public void RenewCookieAfterHalfExpirationTime_HalfTimeHasNotPassed() { var testUser = new FakeUserInfo("TestUser"); var impersonateUserName = "******"; var options = new ImpersonationOptions { CookieDurationMinutes = 3 }; var cookie = ImpersonationServiceHelper.SetImpersonation(testUser, impersonateUserName, options); var impersonationInfo = ImpersonationServiceHelper.DecryptCookieValue(cookie.Value); AssertIsWithinOneSecond(DateTime.Now.AddMinutes(options.CookieDurationMinutes), impersonationInfo.Expires); // Reviewing the test setup. // Half-time has not passed: impersonationInfo.Expires = DateTime.Now.AddMinutes(options.CookieDurationMinutes / 2.0).AddSeconds(1); cookie.Value = ImpersonationServiceHelper.EncryptCookieValue(impersonationInfo); (var impersonationService, var httpContext, _) = ImpersonationServiceHelper.CreateImpersonationService(testUser, options); httpContext.RequestCookies.Add(cookie); var user = impersonationService.GetAuthenticationInfo(); // Impersonation should still be valid, the cookie should not be modified. Assert.AreEqual( "TestUser as TestImpersonatedUser, original TestUser", ReportImpersonationStatus(user)); Assert.AreEqual(0, httpContext.ResponseCookies.Count); }
private void AssertOptionsFields(ImpersonationOptions options, string targetPrincipal, TimeSpan lifetime, IEnumerable <string> delegateAccounts, IEnumerable <string> scopes) { Assert.Equal(targetPrincipal, options.TargetPrincipal); Assert.Equal(delegateAccounts, options.DelegateAccounts); Assert.Equal(scopes, options.Scopes); Assert.Equal(lifetime, options.Lifetime); }
public void Constructor_InvalidSourceCredential() { var sourceCredential = GoogleCredential.FromComputeCredential(); var options = new ImpersonationOptions("principal", null, null, null); var initializer = new ImpersonatedCredential.Initializer(sourceCredential, options); var ex = Assert.Throws <InvalidOperationException>(() => new ImpersonatedCredential(initializer)); Assert.Equal("The underlying credential of source credential must be UserCredential or ServiceAccountCredential.", ex.Message); }
public void Impersonate() { var sourceCredential = GoogleCredential.FromJson(DummyServiceAccountCredentialFileContents); var delegates = new[] { "delegate" }; var scopes = new[] { "scope" }; var targetPrincipal = "principal"; var lifetime = new TimeSpan(2, 0, 0); var options = new ImpersonationOptions(targetPrincipal, lifetime, delegates, scopes); var credential = sourceCredential.Impersonate(options); var impersonatedCredential = (ImpersonatedCredential)credential.UnderlyingCredential; Assert.Equal(delegates, impersonatedCredential.Options.DelegateAccounts); Assert.Equal(scopes, impersonatedCredential.Options.Scopes); Assert.Equal(targetPrincipal, impersonatedCredential.Options.TargetPrincipal); Assert.Equal(lifetime, impersonatedCredential.Options.Lifetime); }
CreateImpersonationService(IUserInfo testUser, ImpersonationOptions options = null) { options ??= new ImpersonationOptions(); var httpContextAccessor = new FakeHttpContextAccessor(testUser?.IsUserRecognized == true ? testUser.UserName : null); var dataProtectionProvider = new FakeDataProtectionProvider(); BaseAuthentication baseUserInfo = new BaseAuthentication(new RhetosAspNetCoreIdentityUser(httpContextAccessor)); var log = new List <string>(); void logMonitor(EventType eventType, string eventName, Func <string> message) => log.Add($"[{eventType}] {eventName}: {message()}"); var logProvider = new ConsoleLogProvider(logMonitor); var impersonationService = new ImpersonationService(httpContextAccessor, dataProtectionProvider, logProvider, options ?? new ImpersonationOptions(), baseUserInfo); return(impersonationService, httpContextAccessor, log); }
private static ImpersonatedCredential CreateImpersonatedCredentialForBody(object body, bool serializeBody = true, HttpStatusCode status = HttpStatusCode.OK) { var sourceCredential = CreateSourceCredential(); var content = ""; if (serializeBody) { content = NewtonsoftJsonSerializer.Instance.Serialize(body); } else { content = (string)body; } var messageHandler = new FakeHttpMessageHandler(status, content); var options = new ImpersonationOptions("principal", null, null, new[] { "scope" }); var initializer = new ImpersonatedCredential.Initializer(sourceCredential, options) { Clock = _clock, HttpClientFactory = new MockHttpClientFactory(messageHandler) }; return(new ImpersonatedCredential(initializer)); }
public static FakeCookie SetImpersonation(IUserInfo testUser, string impersonateUserName, ImpersonationOptions options = null) { (var impersonationService, var httpContextAccessor, _) = CreateImpersonationService(testUser, options); impersonationService.SetImpersonation(testUser, impersonateUserName); return(httpContextAccessor.ResponseCookies.Single()); }
public void CreateForTargetPrincipal() { var options = ImpersonationOptions.CreateForTargetPrincipal(DefaultTargetPrincipal); AssertOptionsFields(options, DefaultTargetPrincipal, _defaultLifetime, null, null); }