public FormsAuthenticationFixture()
{
this.cryptographyConfiguration = new CryptographyConfiguration(
new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }, 1000)),
new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }, 1000)));
this.config = new FormsAuthenticationConfiguration()
{
CryptographyConfiguration = this.cryptographyConfiguration,
RedirectUrl = "/login",
UserMapper = A.Fake<IUserMapper>(),
RequiresSSL = false
};
this.secureConfig = new FormsAuthenticationConfiguration()
{
CryptographyConfiguration = this.cryptographyConfiguration,
RedirectUrl = "/login",
UserMapper = A.Fake<IUserMapper>(),
RequiresSSL = true
};
this.context = new NancyContext
{
Request = new Request(
"GET",
new Url { Scheme = "http", BasePath = "/testing", HostName = "test.com", Path = "test" })
};
this.userGuid = new Guid("3D97EB33-824A-4173-A2C1-633AC16C1010");
}
public RavenDbSessionStore(CryptographyConfiguration cryptographyConfiguration, IDocumentStore documentStore)
: base(cryptographyConfiguration)
{
Guard.NotNull(() => documentStore, documentStore);
this.documentStore = documentStore;
}
/// <summary>
/// Initializes a new instance of the <see cref="DiagnosticsConfiguration"/> class,
/// using the <paramref name="cryptographyConfiguration"/> cryptographic
/// configuration.
/// </summary>
/// <param name="cryptographyConfiguration">The <see cref="CryptographyConfiguration"/> to use with diagnostics.</param>
public DiagnosticsConfiguration(CryptographyConfiguration cryptographyConfiguration)
{
this.CookieName = "__ncd";
this.CryptographyConfiguration = cryptographyConfiguration;
this.Path = "/_Nancy";
this.SlidingTimeout = 15;
}
/// <summary>
/// Initialise and add cookie based session hooks to the application pipeine
/// </summary>
/// <param name="applicationPipelines">Application pipelines</param>
/// <param name="cryptographyConfiguration">Cryptography configuration</param>
/// <returns>Formatter selector for choosing a non-default serializer</returns>
public static IObjectSerializerSelector Enable(IApplicationPipelines applicationPipelines, CryptographyConfiguration cryptographyConfiguration)
{
var sessionStore = new CookieBasedSessions(cryptographyConfiguration.EncryptionProvider, cryptographyConfiguration.HmacProvider, new DefaultObjectSerializer());
applicationPipelines.BeforeRequest.AddItemToEndOfPipeline(ctx => LoadSession(ctx, sessionStore));
applicationPipelines.AfterRequest.AddItemToEndOfPipeline(ctx => SaveSession(ctx, sessionStore));
return sessionStore;
}
/// <summary>
/// Initializes a new instance of the <see cref="RedisBasedSessionsConfiguration"/> class.
/// </summary>
public RedisBasedSessionsConfiguration(CryptographyConfiguration cryptographyConfiguration)
{
CryptographyConfiguration = cryptographyConfiguration;
CookieName = DefaultCookieName;
ConnectionString = DefaultConnectionString;
SessionDuration = DefaultSessionDuration;
EnableSlidingSessions = DefaultEnableSlidingSessions;
Prefix = DefaultPrefix;
}
/// <summary>
/// Initializes a new instance of the <see cref="RedisBasedSessionsConfiguration"/> class.
