public void AuthorizeWithOAuth() { var logger = Substitute.For <ILog>(); var testHandler = new TestHandler((request, cancelation) => { Assert.AreEqual("Bearer", request.Headers.Authorization.Scheme); Assert.AreEqual("ABC", request.Headers.Authorization.Parameter); return(Task.FromResult(new HttpResponseMessage(HttpStatusCode.OK))); }); var credentials = new Credentials("ABC"); var handler = new AuthorizationHandler(credentials, logger) { InnerHandler = testHandler }; var client = new HttpClient(handler); // ReSharper disable once MethodSupportsCancellation var response = client.GetAsync("http://lodididki"); Assert.AreEqual(HttpStatusCode.OK, response.Result.StatusCode); }
//[Ignore("This test opens a browser window")] public void CheckIfTokenCanBeRetrievedFromBrowserLoginPage() { var loginWindowFactoryMock = new Mock <ILoginWindowFactory>(); var apiBaseUrl = "https://localhost:44318/"; var webAppBaseUrl = "https://localhost:44376/"; //var apiBaseUrl = "http://guts-api.appspot.com/"; //var webAppBaseUrl = "http://guts-web.appspot.com/"; loginWindowFactoryMock.Setup(factory => factory.Create()).Returns( () => { var httpHandler = new HttpClientToHttpHandlerAdapter(apiBaseUrl); return(new LoginWindow(httpHandler, webAppBaseUrl)); }); var authorizationHandler = new AuthorizationHandler(loginWindowFactoryMock.Object); var retrieveTokenTask = authorizationHandler.RetrieveRemoteAccessTokenAsync(); var retrievedToken = retrieveTokenTask.Result; Assert.That(retrievedToken, Is.Not.Empty); }
public void AuthorizeWithBasicAuthentication() { var logger = Substitute.For <ILog>(); var testHandler = new TestHandler((request, cancelation) => { Assert.AreEqual("Basic", request.Headers.Authorization.Scheme); var authDetailsBytes = Convert.FromBase64String(request.Headers.Authorization.Parameter); var authDetails = Encoding.GetEncoding("iso-8859-1").GetString(authDetailsBytes); var authArray = authDetails.Split(':'); Assert.AreEqual("testToken", authArray[0]); Assert.AreEqual("testSecret", authArray[1]); return(Task.FromResult(new HttpResponseMessage(HttpStatusCode.OK))); }); var credentials = new Credentials("testToken", "testSecret"); var handler = new AuthorizationHandler(credentials, logger) { InnerHandler = testHandler }; var client = new HttpClient(handler); // ReSharper disable once MethodSupportsCancellation var response = client.GetAsync("http://lodididki"); Assert.AreEqual(HttpStatusCode.OK, response.Result.StatusCode); }
private bool AreValidCrendentials(Tuple <string, string> credentials) { var username = credentials.Item1; var password = credentials.Item2; return(AuthorizationHandler.AreValidCredentials(username, password)); }
// PUT api/values/5 public IHttpActionResult Put(int id, [FromBody] Board board) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var b = _context.Boards.FirstOrDefault(i => i.Id == id); if (b == null) { return(NotFound()); } if (!AuthorizationHandler.PasswordMatched(b.Password, Request)) { return(Unauthorized()); } b.Title = board.Title; if (board.Password != null && board.Password.Trim().Length > 0) { b.Password = board.Password.Trim(); } _context.SaveChanges(); b.PasswordConvert(); return(Ok(b)); }
// PUT api/values/5 public IHttpActionResult Put(int id, [FromBody] Card card) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var c = _context.Cards.FirstOrDefault(i => i.Id == id); if (c == null) { return(NotFound()); } var board = _context.Boards.Find(_context.CardCollections.Find(card.CardCollectionId).BoardId); if (board == null) { return(NotFound()); } if (!AuthorizationHandler.PasswordMatched(board.Password, Request)) { return(Unauthorized()); } c.Title = card.Title; c.ImgData = card.ImgData; c.Description = card.Description; c.CardCollectionId = card.CardCollectionId; _context.SaveChanges(); return(Ok(card)); }
private async Task <HttpResponseMessage> SendAsync(HttpMethod method, Func <Urls, string> relativePathSelector, string mediaType, bool cache, HttpContent content = null, bool authorize = false) { var client = await GetHttpClient(); var urls = await GetUrls(); var url = relativePathSelector(urls); using (var message = new HttpRequestMessage(method, url)) { message.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue(mediaType)); if (authorize) { AuthorizationHandler.SetDoAuthrozation(message); } if (content != null) { message.Content = content; } message.Headers.CacheControl = new CacheControlHeaderValue { NoCache = !cache }; return(await client.SendAsync(message)); } }
