Adds M365 mock response plugin (#555)

Fixes bug in MockGeneratorPlugin
Fixes bug in GraphMockResponsePlugin
Fixes bug in GraphRandomErrorPlugin
Makes MockResponsePlugin extensible
Fixes bug in merging CORS headers

Author: waldekmastykarz

dev-proxy-abstractions/GraphBatchResponsePayload.cs

@@ -20,7 +20,7 @@ public class GraphBatchResponsePayloadResponse
     [JsonPropertyName("body")]
     public dynamic? Body { get; set; }
     [JsonPropertyName("headers")]
-    public List<MockResponseHeader>? Headers { get; set; }
+    public Dictionary<string, string>? Headers { get; set; }
 }
 
 public class GraphBatchResponsePayloadResponseBody

dev-proxy-abstractions/ProxyUtils.cs

@@ -309,7 +309,8 @@ public static void MergeHeaders(IList<MockResponseHeader> allHeaders, IList<Mock
             var existingHeader = allHeaders.FirstOrDefault(h => h.Name.Equals(header.Name, StringComparison.OrdinalIgnoreCase));
             if (existingHeader is not null)
             {
-                if (header.Name.Equals("Access-Control-Expose-Headers", StringComparison.OrdinalIgnoreCase))
+                if (header.Name.Equals("Access-Control-Expose-Headers", StringComparison.OrdinalIgnoreCase) ||
+                    header.Name.Equals("Access-Control-Allow-Headers", StringComparison.OrdinalIgnoreCase))
                 {
                     var existingValues = existingHeader.Value.Split(',').Select(v => v.Trim());
                     var newValues = header.Value.Split(',').Select(v => v.Trim());

dev-proxy-plugins/MockResponses/GraphMockResponsePlugin.cs

@@ -58,7 +58,7 @@ protected override async Task OnRequest(object? sender, ProxyRequestArgs e)
                 {
                     Id = request.Id,
                     Status = (int)HttpStatusCode.BadGateway,
-                    Headers = headers.ToList(),
+                    Headers = headers.ToDictionary(h => h.Name, h => h.Value),
                     Body = new GraphBatchResponsePayloadResponseBody
                     {
                         Error = new GraphBatchResponsePayloadResponseBodyError
@@ -82,11 +82,7 @@ protected override async Task OnRequest(object? sender, ProxyRequestArgs e)
 
                 if (mockResponse.Response?.Headers is not null)
                 {
-                    // add all the mocked headers into the response we want
-                    foreach (var header in mockResponse.Response.Headers)
-                    {
-                        headers.Add(header);
-                    }
+                    ProxyUtils.MergeHeaders(headers, mockResponse.Response.Headers);
                 }
 
                 // default the content type to application/json unless set in the mock response
@@ -127,7 +123,7 @@ protected override async Task OnRequest(object? sender, ProxyRequestArgs e)
                 {
                     Id = request.Id,
                     Status = (int)statusCode,
-                    Headers = headers.ToList(),
+                    Headers = headers.ToDictionary(h => h.Name, h => h.Value),
                     Body = body
                 };
 
@@ -144,7 +140,9 @@ protected override async Task OnRequest(object? sender, ProxyRequestArgs e)
         {
             Responses = responses.ToArray()
         };
-        e.Session.GenericResponse(JsonSerializer.Serialize(batchResponse), HttpStatusCode.OK, batchHeaders.Select(h => new HttpHeader(h.Name, h.Value)));
+        var batchResponseString = JsonSerializer.Serialize(batchResponse);
+        ProcessMockResponse(ref batchResponseString, batchHeaders, e, null);
+        e.Session.GenericResponse(batchResponseString ?? string.Empty, HttpStatusCode.OK, batchHeaders.Select(h => new HttpHeader(h.Name, h.Value)));
         _logger?.LogRequest([$"200 {e.Session.HttpClient.Request.RequestUri}"], MessageType.Mocked, new LoggingContext(e.Session));
         e.ResponseState.HasBeenSet = true;
     }

