Identity perf tests (#5329)

* mroe quotes

* dssf

* azure identity tests

* comments

* comments

eng/CredScanSuppression.json

@@ -8,6 +8,10 @@
     {
       "file": [ "sdk/attestation/azure-security-attestation/test/ut/crypto_test_collateral.cpp" ],
       "_justification": "File contains a PEM encoded RSA private key used by test code."
+    },
+    {
+      "file": [ "sdk/identity/azure-identity/test/perf/inc/azure/identity/test/externals/perf.combo.pem" ],
+      "_justification": "File contains a PEM encoded RSA private key used by perf test code."
     }
   ]
 }

sdk/identity/azure-identity/test/perf/CMakeLists.txt

@@ -9,6 +9,8 @@ set(CMAKE_CXX_STANDARD_REQUIRED True)
 
 set(
   AZURE_IDENTITY_PERF_TEST_HEADER
+  inc/azure/identity/test/client_certificate_credential_test.hpp
+  inc/azure/identity/test/environment_credential_test.hpp
   inc/azure/identity/test/secret_credential_test.hpp
 )
 

sdk/identity/azure-identity/test/perf/inc/azure/identity/test/client_certificate_credential_test.hpp

@@ -0,0 +1,105 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+
+/**
+ * @file
+ * @brief Test the overhead of authenticating with client certificate credential.
+ *
+ */
+
+#pragma once
+
+#include <azure/identity.hpp>
+#include <azure/perf.hpp>
+
+#include <memory>
+#include <string>
+#include <vector>
+
+namespace Azure { namespace Identity { namespace Test {
+
+  /**
+   * @brief A test to measure the authentication token performance.
+   *
+   */
+  class ClientCertificateCredentialTest : public Azure::Perf::PerfTest {
+  private:
+    std::string m_tenantId;
+    std::string m_clientId;
+    std::string m_certPath;
+    Core::Credentials::TokenRequestContext m_tokenRequestContext;
+    std::unique_ptr<Azure::Core::Credentials::TokenCredential> m_credential;
+
+  public:
+    /**
+     * @brief Setup the test.
+     *
+     */
+    void Setup() override
+    {
+      m_tenantId = m_options.GetMandatoryOption<std::string>("TenantId");
+      m_clientId = m_options.GetMandatoryOption<std::string>("ClientId");
+      m_certPath = m_options.GetMandatoryOption<std::string>("CertPath");
+      m_tokenRequestContext.Scopes.push_back(m_options.GetMandatoryOption<std::string>("Scope"));
+      if (!m_options.GetOptionOrDefault<bool>("Cache", false))
+      {
+        // having this set ignores the credentials cache and forces a new token to be requested
+        m_tokenRequestContext.MinimumExpiration = std::chrono::hours(1000000);
+      }
+      m_credential = std::make_unique<Azure::Identity::ClientCertificateCredential>(
+          m_tenantId,
+          m_clientId,
+          m_certPath,
+          InitClientOptions<Azure::Core::Credentials::TokenCredentialOptions>());
+    }
+
+    /**
+     * @brief Construct a new ClientCertificateCredentialTest test.
+     *
+     * @param options The test options.
+     */
+    ClientCertificateCredentialTest(Azure::Perf::TestOptions options) : PerfTest(options) {}
+
+    /**
+     * @brief Define the test
+     *
+     * @param context The cancellation token.
+     */
+    void Run(Azure::Core::Context const& context) override
+    {
+      auto t = m_credential->GetToken(m_tokenRequestContext, context);
+    }
+
+    /**
+     * @brief Define the test options for the test.
+     *
+     * @return The list of test options.
+     */
+    std::vector<Azure::Perf::TestOption> GetTestOptions() override
+    {
+      return {
+          {"Cache", {"--cache"}, "Use credential cache.", 1, false},
+          {"CertPath", {"--certpath"}, "The certificate path for authentication.", 1, true, true},
+          {"ClientId", {"--clientId"}, "The client Id for the authentication.", 1, true},
+          {"Scope", {"--scope"}, "One scope to request access to.", 1, true},
+          {"TenantId", {"--tenantId"}, "The tenant Id for the authentication.", 1, true}};
+    }
+
+    /**
+     * @brief Get the static Test Metadata for the test.
+     *
+     * @return Azure::Perf::TestMetadata describing the test.
+     */
+    static Azure::Perf::TestMetadata GetTestMetadata()
+    {
+      return {
+          "ClientCertificateCredential",
+          "Get a token using a client certificate credential.",
+          [](Azure::Perf::TestOptions options) {
+            return std::make_unique<Azure::Identity::Test::ClientCertificateCredentialTest>(
+                options);
+          }};
+    }
+  };
+
+}}} // namespace Azure::Identity::Test

