmentConstants::SDK_AAD_APPLICATION_REDIRECT_URI); + } + + return self::$AZURE_US_GOVERNMENT_ENVIRONMENT; + } +} + diff --git a/src/MediaServices/Authentication/ITokenProvider.php b/src/MediaServices/Authentication/ITokenProvider.php new file mode 100644 index 000000000..8fedef8a9 --- /dev/null +++ b/src/MediaServices/Authentication/ITokenProvider.php @@ -0,0 +1,51 @@ + + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @link https://github.com/windowsazure/azure-sdk-for-php + */ + +namespace WindowsAzure\MediaServices\Authentication; + +use WindowsAzure\MediaServices\Authentication\AccessToken; + +/** + * A generic interface to a RFC6750 bearer token provider. + * + * @category Microsoft + * + * @author Azure PHP SDK + * @copyright Microsoft Corporation + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * + * @version Release: 0.5.0_2016-11 + * + * @link https://github.com/windowsazure/azure-sdk-for-php + */ +interface ITokenProvider +{ + /** + * Gets the access token to use. + * + * @return WindowsAzure\MediaServices\Authentication\AccessToken + */ + public function getAccessToken(); +} diff --git a/src/MediaServices/MediaServicesRestProxy.php b/src/MediaServices/MediaServicesRestProxy.php index 9050bd5c1..1858f7f8c 100644 --- a/src/MediaServices/MediaServicesRestProxy.php +++ b/src/MediaServices/MediaServicesRestProxy.php @@ -893,9 +893,9 @@ public function getAssetLocatorList($asset) * * @return Locator[] */ - public function getLocatorList() + public function getLocatorList(array $queryParams = []) { - $propertyList = $this->_getEntityList('Locators'); + $propertyList = $this->_getEntityList('Locators', $queryParams); $result = []; foreach ($propertyList as $properties) { @@ -1668,9 +1668,9 @@ public function getJobTemplate($jobTemplate) * * @return JobTemplate[] */ - public function getJobTemplateList() + public function getJobTemplateList(array $queryParams = []) { - $propertyList = $this->_getEntityList('JobTemplates'); + $propertyList = $this->_getEntityList('JobTemplates', $queryParams); $result = []; foreach ($propertyList as $properties) { @@ -1726,9 +1726,9 @@ public function deleteJobTemplate($jobTemplate) * * @return TaskTemplate[] */ - public function getTaskTemplateList() + public function getTaskTemplateList(array $queryParams = []) { - $propertyList = $this->_getEntityList('TaskTemplates'); + $propertyList = $this->_getEntityList('TaskTemplates', $queryParams); $result = []; foreach ($propertyList as $properties) { @@ -2129,9 +2129,9 @@ public function createContentKey(ContentKey $contentKey) * * @return ContentKey[] */ - public function getContentKeyList() + public function getContentKeyList(array $queryParams = []) { - $propertyList = $this->_getEntityList('ContentKeys'); + $propertyList = $this->_getEntityList('ContentKeys', $queryParams); $result = []; foreach ($propertyList as $properties) { diff --git a/tests/framework/MediaServicesRestProxyTestBase.php b/tests/framework/MediaServicesRestProxyTestBase.php index 66fb4ce42..f7c6558d2 100644 --- a/tests/framework/MediaServicesRestProxyTestBase.php +++ b/tests/framework/MediaServicesRestProxyTestBase.php @@ -27,7 +27,10 @@ use Exception; use WindowsAzure\Common\Internal\MediaServicesSettings; - +use WindowsAzure\MediaServices\Authentication\AzureAdTokenCredentials; +use WindowsAzure\MediaServices\Authentication\AzureAdClientSymmetricKey; +use WindowsAzure\MediaServices\Authentication\AzureAdTokenProvider; +use WindowsAzure\MediaServices\Authentication\AzureEnvironments; use WindowsAzure\MediaServices\MediaServicesRestProxy; use WindowsAzure\MediaServices\Models\Asset; use WindowsAzure\MediaServices\Models\AccessPolicy; @@ -86,7 +89,12 @@ public function setUp() $this->skipIfEmulated(); parent::setUp(); $connection = TestResources::getMediaServicesConnectionParameters(); - $settings = new MediaServicesSettings($connection['accountName'], $connection['accessKey'], $connection['endpointUri'], $connection['oauthEndpointUri']); + $credentials = new AzureAdTokenCredentials( + $connection['tenant'], + new AzureAdClientSymmetricKey($connection['clientId'], $connection['clientKey']), + call_user_func('WindowsAzure\\MediaServices\\Authentication\\AzureEnvironments::' . $connection['environment'])); + $provider = new AzureAdTokenProvider($credentials); + $settings = new MediaServicesSettings($connection['restApiEndpoint'], $provider); $this->mediaServicesWrapper = $this->builder->createMediaServicesService($settings); parent::setProxy($this->mediaServicesWrapper); } @@ -510,12 +518,12 @@ public function uploadSingleFile($fileName, $fileContent) $access->setDurationInMinutes(30); $access->setPermissions(AccessPolicy::PERMISSIONS_WRITE); $access = $this->createAccessPolicy($access); - + $locator = new Locator($asset, $access, Locator::TYPE_SAS); $locator->setName(TestResources::MEDIA_SERVICES_LOCATOR_NAME.