protected MonitoredTestFixtureBaseAttribute(string courseCode) { _courseCode = courseCode; //var executingFolder = new DirectoryInfo(AppContext.BaseDirectory); //var projectFolder = executingFolder.Parent?.Parent?.Parent; //Assert.That(projectFolder, Is.Not.Null, () => "Technical error: could not find the path of the project."); //.SetBasePath(projectFolder.FullName) var gutsConfig = new ConfigurationBuilder().AddJsonFile("gutssettings.json", optional: false).Build(); var gutsSection = gutsConfig.GetSection("Guts"); string apiBaseUrl = gutsSection.GetValue("apiBaseUrl", string.Empty); if (string.IsNullOrEmpty(apiBaseUrl)) { throw new Exception("Could not find 'apiBaseUrl' setting in 'gutssettings.json'."); } string webAppBaseUrl = gutsSection.GetValue("webAppBaseUrl", string.Empty); if (string.IsNullOrEmpty(webAppBaseUrl)) { throw new Exception("Could not find 'webAppBaseUrl' setting in 'gutssettings.json'."); } var httpHandler = new HttpClientToHttpHandlerAdapter(apiBaseUrl); var authorizationHandler = new AuthorizationHandler(new LoginWindowFactory(httpHandler, webAppBaseUrl)); _resultSender = new TestRunResultSender(httpHandler, authorizationHandler); }
public void VerifyTheExistanceOfAuthenticationAndVersioning() { const string versionHeader = "api-version-header"; const string versionHeaderValue = "3.2"; var testHandler = new TestHandler((request, cancelation) => { var requestVersionHeader = request.Headers.FirstOrDefault(h => h.Key == versionHeader); Assert.IsNotNull(requestVersionHeader); Assert.IsNotNullOrEmpty(requestVersionHeader.Value.FirstOrDefault()); Assert.AreEqual(versionHeaderValue, requestVersionHeader.Value.FirstOrDefault()); Assert.AreEqual("Bearer", request.Headers.Authorization.Scheme); Assert.AreEqual("ABC", request.Headers.Authorization.Parameter); return(Task.FromResult(new HttpResponseMessage(HttpStatusCode.OK))); }); var logger = Substitute.For <ILog>(); var credentials = new Credentials("ABC"); var versionHandler = new VersioningHandler(versionHeader, versionHeaderValue); var authorizationHandlerhandler = new AuthorizationHandler(credentials, logger); var clientWrapper = new HttpClientWrapper(versionHandler, authorizationHandlerhandler, testHandler); var client = clientWrapper.HttpClient; // ReSharper disable once MethodSupportsCancellation var response = client.GetAsync("http://lodididki"); Assert.AreEqual(HttpStatusCode.OK, response.Result.StatusCode); }
public void TestThatAuthorizeThrowsSecurityExceptionWhenServiceTypeHasRequiredClaimTypeAttributesAndClaimSetsDoesNotHaveRequiredClaimTypes() { var fixture = new Fixture(); var claimSetStub = MockRepository.GenerateStub <ClaimSet>(); claimSetStub.Stub(m => m.FindClaims(Arg <string> .Is.Equal(FoodWasteClaimTypes.SystemManagement), Arg <string> .Is.Anything)) .Return(new List <Claim>(0)) .Repeat.Any(); claimSetStub.Stub(m => m.FindClaims(Arg <string> .Is.Equal(FoodWasteClaimTypes.HouseHoldManagement), Arg <string> .Is.Anything)) .Return(new List <Claim>(0)) .Repeat.Any(); claimSetStub.Stub(m => m.FindClaims(Arg <string> .Is.Equal(FoodWasteClaimTypes.ValidatedUser), Arg <string> .Is.Anything)) .Return(new List <Claim> { new Claim(FoodWasteClaimTypes.ValidatedUser, fixture.Create <object>(), Rights.PossessProperty) }) .Repeat.Any(); var authorizationHandler = new AuthorizationHandler(); Assert.That(authorizationHandler, Is.Not.Null); var exception = Assert.Throws <SecurityException>(() => authorizationHandler.Authorize(new List <ClaimSet> { claimSetStub }, typeof(MySecuredService))); Assert.That(exception, Is.Not.Null); Assert.That(exception.Message, Is.Not.Null); Assert.That(exception.Message, Is.Not.Empty); Assert.That(exception.Message, Is.EqualTo(Resource.GetExceptionMessage(ExceptionMessage.MissingClaimTypeForIdentity))); Assert.That(exception.InnerException, Is.Null); }
