public async Task RequestWithInvalidCredentials_ReturnsUnauthorized()
{
var request = new TestHttpRequest(WebServerUrl);
var byteArray = Encoding.ASCII.GetBytes("root:password1233");
var authData = new System.Net.Http.Headers.AuthenticationHeaderValue("basic",
Convert.ToBase64String(byteArray));
request.Headers.Add("Authorization", authData.ToString());
using (var response = await SendAsync(request))
{
Assert.AreEqual((int)HttpStatusCode.Unauthorized, response.StatusCode, "Status Code Unauthorized");
}
}
private Task <HttpResponseMessage> MakeRequest(string?userName, string?password)
{
var request = new HttpRequestMessage(HttpMethod.Get, WebServerUrl);
if (userName == null)
{
return(Client.SendAsync(request));
}
var encodedCredentials = Convert.ToBase64String(Encoding.ASCII.GetBytes($"{userName}:{password}"));
var authHeaderValue = new System.Net.Http.Headers.AuthenticationHeaderValue("basic", encodedCredentials);
request.Headers.Add("Authorization", authHeaderValue.ToString());
return(Client.SendAsync(request));
}
public override async Task <DownloadUrlData> GetDownloadUri(Track track)
{
if (!Api.HasAuthenticated)
{
await Api.Authenticate();
}
var auth = new System.Net.Http.Headers.AuthenticationHeaderValue(Api.CurrentOAuthAccount.TokenType,
Api.CurrentOAuthAccount.Token);
var url = (await Api.GetShareUrl(track.Id)).Replace("/redir?", "/download?");
var data = new DownloadUrlData()
{
Headers = new Dictionary <string, string> {
{ "Authorization", auth.ToString() },
},
Url = url,
};
return(data);
}
/// <summary>
/// Upload a File via the REST API interface
/// </summary>
/// <param name="context">The context established by AppPrincipal</param>
/// <param name="relativeUrl">The folder structure, relative to the Web</param>
/// <param name="fileWithPath">The full file name with path on local disk</param>
/// <param name="ensureFolder">(OPTIONAL) true will ensure the relativeUrl path exists in SharePoint</param>
/// <returns></returns>
/// <remarks>
/// The <paramref name="context"/> should be an AppPrincipal context which will contain the bearer token for OAuth interactions pulled from the SharePointContext
/// </remarks>
public static bool UploadFileViaREST(this ClientContext context, string relativeUrl, string fileWithPath, bool ensureFolder = false)
{
if (!System.IO.File.Exists(fileWithPath))
{
throw new ArgumentException(string.Format("The file {0} does not exist on disc.", fileWithPath));
}
if (context.Web.RootFolder.ServerObjectIsNull())
{
context.Load(context.Web, ctx => ctx.ServerRelativeUrl, ctx => ctx.RootFolder, ctx => ctx.RootFolder.ServerRelativeUrl);
context.ExecuteQueryRetry();
}
if (ensureFolder)
{
var folderPath = context.Web.RootFolder.ListEnsureFolder(relativeUrl);
if (folderPath == null || folderPath.ServerObjectIsNull())
{
throw new Exception("Failed to ensure folder path directories.");
}
}
var accessToken = string.Empty;
try
{
accessToken = context.GetAccessToken();
}
catch (Exception ex)
{
throw new Exception("Failed to retreive Access Token", ex);
}
try
{
var fileName = System.IO.Path.GetFileName(fileWithPath);
var fileBuffer = System.IO.File.ReadAllBytes(fileWithPath);
var fileSize = fileBuffer.Length;
var strURL = string.Format("{0}/_api/web/GetFolderByServerRelativeUrl('{1}')/Files/add(url='{2}',overwrite=true)",
context.Url,
relativeUrl,
fileName);
var wreq = System.Net.HttpWebRequest.Create(strURL) as System.Net.HttpWebRequest;
wreq.UseDefaultCredentials = true;
// Upload to SharePoiint
var authToken = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", accessToken);
wreq.Headers.Add(System.Net.HttpRequestHeader.Authorization, authToken.ToString());
wreq.Method = "POST";
wreq.Timeout = 1000000;
