Beispiel #1
0
        public void KnownUserFactory_VerifyMd5HashTest_BilletlugenUrl_Test()
        {
            //Arrange
            int      expectedPlaceInqueue  = 7810;
            Guid     expectedQueueID       = Guid.NewGuid();
            string   placeInQueueEncrypted = Hashing.EncryptPlaceInQueue(expectedPlaceInqueue);
            long     unixTimestamp         = Hashing.GetTimestamp();
            DateTime expectedTimeStamp     = Hashing.TimestampToDateTime(unixTimestamp);

            string urlNoHash = "http://www.billetlugen.dk/direkte/?token=ZBixHRJxbOeyWsfo3ynInq64Ngp10zvS5R2N0jaVJNijzuZpsJTfx4iwIkBpAK8q4bbgPpF2o5RRF4vlxn5OzgjBM%2ffiWNqZuvIjvyqQGbRekYeSkmd6TA%3d%3d&q=" + expectedQueueID +
                               "&p=" + placeInQueueEncrypted + "&ts=" + unixTimestamp + "&h=";
            Uri hashUri = new Uri(urlNoHash);

            string hash        = Hashing.GenerateMD5Hash(hashUri.AbsoluteUri, SharedSecreteEventKey);
            string querystring = "token=ZBixHRJxbOeyWsfo3ynInq64Ngp10zvS5R2N0jaVJNijzuZpsJTfx4iwIkBpAK8q4bbgPpF2o5RRF4vlxn5OzgjBM%2ffiWNqZuvIjvyqQGbRekYeSkmd6TA%3d%3d&q=" + expectedQueueID + "&p=" + placeInQueueEncrypted + "&ts=" + unixTimestamp + "&h=" + hash;
            string url         = urlNoHash + hash;

            HttpRequest httpRequest = new HttpRequest(null, url, querystring);

            HttpContext.Current = new HttpContext(httpRequest, new HttpResponse(null));

            //Act
            IKnownUser knownUser = KnownUserFactory.VerifyMd5Hash(SharedSecreteEventKey);

            //Assert
            Assert.AreEqual(expectedQueueID, knownUser.QueueId);
            Assert.IsTrue(knownUser.PlaceInQueue.HasValue);
            Assert.AreEqual(expectedPlaceInqueue, knownUser.PlaceInQueue);
            Assert.AreEqual(expectedTimeStamp, knownUser.TimeStamp);
        }
Beispiel #2
0
        public void KnownUserFactory_OriginalUri_NoParameters_Test()
        {
            int    expectedPlaceInqueue  = 7810;
            Guid   expectedQueueID       = Guid.NewGuid();
            string placeInQueueEncrypted = Hashing.EncryptPlaceInQueue(expectedPlaceInqueue);
            long   unixTimestamp         = Hashing.GetTimestamp();
            string expectedCustomerId    = "somecust";
            string expectedEventId       = "someevent";
            Uri    expectedOriginalUrl   = new Uri("http://www.google.com/");

            string urlNoHash = expectedOriginalUrl.OriginalString + "?q=" + expectedQueueID +
                               "&p=" + placeInQueueEncrypted + "&ts=" + unixTimestamp + "&c=" + expectedCustomerId + "&e=" + expectedEventId + "&h=";
            Uri hashUri = new Uri(urlNoHash);

            string hash        = Hashing.GenerateMD5Hash(hashUri.AbsoluteUri, SharedSecreteEventKey);
            string querystring = "q=" + expectedQueueID + "&p=" + placeInQueueEncrypted + "&ts=" + unixTimestamp + "&c=" + expectedCustomerId + "&e=" + expectedEventId + "&h=" + hash;
            string url         = urlNoHash + hash;

            HttpRequest httpRequest = new HttpRequest("inqueue.aspx", url, querystring);

            HttpContext.Current = new HttpContext(httpRequest, new HttpResponse(null));

            //Act
            IKnownUser knownUser = KnownUserFactory.VerifyMd5Hash(SharedSecreteEventKey);

            Assert.AreEqual(expectedOriginalUrl.AbsoluteUri.ToString(), knownUser.OriginalUrl);
        }
Beispiel #3
0
        /// <summary>
        /// Queue validation
        /// </summary>
        /// <remarks>
        /// Please be aware that this this implementation is not done on error handling pages (e.g. Error.aspx) which will cause users to get looped arround.
        /// </remarks>
        protected override void OnPreInit(EventArgs e)
        {
            try
            {
                IKnownUser knownUser = KnownUserFactory.VerifyMd5Hash();

                if (knownUser == null)
                {
                    Response.Redirect("Link.aspx");
                }

                if (knownUser.TimeStamp < DateTime.UtcNow.Subtract(TimeSpan.FromMinutes(3)))
                {
                    Response.Redirect("Link.aspx");
                }