$this->createSuffix()); $locator->setStartTime(new \DateTime('now -5 minutes')); $locator = $this->createLocator($locator); - + $this->mediaServicesWrapper->uploadAssetFile($locator, $fileName, $fileContent); $this->mediaServicesWrapper->createFileInfos($asset); diff --git a/tests/framework/TestResources.php b/tests/framework/TestResources.php index 62c321686..ea52644ca 100644 --- a/tests/framework/TestResources.php +++ b/tests/framework/TestResources.php @@ -75,7 +75,7 @@ class TestResources const MEDIA_SERVICES_JOB_TEMPLATE_NAME = 'TestJobTemplate'; const MEDIA_SERVICES_JOB_TEMPLATE_ID_PREFIX = 'nb:jtid:UUID:'; const MEDIA_SERVICES_TASK_CONFIGURATION = 'H.264 HD 720p VBR'; - const MEDIA_SERVICES_PROCESSOR_NAME = 'Windows Azure Media Encoder'; + const MEDIA_SERVICES_PROCESSOR_NAME = 'Media Encoder Standard'; const MEDIA_SERVICES_DECODE_PROCESSOR_NAME = 'Storage Decryption'; const MEDIA_SERVICES_PROCESSOR_ID_PREFIX = 'nb:mpid:UUID:'; const MEDIA_SERVICES_DUMMY_FILE_NAME = 'simple.avi'; @@ -201,10 +201,11 @@ public static function complexPackageConfiguration() public static function getMediaServicesConnectionParameters() { return [ - 'accountName' => self::getEnvironmentVariable('AZURE_MEDIA_SERVICES_ACCOUNT_NAME'), - 'accessKey' => self::getEnvironmentVariable('AZURE_MEDIA_SERVICES_ACCESS_KEY'), - 'endpointUri' => self::getEnvironmentVariable('AZURE_MEDIA_SERVICES_ENDPOINT_URI', false), - 'oauthEndpointUri' => self::getEnvironmentVariable('AZURE_MEDIA_SERVICES_OAUTH_ENDPOINT_URI', false), + 'tenant' => self::getEnvironmentVariable('AZURE_MEDIA_SERVICES_TENANT'), + 'clientId' => self::getEnvironmentVariable('AZURE_MEDIA_SERVICES_CLIENT_ID'), + 'clientKey' => self::getEnvironmentVariable('AZURE_MEDIA_SERVICES_CLIENT_KEY'), + 'restApiEndpoint' => self::getEnvironmentVariable('AZURE_MEDIA_SERVICES_REST_API_ENDPOINT'), + 'environment' => self::getEnvironmentVariable('AZURE_MEDIA_SERVICES_ENVIRONMENT'), ]; } diff --git a/tests/functional/WindowsAzure/MediaServices/MediaServicesFunctionalTest.php b/tests/functional/WindowsAzure/MediaServices/MediaServicesFunctionalTest.php index 3745b19cb..ef42abe45 100644 --- a/tests/functional/WindowsAzure/MediaServices/MediaServicesFunctionalTest.php +++ b/tests/functional/WindowsAzure/MediaServices/MediaServicesFunctionalTest.php @@ -469,7 +469,7 @@ public function testListAllJobsAndAssets() $outputAssetName2 = $this->getOutputAssetName(); $taskBody1 = 'JobInputAsset(0)JobOutputAsset(0)'; - $mediaProcessorId = 'nb:mpid:UUID:2e7aa8f3-4961-4e0c-b4db-0e0439e524f5'; + $mediaProcessorId = 'nb:mpid:UUID:ff4df607-d419-42f0-bc17-a481b1331e56'; $task1 = new Task($taskBody1, $mediaProcessorId, TaskOptions::NONE); $task1->setConfiguration('H.264 HD 720p VBR'); diff --git a/tests/unit/WindowsAzure/Common/Internal/Authentication/OAuthSchemeTest.php b/tests/unit/WindowsAzure/Common/Internal/Authentication/OAuthSchemeTest.php index 4145eff2f..22d3331bb 100644 --- a/tests/unit/WindowsAzure/Common/Internal/Authentication/OAuthSchemeTest.php +++ b/tests/unit/WindowsAzure/Common/Internal/Authentication/OAuthSchemeTest.php @@ -69,70 +69,4 @@ public function test__construct() $this->assertEquals($scope, $actual->getScope()); $this->assertEquals($oauthService, $actual->getOAuthService()); } - - /** - * @covers \WindowsAzure\Common\Internal\Authentication\OAuthScheme::getAuthorizationHeader - */ - public function testGetAuthorizationHeader() - { - $this->skipIfEmulated(); - - // Setup - // OAuth REST setup - $channel = new HttpClient(); - $uri = Resources::MEDIA_SERVICES_OAUTH_URL; - $connection = TestResources::getMediaServicesConnectionParameters(); - $settings = new MediaServicesSettings($connection['accountName'], $connection['accessKey']); - $scope = Resources::MEDIA_SERVICES_OAUTH_SCOPE; - $grantType = Resources::OAUTH_GT_CLIENT_CREDENTIALS; - $rest = new OAuthRestProxy($channel, $uri); - - // Scheme setup - $headers = []; - $url = Resources::MEDIA_SERVICES_URL; - $queryParams = []; - $httpMethod = Resources::HTTP_GET; - - // Test - $scheme = new OAuthScheme($settings->getAccountName(), $settings->getAccessKey(), $grantType, $scope, $rest); - $actual = $scheme->getAuthorizationHeader($headers, $url, $queryParams, $httpMethod); - - // Assert - $this->assertNotNull($actual); - $this->assertStringStartsWith(Resources::OAUTH_ACCESS_TOKEN_PREFIX, $actual); - } - - /** - * @covers \WindowsAzure\Common\Internal\Authentication\OAuthScheme::getAuthorizationHeader - */ - public function testGetAuthorizationHeaderMultiple() - { - $this->skipIfEmulated(); - - // Setup - // OAuth REST setup - $channel = new HttpClient(); - $uri = Resources::MEDIA_SERVICES_OAUTH_URL; - $connection = TestResources::getMediaServicesConnectionParameters(); - $settings = new MediaServicesSettings($connection['accountName'], $connection['accessKey']); - $scope = Resources::MEDIA_SERVICES_OAUTH_SCOPE; - $grantType = Resources::OAUTH_GT_CLIENT_CREDENTIALS; - $rest = new OAuthRestProxy($channel, $uri); - - // Scheme setup - $headers = []; - $url = Resources::MEDIA_SERVICES_URL; - $queryParams = []; - $httpMethod = Resources::HTTP_GET; - - // Get access token - $scheme = new OAuthScheme($settings->getAccountName(), $settings->getAccessKey(), $grantType, $scope, $rest); - $token = $scheme->getAuthorizationHeader($headers, $url, $queryParams, $httpMethod); - - // Test - $actual = $scheme->getAuthorizationHeader($headers, $url, $queryParams, $httpMethod); - - // Assert - $this->assertEquals($token, $actual); - } } diff --git a/tests/unit/WindowsAzure/Common/Internal/Filters/AuthenticationFilterTest.php b/tests/unit/WindowsAzure/Common/Internal/Filters/AuthenticationFilterTest.php index 