public async Task SendAsync_WithValidCachedToken_Returns200()
{
var packageSource = new PackageSource("http://package.source.net");
var tokenStore = new TokenStore();
tokenStore.AddToken(packageSource.SourceUri, "TEST-TOKEN");
Func <string, string, string> tokenFactory = (endpoint, realm) =>
{
throw new InvalidOperationException("Should NOT mint new token.");
};
var handler = new StsAuthenticationHandler(packageSource, tokenStore, tokenFactory)
{
InnerHandler = new LambdaMessageHandler(
request =>
{
var decodedToken = GetStsTokenFromRequest(request, decode: false);
Assert.NotNull(decodedToken);
Assert.Equal("TEST-TOKEN", decodedToken);
return(new HttpResponseMessage(HttpStatusCode.OK));
})
};
var response = await SendAsync(handler);
Assert.NotNull(response);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
}
static HttpMessageHandler CreateHttpMessageHandler(PackageSource packageSource, ICredentialService credentialService)
{
var proxy = ProxyCache.Instance.GetProxy(packageSource.SourceUri);
var clientHandler = new HttpClientHandler {
Proxy = proxy,
AutomaticDecompression = (DecompressionMethods.GZip | DecompressionMethods.Deflate)
};
HttpMessageHandler messageHandler = clientHandler;
if (proxy != null)
{
messageHandler = new ProxyAuthenticationHandler(clientHandler, credentialService, ProxyCache.Instance);
}
HttpMessageHandler innerHandler = messageHandler;
messageHandler = new StsAuthenticationHandler(packageSource, TokenStore.Instance)
{
InnerHandler = messageHandler
};
innerHandler = messageHandler;
messageHandler = new HttpSourceAuthenticationHandler(packageSource, clientHandler, credentialService)
{
InnerHandler = innerHandler
};
return(messageHandler);
}
public async Task SendAsync_WithNotSupportedProtocol_PassesThru()
{
var packageSource = new PackageSource("http://package.source.net");
var tokenStore = new TokenStore();
Func <string, string, string> tokenFactory = (endpoint, realm) =>
{
throw new InvalidOperationException("Should NOT mint new token.");
};
var handler = new StsAuthenticationHandler(packageSource, tokenStore, tokenFactory)
{
InnerHandler = new LambdaMessageHandler(
request =>
{
var authResponse = new HttpResponseMessage(HttpStatusCode.Unauthorized);
authResponse.Headers.Add("WWW-Authenticate", "Basic realm=\"TEST-REALM\"");
return(new HttpResponseMessage(HttpStatusCode.Unauthorized));
})
};
var response = await SendAsync(handler);
Assert.NotNull(response);
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
}
public async Task SendAsync_WithValidAcquiredToken_RetriesRequest()
{
var packageSource = new PackageSource("http://package.source.net");
var tokenStore = new TokenStore();
Func <string, string, string> tokenFactory = (endpoint, realm) => $"{realm}@{endpoint}";
var handler = new StsAuthenticationHandler(packageSource, tokenStore, tokenFactory)
{
InnerHandler = new LambdaMessageHandler(
request =>
{
var decodedToken = GetStsTokenFromRequest(request);
if (decodedToken == null)
{
var authResponse = new HttpResponseMessage(HttpStatusCode.Unauthorized);
authResponse.Headers.Add(StsAuthenticationHandler.STSEndPointHeader, "http://TEST_ENDPOINT");
authResponse.Headers.Add(StsAuthenticationHandler.STSRealmHeader, "TEST-REALM");
return(authResponse);
}
Assert.Equal("TEST-REALM@http://TEST_ENDPOINT", decodedToken);
return(new HttpResponseMessage(HttpStatusCode.OK));
})
};
var response = await SendAsync(handler);
Assert.NotNull(response);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
}
public async Task SendAsync_RetryWithClonedRequest()
{
var packageSource = new PackageSource("http://package.source.net");
var tokenStore = new TokenStore();
tokenStore.AddToken(packageSource.SourceUri, "TEST-TOKEN");
Func <string, string, string> tokenFactory = (endpoint, realm) =>
{
throw new InvalidOperationException("Should NOT mint new token.");
};
var requests = 0;
var handler = new StsAuthenticationHandler(packageSource, tokenStore, tokenFactory)
{
InnerHandler = new LambdaMessageHandler(
request =>
{