                PersistModel model = new PersistModel(
                    knownUser.QueueId,
                    knownUser.PlaceInQueue,
                    knownUser.TimeStamp);

                model.Persist();
            }
            catch (KnownUserException ex)
            {
                UriBuilder targetUrl = new UriBuilder(Request.Url);
                targetUrl.Path = "Link.aspx";

                Response.Redirect("Error.aspx?queuename=link&t=" + HttpUtility.UrlEncode(targetUrl.Uri.AbsoluteUri));
            }

            base.OnPreInit(e);
        }
Beispiel #4
0
        public void TestInit()
        {
            this._queue = MockRepository.GenerateMock<IQueue>();
            this._knownUser = MockRepository.GenerateMock<IKnownUser>();
            this._request = new HttpRequest("test.aspx", "http://test.com/test.aspx", null);
            this._response = new HttpResponse(new StringWriter());

            HttpContext.Current = new HttpContext(this._request, this._response);
                
            CookieValidateResultRepository.Clear();
        }
Beispiel #5
0
        public void TestInit()
        {
            this._queue     = MockRepository.GenerateMock <IQueue>();
            this._knownUser = MockRepository.GenerateMock <IKnownUser>();
            this._request   = new HttpRequest("test.aspx", "http://test.com/test.aspx", null);
            this._response  = new HttpResponse(new StringWriter());

            HttpContext.Current = new HttpContext(this._request, this._response);

            CookieValidateResultRepository.Clear();
        }
Beispiel #6
0
        public void KnownUserFactory_VerifyMd5Hash_NoParameters_Test()
        {
            string sharedSecreteEventKey = "9d919dfb-00e2-4919-8695-469f5ebc91f7930edb9f-2339-4deb-864e-5f26269691b6";
            string url =
                "http://www.google.com/";
            string querystring =
                "x=sdf";

            HttpRequest httpRequest = new HttpRequest("inqueue.aspx", url, querystring);

            HttpContext.Current = new HttpContext(httpRequest, new HttpResponse(null));

            IKnownUser knownUser = KnownUserFactory.VerifyMd5Hash(sharedSecreteEventKey);

            Assert.IsNull(knownUser);
        }
Beispiel #7
0
        public void TestInit()
        {
            this._queue = MockRepository.GenerateMock<IQueue>();
            this._knownUser = MockRepository.GenerateMock<IKnownUser>();
            this._request = new HttpRequest("test.aspx", "http://test.com/test.aspx", null);
            this._response = new HttpResponse(new StringWriter());
            HttpContext.Current = new HttpContext(this._request, this._response);

            var sessionContainer = new HttpSessionStateContainer("id", new SessionStateItemCollection(),
                                                    new HttpStaticObjectsCollection(), 10, true,
                                                    HttpCookieMode.AutoDetect,
                                                    SessionStateMode.InProc, false);
            SessionStateUtility.AddHttpSessionStateToContext(HttpContext.Current, sessionContainer);

            SessionValidateResultRepository.Clear();
        }
Beispiel #8
0
        public void TestInit()
        {
            this._queue         = MockRepository.GenerateMock <IQueue>();
            this._knownUser     = MockRepository.GenerateMock <IKnownUser>();
            this._request       = new HttpRequest("test.aspx", "http://test.com/test.aspx", null);
            this._response      = new HttpResponse(new StringWriter());
            HttpContext.Current = new HttpContext(this._request, this._response);

            var sessionContainer = new HttpSessionStateContainer("id", new SessionStateItemCollection(),
                                                                 new HttpStaticObjectsCollection(), 10, true,
                                                                 HttpCookieMode.AutoDetect,
                                                                 SessionStateMode.InProc, false);

            SessionStateUtility.AddHttpSessionStateToContext(HttpContext.Current, sessionContainer);

            SessionValidateResultRepository.Clear();
        }
Beispiel #9
0
        public void KnownUserFactory_VerifyMd5Hash_EmptyQueueId_Test()
        {
            string sharedSecreteEventKey = "9d919dfb-00e2-4919-8695-469f5ebc91f7930edb9f-2339-4deb-864e-5f26269691b6";
            string url =
                "http://www.google.com/";
            string querystring =
                "q=00000000-0000-0000-0000-000000000000&p=ac498cf9-9b9d-4014-a9d5-6794af9bae43&ts=1346745696&h=8541c1937f5b7211a5008326e9d997dc";

