Class MsalTestTokenProvider

Namespace

Trellis.Testing

Assembly

Trellis.Testing.dll

Acquires real Azure Entra ID tokens for E2E integration tests using the MSAL ROPC (Resource Owner Password Credentials) flow.

[RequiresUnreferencedCode("MSAL uses reflection for token serialization and is not AOT-compatible.")]
public sealed class MsalTestTokenProvider

Inheritance

object

MsalTestTokenProvider

Inherited Members

object.Equals(object)

object.Equals(object, object)

object.GetHashCode()

object.GetType()

object.ReferenceEquals(object, object)

object.ToString()

Extension Methods

MaybeExtensions.AsMaybe<T>(T)

MaybeExtensions.ToResult<TValue>(TValue)

NullableExtensions.ToResult<T>(T?, Func<Error>)

NullableExtensions.ToResult<T>(T?, Error)

AggregateTestMutator.ClearMaybeField<TEntity, TValue>(TEntity, Expression<Func<TEntity, Maybe<TValue>>>)

AggregateTestMutator.SetMaybeField<TEntity, TValue>(TEntity, Expression<Func<TEntity, Maybe<TValue>>>, TValue?)

Examples

var tokenProvider = new MsalTestTokenProvider(msalOptions);
var token = await tokenProvider.AcquireTokenAsync("salesRep");
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);

Remarks

ROPC is deprecated for production use but remains suitable for automated test scenarios against dedicated test tenants. The test tenant must have ROPC enabled and MFA disabled for test users.

Tokens are cached per MsalTestTokenProvider instance. Create one instance per test class or fixture to avoid redundant token acquisitions.

Constructors

MsalTestTokenProvider(MsalTestOptions)

Initializes a new MsalTestTokenProvider with the specified options.

public MsalTestTokenProvider(MsalTestOptions options)

Parameters

options MsalTestOptions

MSAL configuration including tenant, client, and test user credentials.

Methods

AcquireTokenAsync(string, CancellationToken)

Acquires an access token for the named test user using the ROPC flow. Tokens are cached by MSAL — subsequent calls for the same user return cached tokens until they expire.

public Task<string> AcquireTokenAsync(string testUserName, CancellationToken cancellationToken = default)

Parameters

testUserName string

The key in TestUsers identifying the test user (e.g., "salesRep", "admin").

cancellationToken CancellationToken

Cancellation token.

Returns

Task<string>

The access token string for use in an Authorization Bearer header.

Exceptions

KeyNotFoundException

Thrown when testUserName is not found in TestUsers.

MsalException

Thrown when token acquisition fails (invalid credentials, tenant misconfiguration, etc.).