public void ExtractClaimUid_ClaimsIdentity()
        {
            // Arrange
            Mock <IIdentity> mockIdentity = new Mock <IIdentity>();

            mockIdentity.Setup(o => o.IsAuthenticated).Returns(true);
            MockAntiForgeryConfig config = new MockAntiForgeryConfig()
            {
                UniqueClaimTypeIdentifier = "unique-identifier"
            };
            ClaimsIdentityConverter converter = new ClaimsIdentityConverter(new Func <IIdentity, ClaimsIdentity>[] {
                identity =>
                {
                    Assert.Equal(mockIdentity.Object, identity);
                    MockClaimsIdentity claimsIdentity = new MockClaimsIdentity();
                    claimsIdentity.AddClaim("unique-identifier", "some-value");
                    return(claimsIdentity);
                }
            });

            ClaimUidExtractor extractor = new ClaimUidExtractor(
                config: config,
                claimsIdentityConverter: converter);

            // Act
            BinaryBlob retVal = extractor.ExtractClaimUid(mockIdentity.Object);

            // Assert
            Assert.NotNull(retVal);
            Assert.Equal("CA9CCFF86F903FBB7505BAAA9F222E49EC2A1E8FAD630AE73DE180BD679751ED", HexUtil.HexEncode(retVal.GetData()));
        }
Beispiel #2
0
        private static AntiForgeryWorker CreateSingletonAntiForgeryWorker()
        {
            IAntiForgeryConfig          config     = new AntiForgeryConfigWrapper();
            IAntiForgeryTokenSerializer serializer = new AntiForgeryTokenSerializer(MachineKey45CryptoSystem.Instance);
            ITokenStore        tokenStore          = new AntiForgeryTokenStore(config, serializer);
            IClaimUidExtractor claimUidExtractor   = new ClaimUidExtractor(config, ClaimsIdentityConverter.Default);
            ITokenValidator    validator           = new TokenValidator(config, claimUidExtractor);

            return(new AntiForgeryWorker(serializer, config, tokenStore, validator));
        }
        public void ExplicitUniqueClaimType_NotPresent_Throws(object identity)
        {
            // Arrange
            ClaimsIdentity claimsIdentity = (ClaimsIdentity)identity;

            // Act & assert
            var ex = Assert.Throws <InvalidOperationException>(() => ClaimUidExtractor.GetUniqueIdentifierParameters(claimsIdentity, "fooClaim"));

            Assert.Equal(@"A claim of type 'fooClaim' was not present on the provided ClaimsIdentity.", ex.Message);
        }
        public void DefaultUniqueClaimTypes_NotPresent_Throws(object identity)
        {
            // Arrange
            ClaimsIdentity claimsIdentity = (ClaimsIdentity)identity;

            // Act & assert
            var ex = Assert.Throws <InvalidOperationException>(() => ClaimUidExtractor.GetUniqueIdentifierParameters(claimsIdentity, null));

            Assert.Equal(@"A claim of type 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier' or 'http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider' was not present on the provided ClaimsIdentity. To enable anti-forgery token support with claims-based authentication, please verify that the configured claims provider is providing both of these claims on the ClaimsIdentity instances it generates. If the configured claims provider instead uses a different claim type as a unique identifier, it can be configured by setting the static property AntiForgeryConfig.UniqueClaimTypeIdentifier.", ex.Message);
        }
        public void ExtractClaimUid_NullIdentity()
        {
            // Arrange
            ClaimUidExtractor extractor = new ClaimUidExtractor(
                config: null,
                claimsIdentityConverter: null);

            // Act
            BinaryBlob retVal = extractor.ExtractClaimUid(null);

            // Assert
            Assert.Null(retVal);
        }
        public void ExtractClaimUid_NullIdentity()
        {
            // Arrange
            ClaimUidExtractor extractor = new ClaimUidExtractor(
                config: null,
                claimsIdentityConverter: null);

            // Act
            BinaryBlob retVal = extractor.ExtractClaimUid(null);

            // Assert
            Assert.Null(retVal);
        }
        public void ExplicitUniqueClaimType_Present()
        {
            // Arrange
            MockClaimsIdentity identity = new MockClaimsIdentity();

            identity.AddClaim("fooClaim", "fooClaimValue");
            identity.AddClaim(ClaimUidExtractor.NameIdentifierClaimType, "nameIdentifierValue");
            identity.AddClaim(ClaimUidExtractor.IdentityProviderClaimType, "identityProviderValue");

            // Act
            var retVal = ClaimUidExtractor.GetUniqueIdentifierParameters(identity, "fooClaim");

            // Assert
            Assert.Equal(new string[] { "fooClaim", "fooClaimValue" }, retVal);
        }
        public void ExtractClaimUid_Unauthenticated()
        {
            // Arrange
            ClaimUidExtractor extractor = new ClaimUidExtractor(
                config: null,
                claimsIdentityConverter: null);

            Mock<IIdentity> mockIdentity = new Mock<IIdentity>();
            mockIdentity.Setup(o => o.IsAuthenticated).Returns(false);

            // Act
            BinaryBlob retVal = extractor.ExtractClaimUid(mockIdentity.Object);

            // Assert
            Assert.Null(retVal);
        }
        public void ExtractClaimUid_Unauthenticated()
        {
            // Arrange
            ClaimUidExtractor extractor = new ClaimUidExtractor(
                config: null,
                claimsIdentityConverter: null);