sdk/identity/azure-identity/test/perf/inc/azure/identity/test/environment_credential_test.hpp

@@ -0,0 +1,93 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+
+/**
+ * @file
+ * @brief Test the overhead of authenticating with secret credential.
+ *
+ */
+
+#pragma once
+
+#include <azure/identity.hpp>
+#include <azure/perf.hpp>
+
+#include <memory>
+#include <string>
+#include <vector>
+
+namespace Azure { namespace Identity { namespace Test {
+
+  /**
+   * @brief A test to measure the authentication token performance.
+   *
+   */
+  class EnvironmentCredentialTest : public Azure::Perf::PerfTest {
+  private:
+    Core::Credentials::TokenRequestContext m_tokenRequestContext;
+    std::unique_ptr<Azure::Core::Credentials::TokenCredential> m_credential;
+
+  public:
+    /**
+     * @brief Setup the test
+     *
+     */
+    void Setup() override
+    {
+      m_tokenRequestContext.Scopes.push_back(m_options.GetMandatoryOption<std::string>("Scope"));
+      if (!m_options.GetOptionOrDefault<bool>("Cache", false))
+      {
+        // having this set ignores the credentials cache and forces a new token to be requested
+        m_tokenRequestContext.MinimumExpiration = std::chrono::hours(1000000);
+      }
+      m_credential = std::make_unique<Azure::Identity::EnvironmentCredential>(
+          InitClientOptions<Azure::Core::Credentials::TokenCredentialOptions>());
+    }
+
+    /**
+     * @brief Construct a new EnvironmentCredentialTest test.
+     *
+     * @param options The test options.
+     */
+    EnvironmentCredentialTest(Azure::Perf::TestOptions options) : PerfTest(options) {}
+
+    /**
+     * @brief Define the test
+     *
+     * @param context The cancellation token.
+     */
+    void Run(Azure::Core::Context const& context) override
+    {
+      auto t = m_credential->GetToken(m_tokenRequestContext, context);
+    }
+
+    /**
+     * @brief Define the test options for the test.
+     *
+     * @return The list of test options.
+     */
+    std::vector<Azure::Perf::TestOption> GetTestOptions() override
+    {
+      return {
+          {"Cache", {"--cache"}, "Use credential cache.", 1, false},
+          {"Scope", {"--scope"}, "One scope to request access to.", 1, true},
+      };
+    }
+
+    /**
+     * @brief Get the static Test Metadata for the test.
+     *
+     * @return Azure::Perf::TestMetadata describing the test.
+     */
+    static Azure::Perf::TestMetadata GetTestMetadata()
+    {
+      return {
+          "EnvironmentCredential",
+          "Get a token using a secret client token credential.",
+          [](Azure::Perf::TestOptions options) {
+            return std::make_unique<Azure::Identity::Test::EnvironmentCredentialTest>(options);
+          }};
+    }
+  };
+
+}}} // namespace Azure::Identity::Test

sdk/identity/azure-identity/test/perf/inc/azure/identity/test/externals/perf.combo.pem