/// </summary>
public RedisBasedSessionsConfiguration(CryptographyConfiguration cryptographyConfiguration)
{
CryptographyConfiguration = cryptographyConfiguration;
CookieName = DefaultCookieName;
ConnectionString = DefaultConnectionString;
SessionDuration = DefaultSessionDuration;
EnableSlidingSessions = DefaultEnableSlidingSessions;
Prefix = DefaultPrefix;
}
/// <summary>
/// Initialise and add cookie based session hooks to the application pipeine
/// </summary>
/// <param name="pipelines">Application pipelines</param>
/// <param name="cryptographyConfiguration">Cryptography configuration</param>
/// <returns>Formatter selector for choosing a non-default serializer</returns>
public static IObjectSerializerSelector Enable(IPipelines pipelines, CryptographyConfiguration cryptographyConfiguration)
{
var sessionStore = new CookieBasedSessions(cryptographyConfiguration.EncryptionProvider, cryptographyConfiguration.HmacProvider, new DefaultObjectSerializer());
pipelines.BeforeRequest.AddItemToStartOfPipeline(ctx => LoadSession(ctx, sessionStore));
pipelines.AfterRequest.AddItemToEndOfPipeline(ctx => SaveSession(ctx, sessionStore));
return(sessionStore);
}
/// <summary>
/// Initialise and add cookie based session hooks to the application pipeine
/// </summary>
/// <param name="pipelines">Application pipelines</param>
/// <param name="cryptographyConfiguration">Cryptography configuration</param>
/// <returns>Formatter selector for choosing a non-default serializer</returns>
public static IObjectSerializerSelector Enable(IPipelines pipelines, CryptographyConfiguration cryptographyConfiguration)
{
var cookieBasedSessionsConfiguration = new CookieBasedSessionsConfiguration(cryptographyConfiguration)
{
Serializer = new DefaultObjectSerializer()
};
return(Enable(pipelines, cookieBasedSessionsConfiguration));
}
/// <summary>
/// Initialise and add RethinkDB session storage hooks to the application pipeline
/// </summary>
/// <param name="pipelines">Application pipelines</param>
/// <param name="connection">The RethinkDB connection to use for session storage</param>
/// <param name="cryptographyConfiguration">Cryptography configuration</param>
public static void Enable(IPipelines pipelines, IConnection connection,
CryptographyConfiguration cryptographyConfiguration)
{
var rethinkDbSessionConfiguration = new RethinkDbSessionConfiguration(connection, cryptographyConfiguration)
{
Serializer = new DefaultObjectSerializer()
};
Enable(pipelines, rethinkDbSessionConfiguration);
}
/// <summary>
/// Initializes a new instance of the <see cref="BySessionIdCookieIdentificationMethod" /> class.
/// </summary>
public BySessionIdCookieIdentificationMethod(CryptographyConfiguration cryptoConfig) {
if (cryptoConfig == null) throw new ArgumentNullException("cryptoConfig");
_encryptionProvider = cryptoConfig.EncryptionProvider;
_hmacProvider = cryptoConfig.HmacProvider;
_sessionIdentificationDataProvider = new SessionIdentificationDataProvider(cryptoConfig.HmacProvider);
_hmacValidator = new HmacValidator(cryptoConfig.HmacProvider);
_sessionIdFactory = new SessionIdFactory();
_cookieFactory = new CookieFactory();
CookieName = DefaultCookieName;
}
/// <summary>
/// Initializes a new instance of the <see cref="ByQueryStringParamIdentificationMethod" /> class.
/// </summary>
public ByQueryStringParamIdentificationMethod(CryptographyConfiguration cryptoConfig) {
if (cryptoConfig == null) throw new ArgumentNullException("cryptoConfig");
_encryptionProvider = cryptoConfig.EncryptionProvider;
_hmacProvider = cryptoConfig.HmacProvider;
_sessionIdentificationDataProvider = new SessionIdentificationDataProvider(cryptoConfig.HmacProvider);
_hmacValidator = new HmacValidator(cryptoConfig.HmacProvider);
_sessionIdFactory = new SessionIdFactory();
_responseManipulatorForSession = new ResponseManipulatorForSession();
ParameterName = DefaultParameterName;
}
/// <summary>
/// Initializes static members of the <see cref="CryptographyConfiguration"/> class.
/// </summary>
static CryptographyConfiguration()
{
Default = new CryptographyConfiguration(
new RijndaelEncryptionProvider(new RandomKeyGenerator()),
new DefaultHmacProvider(new RandomKeyGenerator()));
NoEncryption = new CryptographyConfiguration(
new NoEncryptionProvider(),
new DefaultHmacProvider(new RandomKeyGenerator()));
}
/// <summary>
/// Initializes a new instance of the <see cref="RethinkDbSessionConfiguration"/> class.
