Added tests.

Azure · vcolin7 · May 9, 2024 · Apr 18, 2024 · Apr 18, 2024 · Apr 23, 2024
commit 344d1acc3d1d95468ef2d76f7914aa6f41a30ef8
diff --git a/...java/com/azure/security/keyvault/administration/KeyVaultAdministrationClientTestBase.java b/...java/com/azure/security/keyvault/administration/KeyVaultAdministrationClientTestBase.java
@@ -24,7 +24,7 @@
 import com.azure.core.test.models.TestProxySanitizerType;
 import com.azure.core.test.utils.MockTokenCredential;
 import com.azure.core.util.Configuration;
-import com.azure.identity.ClientSecretCredentialBuilder;
+import com.azure.identity.DefaultAzureCredentialBuilder;
 import com.azure.security.keyvault.administration.implementation.KeyVaultCredentialPolicy;
 import org.junit.jupiter.api.Assumptions;
 import org.junit.jupiter.params.provider.Arguments;
@@ -60,17 +60,11 @@ HttpPipeline getPipeline(HttpClient httpClient, boolean forCleanup) {
         TokenCredential credential;
 
         if (!interceptorManager.isPlaybackMode()) {
-            String clientId = Configuration.getGlobalConfiguration().get("AZURE_KEYVAULT_CLIENT_ID");
-            String clientKey = Configuration.getGlobalConfiguration().get("AZURE_KEYVAULT_CLIENT_SECRET");
             String tenantId = Configuration.getGlobalConfiguration().get("AZURE_KEYVAULT_TENANT_ID");
 
-            Objects.requireNonNull(clientId, "The client id cannot be null");
-            Objects.requireNonNull(clientKey, "The client key cannot be null");
             Objects.requireNonNull(tenantId, "The tenant id cannot be null");
 
-            credential = new ClientSecretCredentialBuilder()
-                .clientSecret(clientKey)
-                .clientId(clientId)
+            credential = new DefaultAzureCredentialBuilder()
                 .tenantId(tenantId)
                 .additionallyAllowedTenants("*")
                 .build();

@@ -13,7 +13,6 @@
 import com.azure.security.keyvault.administration.models.KeyVaultSelectiveKeyRestoreResult;
 import com.azure.security.keyvault.keys.KeyAsyncClient;
 import com.azure.security.keyvault.keys.KeyClientBuilder;
-import com.azure.security.keyvault.keys.KeyServiceVersion;
 import com.azure.security.keyvault.keys.models.CreateRsaKeyOptions;
 import com.azure.security.keyvault.keys.models.KeyVaultKey;
 import org.junit.jupiter.params.ParameterizedTest;
@@ -58,6 +57,24 @@ public void beginBackup(HttpClient httpClient) {
         assertTrue(backupBlobUri.startsWith(blobStorageUrl));
     }
 
+    /**
+     * Tests that a Key Vault or MHSM can be pre-backed up.
+     */
+    @SuppressWarnings("ConstantConditions")
+    @ParameterizedTest(name = DISPLAY_NAME)
+    @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients")
+    public void beginPreBackup(HttpClient httpClient) {
+        getAsyncClient(httpClient, false);
+
+        AsyncPollResponse<KeyVaultBackupOperation, String> backupPollResponse =
+            setPlaybackPollerFluxPollInterval(asyncClient.beginPreBackup(blobStorageUrl, sasToken)).blockLast();
+
+        String backupBlobUri = backupPollResponse.getFinalResult().block();
+
+        assertNotNull(backupBlobUri);
+        assertTrue(backupBlobUri.startsWith(blobStorageUrl));
+    }
+
     /**
      * Tests that a Key Vault can be restored from a backup.
      */
@@ -93,6 +110,41 @@ public void beginRestore(HttpClient httpClient) {
         sleepIfRunningAgainstService(30000);
     }
 
+    /**
+     * Tests that a Key Vault can be pre-restored from a backup.
+     */
+    @SuppressWarnings("ConstantConditions")
+    @ParameterizedTest(name = DISPLAY_NAME)
+    @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients")
+    public void beginPreRestore(HttpClient httpClient) {
+        getAsyncClient(httpClient, false);
+
+        // Create a backup
+        AsyncPollResponse<KeyVaultBackupOperation, String> backupPollResponse =
+            setPlaybackPollerFluxPollInterval(asyncClient.beginBackup(blobStorageUrl, sasToken))
+                .takeUntil(asyncPollResponse ->
+                    asyncPollResponse.getStatus() == LongRunningOperationStatus.SUCCESSFULLY_COMPLETED)
+                .blockLast();
+
+        KeyVaultBackupOperation backupOperation = backupPollResponse.getValue();
+        assertNotNull(backupOperation);
+
+        // Restore the backup
+        String backupFolderUrl = backupOperation.getAzureStorageBlobContainerUrl();
+        AsyncPollResponse<KeyVaultRestoreOperation, KeyVaultRestoreResult> restorePollResponse =
+            setPlaybackPollerFluxPollInterval(asyncClient.beginPreRestore(backupFolderUrl, sasToken))
+                .takeUntil(asyncPollResponse ->
+                    asyncPollResponse.getStatus() == LongRunningOperationStatus.SUCCESSFULLY_COMPLETED)
+                .blockLast();
+
+        KeyVaultRestoreOperation restoreOperation = restorePollResponse.getValue();
+        assertNotNull(restoreOperation);
+
+        // For some reason, the service might still think a restore operation is running even after returning a success
+        // signal. This gives it some time to "clear" the operation.
+        sleepIfRunningAgainstService(30000);
+    }
+
     /**
      * Tests that a key can be restored from a backup.
      */
@@ -102,7 +154,6 @@ public void beginRestore(HttpClient httpClient) {
     public void beginSelectiveKeyRestore(HttpClient httpClient) {
         KeyAsyncClient keyClient = new KeyClientBuilder()
             .vaultUrl(getEndpoint())
-            .serviceVersion(KeyServiceVersion.V7_2)
             .pipeline(getPipeline(httpClient, false))
             .buildAsyncClient();
 

