public void DiscoverRequireSslWithSecureRedirects()
{
MockHttpRequest.Reset();
Identifier claimedId = TestSupport.GetMockIdentifier(TestSupport.Scenarios.AutoApproval, ProtocolVersion.V20, true);
// Add a couple of chained redirect pages that lead to the claimedId.
// All redirects should be secure.
Uri userSuppliedUri = TestSupport.GetFullUrl("/someSecurePage", null, true);
Uri secureMidpointUri = TestSupport.GetFullUrl("/secureStop", null, true);
MockHttpRequest.RegisterMockRedirect(userSuppliedUri, secureMidpointUri);
MockHttpRequest.RegisterMockRedirect(secureMidpointUri, new Uri(claimedId.ToString()));
Identifier userSuppliedIdentifier = new UriIdentifier(userSuppliedUri, true);
Assert.AreEqual(1, userSuppliedIdentifier.Discover().Count());
}
public void DiscoveryWithRedirects()
{
MockHttpRequest.Reset();
Identifier claimedId = TestSupport.GetMockIdentifier(TestSupport.Scenarios.AutoApproval, ProtocolVersion.V20);
// Add a couple of chained redirect pages that lead to the claimedId.
Uri userSuppliedUri = TestSupport.GetFullUrl("/someSecurePage", null, true);
Uri insecureMidpointUri = TestSupport.GetFullUrl("/insecureStop");
MockHttpRequest.RegisterMockRedirect(userSuppliedUri, insecureMidpointUri);
MockHttpRequest.RegisterMockRedirect(insecureMidpointUri, new Uri(claimedId.ToString()));
// don't require secure SSL discovery for this test.
Identifier userSuppliedIdentifier = new UriIdentifier(userSuppliedUri, false);
Assert.AreEqual(1, userSuppliedIdentifier.Discover().Count());
}
public void DiscoverRequireSslWithInsecureRedirect()
{
MockHttpRequest.Reset();
Identifier claimedId = TestSupport.GetMockIdentifier(TestSupport.Scenarios.AutoApproval, ProtocolVersion.V20, true);
// Add a couple of chained redirect pages that lead to the claimedId.
// Include an insecure HTTP jump in those redirects to verify that
// the ultimate endpoint is never found as a result of high security profile.
Uri userSuppliedUri = TestSupport.GetFullUrl("/someSecurePage", null, true);
Uri insecureMidpointUri = TestSupport.GetFullUrl("/insecureStop");
MockHttpRequest.RegisterMockRedirect(userSuppliedUri, insecureMidpointUri);
MockHttpRequest.RegisterMockRedirect(insecureMidpointUri, new Uri(claimedId.ToString()));
Identifier userSuppliedIdentifier = new UriIdentifier(userSuppliedUri, true);
userSuppliedIdentifier.Discover();
}