6ab585550..349ca87ff 100644 --- a/tests/unit/WindowsAzure/Common/Internal/Filters/AuthenticationFilterTest.php +++ b/tests/unit/WindowsAzure/Common/Internal/Filters/AuthenticationFilterTest.php @@ -11,7 +11,7 @@ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. - * + * * PHP version 5 * * @category Microsoft @@ -30,6 +30,7 @@ use WindowsAzure\Common\Internal\Http\Url; use WindowsAzure\Common\Internal\Resources; use WindowsAzure\Common\Internal\Authentication\SharedKeyAuthScheme; +use WindowsAzure\MediaServices\Authentication\AccessToken; /** * Unit tests for class AuthenticationFilterTest. @@ -54,10 +55,12 @@ public function testHandleRequest() { // Setup $channel = new HttpClient(); - $url = new Url('http://microsoft.com'); - $channel->setUrl($url); - $scheme = new SharedKeyAuthScheme('account', 'key'); - $filter = new AuthenticationFilter($scheme); + $token = 'testToken'; + $expiration = new \DateTime('now'); + $accessToken = new AccessToken($token, $expiration); + $tokenProvider = $this->getMock('\WindowsAzure\MediaServices\Authentication\ITokenProvider'); + $tokenProvider->expects($this->any())->method('getAccessToken')->will($this->returnValue($accessToken)); + $filter = new AuthenticationFilter($tokenProvider); // Test $request = $filter->handleRequest($channel); @@ -65,44 +68,4 @@ public function testHandleRequest() // Assert $this->assertArrayHasKey(strtolower(Resources::AUTHENTICATION), $request->getHeaders()); } - - /** - * @covers \WindowsAzure\Common\Internal\Filters\AuthenticationFilter::handleRequest - * @covers \WindowsAzure\Common\Internal\Filters\AuthenticationFilter::__construct - */ - public function testHandleRequestWithTable() - { - // Setup - $channel = new HttpClient(); - $url = new Url('http://microsoft.com'); - $channel->setUrl($url); - $scheme = new SharedKeyAuthScheme('account', 'key'); - $filter = new AuthenticationFilter($scheme); - - // Test - $request = $filter->handleRequest($channel); - - // Assert - $this->assertArrayHasKey(strtolower(Resources::AUTHENTICATION), $request->getHeaders()); - } - - /** - * @covers \WindowsAzure\Common\Internal\Filters\AuthenticationFilter::handleResponse - */ - public function testHandleResponse() - { - // Setup - $channel = new HttpClient(); - $url = new Url('http://microsoft.com'); - $channel->setUrl($url); - $response = new \GuzzleHttp\Psr7\Response(); - $scheme = new SharedKeyAuthScheme('acount', 'key'); - $filter = new AuthenticationFilter($scheme); - - // Test - $response = $filter->handleResponse($channel, $response); - - // Assert - $this->assertNotNull($response); - } } diff --git a/tests/unit/WindowsAzure/Common/Internal/MediaServicesSettingsTest.php b/tests/unit/WindowsAzure/Common/Internal/MediaServicesSettingsTest.php index cf1eac10e..7d2f1f0cc 100644 --- a/tests/unit/WindowsAzure/Common/Internal/MediaServicesSettingsTest.php +++ b/tests/unit/WindowsAzure/Common/Internal/MediaServicesSettingsTest.php @@ -27,6 +27,7 @@ use WindowsAzure\Common\Internal\MediaServicesSettings; use WindowsAzure\Common\Internal\Resources; +use WindowsAzure\MediaServices\Authentication\ITokenProvider; /** * Unit tests for class MediaServicesSettings. @@ -44,228 +45,51 @@ class MediaServicesSettingsTest extends \PHPUnit_Framework_TestCase { /** - * @covers \WindowsAzure\Common\Internal\MediaServicesSettings::createFromConnectionString - * @covers \WindowsAzure\Common\Internal\MediaServicesSettings::init * @covers \WindowsAzure\Common\Internal\MediaServicesSettings::__construct */ - public function testCreateFromConnectionStringWithAutomaticCase() + public function testConstructorSuccess() { // Setup - $accountName = 'testAccount'; - $accessKey = 'testKey'; - $endpointUri = Resources::MEDIA_SERVICES_URL; - $oauthEndpointUri = Resources::MEDIA_SERVICES_OAUTH_URL; - $connectionString = "AccountName={$accountName};AccessKey={$accessKey}"; + $endpointUri = 'http://valid.url/'; + $tokenProvider = $this->getMock('\WindowsAzure\MediaServices\Authentication\ITokenProvider'); // Test - $actual = MediaServicesSettings::createFromConnectionString($connectionString); + $settings = new MediaServicesSettings($endpointUri, $tokenProvider); // Assert - $this->assertEquals($accountName, $actual->getAccountName()); - $this->assertEquals($accessKey, $actual->getAccessKey()); - $this->assertEquals($endpointUri, $actual->getEndpointUri()); - $this->assertEquals($oauthEndpointUri, $actual->getOAuthEndpointUri()); - } - - /** - * @covers \WindowsAzure\Common\Internal\MediaServicesSettings::createFromConnectionString - * @covers \WindowsAzure\Common\Internal\MediaServicesSettings::init - * @covers \WindowsAzure\Common\Internal\MediaServicesSettings::__construct - */ - public function testCreateFromConnectionStringWithExplicitCase() - { - // Setup - $accountName = 'testAccount'; - $accessKey = 'testKey'; - $endpointUri = 'https://custom.endpoint'; - $endpointUriSetting = Resources::MEDIA_SERVICES_ENDPOINT_URI_NAME; - $oauthEndpointUri = 'https://custom.oauth.endpoint'; - $oauthEndpointUriSetting = Resources::MEDIA_SERVICES_OAUTH_ENDPOINT_URI_NAME; - $connectionString = "AccountName={$accountName};AccessKey={$accessKey};{$endpointUriSetting}={$endpointUri};{$oauthEndpointUriSetting}={$oauthEndpointUri}"; - - // Test - $actual = MediaServicesSettings::createFromConnectionString($connectionString); - - // Assert - $this->assertEquals($accountName, $actual->getAccountName()); - $this->assertEquals($accessKey, $actual->getAccessKey()); - $this->assertEquals($endpointUri, $actual->getEndpointUri()); - $this->assertEquals($oauthEndpointUri, $actual->getOAuthEndpointUri()); - } - - /** - * @covers \WindowsAzure\Common\Internal\MediaServicesSettings::createFromConnectionString - * @covers \WindowsAzure\Common\Internal\MediaServicesSettings::init - * @covers \WindowsAzure\Common\Internal\MediaServicesSettings::__construct - */ - public function testCreateFromConnectionStringWithMissingKeyFail() - { - // Setup - $connectionString = 'AccountName=test'; - $expectedMsg = sprintf(Resources::MISSING_CONNECTION_STRING_SETTINGS, $connectionString); - $this->setExpectedException('\RuntimeException', $expectedMsg); - - // Test - MediaServicesSettings::createFromConnectionString($connectionString); - } - - /** - * @covers \WindowsAzure\Common\Internal\MediaServicesSettings::createFromConnectionString - * @covers \WindowsAzure\Common\Internal\MediaServicesSettings::init - * @covers \WindowsAzure\Common\Internal\MediaServicesSettings::__construct - */ - public function testCreateFromConnectionStringWithInvalidServiceManagementKeyFail() - { - // Setup - $invalidKey = 'InvalidKey'; - $endpointUriSetting = Resources::MEDIA_SERVICES_ENDPOINT_URI_NAME; - $accountNameSetting = Resources::MEDIA_SERVICES_ACCOUNT_NAME; - $accessKeySetting = Resources::MEDIA_SERVICES_ACCESS_KEY; - $oauthEndpointSetting = Resources::MEDIA_SERVICES_OAUTH_ENDPOINT_URI_NAME; - - $connectionString = "$invalidKey=value;{$endpointUriSetting}=12345;{$accountNameSetting}=test;{$accessKeySetting}=testkey;" - ."{$endpointUriSetting}=https://custom.endpoint;{$oauthEndpointSetting}=https://custom.oauth.endpoint"; - $expectedMsg = sprintf( - Resources::INVALID_CONNECTION_STRING_SETTING_KEY, - $invalidKey, - implode("\n", [ - Resources::MEDIA_SERVICES_ENDPOINT_URI_NAME, - Resources::MEDIA_SERVICES_OAUTH_ENDPOINT_URI_NAME, - Resources::MEDIA_SERVICES_ACCOUNT_NAME, - Resources::MEDIA_SERVICES_ACCESS_KEY, - ]) - ); - $this->setExpectedException('\RuntimeException', $expectedMsg); - - // Test - MediaServicesSettings::createFromConnectionString($connectionString); - } - - /** - * @covers \WindowsAzure\Common\Internal\MediaServicesSettings::createFromConnectionString - * @covers \WindowsAzure\Common\Internal\MediaServicesSettings::init - * @covers \WindowsAzure\Common\Internal\MediaServicesSettings::__construct - */ - public function testCreateFromConnectionStringWithCaseInsensitive() - { - // Setup - $accountName = 'testAccount'; - $accessKey = 'testKey'; - $endpointUri = 'https://custom.endpoint'; - $oauthEndpointUri = 'https://custom.oauth.endpoint'; - $endpointUriSetting = Resources::MEDIA_SERVICES_ENDPOINT_URI_NAME; - $accountNameSetting = Resources::MEDIA_SERVICES_ACCOUNT_NAME; - $accessKeySetting = Resources::MEDIA_SERVICES_ACCESS_KEY; - $oauthEndpointUriSetting = Resources::MEDIA_SERVICES_OAUTH_ENDPOINT_URI_NAME; - $connectionString = "{$accountNameSetting}={$accountName};{$accessKeySetting}={$accessKey};{$endpointUriSetting}={$endpointUri};{$oauthEndpointUriSetting}={$oauthEndpointUri}"; - - // Test - $actual = MediaServicesSettings::createFromConnectionString($connectionString); - - // Assert - $this->assertEquals($accountName, $actual->getAccountName()); - $this->assertEquals($accessKey, $actual->getAccessKey()); - $this->assertEquals($endpointUri, $actual->getEndpointUri()); - $this->assertEquals($oauthEndpointUri, $actual->getOAuthEndpointUri()); - } - - /** - * @covers \WindowsAzure\Common\Internal\MediaServicesSettings::__construct - */ - public function testCreateDefaults() - { - // Setup - $accountName = 'testAccount'; - $accessKey = 'testKey'; - $endpointUri = Resources::MEDIA_SERVICES_URL; - $oauthEndpointUri = Resources::MEDIA_SERVICES_OAUTH_URL; - - // Test - $settings = new MediaServicesSettings($accountName, $accessKey); - - // Assert - $this->assertEquals($accountName, $settings->getAccountName()); - $this->assertEquals($accessKey, $settings->getAccessKey()); $this->assertEquals($endpointUri, $settings->getEndpointUri()); - $this->assertEquals($oauthEndpointUri, $settings->getOAuthEndpointUri()); + $this->assertEquals($tokenProvider, $settings->getTokenProvider()); } /** * @covers \WindowsAzure\Common\Internal\MediaServicesSettings::__construct */ - public function testCreateCustom() + public function testConstructorShouldFail() { // Setup - $accountName = 'testAccount'; - $accessKey = 'testKey'; - $endpointUri = 'http://test.com'; - $oauthEndpointUri = 'http://test.com'; - - // Test - $settings = new MediaServicesSettings($accountName, $accessKey, $endpointUri, $oauthEndpointUri); + $endpointUri = 'http://valid.url/'; + $tokenProvider = null; // Assert - $this->assertEquals($accountName, $settings->getAccountName()); - $this->assertEquals($accessKey, $settings->getAccessKey()); - $this->assertEquals($endpointUri, $settings->getEndpointUri()); - $this->assertEquals($oauthEndpointUri, $settings->getOAuthEndpointUri()); - } - - /** - * @covers \WindowsAzure\Common\Internal\MediaServicesSettings::getAccountName - */ - public function