            HttpRequest httpRequest = new HttpRequest("inqueue.aspx", url, querystring);

            HttpContext.Current = new HttpContext(httpRequest, new HttpResponse(null));

            IKnownUser knownUser = KnownUserFactory.VerifyMd5Hash(sharedSecreteEventKey);

            Assert.AreEqual(Guid.Empty, knownUser.QueueId);
            Assert.AreEqual(null, knownUser.PlaceInQueue);
        }
Beispiel #10
0
        private IUser GetUserFromListByIpAddress(string ipAddress)
        {
            IUser user;

            mutex.WaitOne();

            try
            {
                IKnownUser knownUser = userList.FirstOrDefault(u => u.IpAddress == ipAddress);
                user = knownUser != null?userFactory.CreateUserFromKnownUser(knownUser) : null;
            }
            finally
            {
                mutex.ReleaseMutex();
            }

            return(user);
        }
Beispiel #11
0
        private IUser GetUserFromuserListByUserId(string userId)
        {
            IUser user;

            mutex.WaitOne();

            try
            {
                IKnownUser knownUser = userList.FirstOrDefault(u => u.UserId == userId);
                user = knownUser != null?userFactory.CreateUserFromKnownUser(knownUser) : null;
            }
            finally
            {
                mutex.ReleaseMutex();
            }

            return(user);
        }
Beispiel #12
0
        private static void RunVerifyMd5HashTest(
            bool configLoaded,
            string sharedSecreteEventKey = null,
            string prefix             = null,
            string redirectTypeString = null,
            RedirectType redirectType = RedirectType.Unknown)
        {
            //Arrange
            int      expectedPlaceInqueue  = 7810;
            Guid     expectedQueueId       = Guid.NewGuid();
            string   placeInQueueEncrypted = Hashing.EncryptPlaceInQueue(expectedPlaceInqueue);
            long     unixTimestamp         = Hashing.GetTimestamp();
            DateTime expectedTimeStamp     = Hashing.TimestampToDateTime(unixTimestamp);
            string   expectedCustomerId    = "somecust";
            string   expectedEventId       = "someevent";

            string urlNoHash = "http://q.queue-it.net/inqueue.aspx?" + prefix + "c=somecust&" + prefix + "e=someevent&" + prefix + "q=" + expectedQueueId +
                               "&" + prefix + "p=" + placeInQueueEncrypted + "&" + prefix + "ts=" + unixTimestamp + "&" + prefix + "rt=" + redirectTypeString + "&" + prefix + "h=";
            Uri hashUri = new Uri(urlNoHash);

            string hash        = Hashing.GenerateMD5Hash(hashUri.AbsoluteUri, SharedSecreteEventKey);
            string querystring = prefix + "c=somecust&" + prefix + "e=someevent&" + prefix + "q=" + expectedQueueId +
                                 "&" + prefix + "p=" + placeInQueueEncrypted + "&" + prefix + "ts=" + unixTimestamp + "&" + prefix + "rt=" + redirectTypeString + "&" + prefix + "h=" + hash;
            string url = urlNoHash + hash;

            HttpRequest httpRequest = new HttpRequest("inqueue.aspx", url, querystring);

            HttpContext.Current = new HttpContext(httpRequest, new HttpResponse(null));

            //Act
            IKnownUser knownUser = KnownUserFactory.VerifyMd5Hash(
                configLoaded ? sharedSecreteEventKey : SharedSecreteEventKey,
                querystringPrefix: configLoaded ? null : prefix);

            //Assert
            Assert.IsNotNull(knownUser);
            Assert.AreEqual(expectedQueueId, knownUser.QueueId);
            Assert.IsTrue(knownUser.PlaceInQueue.HasValue);
            Assert.AreEqual(expectedPlaceInqueue, knownUser.PlaceInQueue);
            Assert.AreEqual(expectedTimeStamp, knownUser.TimeStamp);
            Assert.AreEqual(expectedCustomerId, knownUser.CustomerId);
            Assert.AreEqual(redirectType, knownUser.RedirectType);
            Assert.AreEqual(expectedEventId, knownUser.EventId);
        }
Beispiel #13
0
        private IUser AddUserToUserList(string ipAddress, string userId, string password)
        {
            IUser user;