public void TestThatAuthorizeReturnWhenServiceTypeHasRequiredClaimTypeAttributesAndClaimSetsHasRequiredClaimTypes() { var fixture = new Fixture(); var claimSetStub = MockRepository.GenerateStub <ClaimSet>(); claimSetStub.Stub(m => m.FindClaims(Arg <string> .Is.Equal(FoodWasteClaimTypes.SystemManagement), Arg <string> .Is.Anything)) .Return(new List <Claim> { new Claim(FoodWasteClaimTypes.SystemManagement, fixture.Create <object>(), Rights.PossessProperty) }) .Repeat.Any(); claimSetStub.Stub(m => m.FindClaims(Arg <string> .Is.Equal(FoodWasteClaimTypes.HouseHoldManagement), Arg <string> .Is.Anything)) .Return(new List <Claim> { new Claim(FoodWasteClaimTypes.HouseHoldManagement, fixture.Create <object>(), Rights.PossessProperty) }) .Repeat.Any(); claimSetStub.Stub(m => m.FindClaims(Arg <string> .Is.Equal(FoodWasteClaimTypes.ValidatedUser), Arg <string> .Is.Anything)) .Return(new List <Claim> { new Claim(FoodWasteClaimTypes.ValidatedUser, fixture.Create <object>(), Rights.PossessProperty) }) .Repeat.Any(); var authorizationHandler = new AuthorizationHandler(); Assert.That(authorizationHandler, Is.Not.Null); authorizationHandler.Authorize(new List <ClaimSet> { claimSetStub }, typeof(MySecuredService)); claimSetStub.AssertWasCalled(m => m.FindClaims(Arg <string> .Is.Equal(FoodWasteClaimTypes.SystemManagement), Arg <string> .Is.Equal(Rights.PossessProperty))); claimSetStub.AssertWasCalled(m => m.FindClaims(Arg <string> .Is.Equal(FoodWasteClaimTypes.HouseHoldManagement), Arg <string> .Is.Equal(Rights.PossessProperty))); claimSetStub.AssertWasCalled(m => m.FindClaims(Arg <string> .Is.Equal(FoodWasteClaimTypes.ValidatedUser), Arg <string> .Is.Equal(Rights.PossessProperty))); }
public DelegatingAuthorizationHandler( AuthorizationHandler <TDelegateRequirement, TDelegateEntity> delegateHandler, Func <TEntity, TDelegateEntity> delegateResourceFn) { _delegateHandler = delegateHandler; _delegateResourceFn = delegateResourceFn; }
private async Task <AuthorizationToken> GetAuthorizationTokenAsync() { var secret = await secretsService .GetSecretAsync(nameof(AuthenticationService)) .ConfigureAwait(false); if (string.IsNullOrEmpty(secret)) { return(null); } var token = JsonConvert.DeserializeObject <AuthorizationToken>(secret); if (token.AccessTokenExpires.GetValueOrDefault(DateTime.UtcNow).AddMinutes(-1) < DateTime.UtcNow) { token = await AuthorizationHandler .RefreshAsync(token) .ConfigureAwait(false); await((IAuthenticationSetup)this) .SetupAsync(token) .ConfigureAwait(false); } return(token); }
public void CheckIfLoginWindowOpens() { var httpHandlerMock = new Mock <IHttpHandler>(); var loginWindowFactory = new LoginWindowFactory(httpHandlerMock.Object); var authorizationHandler = new AuthorizationHandler(loginWindowFactory); var token = authorizationHandler.RetrieveRemoteAccessTokenAsync().Result; }
public void SetupOnce() { var logger = Substitute.For <ILog>(); var credentials = new Credentials("ABC"); _versionHandler = new VersioningHandler(API_VERSION); _authorizationHandlerhandler = new AuthorizationHandler(credentials, logger); }
public void TestThatAuthorizeReturnWhenServiceTypeDoesNotHaveAnyRequiredClaimTypeAttributes() { var authorizationHandler = new AuthorizationHandler(); Assert.That(authorizationHandler, Is.Not.Null); authorizationHandler.Authorize(new List <ClaimSet>(0), typeof(MyUnsecuredService)); }
public void TestCheckUrlHasNoPermission3() { var stub = CreateStub(); var authorizationHandler = new AuthorizationHandler(stub); var result = authorizationHandler.CheckUrl("1", "/api/TEST/abc?c=2", null, null); Assert.IsFalse(result); }
public void TestCheckUrlHasPermission2() { var stub = CreateStub(); var authorizationHandler = new AuthorizationHandler(stub); var result = authorizationHandler.CheckUrl("1", "/api/Tns/abc?a=23", null, null); Assert.IsTrue(result); }
public void TestCheckFunctionHasNoPermission() { var stub = CreateStub(); var authorizationHandler = new AuthorizationHandler(stub); var result = authorizationHandler.CheckFunction("1", "CustomerPermission"); Assert.IsFalse(result); }
