public async Task WsFederationConfigurationRetrieverTest()
{
//ARRANGE
var webRequestHandler = new WebRequestHandler();
webRequestHandler.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback((_, __, ___, ____) => true);
var httpClient = new HttpClient(webRequestHandler);
var documentRetrieer = new HttpDocumentRetriever(() => httpClient);
var configurationProvider = new CertificateValidationConfigurationProvider();
var certValidator = new CertificateValidator(configurationProvider);
var logger = new LogProviderMock();
var serialiser = new FederationMetadataSerialiser(certValidator, logger);
var configurationRetriever = new WsFederationConfigurationRetriever(documentRetrieer, serialiser);
//ACT
//var baseMetadata = await WsFederationConfigurationRetriever.GetAsync("https://dg-mfb/idp/shibboleth", documentRetrieer, new CancellationToken());
var context = new FederationPartyConfiguration("local", "https://www.testshib.org/metadata/testshib-providers.xml");
var baseMetadata = await configurationRetriever.GetAsync(context, new CancellationToken());
var metadata = baseMetadata as EntitiesDescriptor;
//ASSERT
Assert.IsTrue(metadata != null);
Assert.AreEqual(2, metadata.ChildEntities.Count);
}
public SSOOwinMiddleware(OwinMiddleware next, IAppBuilder app, SSOAuthenticationOptions options, IDependencyResolver resolver)
: base(next, options)
{
this._resolver = resolver;
this._logger = app.CreateLogger <SSOOwinMiddleware>();
if (base.Options.BackchannelCertificateValidator == null)
{
base.Options.BackchannelCertificateValidator = this._resolver.Resolve <Kernel.Cryptography.Validation.ICertificateValidator>();
}
if (string.IsNullOrWhiteSpace(this.Options.TokenValidationParameters.AuthenticationType))
{
this.Options.TokenValidationParameters.AuthenticationType = app.GetDefaultSignInAsAuthenticationType();
}
if (this.Options.StateDataFormat == null)
{
this.Options.StateDataFormat = (ISecureDataFormat <AuthenticationProperties>) new PropertiesDataFormat(app.CreateDataProtector(typeof(SSOOwinMiddleware).FullName, this.Options.AuthenticationType, "v1"));
}
//if (this.Options.Notifications == null)
// this.Options.Notifications = new WsFederationAuthenticationNotifications();
Uri result;
if (!this.Options.CallbackPath.HasValue && !string.IsNullOrEmpty(this.Options.Wreply) && Uri.TryCreate(this.Options.Wreply, UriKind.Absolute, out result))
{
this.Options.CallbackPath = PathString.FromUriComponent(result);
}
if (this.Options.ConfigurationManager != null)
{
return;
}
if (this.Options.Configuration != null)
{
} //this.Options.ConfigurationManager = (IConfigurationManager<object>)new StaticConfigurationManager<object>(this.Options.Configuration);
else
{
var httpClient = new HttpClient(SSOOwinMiddleware.ResolveHttpMessageHandler(this.Options))
{
Timeout = this.Options.BackchannelTimeout,
MaxResponseContentBufferSize = 10485760L
};
var documentRetriever = new HttpDocumentRetriever(() => httpClient);
var certValidator = this._resolver.Resolve <Kernel.Cryptography.Validation.ICertificateValidator>();
var serialiser = new FederationMetadataSerialiser(certValidator);
var configurationRetriever = new WsFederationConfigurationRetriever(documentRetriever, serialiser);
var relyingPartyContextBuilder = this._resolver.Resolve <IRelyingPartyContextBuilder>();
this.Options.ConfigurationManager = new ConfigurationManager <MetadataBase>(relyingPartyContextBuilder, configurationRetriever);
}
}
public async Task WsFederationConfigurationRetrieverTest()
{
//ARRANGE
var logger = new LogProviderMock();
var bckChannelcertValidator = new CertificateValidatorMock();
var documentRetrieer = new HttpDocumentRetrieverMock(bckChannelcertValidator);
var configurationProvider = new CertificateValidationConfigurationProvider();
var certValidator = new CertificateValidator(configurationProvider, logger);
var serialiser = new FederationMetadataSerialiser(certValidator, logger);
var configurationRetriever = new WsFederationConfigurationRetriever(_ => documentRetrieer, serialiser);
//ACT
var context = new FederationPartyConfiguration("local", "https://localhost");
var baseMetadata = await configurationRetriever.GetAsync(context, new CancellationToken());
var metadata = baseMetadata as EntityDescriptor;
//ASSERT
Assert.IsTrue(metadata != null);
Assert.AreEqual(1, metadata.RoleDescriptors.Count);
}
public override async Task <ExternalAuthUserInfo> GetUserInfo(
string token)
{
WsFederationAuthProviderApi federationAuthProviderApi = this;
if (federationAuthProviderApi == null || federationAuthProviderApi.ProviderInfo == null)
{
return(null);
}
// ISSUE: explicit non-virtual call
string additionalParam1 = (federationAuthProviderApi.ProviderInfo).AdditionalParams["Authority"];
if (string.IsNullOrEmpty(additionalParam1))
{
throw new ApplicationException("Authentication:WsFederation:Issuer configuration is required.");
}
// ISSUE: explicit non-virtual call
string additionalParam2 = (federationAuthProviderApi.ProviderInfo).AdditionalParams["MetaDataAddress"];
if (string.IsNullOrEmpty(additionalParam1))
{
throw new ApplicationException("Authentication:WsFederation:MetaDataAddress configuration is required.");
}
WsFederationConfigurationRetriever configurationRetriever = new WsFederationConfigurationRetriever();
HttpDocumentRetriever documentRetriever = new HttpDocumentRetriever();
ConfigurationManager <WsFederationConfiguration> configurationManager = new ConfigurationManager <WsFederationConfiguration>(additionalParam2, (IConfigurationRetriever <WsFederationConfiguration>)configurationRetriever, (IDocumentRetriever)documentRetriever);
JwtSecurityToken jwtSecurityToken = await federationAuthProviderApi.ValidateToken(token, additionalParam1, (IConfigurationManager <WsFederationConfiguration>) configurationManager, new CancellationToken());
string str1 = jwtSecurityToken.Claims.First <Claim>((Func <Claim, bool>)(c => c.Type == "name")).Value;
string str2 = jwtSecurityToken.Claims.First <Claim>((Func <Claim, bool>)(c => c.Type == "email")).Value;
string[] strArray = str1.Split(' ');
return(new ExternalAuthUserInfo()
{
Provider = "WsFederation", ProviderKey = jwtSecurityToken.Subject, Name = strArray[0], Surname = strArray.Length > 1 ? strArray[1] : strArray[0], EmailAddress = str2
});
}
