Migrate All lab helper methods to Key Vault/Region test migration. (#5606)

RyAuld · web-flow · commit d36a83ee7146 · 2025-12-16T14:37:10.000-08:00
* Migrate GetArlingtonADFSUserAsync to Key Vault

- Replace direct msidlab.com API call with Key Vault data retrieval
- Use MergeKVLabDataAsync pattern consistent with other migrated methods
- Maintains same functionality while reducing external API dependencies

* Migrate Arlington methods to Key Vault

- Migrate GetArlingtonUserAsync to use MergeKVLabDataAsync with Key Vault secrets
- Migrate GetArlingtonADFSUserAsync to use MergeKVLabDataAsync with Key Vault secrets
- Replace direct msidlab.com API calls with pre-cached Key Vault data retrieval
- Maintains same functionality while reducing external API dependencies
- Uses consistent pattern with other migrated methods (B2C, default users)
- Arlington ADFS migration verified working in tests
- Arlington standard method has Key Vault data quality issue to be resolved separately

* Migrate CIAM tests to use Key Vault-based GetCIAMUserAsync method

- Added GetCIAMUserAsync() method in LabUserHelper using Key Vault secrets
- Updated all 4 CIAM integration tests to use new method instead of direct API calls
- Verified all tests pass with Key Vault cached data
- Improves reliability by removing dependency on msidlab.com API calls

* Clean up unused helper methods in LabUserHelper

- Remove GetLabUserDataAsync (only used by obsolete GetAdfsUserAsync)
- Remove GetAdfsUserAsync (no external callers, replaced by GetDefaultAdfsUserAsync)
- Remove GetHybridSpaAccontAsync (no external callers, test now uses GetDefaultUserWithMultiTenantAppAsync)
- Remove s_userCache field and System.Collections.Concurrent import (no longer needed)
- Update TODO comments to remove references to deleted methods
- All active functionality preserved, ~45 lines of obsolete code removed
diff --git a/tests/Microsoft.Identity.Test.Integration.netcore/HeadlessTests/CiamIntegrationTests.cs b/tests/Microsoft.Identity.Test.Integration.netcore/HeadlessTests/CiamIntegrationTests.cs
@@ -32,11 +32,7 @@ public async Task ROPC_Ciam_StandardDomains_CompletesSuccessfully()
         {
             string authority;
             //Get lab details
-            var labResponse = await LabUserHelper.GetLabUserDataAsync(new UserQuery()
-            {
-                FederationProvider = FederationProvider.CIAMCUD,
-                SignInAudience = SignInAudience.AzureAdMyOrg
-            }).ConfigureAwait(false);
+            var labResponse = await LabUserHelper.GetCIAMUserAsync().ConfigureAwait(false);
 
             //https://tenantName.ciamlogin.com/
             authority = string.Format("https://{0}.ciamlogin.com/", labResponse.User.LabName);
@@ -89,11 +85,7 @@ public async Task ClientCredentialCiam_WithClientCredentials_ReturnsValidTokens(
         {
             string authority;
             //Get lab details
-            var labResponse = await LabUserHelper.GetLabUserDataAsync(new UserQuery()
-            {
-                FederationProvider = FederationProvider.CIAMCUD,
-                SignInAudience = SignInAudience.AzureAdMyOrg
-            }).ConfigureAwait(false);
+            var labResponse = await LabUserHelper.GetCIAMUserAsync().ConfigureAwait(false);
 
 
             //https://tenantName.ciamlogin.com/
@@ -158,11 +150,7 @@ public async Task OBOCiam_CustomDomain_ReturnsValidTokens()
             string ciamWebApi = "634de702-3173-4a71-b336-a4fab786a479";
 
             //Get lab details
-            LabResponse labResponse = await LabUserHelper.GetLabUserDataAsync(new UserQuery()
-            {
-                FederationProvider = FederationProvider.CIAMCUD,
-                SignInAudience = SignInAudience.AzureAdMyOrg
-            }).ConfigureAwait(false);
+            LabResponse labResponse = await LabUserHelper.GetCIAMUserAsync().ConfigureAwait(false);
 
