From f38d57b7f7d46faf199f7747f238432681abdcd8 Mon Sep 17 00:00:00 2001
From: yitam <v-yitam@microsoft.com>
Date: Mon, 12 Jun 2017 10:51:23 -0700
Subject: [PATCH] Azure AD tests using ActiveDirectoryPassword

---
 test/pdo_sqlsrv/MsSetup.inc                   |  5 ++
 .../pdo_azure_ad_authentication.phpt          | 48 +++++++++++++++---
 test/sqlsrv/MsSetup.inc                       |  5 ++
 .../sqlsrv_azure_ad_authentication.phpt       | 49 ++++++++++++++++---
 4 files changed, 95 insertions(+), 12 deletions(-)

diff --git a/test/pdo_sqlsrv/MsSetup.inc b/test/pdo_sqlsrv/MsSetup.inc
index a9d03002..96343778 100644
--- a/test/pdo_sqlsrv/MsSetup.inc
+++ b/test/pdo_sqlsrv/MsSetup.inc
@@ -21,6 +21,11 @@ if (isset($_ENV['MSSQL_SERVER']) || isset($_ENV['MSSQL_USER']) || isset($_ENV['M
     $DriverName = "ODBC Driver 11 for SQL Server";
 }
 
+$adServer = 'TARGET_AD_SERVER';
+$adDatabase = 'TARGET_AD_DATABASE';
+$adUser = 'TARGET_AD_USERNAME';
+$adPassword = 'TARGET_AD_PASSWORD';
+
 $driverType = true;
 $PhpDriver = "ODBC Driver 11 for SQL Server";
 
diff --git a/test/pdo_sqlsrv/pdo_azure_ad_authentication.phpt b/test/pdo_sqlsrv/pdo_azure_ad_authentication.phpt
index c3ba3bf3..9ec93b1b 100644
--- a/test/pdo_sqlsrv/pdo_azure_ad_authentication.phpt
+++ b/test/pdo_sqlsrv/pdo_azure_ad_authentication.phpt
@@ -1,11 +1,14 @@
 --TEST--
-Test the Authentication keyword with options SqlPassword and ActiveDirectoryIntegrated.
+Test the Authentication keyword and three options: SqlPassword, ActiveDirectoryIntegrated, and ActiveDirectoryPassword.
 --SKIPIF--
-
+<?php require('skipif.inc'); ?>
 --FILE--
 <?php
 require_once("MsSetup.inc");
 
+///////////////////////////////////////////////////////////////////////////////////////////
+// Test Azure AD with Authentication=SqlPassword.
+//
 $connectionInfo = "Database = $databaseName; Authentication = SqlPassword;  TrustServerCertificate = true;";
 
 try
@@ -33,8 +36,10 @@ else
 
 $conn = null;
 
-////////////////////////////////////////
-
+///////////////////////////////////////////////////////////////////////////////////////////
+// Test Azure AD with integrated authentication. This should fail because
+// we don't support it.
+//
 $connectionInfo = "Authentication = ActiveDirectoryIntegrated; TrustServerCertificate = true;";
 
 try
@@ -50,8 +55,37 @@ catch( PDOException $e )
     echo "\n";
 }
 
+///////////////////////////////////////////////////////////////////////////////////////////
+// Test Azure AD on an Azure database instance. Replace $azureServer, etc with
+// your credentials to test, or this part is skipped.
+//
+$azureServer = $adServer;
+$azureDatabase = $adDatabase;
+$azureUsername = $adUser;
+$azurePassword = $adPassword;
+
+if ($azureServer != 'TARGET_AD_SERVER')
+{
+    $connectionInfo = "Authentication = ActiveDirectoryPassword; TrustServerCertificate = false";
+
+    try
+    {
+        $conn = new PDO( "sqlsrv:server = $azureServer ; $connectionInfo", $azureUsername, $azurePassword );
+        echo "Connected successfully with Authentication=ActiveDirectoryPassword.\n";
+    }
+    catch( PDOException $e )
+    {
+        echo "Could not connect with ActiveDirectoryPassword.\n";
+        print_r( $e->getMessage() );
+        echo "\n";
+    }
+}
+else
+{
+    echo "Not testing with Authentication=ActiveDirectoryPassword.\n";
+}
 ?>
---EXPECT--
+--EXPECTF--
 Connected successfully with Authentication=SqlPassword.
 array(2) {
   [""]=>
@@ -60,4 +94,6 @@ array(2) {
   string(1) "7"
 }
 Could not connect with Authentication=ActiveDirectoryIntegrated.
-SQLSTATE[IMSSP]: Invalid option for the Authentication keyword. Only SqlPassword or ActiveDirectoryPassword is supported.
\ No newline at end of file
+SQLSTATE[IMSSP]: Invalid option for the Authentication keyword. Only SqlPassword or ActiveDirectoryPassword is supported.
+%s with Authentication=ActiveDirectoryPassword.
+
diff --git a/test/sqlsrv/MsSetup.inc b/test/sqlsrv/MsSetup.inc
index ffa85fbc..2b0f02a8 100644
--- a/test/sqlsrv/MsSetup.inc
+++ b/test/sqlsrv/MsSetup.inc
@@ -25,6 +25,11 @@ $marsMode = true;
 
