private SecurityPolicyResult Evaluate(string scopes) { var identity = AuthenticationService.CreateIdentity( new User("testUser"), AuthenticationTypes.ApiKey, new Claim(NuGetClaims.ApiKey, string.Empty)); if (!string.IsNullOrEmpty(scopes)) { identity.AddClaim(new Claim(NuGetClaims.Scope, scopes)); } var principal = new Mock <IPrincipal>(); principal.Setup(p => p.Identity).Returns(identity); var httpContext = new Mock <HttpContextBase>(); httpContext.Setup(c => c.User).Returns(principal.Object); var context = new UserSecurityPolicyContext(httpContext.Object, new UserSecurityPolicy[] { new UserSecurityPolicy("RequireApiKeyWithPackageVerifyScopePolicy") }); return(new RequirePackageVerifyScopePolicy().Evaluate(context)); }
private SecurityPolicyResult Evaluate(string minClientVersions, string actualClientVersion) { var headers = new NameValueCollection(); if (!string.IsNullOrEmpty(actualClientVersion)) { headers[Constants.ClientVersionHeaderName] = actualClientVersion; } ; var httpRequest = new Mock <HttpRequestBase>(); httpRequest.Setup(r => r.Headers).Returns(headers); var httpContext = new Mock <HttpContextBase>(); httpContext.Setup(c => c.Request).Returns(httpRequest.Object); var policies = minClientVersions.Split(',').Select( v => CreateMinClientVersionForPushPolicy(v) ).ToArray(); var context = new UserSecurityPolicyContext(httpContext.Object, policies); return(new RequireMinClientVersionForPushPolicy().Evaluate(context)); }
/// <summary> /// Get the current client version from the request. /// </summary> private NuGetVersion GetClientVersion(UserSecurityPolicyContext context) { var clientVersionString = context.HttpContext.Request?.Headers[Constants.ClientVersionHeaderName]; NuGetVersion clientVersion; return(NuGetVersion.TryParse(clientVersionString, out clientVersion) ? clientVersion : null); }
/// <summary> /// In case of multiple, select the max of the minimum required client versions. /// </summary> private NuGetVersion GetMaxOfMinClientVersions(UserSecurityPolicyContext context) { var policyStates = context.Policies .Where(p => !string.IsNullOrEmpty(p.Value)) .Select(p => JsonConvert.DeserializeObject <State>(p.Value)); return(policyStates.Max(s => s.MinClientVersion)); }
public override SecurityPolicyResult Evaluate(UserSecurityPolicyContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } var identity = context.HttpContext.User.Identity; if (identity.HasPackageVerifyScopeClaim()) { return(SecurityPolicyResult.SuccessResult); } return(SecurityPolicyResult.CreateErrorResult(Strings.SecurityPolicy_RequireApiKeyWithPackageVerifyScope)); }
public override SecurityPolicyResult Evaluate(UserSecurityPolicyContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } var minClientVersion = GetMaxOfMinClientVersions(context); var clientVersion = GetClientVersion(context); if (clientVersion == null || clientVersion < minClientVersion) { return(SecurityPolicyResult.CreateErrorResult(string.Format(CultureInfo.CurrentCulture, Strings.SecurityPolicy_RequireMinClientVersionForPush, minClientVersion))); } return(SecurityPolicyResult.SuccessResult); }
public abstract SecurityPolicyResult Evaluate(UserSecurityPolicyContext context);