             //Acquire tokens
             var msalPublicClient = PublicClientApplicationBuilder
@@ -220,11 +208,7 @@ public async Task OBOCiam_CustomDomain_ReturnsValidTokens()
         public async Task WithOidcAuthority_ValidatesIssuerSuccessfully()
         {
             //Get lab details
-            var labResponse = await LabUserHelper.GetLabUserDataAsync(new UserQuery()
-            {
-                FederationProvider = FederationProvider.CIAMCUD,
-                SignInAudience = SignInAudience.AzureAdMyOrg
-            }).ConfigureAwait(false);
+            var labResponse = await LabUserHelper.GetCIAMUserAsync().ConfigureAwait(false);
 
             //Test with standard and CUD CIAM authorities
             string[] authorities =
diff --git a/tests/Microsoft.Identity.Test.Integration.netcore/SeleniumTests/InteractiveFlowTests.NetFwk.cs b/tests/Microsoft.Identity.Test.Integration.netcore/SeleniumTests/InteractiveFlowTests.NetFwk.cs
@@ -56,16 +56,6 @@ public async Task Arlington_Interactive_AADAsync()
             await RunTestForUserAsync(labResponse, false).ConfigureAwait(false);
         }
 
-        //[RunOn(TargetFrameworks.NetCore)]
-        //[TestCategory(TestCategories.MSA)]
-        // Disabled as this test is flaky. This will be reenabled as part of https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/5240
-        public async Task Interactive_MsaUser_Async()
-        {
-            // Arrange
-            LabResponse labResponse = await LabUserHelper.GetMsaUserAsync().ConfigureAwait(false);
-            await RunTestForUserAsync(labResponse).ConfigureAwait(false);
-        }
-
         [RunOn(TargetFrameworks.NetCore)]
         public async Task InteractiveConsentPromptAsync()
         {
diff --git a/tests/Microsoft.Identity.Test.LabInfrastructure/LabUserHelper.cs b/tests/Microsoft.Identity.Test.LabInfrastructure/LabUserHelper.cs
@@ -2,7 +2,6 @@
 // Licensed under the MIT License.
 
 using System;
-using System.Collections.Concurrent;
 using System.Diagnostics;
 using System.Threading.Tasks;
 using Newtonsoft.Json;
@@ -13,8 +12,6 @@ namespace Microsoft.Identity.Test.LabInfrastructure
     public static class LabUserHelper
     {
         private static readonly LabServiceApi s_labService;
-        private static readonly ConcurrentDictionary<UserQuery, LabResponse> s_userCache =
-            new ConcurrentDictionary<UserQuery, LabResponse>();
 
         public static KeyVaultSecretsProvider KeyVaultSecretsProviderMsal { get; }
         public static KeyVaultSecretsProvider KeyVaultSecretsProviderMsid { get; }
@@ -26,31 +23,11 @@ static LabUserHelper()
             s_labService = new LabServiceApi();
         }
 
-        public static async Task<LabResponse> GetLabUserDataAsync(UserQuery query)
-        {
-            if (s_userCache.ContainsKey(query))
-            {
-                var cachedResponse = s_userCache[query];
-                Debug.WriteLine($"Lab cache hit: {cachedResponse.User?.Upn ?? "N/A"} | {cachedResponse.App?.AppId ?? "N/A"} | {cachedResponse.Lab?.TenantId ?? "N/A"}");
-                return cachedResponse;
-            }
-
-            var response = await s_labService.GetLabResponseFromApiAsync(query).ConfigureAwait(false);
-            if (response == null)
-            {
-                Debug.WriteLine($"Lab API returned null for query: {query}");
-                throw new LabUserNotFoundException(query, "Found no users for the given query.");
-            }
 