wreq.Accept = "application/json; odata=verbose";
wreq.ContentLength = fileSize;
using (var sRequest = wreq.GetRequestStream())
{
sRequest.Write(fileBuffer, 0, fileSize);
}
using (var wresp = wreq.GetResponse())
{
var response = (System.Net.HttpWebResponse)wresp;
using (var sr = new System.IO.StreamReader(wresp.GetResponseStream()))
{
//var webmsg = sr.ReadToEnd();
System.Diagnostics.Trace.TraceInformation("Server response {0} with description {1}", response.StatusCode, response.StatusDescription);
}
}
return(true);
}
catch (System.Net.WebException e)
{
if (e.Status == System.Net.WebExceptionStatus.ProtocolError)
{
var response = (System.Net.HttpWebResponse)e.Response;
throw new Exception(string.Format("Errorcode: {0}", (int)response.StatusCode), e);
}
else
{
throw new Exception(string.Format("Error: {0}", e.Status), e);
}
}
catch (Exception exError)
{
//Log Error // Catch Folder Creation exceptions
throw (exError);
}
}
private void RetrieveLoginTokenAndAssert()
{
var peterAccount = new Majorsilence.Vpn.Logic.Accounts.CreateAccount(
new Majorsilence.Vpn.Logic.Accounts.CreateAccountInfo()
{
Email = emailAddress,
EmailConfirm = emailAddress,
Firstname = "Peter",
Lastname = "Gill",
Password = password,
PasswordConfirm = password,
BetaKey = betaKey
}
, true, Majorsilence.Vpn.Logic.InitializeSettings.Email);
userid = peterAccount.Execute();
// in an actual desktop app this will need to be setup as static
var cookieContainer = new System.Net.CookieContainer();
using (var handler = new System.Net.Http.HttpClientHandler()
{
CookieContainer = cookieContainer
})
using (var client = new System.Net.Http.HttpClient(handler))
{
var byteArray = System.Text.Encoding.UTF8.GetBytes(string.Format("{0}:{1}", emailAddress, password));
var headerAuth = new System.Net.Http.Headers.AuthenticationHeaderValue(
"Basic", Convert.ToBase64String(byteArray));
client.DefaultRequestHeaders.Authorization = headerAuth;
var mock = new Mock <Majorsilence.Vpn.Site.Helpers.ISessionVariables>();
mock.SetupAllProperties();
Majorsilence.Vpn.Site.Helpers.ISessionVariables sessionVars = mock.Object;
var controller = new Majorsilence.Vpn.Site.Controllers.ApiV2Controller(sessionVars);
var header = new NameValueCollection();
header.Add("Authorization", headerAuth.ToString());
// See http://stephenwalther.com/archive/2008/07/01/asp-net-mvc-tip-12-faking-the-controller-context
FakeControllerContext.SetContext(controller, header);
var blah = controller.Auth();
//controller.Auth();
System.Console.WriteLine(blah.Content);
// mock.VerifySet(framework => framework.IsAdmin = true);
Assert.That(sessionVars.LoggedIn, Is.EqualTo(true));
Assert.That(sessionVars.Username, Is.EqualTo(emailAddress));
Assert.That(sessionVars.UserId, Is.EqualTo(userid));
Assert.That(sessionVars.IsAdmin, Is.EqualTo(true));
Assert.That(controller.Response.StatusCode, Is.EqualTo((int)System.Net.HttpStatusCode.OK));
var content = Newtonsoft.Json.JsonConvert.DeserializeObject <Majorsilence.Vpn.Logic.DTO.ApiAuthResponse>(blah.Content);
Assert.That(string.IsNullOrEmpty(content.Token1), Is.EqualTo(false));
Assert.That(string.IsNullOrEmpty(content.Token2), Is.EqualTo(false));
Assert.That(content.Token1ExpireUtc, Is.GreaterThan(DateTime.UtcNow));
Assert.That(content.Token1ExpireUtc, Is.LessThan(DateTime.UtcNow.AddDays(1)));
Assert.That(content.Token2ExpireUtc, Is.GreaterThan(DateTime.UtcNow.AddDays(1)));
Assert.That(content.Token2ExpireUtc, Is.LessThan(DateTime.UtcNow.AddDays(2)));
token1 = content.Token1;
token2 = content.Token2;
// See http://haacked.com/archive/2007/06/19/unit-tests-web-code-without-a-web-server-using-httpsimulator.aspx/
// var responseString = response.Content.ReadAsStringAsync();
}
}