testGetAccountName() - { - // Setup - $data = 'test'; + $this->setExpectedException(\InvalidArgumentException::class); // Test - $settings = new MediaServicesSettings($data, 'test'); - - // Assert - $this->assertEquals($data, $settings->getAccountName()); + $settings = new MediaServicesSettings($endpointUri, $tokenProvider); } /** - * @covers \WindowsAzure\Common\Internal\MediaServicesSettings::getAccessKey - */ - public function testGetAccessKey() - { - // Setup - $data = 'test'; - - // Test - $settings = new MediaServicesSettings('test', $data); - - // Assert - $this->assertEquals($data, $settings->getAccessKey()); - } - /** - * @covers \WindowsAzure\Common\Internal\MediaServicesSettings::getEndpointUri + * @covers \WindowsAzure\Common\Internal\MediaServicesSettings::__construct */ - public function testGetEndpointUri() + public function testConstructorShouldFail2() { // Setup - $data = 'http://test.com'; - - // Test - $settings = new MediaServicesSettings('test', 'test', $data); + $endpointUri = null; + $tokenProvider = null; // Assert - $this->assertEquals($data, $settings->getEndpointUri()); - } - /** - * @covers \WindowsAzure\Common\Internal\MediaServicesSettings::getOAuthEndpointUri - */ - public function testGetOAuthEndpointUri() - { - // Setup - $data = 'http://test.com'; + $this->setExpectedException(\RuntimeException::class); // Test - $settings = new MediaServicesSettings('test', 'test', null, $data); - - // Assert - $this->assertEquals($data, $settings->getOAuthEndpointUri()); + $settings = new MediaServicesSettings($endpointUri, $tokenProvider); } } diff --git a/tests/unit/WindowsAzure/Common/Internal/OAuthRestProxyTest.php b/tests/unit/WindowsAzure/Common/Internal/OAuthRestProxyTest.php deleted file mode 100644 index 622218829..000000000 --- a/tests/unit/WindowsAzure/Common/Internal/OAuthRestProxyTest.php +++ /dev/null @@ -1,75 +0,0 @@ - - * @copyright Microsoft Corporation - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * - * @link https://github.com/windowsazure/azure-sdk-for-php - */ - -namespace Tests\unit\WindowsAzure\Common\Internal; - -use WindowsAzure\Common\Internal\OAuthRestProxy; -use WindowsAzure\Common\Internal\Resources; -use WindowsAzure\Common\Internal\Http\HttpClient; -use WindowsAzure\Common\Internal\MediaServicesSettings; -use Tests\Framework\ServiceRestProxyTestBase; -use Tests\Framework\TestResources; - -/** - * Unit tests for class OAuthRestProxy. - * - * @category Microsoft - * - * @author Azure PHP SDK - * @copyright Microsoft Corporation - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * - * @version Release: 0.5.0_2016-11 - * - * @link https://github.com/windowsazure/azure-sdk-for-php - */ -class OAuthRestProxyTest extends ServiceRestProxyTestBase -{ - /** - * @covers \WindowsAzure\Common\Internal\OAuthRestProxy::getAccessToken - * @covers \WindowsAzure\Common\Internal\OAuthRestProxy::__construct - */ - public function testGetAccessToken() - { - $this->skipIfEmulated(); - - // Setup - $channel = new HttpClient(); - $uri = Resources::MEDIA_SERVICES_OAUTH_URL; - $connection = TestResources::getMediaServicesConnectionParameters(); - $settings = new MediaServicesSettings($connection['accountName'], $connection['accessKey']); - $scope = Resources::MEDIA_SERVICES_OAUTH_SCOPE; - - // Test - $proxy = new OAuthRestProxy($channel, $uri); - $actual = $proxy->getAccessToken(Resources::OAUTH_GT_CLIENT_CREDENTIALS, $settings->getAccountName(), $settings->getAccessKey(), $scope); - - // Assert - $this->assertNotNull($proxy); - $this->assertNotNull($actual->getAccessToken()); - $this->assertGreaterThan(time(), $actual->getExpiresIn()); - $this->assertEquals($scope, $actual->getScope()); - } -} diff --git a/tests/unit/WindowsAzure/Common/ServicesBuilderTest.php b/tests/unit/WindowsAzure/Common/ServicesBuilderTest.php index 3fe6e302a..e6fdffd62 100644 --- a/tests/unit/WindowsAzure/Common/ServicesBuilderTest.php +++ b/tests/unit/WindowsAzure/Common/ServicesBuilderTest.php @@ -138,24 +138,6 @@ public function testBuildForServiceBus() $this->assertInstanceOf('WindowsAzure\ServiceBus\Internal\IServiceBus', $serviceBusRestProxy); } - /** - * @covers \WindowsAzure\Common\ServicesBuilder::createMediaServicesService - */ - public function testBuildForMediaServices() - { - $this->skipIfEmulated(); - // Setup - $builder = new ServicesBuilder(); - $connection = TestResources::getMediaServicesConnectionParameters(); - $settings = new MediaServicesSettings($connection['accountName'], $connection['accessKey']); - - // Test - $mediaServicesRestProxy = $builder->createMediaServicesService($settings); - - // Assert - $this->assertInstanceOf('WindowsAzure\MediaServices\Internal\IMediaServices', $mediaServicesRestProxy); - } - /** * @covers \WindowsAzure\Common\ServicesBuilder::getInstance */ diff --git a/tests/unit/WindowsAzure/MediaServices/MediaServicesRestProxyTest.php b/tests/unit/WindowsAzure/MediaServices/MediaServicesRestProxyTest.php index 126357957..38f5ef0e4 100644 --- a/tests/unit/WindowsAzure/MediaServices/MediaServicesRestProxyTest.php +++ b/tests/unit/WindowsAzure/MediaServices/MediaServicesRestProxyTest.php @@ -117,7 +117,6 @@ class MediaServicesRestProxyTest extends MediaServicesRestProxyTestBase /** * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::createAsset * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::deleteAsset - * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::send * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::wrapAtomEntry * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::getPropertiesFromAtomEntry * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::_createEntity @@ -139,7 +138,6 @@ public function testCreateAsset() /** * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::getAsset * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::_getEntity - * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::send * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::wrapAtomEntry * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::getPropertiesFromAtomEntry */ @@ -160,11 +158,11 @@ public function testGetAsset() /** * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::getAssetList - * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::send * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::wrapAtomEntry * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::getPropertiesFromAtomEntry * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::_getEntityList * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::getEntryList + * @group needs-review */ public function testGetAssetList() { @@ -174,7 +172,7 @@ public function testGetAssetList() $asset = $this->createAsset($asset); // Test - $result = $this->mediaServicesWrapper->getAssetList(); + $result = $this->mediaServicesWrapper->getAssetList(array('$filter' => "Name eq '" . $asset->getName() . "'")); // Assert $this->assertCount(1, $result); @@ -184,7 +182,6 @@ public function testGetAssetList() /** * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::updateAsset * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::_updateEntity - * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::send * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::wrapAtomEntry * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::getPropertiesFromAtomEntry */ @@ -208,7 +205,6 @@ public function testUpdateAsset() /** * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::createAccessPolicy * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::deleteAccessPolicy - * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::send * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::wrapAtomEntry * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::getPropertiesFromAtomEntry */ @@ -229,7 +225,6 @@ public function testCreateAccessPolicy() /** * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::getAccessPolicyList - * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::send */ public function testGetAccessPolicyList() { @@ -245,13 +240,12 @@ public function testGetAccessPolicyList() $accessPolicies = $this->mediaServicesWrapper->getAccessPolicyList(); // Assert - $this->assertGreaterThanOrEqual(1, count($accessPolicies)); //this changes with the user's permissions + $this->assertGreaterThanOrEqual(1, count($accessPolicies)); //this changes with the user's permissions $this->assertEquals($accessName, $accessPolicies[0]->getName()); } /** * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::getAccessPolicy - * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::send */ public function testGetAccessPolicy() { @@ -273,7 +267,6 @@ public function testGetAccessPolicy() /** * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::createLocator * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::deleteLocator - * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::send * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::wrapAtomEntry * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::getPropertiesFromAtomEntry */ @@ -302,7 +295,6 @@ public function testCreateLocator() /** * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::createFileInfos * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::uploadAssetFile - * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::send * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::wrapAtomEntry */ public function testCreateFileInfos() @@ -341,7 +333,6 @@ public function testCreateFileInfos() /** * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::createJob - * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::send * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::deleteJob * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::_getCreateEmptyJobContext * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::_getCreateTaskContext @@ -361,7 +352,6 @@ public function testCreateJobWithTasks() /** * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::getJobStatus - * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::send */ public function testGetJobStatus() { @@ -379,7 +369,6 @@ public function testGetJobStatus() /** * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::cancelJob - * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::send */ public function testCancelJob() { @@ -396,7 +385,6 @@ public function testCancelJob() /** * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::createJobTemplate - * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::send * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::deleteJobTemplate * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::_getCreateEmptyJobTemplateContext * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::_getCreateTaskTemplateContext @@ -546,6 +534,7 @@ public function testGetLocatorAsset() /** * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::getLocatorList + * @group needs-review */ public function testGetLocatorList() { @@ -565,7 +554,7 @@ public function testGetLocatorList() $locator = $this->createLocator($locator); // Test - $result = $this->mediaServicesWrapper->getLocatorList(); + $result = $this->mediaServicesWrapper->getLocatorList(array('$filter' => "Name eq '" . $locator->getName() . "'")); // Assert $this->assertCount(1, $result); @@ -604,7 +593,6 @@ public function testUpdateLocator() /** * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::getAssetFileList - * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::send * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::wrapAtomEntry * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::getPropertiesFromAtomEntry * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::getAssetFile @@ -673,7 +661,7 @@ public function testGetJobTasks() $outputAssetName = $this->getOutputAssetName(); $taskBody = 'JobInputAsset(0)JobOutputAsset(0)'; - $mediaProcessorId = 'nb:mpid:UUID:2e7aa8f3-4961-4e0c-b4db-0e0439e524f5'; + $mediaProcessorId = 'nb:mpid:UUID:ff4df607-d419-42f0-bc17-a481b1331e56'; $task = new Task($taskBody, $mediaProcessorId, TaskOptions::NONE); $task->setConfiguration('H.264 HD 720p VBR'); @@ -700,7 +688,7 @@ public function testGetJobInputMediaAssets() $outputAssetName = $this->getOutputAssetName(); $taskBody = 'JobInputAsset(0)JobOutputAsset(0)'; - $mediaProcessorId = 'nb:mpid:UUID:2e7aa8f3-4961-4e0c-b4db-0e0439e524f5'; + $mediaProcessorId = 'nb:mpid:UUID:ff4df607-d419-42f0-bc17-a481b1331e56'; $task = new Task($taskBody, $mediaProcessorId, TaskOptions::NONE); $task->setConfiguration('H.264 HD 720p VBR'); @@ -718,7 +706,6 @@ public function testGetJobInputMediaAssets() /** * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::getMediaProcessors - * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::send */ public function testGetMediaProcessors() { @@ -756,7 +743,7 @@ public function testGetJobOutputMediaAssets() $outputAssetName = $this->getOutputAssetName(); $taskBody = 'JobInputAsset(0)JobOutputAsset(0)'; - $mediaProcessorId = 'nb:mpid:UUID:2e7aa8f3-4961-4e0c-b4db-0e0439e524f5'; + $mediaProcessorId = 'nb:mpid:UUID:ff4df607-d419-42f0-bc17-a481b1331e56'; $task = new Task($taskBody, $mediaProcessorId, TaskOptions::NONE); $task->setConfiguration('H.264 HD 720p VBR'); @@ -784,7 +771,7 @@ public function testGetTaskList() $outputAssetName = $this->getOutputAssetName(); $taskBody = 'JobInputAsset(0)JobOutputAsset(0)'; - $mediaProcessorId = 'nb:mpid:UUID:2e7aa8f3-4961-4e0c-b4db-0e0439e524f5'; + $mediaProcessorId = 'nb:mpid:UUID:ff4df607-d419-42f0-bc17-a481b1331e56'; $task = new Task($taskBody, $mediaProcessorId, TaskOptions::NONE); $task->setConfiguration('H.264 HD 720p VBR'); @@ -796,7 +783,7 @@ public function testGetTaskList() $result = $this->mediaServicesWrapper->getTaskList(); // Assert - $this->assertGreaterThanOrEqual(1, count($result)); //this changes with the user's permissions + $this->assertGreaterThanOrEqual(1, count($result)); //this changes with the user's permissions $this->assertEquals($task->getName(), $result[0]->getName()); $this->assertEquals($taskBody, $result[0]->getTaskBody()); } @@ -820,6 +807,7 @@ public function testGetJobTemplate() /** * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::getJobTemplateList + * @group needs-review */ public function testGetJobTemplateList() { @@ -828,7 +816,7 @@ public function testGetJobTemplateList() $jobTemplate = $this->createJobTemplateWithTasks($name); // Test - $result = $this->mediaServicesWrapper->getJobTemplateList(); + $result = $this->mediaServicesWrapper->getJobTemplateList(array('$filter' => "Name eq '" . $name . "'")); // Assert $this->assertEquals(1, count($result)); @@ -843,7 +831,7 @@ public function testGetJobTemplateTaskTemplateList() { // Setup - $mediaProcessor = $this->mediaServicesWrapper->getLatestMediaProcessor('Windows Azure Media Encoder'); + $mediaProcessor = $this->mediaServicesWrapper->getLatestMediaProcessor('Media Encoder Standard'); $configuration = 'H.264 HD 720p VBR'; $name = TestResources::MEDIA_SERVICES_JOB_TEMPLATE_NAME.$this->createSuffix(); @@ -860,13 +848,13 @@ public function testGetJobTemplateTaskTemplateList() /** * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::getTaskTemplateList + * @group needs-review */ public function testGetTaskTemplateList() { - // Setup - $name = TestResources::MEDIA_SERVICES_JOB_TEMPLATE_NAME.$this->createSuffix(); - $mediaProcessor = $this->mediaServicesWrapper->getLatestMediaProcessor('Windows Azure Media Encoder'); + $name = TestResources::MEDIA_SERVICES_JOB_TEMPLATE_NAME.