/// </summary>
/// <param name="connection">The RethinkDB connection to use for session storage</param>
/// <param name="cryptographyConfiguration">Security configuration for the session cookie</param>
public RethinkDbSessionConfiguration(IConnection connection, CryptographyConfiguration cryptographyConfiguration)
: base(cryptographyConfiguration)
{
this.Connection = connection;
this.Database = DefaultSessionDatabase;
this.Table = DefaultSessionTable;
this.Expiry = DefaultExpiry;
this.ExpiryCheckFrequency = DefaultExpiryCheckFrequency;
this.UseRollingSessions = DefaultRollingSessions;
}
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines)
{
Console.WriteLine("App startup");
base.ApplicationStartup(container, pipelines);
CryptographyConfiguration defaultCc = CryptographyConfiguration.Default;
var customEncryptionProvider = new RijndaelEncryptionProvider(new CustomKeyGenerator());
CryptographyConfiguration customCc = new CryptographyConfiguration(customEncryptionProvider, defaultCc.HmacProvider);
CookieBasedSessions.Enable(pipelines, defaultCc);
}
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines)
{
base.ApplicationStartup(container, pipelines);
//need to replace default CryptographyConfiguration for the form authentication
//because defaut KeyGenerator generate on each app startup new keys and cookies invalidate after that
this._cryptographyConfiguration = new CryptographyConfiguration(
new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })),
new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure1", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })));
CookieBasedSessions.Enable(pipelines);
}
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines)
{
var category = new CategoryMap();
var author = new AuthorMap();
var topic = new TopicMap();
_cryptographyConfiguration = new CryptographyConfiguration(
new AesEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })),
new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })));
base.ApplicationStartup(container, pipelines);
}
public CookieBasesSessionsConfigurationFixture()
{
var cryptographyConfiguration = new CryptographyConfiguration(
new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })),
new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })));
this.config = new CookieBasedSessionsConfiguration()
{
CryptographyConfiguration = cryptographyConfiguration,
Serializer = A.Fake <IObjectSerializer>()
};
}
public FormsAuthenticationConfigurationFixture()
{
var cryptographyConfiguration = new CryptographyConfiguration(
new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })),
new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })));
this.config = new FormsAuthenticationConfiguration()
{
CryptographyConfiguration = cryptographyConfiguration,
RedirectUrl = "/login",
UserMapper = A.Fake<IUserMapper>(),
};
}
public FormsAuthenticationConfigurationFixture()
{
var cryptographyConfiguration = new CryptographyConfiguration(
new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })),
new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })));
this.config = new FormsAuthenticationConfiguration()
{
CryptographyConfiguration = cryptographyConfiguration,
RedirectUrl = "/login",
UserMapper = A.Fake <IUserMapper>(),
};
}
public string[] GetCipherData(string cipher)
{
CryptographyConfiguration _crypto = new CryptographyConfiguration();
var keybytes = Encoding.UTF8.GetBytes(CryptographyConfiguration.AESKey);
var iv = Encoding.UTF8.GetBytes(CryptographyConfiguration.AESIV);
var encrypted = Convert.FromBase64String(cipher);
var decriptedFromJavascript = _crypto.DecryptStringFromBytes(encrypted, keybytes, iv);
string[] data = decriptedFromJavascript.Split(new string[] { "!@#" }, StringSplitOptions.None);
return(data);
}
/// <summary>
/// Initializes a new instance of the <see cref="BySessionIdCookieIdentificationMethod" /> class.
/// </summary>
public BySessionIdCookieIdentificationMethod(CryptographyConfiguration cryptoConfig)
{
if (cryptoConfig == null)
{
throw new ArgumentNullException("cryptoConfig");
}
_encryptionProvider = cryptoConfig.EncryptionProvider;
_hmacProvider = cryptoConfig.HmacProvider;
_sessionIdentificationDataProvider = new SessionIdentificationDataProvider(cryptoConfig.HmacProvider);
_hmacValidator = new HmacValidator(cryptoConfig.HmacProvider);
_sessionIdFactory = new SessionIdFactory();
_cookieFactory = new CookieFactory();
CookieName = DefaultCookieName;
}
/// <summary>
/// Creates a new csrf token with an optional salt.
/// Does not store the token in context.
/// </summary>
/// <returns>The generated token</returns>
internal static string GenerateTokenString(CryptographyConfiguration cryptographyConfiguration = null)
{
cryptographyConfiguration = cryptographyConfiguration ?? CsrfApplicationStartup.CryptographyConfiguration;
var token = new CsrfToken
{
CreatedDate = DateTime.Now,
};
token.CreateRandomBytes();
token.CreateHmac(cryptographyConfiguration.HmacProvider);
var tokenString = CsrfApplicationStartup.ObjectSerializer.Serialize(token);
return(tokenString);
}
private void RegisterFormsAuth(IPipelines pipelines)
{
var cryptographyConfiguration = new CryptographyConfiguration(
new RijndaelEncryptionProvider(new PassphraseKeyGenerator(_configService.RijndaelPassphrase, Encoding.ASCII.GetBytes(_configService.RijndaelSalt))),
new DefaultHmacProvider(new PassphraseKeyGenerator(_configService.HmacPassphrase, Encoding.ASCII.GetBytes(_configService.HmacSalt)))
);
FormsAuthentication.Enable(pipelines, new FormsAuthenticationConfiguration
{
RedirectUrl = _configFileProvider.UrlBase + "/login",
UserMapper = _authenticationService,
CryptographyConfiguration = cryptographyConfiguration
});
}
/// <summary>
/// Initializes a new instance of the <see cref="ByQueryStringParamIdentificationMethod" /> class.
