tests/Set-CsKeyVaultEntry.Tests.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
[Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingConvertToSecureStringWithPlainText", "")]
param()

. "$PSScriptRoot\..\..\CredentialStore\src\Test-CsEntryName.ps1"
. "$PSScriptRoot\..\src\Set-CsKeyVaultEntry.ps1"

Describe Set-CsKeyVaultEntry {
    Mock -CommandName Set-AzureKeyVaultSecret 

    Context "Adding a new Credential without description" {
        $cred = New-Object PSCredential("user", $("pass" | ConvertTo-SecureString -AsPlainText -Force))
        Set-CsKeyVaultEntry -VaultName vault1 -Name name1 -Credential $cred

        It "should add the entry to the vault" {
            Assert-MockCalled Set-AzureKeyVaultSecret -ParameterFilter {
                $decoded = (New-Object PSCredential("user", $SecretValue)).GetNetworkCredential().Password

                $VaultName -eq 'vault1' -And
                $Name -eq 'name1' -And
                $decoded -eq 'pass' -And
                $ContentType -eq "CredentialStore" -And
                $Tag['Username'] -eq 'user'
            }
        }
    }

    Context "Adding a new Credential with description" {
        $cred = New-Object PSCredential("user", $("pass" | ConvertTo-SecureString -AsPlainText -Force))
        Set-CsKeyVaultEntry -VaultName vault1 -Name name1 -Credential $cred -Description desc

        It "should add the entry to the vault" {
            Assert-MockCalled Set-AzureKeyVaultSecret -ParameterFilter {
                $decoded = (New-Object PSCredential("user", $SecretValue)).GetNetworkCredential().Password

                $VaultName -eq 'vault1' -And
                $Name -eq 'name1' -And
                $decoded -eq 'pass' -And
                $ContentType -eq "CredentialStore" -And
                $Tag['Username'] -eq 'user' -And
                $Tag['Description'] -eq 'desc'
            }
        }
    }

    Context "Pipeline support" {
        $cred = New-Object PSCredential("user", $("pass" | ConvertTo-SecureString -AsPlainText -Force))
        $entries = @(
            [PSCustomObject]@{ Name="name1"; Credential = $cred; Description = "desc1"},
            [PSCustomObject]@{ Name="name2"; Credential = $cred; Description = "desc2"},
            [PSCustomObject]@{ Name="name3"; Credential = $cred; Description = "desc3"}
        )

        $entries | Set-CsKeyVaultEntry -VaultName vault1

        It "should set the entries" {
            Assert-MockCalled Set-AzureKeyVaultSecret -ParameterFilter {
                $decoded = (New-Object PSCredential("user", $SecretValue)).GetNetworkCredential().Password

                $VaultName -eq 'vault1' -And
                $Name -eq 'name1' -And
                $decoded -eq 'pass' -And
                $ContentType -eq "CredentialStore" -And
                $Tag['Username'] -eq 'user' -And
                $Tag['Description'] -eq 'desc1'
            }

            Assert-MockCalled Set-AzureKeyVaultSecret -ParameterFilter {
                $decoded = (New-Object PSCredential("user", $SecretValue)).GetNetworkCredential().Password

                $VaultName -eq 'vault1' -And
                $Name -eq 'name2' -And
                $decoded -eq 'pass' -And
                $ContentType -eq "CredentialStore" -And
                $Tag['Username'] -eq 'user' -And
                $Tag['Description'] -eq 'desc2'
            }

            Assert-MockCalled Set-AzureKeyVaultSecret -ParameterFilter {
                $decoded = (New-Object PSCredential("user", $SecretValue)).GetNetworkCredential().Password

                $VaultName -eq 'vault1' -And
                $Name -eq 'name3' -And
                $decoded -eq 'pass' -And
                $ContentType -eq "CredentialStore" -And
                $Tag['Username'] -eq 'user' -And
                $Tag['Description'] -eq 'desc3'
            }
        }
    }
}