-            Debug.WriteLine($"Lab API: {response.User?.Upn ?? "N/A"} | {response.App?.AppId ?? "N/A"} | {response.Lab?.TenantId ?? "N/A"} | {response.User?.AzureEnvironment.ToString() ?? "N/A"}");
-
-            s_userCache.TryAdd(query, response);
-            return response;
-        }
 
         private static async Task<LabResponse> GetKVLabDataAsync(string secret)
         {
-            // TODO: Implement caching similar to GetLabUserDataAsync to avoid repeated Key Vault calls
+            // TODO: Implement caching to avoid repeated Key Vault calls
             try
             {
                 var keyVaultSecret = await KeyVaultSecretsProviderMsal.GetSecretByNameAsync(secret).ConfigureAwait(false);
@@ -166,59 +143,36 @@ public static Task<LabResponse> GetDefaultAdfsUserAsync()
             return MergeKVLabDataAsync("MSAL-USER-FedDefault-JSON", "ID4SLAB1", "MSAL-App-Default-JSON");
         }
 
-        public static Task<LabResponse> GetMsaUserAsync()
-        {
-            return GetLabUserDataAsync(UserQuery.MsaUserQuery);
-        }
 
-        public static Task<LabResponse> GetHybridSpaAccontAsync()
-        {
-            return MergeKVLabDataAsync("MSAL-User-Default-JSON", "ID4SLAB1", "MSAL-App-Default-JSON");
-        }
 
         public static Task<LabResponse> GetB2CLocalAccountAsync()
         {
-            return GetLabUserDataAsync(UserQuery.B2CLocalAccountUserQuery);
+            return MergeKVLabDataAsync("B2C-User-IDLab-JSON", "MSIDLABB2C", "B2C-App-IDLABSAPPB2C-JSON");
         }
 
         public static Task<LabResponse> GetArlingtonUserAsync()
         {
-            var response = GetLabUserDataAsync(UserQuery.ArlingtonUserQuery);
+            var response = MergeKVLabDataAsync("ARL-User-IDLab-JSON", "ARLMSIDLAB1", "ARL-App-IDLABSAPP-JSON");
             response.Result.User.AzureEnvironment = AzureEnvironment.azureusgovernment;
             return response;
         }
 
         public static Task<LabResponse> GetArlingtonADFSUserAsync()
         {
-            var query = UserQuery.ArlingtonUserQuery;
-            query.UserType = UserType.Federated;
-            var response = GetLabUserDataAsync(query);
+            var response = MergeKVLabDataAsync("ARL-User-fIDLAB-JSON", "ARLMSIDLAB1", "ARL-App-IDLABSAPP-JSON");
             response.Result.User.AzureEnvironment = AzureEnvironment.azureusgovernment;
             return response;
         }
-
-        public static Task<LabResponse> GetAdfsUserAsync(FederationProvider federationProvider, bool federated = true)
+        public static Task<LabResponse> GetCIAMUserAsync()
         {
-            var query = new UserQuery()
-            {
-                AzureEnvironment = LabInfrastructure.AzureEnvironment.azurecloud,
-                FederationProvider = federationProvider,
-                UserType = federated ? UserType.Federated : UserType.Cloud
-            };
-
-            if (!federated && federationProvider != FederationProvider.ADFSv2019)
-            {
-                Debug.WriteLine($"Invalid ADFS config: {federationProvider} non-federated not supported");
-                throw new InvalidOperationException("Test Setup Error: MSAL only supports ADFS2019 direct (non-federated) access. " +
-                    "Support for older versions of ADFS is exclusively via federation");
-            }
-
-            return GetLabUserDataAsync(query);
+            return MergeKVLabDataAsync("MSAL-User-CIAM-JSON", "MSIDLABCIAM6", "MSAL-App-CIAM-JSON");
         }
+ 
+
 
         public static string FetchUserPassword(string userLabName)
         {
-            // TODO: Implement caching similar to GetLabUserDataAsync to avoid repeated Key Vault calls
+            // TODO: Implement caching to avoid repeated Key Vault calls
             if (string.IsNullOrWhiteSpace(userLabName))
             {
                 Debug.WriteLine("Password fetch failed: empty lab name");