/// </summary>
public ByQueryStringParamIdentificationMethod(CryptographyConfiguration cryptoConfig)
{
if (cryptoConfig == null)
{
throw new ArgumentNullException("cryptoConfig");
}
_encryptionProvider = cryptoConfig.EncryptionProvider;
_hmacProvider = cryptoConfig.HmacProvider;
_sessionIdentificationDataProvider = new SessionIdentificationDataProvider(cryptoConfig.HmacProvider);
_hmacValidator = new HmacValidator(cryptoConfig.HmacProvider);
_sessionIdFactory = new SessionIdFactory();
_responseManipulatorForSession = new ResponseManipulatorForSession();
ParameterName = DefaultParameterName;
}
/// <summary>
/// Creates a new csrf token for this response with an optional salt.
/// Only necessary if a particular route requires a new token for each request.
/// </summary>
/// <param name="module">Nancy module</param>
/// <returns></returns>
public static void CreateNewCsrfToken(this INancyModule module, CryptographyConfiguration cryptographyConfiguration = null)
{
cryptographyConfiguration = cryptographyConfiguration ?? CsrfApplicationStartup.CryptographyConfiguration;
var token = new CsrfToken
{
CreatedDate = DateTime.Now,
};
token.CreateRandomBytes();
token.CreateHmac(cryptographyConfiguration.HmacProvider);
var tokenString = CsrfApplicationStartup.ObjectSerializer.Serialize(token);
module.Context.Items[CsrfToken.DEFAULT_CSRF_KEY] = tokenString;
}
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines)
{
var cryptographyConfiguration = new CryptographyConfiguration(
new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })),
new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })));
var config =
new FormsAuthenticationConfiguration()
{
CryptographyConfiguration = cryptographyConfiguration,
RedirectUrl = "/login",
UserMapper = container.Resolve <IUserDatabase>() as IUserMapper,
};
FormsAuthentication.Enable(pipelines, config);
}
/// <summary>
/// Enables Csrf token generation.
/// This is disabled by default.
/// </summary>
/// <param name="pipelines">Application pipelines</param>
public static void Enable(IPipelines pipelines, CryptographyConfiguration cryptographyConfiguration = null)
{
cryptographyConfiguration = cryptographyConfiguration ?? CsrfApplicationStartup.CryptographyConfiguration;
var postHook = new PipelineItem <Action <NancyContext> >(
CsrfHookName,
context =>
{
if (context.Response == null || context.Response.Cookies == null || context.Request.Method.Equals("OPTIONS", StringComparison.OrdinalIgnoreCase))
{
return;
}
if (context.Items.ContainsKey(CsrfToken.DEFAULT_CSRF_KEY))
{
context.Response.Cookies.Add(new NancyCookie(CsrfToken.DEFAULT_CSRF_KEY,
(string)context.Items[CsrfToken.DEFAULT_CSRF_KEY],
true));
return;
}
if (context.Request.Cookies.ContainsKey(CsrfToken.DEFAULT_CSRF_KEY))
{
var decodedValue = HttpUtility.UrlDecode(context.Request.Cookies[CsrfToken.DEFAULT_CSRF_KEY]);
var cookieToken = CsrfApplicationStartup.ObjectSerializer.Deserialize(decodedValue) as CsrfToken;
if (CsrfApplicationStartup.TokenValidator.CookieTokenStillValid(cookieToken))
{
context.Items[CsrfToken.DEFAULT_CSRF_KEY] = decodedValue;
return;
}
}
var token = new CsrfToken
{
CreatedDate = DateTime.Now,
};
token.CreateRandomBytes();
token.CreateHmac(cryptographyConfiguration.HmacProvider);
var tokenString = CsrfApplicationStartup.ObjectSerializer.Serialize(token);
context.Items[CsrfToken.DEFAULT_CSRF_KEY] = tokenString;
context.Response.Cookies.Add(new NancyCookie(CsrfToken.DEFAULT_CSRF_KEY, tokenString, true));
});
pipelines.AfterRequest.AddItemToEndOfPipeline(postHook);
}
public CsrfStartupFixture()
{
this.pipelines = new MockPipelines();
this.cryptographyConfiguration = CryptographyConfiguration.Default;
this.objectSerializer = new DefaultObjectSerializer();
var csrfStartup = new CsrfApplicationStartup(
this.cryptographyConfiguration,
this.objectSerializer,
new DefaultCsrfTokenValidator(this.cryptographyConfiguration));
csrfStartup.Initialize(this.pipelines);
this.request = new FakeRequest("GET", "/");
this.response = new Response();
}
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines)
{
base.ApplicationStartup(container, pipelines);
var cryptographyConfiguration = new CryptographyConfiguration(
new RijndaelEncryptionProvider(new PassphraseKeyGenerator(Configuration.EncryptionKey, new byte[] { 8, 2, 10, 4, 68, 120, 7, 14 })),
