public async Task WhenSignatureVerificationFails_InvokesConfiguredCallback()
            {
                _request.Headers["Authorization"] = "TestScheme abc123";

                var failureResult = new RequestSignatureVerificationResultFailure(
                    new Client("c1", "test", SignatureAlgorithm.CreateForVerification("s3cr3t"), TimeSpan.FromMinutes(1), TimeSpan.FromMinutes(1)),
                    new Signature(),
                    SignatureVerificationFailure.HeaderMissing("A header is missing.", null));

                A.CallTo(() => _options.RequestSignatureVerifier.VerifySignature(
                             A <IOwinRequest> .That.Matches(ConvertedRequest),
                             A <SignedHttpRequestAuthenticationOptions> ._))
                .Returns(failureResult);

                RequestSignatureVerificationResult resultFromCallback = null;

                _options.OnIdentityVerificationFailed = (request, failure) => {
                    resultFromCallback = failure;
                    return(Task.CompletedTask);
                };

                await _method();

                resultFromCallback.Should().Be(failureResult);
            }
Beispiel #2
0
            public async Task WhenVerificationSucceeds_InvokesConfiguredCallback()
            {
                _httpRequest.Headers["Authorization"] = "tests-scheme abc123";

                var principal     = new ClaimsPrincipal(new ClaimsIdentity(new[] { new Claim("name", "john.doe") }));
                var successResult = new RequestSignatureVerificationResultSuccess(
                    new Client(
                        "app1",
                        "Unit test app",
                        new CustomSignatureAlgorithm("test"),
                        TimeSpan.FromMinutes(1),
                        TimeSpan.FromMinutes(1),
                        RequestTargetEscaping.RFC3986),
                    new HttpRequestForVerification(),
                    principal);

                A.CallTo(() => _requestSignatureVerifier.VerifySignature(_httpRequest, _options))
                .Returns(successResult);

                RequestSignatureVerificationResult resultFromCallback = null;

                _options.OnIdentityVerified = (request, success) => {
                    resultFromCallback = success;
                    return(Task.CompletedTask);
                };

                await _sut.DoAuthenticate();

                resultFromCallback.Should().Be(successResult);
            }
            public async Task WhenSignatureVerificationSucceeds_InvokesConfiguredCallback()
            {
                _request.Headers["Authorization"] = "TestScheme abc123";

                var principal     = new ClaimsPrincipal(new ClaimsIdentity(new[] { new Claim("name", "john.doe") }));
                var successResult = new RequestSignatureVerificationResultSuccess(
                    new Client("c1", "test", SignatureAlgorithm.CreateForVerification("s3cr3t"), TimeSpan.FromMinutes(1), TimeSpan.FromMinutes(1)),
                    new Signature(),
                    principal);

                A.CallTo(() => _options.RequestSignatureVerifier.VerifySignature(
                             A <IOwinRequest> .That.Matches(ConvertedRequest),
                             A <SignedHttpRequestAuthenticationOptions> ._))
                .Returns(successResult);

                RequestSignatureVerificationResult resultFromCallback = null;

                _options.OnIdentityVerified = (request, success) => {
                    resultFromCallback = success;
                    return(Task.CompletedTask);
                };

                await _method();

                resultFromCallback.Should().Be(successResult);
            }
Beispiel #4
0
            public async Task WhenVerificationFails_InvokesConfiguredCallback()
            {
                _httpRequest.Headers["Authorization"] = "tests-scheme abc123";

                var cause         = SignatureVerificationFailure.InvalidSignatureString("Invalid signature");
                var failureResult = new RequestSignatureVerificationResultFailure(
                    new Client(
                        "app1",
                        "Unit test app",
                        new CustomSignatureAlgorithm("test"),
                        TimeSpan.FromMinutes(1),
                        TimeSpan.FromMinutes(1),
                        RequestTargetEscaping.RFC3986),
                    new HttpRequestForVerification(),
                    cause);

                A.CallTo(() => _requestSignatureVerifier.VerifySignature(_httpRequest, _options))
                .Returns(failureResult);

                RequestSignatureVerificationResult resultFromCallback = null;

                _options.OnIdentityVerificationFailed = (request, failure) => {
                    resultFromCallback = failure;
                    return(Task.CompletedTask);
                };

                await _sut.DoAuthenticate();

                resultFromCallback.Should().Be(failureResult);
            }