@@ -0,0 +1,53 @@
+Bag Attributes
+    localKeyID: 01 00 00 00 
+    1.3.6.1.4.1.311.17.3.71: 44 00 45 00 53 00 4B 00 54 00 4F 00 50 00 2D 00 48 00 33 00 35 00 4B 00 51 00 51 00 42 00 00 00 
+subject=CN = perfCert
+
+issuer=CN = perfCert
+
+-----BEGIN CERTIFICATE-----
+MIIDADCCAeigAwIBAgIQIugayGqZbqRIT+zbzllIFzANBgkqhkiG9w0BAQsFADAT
+MREwDwYDVQQDDAhwZXJmQ2VydDAeFw0yNDAyMDYyMDI5NThaFw0yNTAyMDYyMDQ5
+NThaMBMxETAPBgNVBAMMCHBlcmZDZXJ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAzhB18NgNbNF47en23b2JQUJhjSMwMmH7ygpiw01PXpuDHgrzawpA
+0UP+oH7KpzLHlUsvrYTiZ5z2ayFXMe6zrvO/T6xC8vSAEszQh9V4+D/k1qJ05MNx
+za6o60bNSEOEUs9P1QT50xE9w7rYtz8U85W1Ldr+B3We7ZLLNg4mR2A67kphMtc/
+i7XaVyIaQJX89xPJ6O3q//o45epCOk7xxvuXOCycjCGT945PJUjp7xk4ElAQjLuK
+4CQPL/m0BFy0oOmuXMZYFKCDOnEwXY3fzUJG/4FqMb209toQHL7vXwS2VRMQMqsf
+O+i0SLmlcGtNtqbBqtXAyeo9Wh1jfWWFpQIDAQABo1AwTjAOBgNVHQ8BAf8EBAMC
+BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMB0GA1UdDgQWBBQColZ3
+n9faLGaHx4kp3o4q/5T8yTANBgkqhkiG9w0BAQsFAAOCAQEAU8NYx8oeGrrreCCK
+jLjEKyic1FimMTyCrrVMR/Qrh8KeMn6/RBoM7iWJJ16HqKViIOsDWME3DFJbW5fW
+yFB0t20VIvCuaY43wllvSUh+1y6G8HB6W4HDr875Jdh+HpZQKghxaigSgACLC+aa
+lPdoccaDSpnDW5VxuElsaVztO8ayBPUoWYsbabvPS6bd5eCMR7nS5AywJhmpb+40
+Bm+UiGeS1CPZVPXwCw4wiXsPcWjnwr7xWu7V60/ScECkuEydJSTBO9HAbn0PlnaG
+XI37CLYQsKq1UkapXJ2EmPhnI+DWhhTpC+dH8Jb70etF5bhrkQVkUsk/YxTK9AXw
+tm0eKQ==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAzhB18NgNbNF47en23b2JQUJhjSMwMmH7ygpiw01PXpuDHgrz
+awpA0UP+oH7KpzLHlUsvrYTiZ5z2ayFXMe6zrvO/T6xC8vSAEszQh9V4+D/k1qJ0
+5MNxza6o60bNSEOEUs9P1QT50xE9w7rYtz8U85W1Ldr+B3We7ZLLNg4mR2A67kph
+Mtc/i7XaVyIaQJX89xPJ6O3q//o45epCOk7xxvuXOCycjCGT945PJUjp7xk4ElAQ
+jLuK4CQPL/m0BFy0oOmuXMZYFKCDOnEwXY3fzUJG/4FqMb209toQHL7vXwS2VRMQ
+MqsfO+i0SLmlcGtNtqbBqtXAyeo9Wh1jfWWFpQIDAQABAoIBAENbIhIdrRW6ytqJ
+tYX5pFnOhvCJZgGyAYmjJ3FLXfxAvPUfAz4j1dgRb7Oqfjd048QrFWSUoSTZK7sM
+5OGPcvBnAEvctO2ReiOrCya7YpVS3UxDQg5czGA9DT4KoKNUXnZrCV9KBxc09Yl7
+E8eiOQj+EIDyqkJp8g8aAo6ixWRiu/me2z3O2WGHSzlH+zYvw+MO+dktQUh7kQKf
+JCYm0d9taR/bzOetb1tEomhOF1PnyJao2en2UgR0vzyujrWXYgk3WiNH0qUbie4J
+h+r14bl4XvTAly8PkqbacXmbuVLFU+BTyoobTspfTwrRepJ5civ6KUHIkvhUlZYj
+fYA8wukCgYEA5eY8vShQVi5rW/7YOrorMyBpJ1hkN/k8GSPEphIxUGBDckzrNLiv
+Qy7Qujr5VxQdd/SD9ypCHLlbBQG8cK7k6S7Vr+3bDGc/Nw8wTz2F3qIxUleN418h
+lTkAI6vTUzafnN9wHSQI3UuDr1o73CtDGm1hs9IdGEiXO0qo9T8lygcCgYEA5XV8
+BxPY4GvKZqDohRU8X1nrLgwLF44/0Ks5cDY6vb6WMtyeAvKPpzl0yL6dTZFCroUs
+oIh/W56EvD9Uq0asHiJ/B11UJhIGCEvQBWBl7Q02kfsPLjQFGWECDIPiFh3xSwJ8
+srGjXsReT2eQ3cDqGUPpedSWqZgC5N54L/YW9/MCgYEApD+XyXTR4KCNZ05tYZe8
+YWyYc9m80BiqjTN2vUdmIAyGY1T8/c+st4zs5wBXP5VJcHgrCB0S2r66fps87Cyn
+sskZNfXzd6sUCNw7IYHM8MBkCHYxEu7WaWwt405RTrRJ2KPxz3/9LU1UKaWH+saV
+zH21Pemxi7XhBiVTDNQuxWUCgYAFsWaEXm+xEbuR1EgwlRhMXVTCbbYQvYzDxpvE
+NvQ6JPJhDKw28oGx6nEFUgVhGUuIPPGgggJ26XXtnbyiCzzV+pEgQ6aE00mnBwqA
+N6YPvZYvBQWZZd0Chi+g09zWI6QK8mLZpCKjhUe5vJ4RgmnMeqzeQvIB/y2DNCnT
+Ns3XFQKBgHSBQhloKjqDJ9hsLpvaVd7hNvYkuZXFj6C1xj1tWeAoNv5hPJQMQgzw
+XMCIIwynr8FkL42HSwYG42LZ7d7powGhPf8k7gAyniVcgQelomUE799/OhUEQ0RX
+9E7TF4ErVzijnvxYwI+2ed+54JB3XJnphDn99GrOJSi3c4qlEFvx
+-----END RSA PRIVATE KEY-----