 $traceEnabled = false; 
 
+$adServer = 'TARGET_AD_SERVER';
+$adDatabase = 'TARGET_AD_DATABASE';
+$adUser = 'TARGET_AD_USERNAME';
+$adPassword = 'TARGET_AD_PASSWORD';
+
 if (isset($_ENV['MSSQL_SERVER']) || isset($_ENV['MSSQL_USER']) || isset($_ENV['MSSQL_PASSWORD'])) {
     $server = $_ENV['MSSQL_SERVER'];
     $uid = $_ENV['MSSQL_USER'];
diff --git a/test/sqlsrv/sqlsrv_azure_ad_authentication.phpt b/test/sqlsrv/sqlsrv_azure_ad_authentication.phpt
index df11faf1..b23a9f1c 100644
--- a/test/sqlsrv/sqlsrv_azure_ad_authentication.phpt
+++ b/test/sqlsrv/sqlsrv_azure_ad_authentication.phpt
@@ -1,11 +1,14 @@
 --TEST--
-Test the Authentication keyword with options SqlPassword and ActiveDirectoryIntegrated.
+Test the Authentication keyword and three options: SqlPassword, ActiveDirectoryIntegrated, and ActiveDirectoryPassword.
 --SKIPIF--
-
+<?php require('skipif.inc'); ?>
 --FILE--
 <?php
 require_once("MsSetup.inc");
 
+///////////////////////////////////////////////////////////////////////////////////////////
+// Test Azure AD with Authentication=SqlPassword.
+//
 $connectionInfo = array( "Database"=>$databaseName, "UID"=>$uid, "PWD"=>$pwd,
                          "Authentication"=>'SqlPassword', "TrustServerCertificate"=>true);
 
@@ -35,8 +38,10 @@ else
 sqlsrv_free_stmt( $stmt );
 sqlsrv_close( $conn );
 
-////////////////////////////////////////
-
+///////////////////////////////////////////////////////////////////////////////////////////
+// Test Azure AD with integrated authentication. This should fail because
+// we don't support it.
+//
 $connectionInfo = array( "Authentication"=>"ActiveDirectoryIntegrated", "TrustServerCertificate"=>true );
 
 $conn = sqlsrv_connect( $server, $connectionInfo );
@@ -52,8 +57,38 @@ else
     sqlsrv_close( $conn );
 }
 
+///////////////////////////////////////////////////////////////////////////////////////////
+// Test Azure AD on an Azure database instance. Replace $azureServer, etc with
+// your credentials to test, or this part is skipped.
+//
+$azureServer = $adServer;
+$azureDatabase = $adDatabase;
+$azureUsername = $adUser;
+$azurePassword = $adPassword;
+
+if ($azureServer != 'TARGET_AD_SERVER')
+{
+    $connectionInfo = array( "UID"=>$azureUsername, "PWD"=>$azurePassword, 
+                         "Authentication"=>'ActiveDirectoryPassword',  "TrustServerCertificate"=>true );
+
+    $conn = sqlsrv_connect( $azureServer, $connectionInfo );
+    if( $conn === false )
+    {
+        echo "Could not connect with ActiveDirectoryPassword.\n";
+        print_r( sqlsrv_errors() );
+    }
+    else
+    {
+        echo "Connected successfully with Authentication=ActiveDirectoryPassword.\n";
+        sqlsrv_close( $conn );
+    }
+}
+else
+{
+    echo "Not testing with Authentication=ActiveDirectoryPassword.\n";
+}
 ?>
---EXPECT--
+--EXPECTF--
 Connected successfully with Authentication=SqlPassword.
 array(2) {
   [0]=>
@@ -70,4 +105,6 @@ Array
     [code] => -62
     [2] => Invalid option for the Authentication keyword. Only SqlPassword or ActiveDirectoryPassword is supported.
     [message] => Invalid option for the Authentication keyword. Only SqlPassword or ActiveDirectoryPassword is supported.
-)
\ No newline at end of file
+)
+%s with Authentication=ActiveDirectoryPassword.
+