@@ -14,7 +14,6 @@
 import com.azure.security.keyvault.administration.models.KeyVaultSelectiveKeyRestoreResult;
 import com.azure.security.keyvault.keys.KeyClient;
 import com.azure.security.keyvault.keys.KeyClientBuilder;
-import com.azure.security.keyvault.keys.KeyServiceVersion;
 import com.azure.security.keyvault.keys.models.CreateRsaKeyOptions;
 import com.azure.security.keyvault.keys.models.KeyVaultKey;
 import org.junit.jupiter.params.ParameterizedTest;
@@ -61,6 +60,25 @@ public void beginBackup(HttpClient httpClient) {
         assertTrue(backupBlobUri.startsWith(blobStorageUrl));
     }
 
+    /**
+     * Tests that a Key Vault can be pre-backed up.
+     */
+    @ParameterizedTest(name = DISPLAY_NAME)
+    @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients")
+    public void beginPreBackup(HttpClient httpClient) {
+        getClient(httpClient, false);
+
+        SyncPoller<KeyVaultBackupOperation, String> backupPoller =
+            setPlaybackSyncPollerPollInterval(client.beginPreBackup(blobStorageUrl, sasToken));
+
+        backupPoller.waitForCompletion();
+
+        String backupBlobUri = backupPoller.getFinalResult();
+
+        assertNotNull(backupBlobUri);
+        assertTrue(backupBlobUri.startsWith(blobStorageUrl));
+    }
+
     /**
      * Tests that a Key Vault can be restored from a backup.
      */
@@ -91,6 +109,36 @@ public void beginRestore(HttpClient httpClient) {
         sleepIfRunningAgainstService(30000);
     }
 
+    /**
+     * Tests that a Key Vault can be pre-restored from a backup.
+     */
+    @ParameterizedTest(name = DISPLAY_NAME)
+    @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients")
+    public void beginPreRestore(HttpClient httpClient) {
+        getClient(httpClient, false);
+
+        // Create a backup
+        SyncPoller<KeyVaultBackupOperation, String> backupPoller =
+            setPlaybackSyncPollerPollInterval(client.beginBackup(blobStorageUrl, sasToken));
+
+        backupPoller.waitForCompletion();
+
+        // Restore the backup
+        String backupFolderUrl = backupPoller.getFinalResult();
+        SyncPoller<KeyVaultRestoreOperation, KeyVaultRestoreResult> restorePoller =
+            setPlaybackSyncPollerPollInterval(client.beginPreRestore(backupFolderUrl, sasToken));
+
+        restorePoller.waitForCompletion();
+
+        PollResponse<KeyVaultRestoreOperation> restoreResponse = restorePoller.poll();
+
+        assertEquals(LongRunningOperationStatus.SUCCESSFULLY_COMPLETED, restoreResponse.getStatus());
+
+        // For some reason, the service might still think a restore operation is running even after returning a success
+        // signal. This gives it some time to "clear" the operation.
+        sleepIfRunningAgainstService(30000);
+    }
+
     /**
      * Tests that a key can be restored from a backup.
      */
@@ -99,7 +147,6 @@ public void beginRestore(HttpClient httpClient) {
     public void beginSelectiveKeyRestore(HttpClient httpClient) {
         KeyClient keyClient = new KeyClientBuilder()
             .vaultUrl(getEndpoint())
-            .serviceVersion(KeyServiceVersion.V7_2)
             .pipeline(getPipeline(httpClient, false))
             .buildClient();
 

@@ -19,7 +19,7 @@
 public abstract class KeyVaultBackupClientTestBase extends KeyVaultAdministrationClientTestBase {
     protected final String blobStorageUrl = IS_MANAGED_HSM_DEPLOYED
         ? getStorageEndpoint() + Configuration.getGlobalConfiguration().get("BLOB_CONTAINER_NAME")
-        : "https://ta70c2fe596f0a0dfprim.blob.core.windows.net/backup";
+        : "https://tb5d8675f0aa83a18prim.blob.core.windows.net/backup";
     protected final String sasToken = IS_MANAGED_HSM_DEPLOYED ? generateSasToken() : "REDACTED";
 
     KeyVaultBackupClientBuilder getClientBuilder(HttpClient httpClient, boolean forCleanup) {
@@ -31,9 +31,15 @@ KeyVaultBackupClientBuilder getClientBuilder(HttpClient httpClient, boolean forC
     @Test
     public abstract void beginBackup(HttpClient httpClient);
 
+    @Test
+    public abstract void beginPreBackup(HttpClient httpClient);
+
     @Test
     public abstract void beginRestore(HttpClient httpClient);
 
+    @Test
+    public abstract void beginPreRestore(HttpClient httpClient);
+
     @Test
     public abstract void beginSelectiveKeyRestore(HttpClient httpClient);