new DefaultHmacProvider(new PassphraseKeyGenerator(Configuration.HmacKey, new byte[] { 1, 20, 73, 49, 25, 106, 78, 86 })));
var authenticationConfiguration =
new FormsAuthenticationConfiguration()
{
CryptographyConfiguration = cryptographyConfiguration,
RedirectUrl = "/login",
UserMapper = container.Resolve<IUserMapper>(),
};
FormsAuthentication.Enable(pipelines, authenticationConfiguration);
}
public CsrfFixture()
{
this.pipelines = new MockPipelines();
this.cryptographyConfiguration = CryptographyConfiguration.Default;
var csrfStartup = new CsrfApplicationStartup(
this.cryptographyConfiguration,
new DefaultCsrfTokenValidator(this.cryptographyConfiguration));
csrfStartup.Initialize(this.pipelines);
Csrf.Enable(this.pipelines);
this.request = new FakeRequest("GET", "/");
this.optionsRequest = new FakeRequest("OPTIONS", "/");
this.response = new Response();
}
public void Configuration(IAppBuilder builder)
{
var userManager = new UserManager();
var cryptographyConfiguration = new CryptographyConfiguration(
new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }, 1000)),
new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }, 1000)));
var formsAuthenticationConfiguration = new FormsAuthenticationConfiguration
{
RedirectUrl = "~/login",
DisableRedirect = true,
UserMapper = userManager,
CryptographyConfiguration = cryptographyConfiguration
};
builder
.UseNancyAuth(formsAuthenticationConfiguration, userManager)
.UseNancy(opt => opt.Bootstrapper = new AppBootstrapper(formsAuthenticationConfiguration, userManager));
}
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines)
{
base.ApplicationStartup(container, pipelines);
var cryptographyConfiguration = new CryptographyConfiguration(
new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })),
new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })));
var config =
new FormsAuthenticationConfiguration()
{
CryptographyConfiguration = cryptographyConfiguration,
RedirectUrl = "/login",
UserMapper = container.Resolve<IUserMapper>(),
};
FormsAuthentication.Enable(pipelines, config);
}
private void RegisterFormsAuth(IPipelines pipelines)
{
FormsAuthentication.FormsAuthenticationCookieName = "ReadarrAuth";
var cryptographyConfiguration = new CryptographyConfiguration(
new AesEncryptionProvider(new PassphraseKeyGenerator(_configService.RijndaelPassphrase, Encoding.ASCII.GetBytes(_configService.RijndaelSalt))),
new DefaultHmacProvider(new PassphraseKeyGenerator(_configService.HmacPassphrase, Encoding.ASCII.GetBytes(_configService.HmacSalt))));
_formsAuthConfig = new FormsAuthenticationConfiguration
{
RedirectUrl = _configFileProvider.UrlBase + "/login",
UserMapper = _authenticationService,
Path = GetCookiePath(),
CryptographyConfiguration = cryptographyConfiguration
};
FormsAuthentication.Enable(pipelines, _formsAuthConfig);
}
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines)
{
base.ApplicationStartup(container, pipelines);
var cryptographyConfiguration = new CryptographyConfiguration(
new RijndaelEncryptionProvider(new PassphraseKeyGenerator(Configuration.EncryptionKey, new byte[] { 8, 2, 10, 4, 68, 120, 7, 14 })),
new DefaultHmacProvider(new PassphraseKeyGenerator(Configuration.HmacKey, new byte[] { 1, 20, 73, 49, 25, 106, 78, 86 })));
var authenticationConfiguration =
new FormsAuthenticationConfiguration()
{
CryptographyConfiguration = cryptographyConfiguration,
RedirectUrl = "/login",
UserMapper = container.Resolve <IUserMapper>(),
};
FormsAuthentication.Enable(pipelines, authenticationConfiguration);
}
protected override void ApplicationStartup(IWindsorContainer container, IPipelines pipelines)
{
base.ApplicationStartup(container, pipelines);
var cryptographyConfiguration = new CryptographyConfiguration(
new RijndaelEncryptionProvider(new PassphraseKeyGenerator("YourSuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })),
new DefaultHmacProvider(new PassphraseKeyGenerator("YourUberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })));
var formsAuthConfiguration =
new FormsAuthenticationConfiguration()
{
CryptographyConfiguration = cryptographyConfiguration,
RedirectUrl = "~/login",
UserMapper = container.Resolve <IUserMapper>()
};
FormsAuthentication.Enable(pipelines, formsAuthConfiguration);
}
/// <summary>
/// Enables Csrf token generation.
