Ejemplo n.º 1
0
        public void AssociateDiffieHellmanOverHttps()
        {
            Protocol          protocol    = Protocol.V20;
            OpenIdCoordinator coordinator = new OpenIdCoordinator(
                rp => {
                // We have to formulate the associate request manually,
                // since the DNOI RP won't voluntarily use DH on HTTPS.
                AssociateDiffieHellmanRequest request = new AssociateDiffieHellmanRequest(protocol.Version, new Uri("https://Provider"));
                request.AssociationType = protocol.Args.SignatureAlgorithm.HMAC_SHA256;
                request.SessionType     = protocol.Args.SessionType.DH_SHA256;
                request.InitializeRequest();
                var response = rp.Channel.Request <AssociateSuccessfulResponse>(request);
                Assert.IsNotNull(response);
                Assert.AreEqual(request.AssociationType, response.AssociationType);
                Assert.AreEqual(request.SessionType, response.SessionType);
            },
                AutoProvider);

            coordinator.Run();
        }
Ejemplo n.º 2
0
        public async Task OPRejectsMismatchingAssociationAndSessionTypes()
        {
            Protocol protocol = Protocol.V20;

            this.RegisterAutoProvider();
            var rp = this.CreateRelyingParty();

            // We have to formulate the associate request manually,
            // since the DNOI RP won't voluntarily mismatch the association and session types.
            var request = new AssociateDiffieHellmanRequest(protocol.Version, OPUri);

            request.AssociationType = protocol.Args.SignatureAlgorithm.HMAC_SHA256;
            request.SessionType     = protocol.Args.SessionType.DH_SHA1;
            request.InitializeRequest();
            var response = await rp.Channel.RequestAsync <AssociateUnsuccessfulResponse>(request, CancellationToken.None);

            Assert.IsNotNull(response);
            Assert.AreEqual(protocol.Args.SignatureAlgorithm.HMAC_SHA1, response.AssociationType);
            Assert.AreEqual(protocol.Args.SessionType.DH_SHA1, response.SessionType);
        }
Ejemplo n.º 3
0
        public async Task AssociateDiffieHellmanOverHttps()
        {
            Protocol protocol = Protocol.V20;

            this.RegisterAutoProvider();
            var rp = this.CreateRelyingParty();

            // We have to formulate the associate request manually,
            // since the DNOI RP won't voluntarily use DH on HTTPS.
            var request = new AssociateDiffieHellmanRequest(protocol.Version, OPUri)
            {
                AssociationType = protocol.Args.SignatureAlgorithm.HMAC_SHA256,
                SessionType     = protocol.Args.SessionType.DH_SHA256
            };

            request.InitializeRequest();
            var response = await rp.Channel.RequestAsync <AssociateSuccessfulResponse>(request, CancellationToken.None);

            Assert.IsNotNull(response);
            Assert.AreEqual(request.AssociationType, response.AssociationType);
            Assert.AreEqual(request.SessionType, response.SessionType);
        }
Ejemplo n.º 4
0
 public void Setup()
 {
     this.request = new AssociateDiffieHellmanRequest(Protocol.V20.Version, Recipient);
 }
Ejemplo n.º 5
0
        /// <summary>
        /// Analyzes an incoming request message payload to discover what kind of
        /// message is embedded in it and returns the type, or null if no match is found.
        /// </summary>
        /// <param name="recipient">The intended or actual recipient of the request message.</param>
        /// <param name="fields">The name/value pairs that make up the message payload.</param>
        /// <returns>
        /// A newly instantiated <see cref="IProtocolMessage"/>-derived object that this message can
        /// deserialize to.  Null if the request isn't recognized as a valid protocol message.
        /// </returns>
        public IDirectedProtocolMessage GetNewRequestMessage(MessageReceivingEndpoint recipient, IDictionary <string, string> fields)
        {
            ErrorUtilities.VerifyArgumentNotNull(recipient, "recipient");
            ErrorUtilities.VerifyArgumentNotNull(fields, "fields");

            RequestBase message = null;

            // Discern the OpenID version of the message.
            Protocol protocol = Protocol.V11;
            string   ns;

            if (fields.TryGetValue(Protocol.V20.openid.ns, out ns))
            {
                ErrorUtilities.VerifyProtocol(string.Equals(ns, Protocol.OpenId2Namespace, StringComparison.Ordinal), MessagingStrings.UnexpectedMessagePartValue, Protocol.V20.openid.ns, ns);
                protocol = Protocol.V20;
            }

            string mode;

            if (fields.TryGetValue(protocol.openid.mode, out mode))
            {
                if (string.Equals(mode, protocol.Args.Mode.associate))
                {
                    if (fields.ContainsKey(protocol.openid.dh_consumer_public))
                    {
                        message = new AssociateDiffieHellmanRequest(protocol.Version, recipient.Location);
                    }
                    else
                    {
                        message = new AssociateUnencryptedRequest(protocol.Version, recipient.Location);
                    }
                }
                else if (string.Equals(mode, protocol.Args.Mode.checkid_setup) ||
                         string.Equals(mode, protocol.Args.Mode.checkid_immediate))
                {
                    AuthenticationRequestMode authMode = string.Equals(mode, protocol.Args.Mode.checkid_immediate) ? AuthenticationRequestMode.Immediate : AuthenticationRequestMode.Setup;
                    if (fields.ContainsKey(protocol.openid.identity))
                    {
                        message = new CheckIdRequest(protocol.Version, recipient.Location, authMode);
                    }
                    else
                    {
                        message = new SignedResponseRequest(protocol.Version, recipient.Location, authMode);
                    }
                }
                else if (string.Equals(mode, protocol.Args.Mode.cancel) ||
                         (string.Equals(mode, protocol.Args.Mode.setup_needed) && (protocol.Version.Major >= 2 || fields.ContainsKey(protocol.openid.user_setup_url))))
                {
                    message = new NegativeAssertionResponse(protocol.Version, recipient.Location, mode);
                }
                else if (string.Equals(mode, protocol.Args.Mode.id_res))
                {
                    if (fields.ContainsKey(protocol.openid.identity))
                    {
                        message = new PositiveAssertionResponse(protocol.Version, recipient.Location);
                    }
                    else
                    {
                        message = new IndirectSignedResponse(protocol.Version, recipient.Location);
                    }
                }
                else if (string.Equals(mode, protocol.Args.Mode.check_authentication))
                {
                    message = new CheckAuthenticationRequest(protocol.Version, recipient.Location);
                }
                else if (string.Equals(mode, protocol.Args.Mode.error))
                {
                    message = new IndirectErrorResponse(protocol.Version, recipient.Location);
                }
                else
                {
                    ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessagePartValue, protocol.openid.mode, mode);
                }
            }

            if (message != null)
            {
                message.SetAsIncoming();
            }

            return(message);
        }
Ejemplo n.º 6
0
        public void PrepareMessageForSendingNonExtendableMessage()
        {
            IProtocolMessage request = new AssociateDiffieHellmanRequest(Protocol.Default.Version, OpenIdTestBase.OPUri);

            Assert.IsNull(this.rpElement.ProcessOutgoingMessage(request));
        }
Ejemplo n.º 7
0
        public async Task PrepareMessageForSendingNonExtendableMessage()
        {
            IProtocolMessage request = new AssociateDiffieHellmanRequest(Protocol.Default.Version, OpenIdTestBase.OPUri);

            Assert.IsNull(await this.rpElement.ProcessOutgoingMessageAsync(request, CancellationToken.None));
        }