public async Task AspNetCoreWithLargeInteropCookieContainsIdentity()
{
var identity = new ClaimsIdentity("Cookies");
identity.AddClaim(new Claim(ClaimTypes.Name, new string('a', 1024 * 5)));
var dataProtection = DataProtectionProvider.Create(new DirectoryInfo("..\\..\\artifacts"));
var dataProtector = dataProtection.CreateProtector(
"Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware", // full name of the ASP.NET Core type
CookieAuthenticationDefaults.AuthenticationType, "v2");
var interopServer = TestServer.Create(app =>
{
app.Properties["host.AppName"] = "Microsoft.Owin.Security.Tests";
app.UseCookieAuthentication(new Cookies.CookieAuthenticationOptions
{
TicketDataFormat = new AspNetTicketDataFormat(new DataProtectorShim(dataProtector)),
CookieName = AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.CookiePrefix
+ AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.AuthenticationScheme,
CookieManager = new ChunkingCookieManager(),
});
app.Run(context =>
{
context.Authentication.SignIn(identity);
return(Task.FromResult(0));
});
});
var transaction = await SendAsync(interopServer, "http://example.com");
var builder = new WebHostBuilder()
.Configure(app =>
{
app.UseCookieAuthentication(new AspNetCore.Builder.CookieAuthenticationOptions
{
DataProtectionProvider = dataProtection
});
app.Run(async context =>
{
var result = await context.Authentication.AuthenticateAsync("Cookies");
await context.Response.WriteAsync(result.Identity.Name);
});
})
.ConfigureServices(services => services.AddAuthentication());
var newServer = new AspNetCore.TestHost.TestServer(builder);
var request = new HttpRequestMessage(HttpMethod.Get, "http://example.com/login");
foreach (var cookie in SetCookieHeaderValue.ParseList(transaction.SetCookie))
{
request.Headers.Add("Cookie", cookie.Name + "=" + cookie.Value);
}
var response = await newServer.CreateClient().SendAsync(request);
Assert.Equal(1024 * 5, (await response.Content.ReadAsStringAsync()).Length);
}
public async Task AspNetCoreWithInteropCookieContainsIdentity()
{
var identity = new ClaimsIdentity("Cookies");
identity.AddClaim(new Claim(ClaimTypes.Name, "Alice"));
var dataProtection = DataProtectionProvider.Create(new DirectoryInfo("..\\..\\artifacts"));
var dataProtector = dataProtection.CreateProtector(
"Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware", // full name of the ASP.NET Core type
CookieAuthenticationDefaults.AuthenticationType, "v2");
var interopServer = TestServer.Create(app =>
{
app.Properties["host.AppName"] = "Microsoft.Owin.Security.Tests";
app.UseCookieAuthentication(new Cookies.CookieAuthenticationOptions
{
TicketDataFormat = new AspNetTicketDataFormat(new DataProtectorShim(dataProtector)),
CookieName = AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.CookiePrefix
+ AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.AuthenticationScheme,
});
app.Run(context =>
{
context.Authentication.SignIn(identity);
return Task.FromResult(0);
});
});
var transaction = await SendAsync(interopServer, "http://example.com");
var builder = new WebHostBuilder()
.Configure(app =>
{
app.UseCookieAuthentication(new AspNetCore.Builder.CookieAuthenticationOptions
{
DataProtectionProvider = dataProtection
});
app.Run(async context =>
{
var result = await context.Authentication.AuthenticateAsync("Cookies");
await context.Response.WriteAsync(result.Identity.Name);
});
})
.ConfigureServices(services => services.AddAuthentication());
var newServer = new AspNetCore.TestHost.TestServer(builder);
var request = new HttpRequestMessage(HttpMethod.Get, "http://example.com/login");
foreach (var cookie in SetCookieHeaderValue.ParseList(transaction.SetCookie))
{
request.Headers.Add("Cookie", cookie.Name + "=" + cookie.Value);
}
var response = await newServer.CreateClient().SendAsync(request);
Assert.Equal("Alice", await response.Content.ReadAsStringAsync());
}
private static async Task <string> SendAndGetCookie(AspNetCore.TestHost.TestServer server, string uri)
{
var request = new HttpRequestMessage(HttpMethod.Get, uri);
var response = await server.CreateClient().SendAsync(request);
if (response.Headers.Contains("Set-Cookie"))