/// </summary>
/// <remarks>This is disabled by default.</remarks>
/// <param name="pipelines">The application pipelines.</param>
/// <param name="cryptographyConfiguration">The cryptography configuration. This is <see langword="null" /> by default.</param>
/// <param name="useSecureCookie">Set the CSRF cookie secure flag. This is <see langword="false"/> by default</param>
public static void Enable(IPipelines pipelines, CryptographyConfiguration cryptographyConfiguration = null, bool useSecureCookie = false)
{
cryptographyConfiguration = cryptographyConfiguration ?? CsrfApplicationStartup.CryptographyConfiguration;
var postHook = new PipelineItem <Action <NancyContext> >(
CsrfHookName,
context =>
{
if (context.Response == null || context.Response.Cookies == null || context.Request.Method.Equals("OPTIONS", StringComparison.OrdinalIgnoreCase))
{
return;
}
object value;
if (context.Items.TryGetValue(CsrfToken.DEFAULT_CSRF_KEY, out value))
{
context.Response.Cookies.Add(new NancyCookie(
CsrfToken.DEFAULT_CSRF_KEY,
(string)value,
true, useSecureCookie));
return;
}
string cookieValue;
if (context.Request.Cookies.TryGetValue(CsrfToken.DEFAULT_CSRF_KEY, out cookieValue))
{
var cookieToken = ParseToCsrfToken(cookieValue);
if (CsrfApplicationStartup.TokenValidator.CookieTokenStillValid(cookieToken))
{
context.Items[CsrfToken.DEFAULT_CSRF_KEY] = cookieValue;
return;
}
}
var tokenString = GenerateTokenString(cryptographyConfiguration);
context.Items[CsrfToken.DEFAULT_CSRF_KEY] = tokenString;
context.Response.Cookies.Add(new NancyCookie(CsrfToken.DEFAULT_CSRF_KEY, tokenString, true, useSecureCookie));
});
pipelines.AfterRequest.AddItemToEndOfPipeline(postHook);
}
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines)
{
// override maximum JSON length for Nancy
Nancy.Json.JsonSettings.MaxJsonLength = int.MaxValue;
// register settings first as we will use that below
IAppSettings settings = new AppSettings();
container.Register <IAppSettings>(settings);
// set up the crypto config
_cryptographyConfiguration = new CryptographyConfiguration(
new RijndaelEncryptionProvider(new PassphraseKeyGenerator($"AES_{settings.SecureKey}", new byte[] { 101, 2, 103, 4, 105, 6, 107, 8 })),
new DefaultHmacProvider(new PassphraseKeyGenerator($"HMAC_{settings.SecureKey}", new byte[] { 101, 2, 103, 4, 105, 6, 107, 8 })));
// IO Wrappers
container.Register <IDirectoryWrap, DirectoryWrap>();
//container.Register<IPathWrap, PathWrap>();
container.Register <IFileWrap, FileWrap>();
//container.Register<IPathHelper, PathHelper>();
// security
container.Register <Encryption.IEncryptionProvider, Encryption.AESGCM>();
container.Register <IPasswordProvider, PasswordProvider>();
// set up mappings
var config = new MapperConfiguration(cfg => {
cfg.CreateMap <ConnectionViewModel, ConnectionModel>();
cfg.CreateMap <ConnectionModel, ConnectionViewModel>();
cfg.CreateMap <UserViewModel, UserModel>();//.ForMember(dest => dest.Id, opt => opt.MapFrom(src => src.DocumentId));
});
var mapper = config.CreateMapper();
container.Register <IMapper>(mapper);
// set up the stores
var dataPath = Path.Combine(this.RootPathProvider.GetRootPath(), "Data");
var userStorePath = Path.Combine(dataPath, "users.json");
IUserStore userStore = new UserStore(userStorePath, container.Resolve <IFileWrap>(), container.Resolve <IDirectoryWrap>(), container.Resolve <IPasswordProvider>());
userStore.Load();
container.Register <IUserStore>(userStore);
}
public FormsAuthenticationFixture()
{
this.cryptographyConfiguration = new CryptographyConfiguration(
new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }, 1000)),
