public void MachineKey_Protect_ProducesCipherText()
{
var sut = new MachineKeyProtector();
string cipherText = sut.Protect("hello", Purposes.AuthToken);
cipherText.Should().NotBe("hello", "because we expect the clear text to be encryted");
}
public void MachineKey_UnProtect_WithNullPurpose_ThrowsArgumentNullException()
{
var sut = new MachineKeyProtector();
sut.Invoking(protector => sut.Unprotect("good", null))
.ShouldThrow <ArgumentNullException>("because we passed invalid input");
}
public void MachineKey_Protect_WithNullText_ThrowsArgumentNullException()
{
var sut = new MachineKeyProtector();
sut.Invoking(protector => sut.Protect(null, "test"))
.ShouldThrow <ArgumentNullException>("because we passed invalid input");
}
public void MachineKey_Protect_ThenUnprotect_WithDifferentPurpose_ReturnsNull()
{
string clearText = "hello world";
var sut = new MachineKeyProtector();
string cipherText = sut.Protect(clearText, Purposes.ConnString);
string decrypted = sut.Unprotect(cipherText, Purposes.AuthToken);
decrypted.Should().BeNull("because we did not pass the expected purpose to decrypt");
}
public void MachineKey_Protect_ThenUnprotect_WithSamePurpose_Succeeds()
{
string clearText = "hello world";
var sut = new MachineKeyProtector();
string cipherText = sut.Protect(clearText, Purposes.ConnString);
string decryptedText = sut.Unprotect(cipherText, Purposes.ConnString);
decryptedText.Should()
.Be(clearText, "because we expect the decrypted text to be same as the original clear text");
}
public ActionResult Index()
{
var cookie = System.Web.HttpContext.Current.Request.Cookies.Get(".AspNet.ApplicationCookie");
var ticket = cookie.Value;
//Handle encoding
ticket = ticket.Replace('-', '+').Replace('_', '/');
var padding = 3 - ((ticket.Length + 3) % 4);
if (padding != 0)
{
ticket = ticket + new string('=', padding);
}
var machineKeyProtector = new MachineKeyProtector();
var ticketData = new TicketDataFormat(machineKeyProtector);
//Set the purpose for decrypting the cookie based ticket
machineKeyProtector.Purpose = new string[]
{
typeof(CookieAuthenticationMiddleware).FullName,
"ApplicationCookie",
"v1"
};
var decryptedTicket = ticketData.Unprotect(ticket);
//Change the purpose for creating an encrypted bearer token
machineKeyProtector.Purpose = new string[]
{
typeof(OAuthAuthorizationServerMiddleware).Namespace,
"Access_Token",
"v1"
};
var encryptedTicket = ticketData.Protect(decryptedTicket);
string bearerToken = $"Bearer {encryptedTicket}";
var client = new HttpClient();
client.BaseAddress = new Uri("http://localhost:58719/");
client.DefaultRequestHeaders.Add("Authorization", bearerToken);
var result = client.GetAsync("/api/ResourceData").Result.Content.ReadAsStringAsync().Result;
ViewBag.ResultData = result;
ViewBag.BearerToken = bearerToken;
return(View());
}