$this->createSuffix(); + $mediaProcessor = $this->mediaServicesWrapper->getLatestMediaProcessor('Media Encoder Standard'); $configuration = 'H.264 HD 720p VBR'; $jobTemplate = $this->createJobTemplateWithTasks($name); @@ -875,9 +863,7 @@ public function testGetTaskTemplateList() $result = $this->mediaServicesWrapper->getTaskTemplateList(); // Assert - $this->assertEquals(1, count($result)); - $this->assertEquals($mediaProcessor->getId(), $result[0]->getMediaProcessorId()); - $this->assertEquals($configuration, $result[0]->getConfiguration()); + $this->assertTrue(count($result) >= 1); } /** @@ -905,7 +891,7 @@ public function testGetAssetParentAsset() // Setup $name = $this->getOutputAssetName(); - $mediaProcessor = $this->mediaServicesWrapper->getLatestMediaProcessor('Windows Azure Media Encoder'); + $mediaProcessor = $this->mediaServicesWrapper->getLatestMediaProcessor('Media Encoder Standard'); $inputAsset = $this->createAssetWithFile(); $taskBody = 'JobInputAsset(0)JobOutputAsset(0)'; @@ -1065,9 +1051,6 @@ public function testGetIngestManifestStorageAccount() $ingestManifest->setName($name); $ingestManifest = $this->createIngestManifest($ingestManifest); - $connectionParameters = TestResources::getMediaServicesConnectionParameters(); - $storageAccountName = $connectionParameters['accountName']; - // Test $result = $this->mediaServicesWrapper->getIngestManifestStorageAccount($ingestManifest); @@ -1172,7 +1155,7 @@ public function testGetIngestManifestAssetList() $result = $this->mediaServicesWrapper->getIngestManifestAssetList(); // Assert - $this->assertGreaterThanOrEqual(1, count($result)); + $this->assertGreaterThanOrEqual(1, count($result)); $this->assertEquals($ingestManifestAsset->getId(), $result[0]->getId()); } @@ -1343,6 +1326,8 @@ public function testCreateContentKey() /** * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::getContentKeyList + * @group needs-review + * @group working */ public function testGetContentKeyList() { @@ -1361,7 +1346,7 @@ public function testGetContentKeyList() $contentKey = $this->createContentKey($contentKey); // Test - $result = $this->mediaServicesWrapper->getContentKeyList(); + $result = $this->mediaServicesWrapper->getContentKeyList(array('$filter' => "Id eq '" . $contentKey->getId() . "'")); // Assert $this->assertCount(1, $result); @@ -2075,6 +2060,7 @@ public function testRemoveDeliveryPolicyFromAsset() /** * @covers \WindowsAzure\MediaServices\MediaServicesRestProxy::getKeyDeliveryUrl + * @group needs-review */ public function testGetKeyDeliveryUrl() { @@ -2091,7 +2077,7 @@ public function testGetKeyDeliveryUrl() $result = $this->mediaServicesWrapper->getKeyDeliveryUrl($contentKey, ContentKeyDeliveryType::BASELINE_HTTP); // Assert - $this->assertRegExp('/keydelivery.mediaservices.windows.net/', $result); + $this->assertRegExp('/keydelivery/', $result); } public function testCreateContentKeyAuthorizationPolicyOptionWithTokenRestrictions() @@ -2413,7 +2399,7 @@ public function testCreateGetDeleteValidateChannel() */ public function testCreateGetDeleteValidateChannel2() { - // Upload image + // Upload image $resource = fopen(__DIR__."/resources/default_slate_image_media_services.jpg", 'r'); $slateAsset = $this->uploadSingleFile("slate2.jpg", $resource); @@ -2649,7 +2635,7 @@ public function testCreateGetStartUpdateStopDeleteValidateChannel() // update the channel $operation = $this->mediaServicesWrapper->sendUpdateChannelOperation($channelResult); - + // waiting for update channel operation finishes $operation = $this->mediaServicesWrapper->awaitOperation($operation); @@ -2854,7 +2840,7 @@ public function testCreateGetStartAdStopDeleteValidateChannel() */ public function testCreateGetStartSlateStopDeleteValidateChannel() { - // Upload image + // Upload image $resource = fopen(__DIR__."/resources/default_slate_image_media_services.jpg", 'r'); $slateAsset = $this->uploadSingleFile("slate.jpg", $resource); @@ -2982,7 +2968,7 @@ public function testSyncCreateGetDeleteValidateChannel() */ public function testRoundTripChannelSyncOperations() { - // Upload image + // Upload image $resource = fopen(__DIR__."/resources/default_slate_image_media_services.jpg", 'r'); $slateAsset = $this->uploadSingleFile("slate3.jpg", $resource); @@ -3013,7 +2999,7 @@ public function testRoundTripChannelSyncOperations() // update the channel $this->mediaServicesWrapper->updateChannel($channelResult); - + // get the created updated $channelResult = $this->mediaServicesWrapper->getChannel($channelResult); @@ -3043,7 +3029,7 @@ public function testRoundTripChannelSyncOperations() // hide slate on the channel $operation = $this->mediaServicesWrapper->hideSlateChannel($channelResult->getId()); - // wait for 5 seconds before to send start AD + // wait for 5 seconds before to send start AD sleep(5); // start advertisement on the channel @@ -3504,7 +3490,7 @@ public function assertEqualsEncoding(ChannelEncoding $expected = null, ChannelEn return; // pass } else if (is_null($expected) || is_null($actual)) { $this->assertFalse(is_null($expected) || is_null($actual)); - return; // fail + return; // fail } $this->assertEquals($expected->getAdMarkerSource(), $actual->getAdMarkerSource()); @@ -3525,7 +3511,7 @@ public function assertEqualsSlate(ChannelSlate $expected = null, ChannelSlate $a return; // pass } else if (is_null($expected) || is_null($actual)) { $this->assertFalse(is_null($expected) || is_null($actual)); - return; // fail + return; // fail } $this->assertEquals($expected->getInsertSlateOnAdMarker(), $actual->getInsertSlateOnAdMarker());