new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }, 1000)));
this.config = new FormsAuthenticationConfiguration()
{
CryptographyConfiguration = this.cryptographyConfiguration,
RedirectUrl = "/login",
UserMapper = A.Fake <IUserMapper>(),
RequiresSSL = false
};
this.secureConfig = new FormsAuthenticationConfiguration()
{
CryptographyConfiguration = this.cryptographyConfiguration,
RedirectUrl = "/login",
UserMapper = A.Fake <IUserMapper>(),
RequiresSSL = true
};
this.domainPathConfig = new FormsAuthenticationConfiguration()
{
CryptographyConfiguration = this.cryptographyConfiguration,
RedirectUrl = "/login",
UserMapper = A.Fake <IUserMapper>(),
RequiresSSL = false,
Domain = domain,
Path = path
};
this.context = new NancyContext
{
Request = new Request(
"GET",
new Url {
Scheme = "http", BasePath = "/testing", HostName = "test.com", Path = "test"
})
};
this.userGuid = new Guid("3D97EB33-824A-4173-A2C1-633AC16C1010");
}
public FormsAuthenticationFixture()
{
this.cryptographyConfiguration = new CryptographyConfiguration(
new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }, 1000)),
new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }, 1000)));
this.config = new FormsAuthenticationConfiguration()
{
CryptographyConfiguration = this.cryptographyConfiguration,
RedirectUrl = "/login",
UserMapper = A.Fake<IUserMapper>(),
};
this.context = new NancyContext()
{
Request = new FakeRequest("GET", "/")
};
this.userGuid = new Guid("3D97EB33-824A-4173-A2C1-633AC16C1010");
}
public FormsAuthenticationFixture()
{
this.cryptographyConfiguration = new CryptographyConfiguration(
new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }, 1000)),
new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }, 1000)));
this.config = new FormsAuthenticationConfiguration()
{
CryptographyConfiguration = this.cryptographyConfiguration,
RedirectUrl = "/login",
UserMapper = A.Fake <IUserMapper>(),
};
this.context = new NancyContext()
{
Request = new FakeRequest("GET", "/")
};
this.userGuid = new Guid("3D97EB33-824A-4173-A2C1-633AC16C1010");
}
/// <summary>
/// Enables Csrf token generation.
/// This is disabled by default.
/// </summary>
/// <param name="pipelines">Application pipelines</param>
public static void Enable(IPipelines pipelines, CryptographyConfiguration cryptographyConfiguration = null)
{
cryptographyConfiguration = cryptographyConfiguration ?? CsrfApplicationStartup.CryptographyConfiguration;
var postHook = new PipelineItem <Action <NancyContext> >(
CsrfHookName,
context =>
{
if (context.Response == null || context.Response.Cookies == null || context.Request.Method.Equals("OPTIONS", StringComparison.OrdinalIgnoreCase))
{
return;
}
if (context.Items.ContainsKey(CsrfToken.DEFAULT_CSRF_KEY))
{
context.Response.Cookies.Add(new NancyCookie(CsrfToken.DEFAULT_CSRF_KEY,
(string)context.Items[CsrfToken.DEFAULT_CSRF_KEY],
true));
return;
}
if (context.Request.Cookies.ContainsKey(CsrfToken.DEFAULT_CSRF_KEY))
{
var cookieValue = context.Request.Cookies[CsrfToken.DEFAULT_CSRF_KEY];
var cookieToken = CsrfApplicationStartup.ObjectSerializer.Deserialize(cookieValue) as CsrfToken;
if (CsrfApplicationStartup.TokenValidator.CookieTokenStillValid(cookieToken))
{
context.Items[CsrfToken.DEFAULT_CSRF_KEY] = cookieValue;
return;
}
}
var tokenString = GenerateTokenString(cryptographyConfiguration);
context.Items[CsrfToken.DEFAULT_CSRF_KEY] = tokenString;
context.Response.Cookies.Add(new NancyCookie(CsrfToken.DEFAULT_CSRF_KEY, tokenString, true));
});
pipelines.AfterRequest.AddItemToEndOfPipeline(postHook);
}
/// <summary>
/// Initializes a new instance of the <see cref="InProcSessionsConfiguration" /> class.