{
return(response.Headers.GetValues("Set-Cookie").ToList().First());
}
return(null);
}
public async Task InteropWithLargeNewCookieContainsIdentity()
{
var user = new ClaimsPrincipal();
var identity = new ClaimsIdentity("scheme");
identity.AddClaim(new Claim(ClaimTypes.Name, new string('a', 1024 * 5)));
user.AddIdentity(identity);
var dataProtection = DataProtectionProvider.Create(new DirectoryInfo("..\\..\\artifacts"));
var dataProtector = dataProtection.CreateProtector(
"Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware", // full name of the ASP.NET Core type
CookieAuthenticationDefaults.AuthenticationType, "v2");
var builder = new WebHostBuilder()
.Configure(app =>
{
app.UseCookieAuthentication(new AspNetCore.Builder.CookieAuthenticationOptions
{
DataProtectionProvider = dataProtection
});
app.Run(context => context.Authentication.SignInAsync("Cookies", user));
})
.ConfigureServices(services => services.AddAuthentication());
var newServer = new AspNetCore.TestHost.TestServer(builder);
var cookies = await SendAndGetCookies(newServer, "http://example.com/login");
var server = TestServer.Create(app =>
{
app.Properties["host.AppName"] = "Microsoft.Owin.Security.Tests";
app.UseCookieAuthentication(new Cookies.CookieAuthenticationOptions
{
TicketDataFormat = new AspNetTicketDataFormat(new DataProtectorShim(dataProtector)),
CookieName = AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.CookiePrefix
+ AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.AuthenticationScheme,
CookieManager = new ChunkingCookieManager(),
});
app.Run(async context =>
{
var result = await context.Authentication.AuthenticateAsync("Cookies");
Describe(context.Response, result);
});
});
var transaction2 = await SendAsync(server, "http://example.com/me/Cookies", cookies);
Assert.Equal(1024 * 5, FindClaimValue(transaction2, ClaimTypes.Name).Length);
}
private static async Task <IList <string> > SendAndGetCookies(AspNetCore.TestHost.TestServer server, string uri)
{
var request = new HttpRequestMessage(HttpMethod.Get, uri);
var response = await server.CreateClient().SendAsync(request);
if (response.Headers.Contains("Set-Cookie"))
{
IList <string> cookieHeaders = new List <string>();
foreach (var cookie in SetCookieHeaderValue.ParseList(response.Headers.GetValues("Set-Cookie").ToList()))
{
cookieHeaders.Add(cookie.Name + "=" + cookie.Value);
}
return(cookieHeaders);
}
return(null);
}
public async Task InteropWithNewCookieContainsIdentity()
{
var user = new ClaimsPrincipal();
var identity = new ClaimsIdentity("scheme");
identity.AddClaim(new Claim(ClaimTypes.Name, "Alice"));
user.AddIdentity(identity);
var dataProtection = DataProtectionProvider.Create(new DirectoryInfo("..\\..\\artifacts"));
var dataProtector = dataProtection.CreateProtector(
"Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware", // full name of the ASP.NET Core type
CookieAuthenticationDefaults.AuthenticationType, "v2");
var builder = new WebHostBuilder()
.Configure(app =>
{
app.UseCookieAuthentication(new AspNetCore.Builder.CookieAuthenticationOptions
{
DataProtectionProvider = dataProtection
});
app.Run(context => context.Authentication.SignInAsync("Cookies", user));
})
.ConfigureServices(services => services.AddAuthentication());
var newServer = new AspNetCore.TestHost.TestServer(builder);
var cookie = await SendAndGetCookie(newServer, "http://example.com/login");
var server = TestServer.Create(app =>
{
app.Properties["host.AppName"] = "Microsoft.Owin.Security.Tests";
app.UseCookieAuthentication(new Owin.Security.Cookies.CookieAuthenticationOptions
{
TicketDataFormat = new AspNetTicketDataFormat(new DataProtectorShim(dataProtector)),
CookieName = AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.CookiePrefix
+ AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.AuthenticationScheme,
});
app.Run(async context =>
{
var result = await context.Authentication.AuthenticateAsync("Cookies");
Describe(context.Response, result);
});
});
var transaction2 = await SendAsync(server, "http://example.com/me/Cookies", cookie);
Assert.Equal("Alice", FindClaimValue(transaction2, ClaimTypes.Name));
}