sdk/identity/azure-identity/test/perf/inc/azure/identity/test/secret_credential_test.hpp

@@ -43,6 +43,7 @@ namespace Azure { namespace Identity { namespace Test {
       m_tokenRequestContext.Scopes.push_back(m_options.GetMandatoryOption<std::string>("Scope"));
       if (!m_options.GetOptionOrDefault<bool>("Cache", false))
       {
+        // having this set ignores the credentials cache and forces a new token to be requested
         m_tokenRequestContext.MinimumExpiration = std::chrono::hours(1000000);
       }
       m_credential = std::make_unique<Azure::Identity::ClientSecretCredential>(

sdk/identity/azure-identity/test/perf/src/azure_identity_perf_test.cpp

@@ -1,6 +1,8 @@
 // Copyright (c) Microsoft Corporation.
 // Licensed under the MIT License.
 
+#include "azure/identity/test/client_certificate_credential_test.hpp"
+#include "azure/identity/test/environment_credential_test.hpp"
 #include "azure/identity/test/secret_credential_test.hpp"
 
 #include <azure/perf.hpp>
@@ -10,6 +12,8 @@ int main(int argc, char** argv)
 
   // Create the test list
   std::vector<Azure::Perf::TestMetadata> tests{
+      Azure::Identity::Test::ClientCertificateCredentialTest::GetTestMetadata(),
+      Azure::Identity::Test::EnvironmentCredentialTest::GetTestMetadata(),
       Azure::Identity::Test::SecretCredentialTest::GetTestMetadata()};
 
   Azure::Perf::Program::Run(Azure::Core::Context::ApplicationContext, tests, argc, argv);