/// </summary>
public InProcSessionsConfiguration(CryptographyConfiguration cryptographyConfiguration, IInProcSessionIdentificationMethod sessionIdentificationMethod) {
SessionIdentificationMethod = sessionIdentificationMethod;
SessionTimeout = TimeSpan.FromMinutes(DefaultSessionTimeoutMinutes);
CacheTrimInterval = TimeSpan.FromMinutes(DefaultCacheTrimIntervalMinutes);
}
/// <summary>
/// Initializes a new instance of the <see cref="CookieBasedSessionsConfiguration"/> class.
/// </summary>
public CookieBasedSessionsConfiguration(CryptographyConfiguration cryptographyConfiguration)
{
CryptographyConfiguration = cryptographyConfiguration;
CookieName = DefaultCookieName;
}
public CsrfStartup(CryptographyConfiguration cryptographyConfiguration, IObjectSerializer objectSerializer, ICsrfTokenValidator tokenValidator)
{
CryptographyConfiguration = cryptographyConfiguration;
ObjectSerializer = objectSerializer;
TokenValidator = tokenValidator;
}
/// <summary>
/// Initializes a new instance of the <see cref="FormsAuthenticationConfiguration"/> class.
/// </summary>
/// <param name="cryptographyConfiguration">Cryptography configuration</param>
public FormsAuthenticationConfiguration(CryptographyConfiguration cryptographyConfiguration)
{
CryptographyConfiguration = cryptographyConfiguration;
}
/// <summary>
/// Initializes a new instance of the <see cref="DefaultCsrfTokenValidator"/> class,
/// using the provided <paramref name="cryptoConfig"/>.
/// </summary>
/// <param name="cryptoConfig">The <see cref="CryptographyConfiguration"/> that should be used.</param>
public DefaultCsrfTokenValidator(CryptographyConfiguration cryptoConfig)
{
this.hmacProvider = cryptoConfig.HmacProvider;
}
/// <summary>
/// Initialise and add cookie based session hooks to the application pipeine
/// </summary>
/// <param name="pipelines">Application pipelines</param>
/// <param name="cryptographyConfiguration">Cryptography configuration</param>
/// <returns>Formatter selector for choosing a non-default serializer</returns>
public static IObjectSerializerSelector Enable(IPipelines pipelines, CryptographyConfiguration cryptographyConfiguration)
{
var cookieBasedSessionsConfiguration = new CookieBasedSessionsConfiguration(cryptographyConfiguration)
{
Serializer = new DefaultObjectSerializer()
};
return Enable(pipelines, cookieBasedSessionsConfiguration);
}
public DiagnosticsConfiguration(CryptographyConfiguration cryptographyConfiguration)
{
CryptographyConfiguration = cryptographyConfiguration;
}
/// <summary>
/// Initializes a new instance of the <see cref="FormsAuthenticationConfiguration" /> class.
/// </summary>
/// <param name="cryptographyConfiguration">Cryptography configuration</param>
public FormsAuthenticationConfiguration(CryptographyConfiguration cryptographyConfiguration)
{
this.CryptographyConfiguration = cryptographyConfiguration;
this.RedirectQuerystringKey = DefaultRedirectQuerystringKey;
this.AuthSessionIdStore = new InMemoryAuthSessionIdStore();
}
/// <summary>
/// Initializes a new instance of the <see cref="FormsAuthenticationConfiguration"/> class.
/// </summary>
/// <param name="cryptographyConfiguration">Cryptography configuration</param>
public FormsAuthenticationConfiguration(CryptographyConfiguration cryptographyConfiguration)
{
CryptographyConfiguration = cryptographyConfiguration;
RedirectQuerystringKey = DefaultRedirectQuerystringKey;
}