dev-proxy-plugins/MockResponses/M365MockResponsePlugin.cs

@@ -0,0 +1,124 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+
+using System.Text;
+using System.Text.Json;
+using System.Text.Json.Serialization;
+using System.Text.RegularExpressions;
+using System.Web;
+using Microsoft.DevProxy.Abstractions;
+
+namespace Microsoft.DevProxy.Plugins.MockResponses;
+
+class IdToken {
+    [JsonPropertyName("aud")]
+    public string? Aud { get; set; }
+    [JsonPropertyName("iss")]
+    public string? Iss { get; set; }
+    [JsonPropertyName("iat")]
+    public int? Iat { get; set; }
+    [JsonPropertyName("nbf")]
+    public int? Nbf { get; set; }
+    [JsonPropertyName("exp")]
+    public int? Exp { get; set; }
+    [JsonPropertyName("name")]
+    public string? Name { get; set; }
+    [JsonPropertyName("nonce")]
+    public string? Nonce { get; set; }
+    [JsonPropertyName("oid")]
+    public string? Oid { get; set; }
+    [JsonPropertyName("preferred_username")]
+    public string? PreferredUsername { get; set; }
+    [JsonPropertyName("rh")]
+    public string? Rh { get; set; }
+    [JsonPropertyName("sub")]
+    public string? Sub { get; set; }
+    [JsonPropertyName("tid")]
+    public string? Tid { get; set; }
+    [JsonPropertyName("uti")]
+    public string? Uti { get; set; }
+    [JsonPropertyName("ver")]
+    public string? Ver { get; set; }
+}
+
+public class M365MockResponsePlugin : GraphMockResponsePlugin
+{
+    private string? lastNonce;
+    public override string Name => nameof(M365MockResponsePlugin);
+
+    protected override void ProcessMockResponse(ref byte[] body, IList<MockResponseHeader> headers, ProxyRequestArgs e, MockResponse? matchingResponse)
+    {
+        base.ProcessMockResponse(ref body, headers, e, matchingResponse);
+
+        var bodyString = Encoding.UTF8.GetString(body);
+        var changed = false;
+
+        StoreLastNonce(e);
+        UpdateMsalState(ref bodyString, e, ref changed);
+        UpdateIdToken(ref bodyString, e, ref changed);
+
+        if (changed)
+        {
+            body = Encoding.UTF8.GetBytes(bodyString);
+        }
+    }
+
+    private void StoreLastNonce(ProxyRequestArgs e)
+    {
+        if (e.Session.HttpClient.Request.RequestUri.Query.Contains("nonce="))
+        {
+            var queryString = HttpUtility.ParseQueryString(e.Session.HttpClient.Request.RequestUri.Query);
+            lastNonce = queryString["nonce"];
+        }
+    }
+
+    private void UpdateIdToken(ref string body, ProxyRequestArgs e, ref bool changed)
+    {
+        if (!body.Contains("id_token\":\"@dynamic") ||
+            string.IsNullOrEmpty(lastNonce))
+        {
+            return;
+        }
+
+        var idTokenRegex = new Regex("id_token\":\"([^\"]+)\"");
+
+        var idToken = idTokenRegex.Match(body).Groups[1].Value;
+        idToken = idToken.Replace("@dynamic.", "");
+        var tokenChunks = idToken.Split('.');
+        // base64 decode the second chunk from the array
+        // before decoding, we need to pad the base64 to a multiple of 4
+        // or Convert.FromBase64String will throw an exception
+        var decodedToken = Encoding.UTF8.GetString(Convert.FromBase64String(PadBase64(tokenChunks[1])));
+        var token = JsonSerializer.Deserialize<IdToken>(decodedToken);
+        if (token is null)
+        {
+            return;
+        }
+        
+        token.Nonce = lastNonce;
+
+        tokenChunks[1] = Convert.ToBase64String(Encoding.UTF8.GetBytes(JsonSerializer.Serialize(token)));
+        body = idTokenRegex.Replace(body, $"id_token\":\"{string.Join('.', tokenChunks)}\"");
+        changed = true;
+    }
+
+    private string PadBase64(string base64)
+    {
+        var padding = new string('=', (4 - base64.Length % 4) % 4);
+        return base64 + padding;
+    }
+
+    private void UpdateMsalState(ref string body, ProxyRequestArgs e, ref bool changed)
+    {
+        if (!body.Contains("state=@dynamic") ||
+          !e.Session.HttpClient.Request.RequestUri.Query.Contains("state="))
+        {
+            return;
+        }
+
+        var queryString = HttpUtility.ParseQueryString(e.Session.HttpClient.Request.RequestUri.Query);
+        var msalState = queryString["state"];
+        body = body.Replace("state=@dynamic", $"state={msalState}");
+        changed = true;
+    }
+}

dev-proxy-plugins/MockResponses/MockResponsePlugin.cs

@@ -12,6 +12,7 @@
 using Titanium.Web.Proxy.Http;
 using Titanium.Web.Proxy.Models;
 using Microsoft.DevProxy.Plugins.Behavior;
+using System.Text;
 
 namespace Microsoft.DevProxy.Plugins.MockResponses;
 