Assert.Null(request.Headers.Authorization);
request.Headers.Authorization = new AuthenticationHeaderValue("Basic", "TEST");
requests++;
tokenStore.AddToken(packageSource.SourceUri, "TEST-TOKEN"); // update version for retry
return(new HttpResponseMessage(HttpStatusCode.Unauthorized));
})
};
var response = await SendAsync(handler);
Assert.True(requests > 1, "No retries");
Assert.NotNull(response);
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
}
public async Task SendAsync_WithUnauthenticatedSource_PassesThru()
{
var packageSource = new PackageSource("http://package.source.net");
var tokenStore = new TokenStore();
var handler = new StsAuthenticationHandler(packageSource, tokenStore)
{
InnerHandler = GetLambdaMessageHandler(HttpStatusCode.OK)
};
var response = await SendAsync(handler);
Assert.NotNull(response);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
}
internal static HttpHandlerResourceV3 CreateResource(PackageSource packageSource, ICredentialService credentialService, bool nonInteractive = false)
{
var sourceUri = packageSource.SourceUri;
var settings = new HttpClientSettings {
AutomaticDecompression = DecompressionMethods.GZip | DecompressionMethods.Deflate,
SourceAuthenticationRequired = false,
NonInteractive = nonInteractive
};
var rootHandler = HttpClientProvider.CreateHttpMessageHandler(sourceUri, settings);
// HTTP handler pipeline can be injected here, around the client handler
HttpMessageHandler messageHandler = new MonoDevelopServerWarningLogHandler(rootHandler);
var innerHandler = messageHandler;
messageHandler = new StsAuthenticationHandler(packageSource, TokenStore.Instance)
{
InnerHandler = messageHandler
};
innerHandler = messageHandler;
var credentialsHandler = GetHttpCredentialsHandler(rootHandler);
messageHandler = new NuGetHttpSourceAuthenticationHandler(packageSource, credentialsHandler, credentialService)
{
InnerHandler = innerHandler
};
// Have to pass a dummy HttpClientProvider since it may not be used by a native implementation, such as on the Mac.
// It looks like the only place this is used in NuGet is with the DownloadResourcePluginProvider in order to pass the
// HttpClientHandler's Proxy to the GetCredentialsRequestHandler. There is no plugin support yet in MonoDevelop but
// this may be a problem in the future. Possibly a custom DownloadResourcePluginProvider would be required or possibly
// a HttpClientProvider created with just its Proxy property set based on the current proxy for that url.
var clientHandler = GetOrCreateHttpClientHandler(rootHandler);
// Get the proxy from NuGet's ProxyCache which has support for proxy information define in the NuGet.Config file.
var proxy = ProxyCache.Instance.GetUserConfiguredProxy();
if (proxy != null)
{
clientHandler.Proxy = proxy;
}
var resource = new HttpHandlerResourceV3(clientHandler, messageHandler);
return(resource);
}
private HttpHandlerResourceV3 CreateResource(PackageSource packageSource)
{
var sourceUri = packageSource.SourceUri;
var proxy = ProxyCache.Instance.GetProxy(sourceUri);
// replace the handler with the proxy aware handler
var clientHandler = new HttpClientHandler
{
Proxy = proxy,
AutomaticDecompression = (DecompressionMethods.GZip | DecompressionMethods.Deflate)
};
// HTTP handler pipeline can be injected here, around the client handler
HttpMessageHandler messageHandler = new ProgressHttpMessageHandler(clientHandler, _progressAction);
if (proxy != null)
{
messageHandler = new ProxyAuthenticationHandler(clientHandler, HttpHandlerResourceV3.CredentialService.Value, ProxyCache.Instance);
}
{
var innerHandler = messageHandler;
messageHandler = new StsAuthenticationHandler(packageSource, TokenStore.Instance)
{
InnerHandler = innerHandler
};
}
{
var innerHandler = messageHandler;
messageHandler = new HttpSourceAuthenticationHandler(packageSource, clientHandler, HttpHandlerResourceV3.CredentialService.Value)
{
InnerHandler = innerHandler
};
}
var resource = new HttpHandlerResourceV3(clientHandler, messageHandler);
return(resource);
}
