Beispiel #1
0
            public async Task WhenEncryptionKeyIsNullOrEmpty_DoesNotEncryptHMACSecretInDatabase(string nullOrEmpty)
            {
                using (var sut = new MongoDbClientStore(
                           new MongoDatabaseClientProvider(Database),
                           _collectionName,
                           nullOrEmpty,
                           _migrator,
                           _signatureAlgorithmDataRecordConverter)) {
                    var hmac   = new HMACSignatureAlgorithm("s3cr3t", HashAlgorithmName.SHA384);
                    var client = new Client(
                        "c1",
                        "app one",
                        hmac,
                        TimeSpan.FromMinutes(1),
                        TimeSpan.FromMinutes(2),
                        RequestTargetEscaping.RFC2396,
                        new Claim("company", "Dalion"),
                        new Claim("scope", "HttpMessageSigning"));
                    await sut.Register(client);

                    var collection = Database.GetCollection <ClientDataRecordV2>(_collectionName);
                    var findResult = await collection.FindAsync <ClientDataRecordV2>(new ExpressionFilterDefinition <ClientDataRecordV2>(r => r.Id == client.Id));

                    var loaded = await findResult.SingleAsync();

                    loaded.SignatureAlgorithm.Parameter.Should().NotBeNullOrEmpty();
                    var unencryptedKey = Encoding.UTF8.GetString(hmac.Key);
                    loaded.SignatureAlgorithm.Parameter.Should().Be(unencryptedKey);
                    loaded.SignatureAlgorithm.IsParameterEncrypted.Should().BeFalse();
                }
            }
 public MongoDbClientStoreTests(MongoSetup mongoSetup) : base(mongoSetup)
 {
     _migrator       = A.Fake <IClientStoreMigrator>();
     _collectionName = "clients_" + Guid.NewGuid();
     _encryptionKey  = new SharedSecretEncryptionKey("The_Big_Secret");
     _sut            = new MongoDbClientStore(new MongoDatabaseClientProvider(Database), _collectionName, _encryptionKey, _migrator);
 }
Beispiel #3
0
 public MongoDbClientStoreTests(MongoSetup mongoSetup) : base(mongoSetup)
 {
     _migrator       = A.Fake <IClientStoreMigrator>();
     _collectionName = "clients_" + Guid.NewGuid();
     _encryptionKey  = new SharedSecretEncryptionKey("The_Big_Secret");
     _signatureAlgorithmDataRecordConverter = new SignatureAlgorithmDataRecordConverter(new FakeStringProtectorFactory());
     _sut = new MongoDbClientStore(new MongoDatabaseClientProvider(Database), _collectionName, _encryptionKey, _migrator, _signatureAlgorithmDataRecordConverter);
 }
        /// <summary>Configures HTTP message signature verification to use a MongoDB <see cref="IClientStore"/>.</summary>
        /// <param name="builder">The <see cref="IHttpMessageSigningVerificationBuilder" /> that is used to configure verification.</param>
        /// <param name="clientStoreSettingsFactory">The factory that creates the settings for the Mongo connection.</param>
        /// <returns>The <see cref="IHttpMessageSigningVerificationBuilder" /> that can be used to continue configuring the verification settings.</returns>
        public static IHttpMessageSigningVerificationBuilder UseMongoDbClientStore(
            this IHttpMessageSigningVerificationBuilder builder,
            Func <IServiceProvider, MongoDbClientStoreSettings> clientStoreSettingsFactory)
        {
            if (builder == null)
            {
                throw new ArgumentNullException(nameof(builder));
            }
            if (clientStoreSettingsFactory == null)
            {
                throw new ArgumentNullException(nameof(clientStoreSettingsFactory));
            }

            builder.Services
            // Services
            .AddMemoryCache()
            .AddSingleton <ISignatureAlgorithmDataRecordConverter, SignatureAlgorithmDataRecordConverter>()
            .AddSingleton(prov => {
                var settings = clientStoreSettingsFactory(prov);
                if (settings == null)
                {
                    throw new ValidationException($"Invalid {nameof(MongoDbClientStoreSettings)} were specified.");
                }
                settings.Validate();
                return(settings);
            })
            .AddSingleton <IMongoDatabaseClientProvider>(prov => {
                var mongoSettings = prov.GetRequiredService <MongoDbClientStoreSettings>();
                return(new MongoDatabaseClientProvider(mongoSettings.ConnectionString));
            })

            // ClientStore Migrations
            .AddSingleton <IClientStoreBaseliner, ClientStoreBaseliner>()
            .AddSingleton <ISemaphoreFactory, SemaphoreFactory>()
            .AddSingleton <IClientStoreMigrator>(prov =>
                                                 new OnlyOnceClientStoreMigrator(
                                                     new ClientStoreMigrator(
                                                         prov.GetRequiredService <IEnumerable <IClientStoreMigrationStep> >(),
                                                         prov.GetRequiredService <IClientStoreBaseliner>()),
                                                     prov.GetRequiredService <IClientStoreBaseliner>(),
                                                     prov.GetRequiredService <ISemaphoreFactory>()))
            .AddSingleton <IClientStoreMigrationStep, AddEncryptionSupportToClientsMigrationStep>();

            return(builder
                   // The actual store
                   .UseClientStore(prov => {
                var mongoSettings = prov.GetRequiredService <MongoDbClientStoreSettings>();
                var decorator = prov.GetRequiredService <ICachingClientStoreDecorator>();
                var store = new MongoDbClientStore(
                    prov.GetRequiredService <IMongoDatabaseClientProvider>(),
                    mongoSettings.CollectionName,
                    mongoSettings.SharedSecretEncryptionKey,
                    prov.GetRequiredService <IClientStoreMigrator>(),
                    prov.GetRequiredService <ISignatureAlgorithmDataRecordConverter>());
                return decorator.DecorateWithCaching(store, mongoSettings.ClientCacheEntryExpiration);
            }));
        }
Beispiel #5
0
 public MongoDbClientStoreTests(MongoSetup mongoSetup) : base(mongoSetup)
 {
     _collectionName = "clients";
     _sut            = new MongoDbClientStore(new MongoDatabaseClientProvider(Database), _collectionName);
 }