            mutex.WaitOne();

            try
            {
                UnlinkIpAddress(ipAddress);
                IKnownUser knownUser = knownUserFactory.Create(ipAddress, userId, password);
                userList.Add(knownUser);
                user = userFactory.CreateUserFromKnownUser(knownUser);
            }
            finally
            {
                mutex.ReleaseMutex();
            }

            return(user);
        }
Beispiel #14
0
        private bool SetKnownUserIpAddress(string userId, string password, string ipAddress)
        {
            bool updated = false;

            mutex.WaitOne();

            try
            {
                IKnownUser knownUser = userList.FirstOrDefault(u => u.UserId == userId && u.Password == password);

                if (knownUser != null)
                {
                    UnlinkIpAddress(ipAddress);
                    knownUser.IpAddress = ipAddress;
                    updated             = true;
                }
            }
            finally
            {
                mutex.ReleaseMutex();
            }

            return(updated);
        }
Beispiel #15
0
        /// <summary>
        ///
        /// </summary>
        /// <param name="filterContext">The Action Executing Filter Context</param>
        public sealed override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            try
            {
                IKnownUser knownUser = KnownUserFactory.VerifyMd5Hash();

                if (knownUser == null)
                {
                    throw new UnverifiedKnownUserException();
                }

                foreach (var value in filterContext.ActionParameters.Values)
                {
                    if (value is KnownUserModel)
                    {
                        (value as KnownUserModel).KnownUser = knownUser;
                    }
                }
            }
            catch (KnownUserException ex)
            {
                OnException(filterContext, ex);
            }
        }
Beispiel #16
0
 internal AcceptedConfirmedResult(IQueue queue, IKnownUser knownUser, bool initialRequest)
     : base(queue)
 {
     this.KnownUser = knownUser;
     this.IsInitialValidationRequest = initialRequest;
 }
Beispiel #17
0
 internal AcceptedConfirmedResult(IQueue queue, IKnownUser knownUser, bool initialRequest)
     : base(queue)
 {
     this.KnownUser = knownUser;
     this.IsInitialValidationRequest = initialRequest;
 }
Beispiel #18
0
 internal ExpiredValidationException(IQueue queue, IKnownUser knownUser)
     : base("Known User token is expired", queue)
 {
     KnownUser = knownUser;
 }
Beispiel #19
0
 internal ExpiredValidationException(IQueue queue, IKnownUser knownUser)
     : base("Known User token is expired", queue)
 {
     KnownUser = knownUser;
 }
Beispiel #20
0
 /// <summary>
 /// When overridden it provides access to the known user object.
 /// E.g. to persist Queue ID details to the database.
 /// </summary>
 /// <param name="filterContext">The Action Executing Filter Context</param>
 /// <param name="knownUser">The validated Known User object</param>
 /// <example>
 /// <code>
 /// protected override void OnValidated(ActionExecutingContext filterContext, IKnownUser knownUser)
 /// {
 ///         PersistModel model = new PersistModel(
 ///             knownUser.QueueId,
 ///             knownUser.PlaceInQueue,
 ///             knownUser.TimeStamp);
 ///
 ///         model.Persist();
 ///     }
 ///
 ///     base.OnValidated(filterContext, result);
 /// }
 /// </code>
 /// </example>
 protected virtual void OnValidated(ActionExecutingContext filterContext, IKnownUser knownUser)
 {
 }
Beispiel #21
0
 /// <summary>
 /// When overridden it provides access to the known user object.  
 /// E.g. to persist Queue ID details to the database.
 /// </summary>
 /// <param name="filterContext">The Action Executing Filter Context</param>
 /// <param name="knownUser">The validated Known User object</param>
 /// <example>
 /// <code>
 /// protected override void OnValidated(ActionExecutingContext filterContext, IKnownUser knownUser)
 /// {
 ///         PersistModel model = new PersistModel(
 ///             knownUser.QueueId,
 ///             knownUser.PlaceInQueue,
 ///             knownUser.TimeStamp);
 /// 
 ///         model.Persist();
 ///     }
 /// 
 ///     base.OnValidated(filterContext, result);
 /// }
 /// </code>
 /// </example>
 protected virtual void OnValidated(ActionExecutingContext filterContext, IKnownUser knownUser)
 {
 }
Beispiel #22
0
 public IUser CreateUserFromKnownUser(IKnownUser knownUser)
 {
     return(new User(knownUser.UserId, knownUser.Roles));
 }