@@ -115,12 +116,12 @@ protected virtual Task OnRequest(object? sender, ProxyRequestArgs e)
             var matchingResponse = GetMatchingMockResponse(request);
             if (matchingResponse is not null)
             {
-                ProcessMockResponse(e, matchingResponse);
+                ProcessMockResponseInternal(e, matchingResponse);
                 state.HasBeenSet = true;
             }
             else if (_configuration.BlockUnmockedRequests)
             {
-                ProcessMockResponse(e, new MockResponse
+                ProcessMockResponseInternal(e, new MockResponse
                 {
                     Request = new()
                     {
@@ -202,7 +203,23 @@ private bool IsNthRequest(MockResponse mockResponse)
         return mockResponse.Request.Nth == nth;
     }
 
-    private void ProcessMockResponse(ProxyRequestArgs e, MockResponse matchingResponse)
+    protected virtual void ProcessMockResponse(ref byte[] body, IList<MockResponseHeader> headers, ProxyRequestArgs e, MockResponse? matchingResponse)
+    {
+    }
+
+    protected virtual void ProcessMockResponse(ref string? body, IList<MockResponseHeader> headers, ProxyRequestArgs e, MockResponse? matchingResponse)
+    {
+        if (string.IsNullOrEmpty(body))
+        {
+            return;
+        }
+
+        var bytes = Encoding.UTF8.GetBytes(body);
+        ProcessMockResponse(ref bytes, headers, e, matchingResponse);
+        body = Encoding.UTF8.GetString(bytes);
+    }
+
+    private void ProcessMockResponseInternal(ProxyRequestArgs e, MockResponse matchingResponse)
     {
         string? body = null;
         string requestId = Guid.NewGuid().ToString();
@@ -216,10 +233,7 @@ private void ProcessMockResponse(ProxyRequestArgs e, MockResponse matchingRespon
 
         if (matchingResponse.Response?.Headers is not null)
         {
-            foreach (var header in matchingResponse.Response.Headers)
-            {
-                headers.Add(header);
-            }
+            ProxyUtils.MergeHeaders(headers, matchingResponse.Response.Headers);
         }
 
         // default the content type to application/json unless set in the mock response
@@ -254,6 +268,7 @@ private void ProcessMockResponse(ProxyRequestArgs e, MockResponse matchingRespon
                 else
                 {
                     var bodyBytes = File.ReadAllBytes(filePath);
+                    ProcessMockResponse(ref bodyBytes, headers, e, matchingResponse);
                     e.Session.GenericResponse(bodyBytes, statusCode, headers.Select(h => new HttpHeader(h.Name, h.Value)));
                     _logger?.LogRequest([$"{matchingResponse.Response.StatusCode ?? 200} {matchingResponse.Request?.Url}"], MessageType.Mocked, new LoggingContext(e.Session));
                     return;
@@ -264,6 +279,7 @@ private void ProcessMockResponse(ProxyRequestArgs e, MockResponse matchingRespon
                 body = bodyString;
             }
         }
+        ProcessMockResponse(ref body, headers, e, matchingResponse);
         e.Session.GenericResponse(body ?? string.Empty, statusCode, headers.Select(h => new HttpHeader(h.Name, h.Value)));
 
         _logger?.LogRequest([$"{matchingResponse.Response?.StatusCode ?? 200} {matchingResponse.Request?.Url}"], MessageType.Mocked, new LoggingContext(e.Session));

dev-proxy-plugins/RandomErrors/GraphRandomErrorPlugin.cs

@@ -149,7 +149,7 @@ private void FailBatch(ProxyRequestArgs e)
                     var requestUrl = ProxyUtils.GetAbsoluteRequestUrlFromBatch(e.Session.HttpClient.Request.RequestUri, request.Url);
                     var throttledRequests = e.GlobalData[RetryAfterPlugin.ThrottledRequestsKey] as List<ThrottlerInfo>;
                     throttledRequests?.Add(new ThrottlerInfo(GraphUtils.BuildThrottleKey(requestUrl), ShouldThrottle, retryAfterDate));
-                    response.Headers = new List<MockResponseHeader> { new("Retry-After", retryAfterInSeconds.ToString()) };
+                    response.Headers = new Dictionary<string, string> { { "Retry-After", retryAfterInSeconds.ToString() } };
                 }
 
                 responses.Add(response);

dev-proxy-plugins/RequestLogs/MockGeneratorPlugin.cs

@@ -136,7 +136,7 @@ request.Context is null ||
         // assume body is binary
         try
         {
-            var filename = $"response-{DateTime.Now:yyyyMMddHHmmss}.bin";
+            var filename = $"response-{Guid.NewGuid()}.bin";
             _logger?.LogDebug("Reading response body as bytes...");
             var body = await session.GetResponseBody();
             _logger?.LogDebug($"Writing response body to {filename}...");