            Mock <IIdentity> mockIdentity = new Mock <IIdentity>();

            mockIdentity.Setup(o => o.IsAuthenticated).Returns(false);

            // Act
            BinaryBlob retVal = extractor.ExtractClaimUid(mockIdentity.Object);

            // Assert
            Assert.Null(retVal);
        }
        public void ExtractClaimUid_NotAClaimsIdentity()
        {
            // Arrange
            Mock<IIdentity> mockIdentity = new Mock<IIdentity>();
            mockIdentity.Setup(o => o.IsAuthenticated).Returns(true);
            MockAntiForgeryConfig config = new MockAntiForgeryConfig();
            ClaimsIdentityConverter converter = new ClaimsIdentityConverter(new Func<IIdentity, ClaimsIdentity>[0]);

            ClaimUidExtractor extractor = new ClaimUidExtractor(
                config: config,
                claimsIdentityConverter: converter);

            // Act
            BinaryBlob retVal = extractor.ExtractClaimUid(mockIdentity.Object);

            // Assert
            Assert.Null(retVal);
        }
        public void ExtractClaimUid_NotAClaimsIdentity()
        {
            // Arrange
            Mock <IIdentity> mockIdentity = new Mock <IIdentity>();

            mockIdentity.Setup(o => o.IsAuthenticated).Returns(true);
            MockAntiForgeryConfig   config    = new MockAntiForgeryConfig();
            ClaimsIdentityConverter converter = new ClaimsIdentityConverter(new Func <IIdentity, ClaimsIdentity> [0]);

            ClaimUidExtractor extractor = new ClaimUidExtractor(
                config: config,
                claimsIdentityConverter: converter);

            // Act
            BinaryBlob retVal = extractor.ExtractClaimUid(mockIdentity.Object);

            // Assert
            Assert.Null(retVal);
        }
        public void ExtractClaimUid_ClaimsIdentityHeuristicsSuppressed()
        {
            // Arrange
            GenericIdentity       identity = new GenericIdentity("the-user");
            MockAntiForgeryConfig config   = new MockAntiForgeryConfig()
            {
                SuppressIdentityHeuristicChecks = true
            };

            ClaimUidExtractor extractor = new ClaimUidExtractor(
                config: config,
                claimsIdentityConverter: null);

            // Act
            BinaryBlob retVal = extractor.ExtractClaimUid(identity);

            // Assert
            Assert.Null(retVal);
        }
        public void ExtractClaimUid_ClaimsIdentityHeuristicsSuppressed()
        {
            // Arrange
            GenericIdentity identity = new GenericIdentity("the-user");
            MockAntiForgeryConfig config = new MockAntiForgeryConfig()
            {
                SuppressIdentityHeuristicChecks = true
            };

            ClaimUidExtractor extractor = new ClaimUidExtractor(
                config: config,
                claimsIdentityConverter: null);

            // Act
            BinaryBlob retVal = extractor.ExtractClaimUid(identity);

            // Assert
            Assert.Null(retVal);
        }
Beispiel #14
0
        private static AntiForgeryWorker CreateSingletonAntiForgeryWorker()
        {
            // initialize the dependency chain

            // The 'Instance' property can return null, in which case we should fall back to using
            // the 4.0 crypto code paths. We need to use an 'if' block rather than the null coalescing
            // operator due to a CLR bug (DevDiv #424203).
            ICryptoSystem cryptoSystem = MachineKey45CryptoSystem.Instance;

            if (cryptoSystem == null)
            {
                cryptoSystem = new MachineKey40CryptoSystem();
            }

            IAntiForgeryConfig          config     = new AntiForgeryConfigWrapper();
            IAntiForgeryTokenSerializer serializer = new AntiForgeryTokenSerializer(cryptoSystem);
            ITokenStore        tokenStore          = new AntiForgeryTokenStore(config, serializer);
            IClaimUidExtractor claimUidExtractor   = new ClaimUidExtractor(config, ClaimsIdentityConverter.Default);
            ITokenValidator    tokenValidator      = new TokenValidator(config, claimUidExtractor);

            return(new AntiForgeryWorker(serializer, config, tokenStore, tokenValidator));
        }
        public void ExtractClaimUid_ClaimsIdentity()
        {
            // Arrange
            Mock<IIdentity> mockIdentity = new Mock<IIdentity>();
            mockIdentity.Setup(o => o.IsAuthenticated).Returns(true);
            MockAntiForgeryConfig config = new MockAntiForgeryConfig()
            {
                UniqueClaimTypeIdentifier = "unique-identifier"
            };
            ClaimsIdentityConverter converter = new ClaimsIdentityConverter(new Func<IIdentity, ClaimsIdentity>[] {
               identity =>
               {
                   Assert.Equal(mockIdentity.Object, identity);
                   MockClaimsIdentity claimsIdentity = new MockClaimsIdentity();
                   claimsIdentity.AddClaim("unique-identifier", "some-value");
                   return claimsIdentity;
               }
            });

            ClaimUidExtractor extractor = new ClaimUidExtractor(
                config: config,
                claimsIdentityConverter: converter);

            // Act
            BinaryBlob retVal = extractor.ExtractClaimUid(mockIdentity.Object);

            // Assert
            Assert.NotNull(retVal);
            Assert.Equal("CA9CCFF86F903FBB7505BAAA9F222E49EC2A1E8FAD630AE73DE180BD679751ED", HexUtil.HexEncode(retVal.GetData()));
        }