public static AbstractAccessHandler SetUpChain() { var authentication = new AuthenticationHandler(); var authorization = new AuthorizationHandler(); authentication.SetNext(authorization); return(authentication); }
public async Task <ActionResult <Player> > Post() { var player = await AuthorizationHandler.CheckAuthorization(HttpContext); if (player == null) { return(Unauthorized()); } return(player); }
/*! @brief requests authorization to read the supplied data types, with a completion handler. */ public void Authorize(HealthKitDataTypes types, AuthorizationHandler handler) { #if UNITY_IOS && !UNITY_EDITOR if (handler != null) { this.authorizationHandler += handler; } Debug.Log("--- authorizing ---"); _Authorize(types.Transmit()); #endif }
public IActionResult Delete(int id) { if (!AuthorizationHandler.IsSignedIn(HttpContext.Session)) { return(RedirectToAction("Index", "Home")); } Utilities.UserToView(this); var recipe = context.Recipes.Find(id); return(View(recipe)); }
public IActionResult Register() { Utilities.UserToView(this); if (AuthorizationHandler.IsSignedIn(HttpContext.Session)) { return(RedirectToAction("Index", "Home")); } return(View()); }
public void TestThatGetTrustedClaimSetsReturnsTrustedClaimSets(string trustedCertificateSubjectName, string untrustedCertificateSubjectName) { var trustedClaimSet1Stub = MockRepository.GenerateStub <ClaimSet>(); trustedClaimSet1Stub.Stub(m => m.Issuer) .Return(new X509CertificateClaimSet(TestHelper.GetCertificate(trustedCertificateSubjectName))) .Repeat.Any(); var trustedClaimSet2Stub = MockRepository.GenerateStub <ClaimSet>(); trustedClaimSet2Stub.Stub(m => m.Issuer) .Return(new X509CertificateClaimSet(TestHelper.GetCertificate(trustedCertificateSubjectName))) .Repeat.Any(); var untrustedClaimSet1Stub = MockRepository.GenerateStub <ClaimSet>(); untrustedClaimSet1Stub.Stub(m => m.Issuer) .Return(new X509CertificateClaimSet(TestHelper.GetCertificate(untrustedCertificateSubjectName))) .Repeat.Any(); var untrustedClaimSet2Stub = MockRepository.GenerateStub <ClaimSet>(); untrustedClaimSet2Stub.Stub(m => m.Issuer) .Return(null) .Repeat.Any(); var untrustedClaimSet3Stub = MockRepository.GenerateStub <ClaimSet>(); untrustedClaimSet3Stub.Stub(m => m.Issuer) .Return(MockRepository.GenerateStub <ClaimSet>()) .Repeat.Any(); var claimSets = new List <ClaimSet> { trustedClaimSet1Stub, trustedClaimSet2Stub, untrustedClaimSet1Stub, untrustedClaimSet2Stub, untrustedClaimSet3Stub }; var authorizationHandler = new AuthorizationHandler(); Assert.That(authorizationHandler, Is.Not.Null); var trustedClaimSets = authorizationHandler.GetTrustedClaimSets(claimSets).ToList(); Assert.That(trustedClaimSets, Is.Not.Null); Assert.That(trustedClaimSets, Is.Not.Empty); Assert.That(trustedClaimSets.Count, Is.EqualTo(2)); Assert.That(trustedClaimSets.Contains(trustedClaimSet1Stub), Is.True); Assert.That(trustedClaimSets.Contains(trustedClaimSet2Stub), Is.True); }
public IActionResult SignOut(bool f = false) { Utilities.UserToView(this); if (!AuthorizationHandler.IsSignedIn(HttpContext.Session)) { return(RedirectToAction("Index", "Home")); } AuthenticationHandler.SignOut(HttpContext.Session); return(RedirectToAction("Index", "Home")); }
public Client(string userName, string password, string baseUrl) { var uri = new Uri(baseUrl); _baseUrl = string.Concat(uri.Scheme, "://", uri.Host); _siteUrl = uri.AbsolutePath; _userName = userName; _password = password; _handler = new AuthorizationHandler(_baseUrl, _siteUrl); _initTask = Task.Factory.StartNew(Authorize); }
public static IHandler Build() { var okHandler = new OkHandler(); var putHandler = new PutHandler(); var notFoundHandler = new NotFoundHandler(putHandler); var methodIsSupportedHandler = new MethodIsSupportedHandler(okHandler); var resourceExistsHandler = new ResourceExistsHandler(methodIsSupportedHandler, notFoundHandler); var endpointExistsHandler = new EndpointExistsHandler(resourceExistsHandler); var optionsHandler = new OptionsHandler(endpointExistsHandler); var authorizationHandler = new AuthorizationHandler(optionsHandler); var authenticationHandler = new AuthenticationHandler(authorizationHandler); return authenticationHandler; }
public void TestCheckFunctionHasPermissionUseCache() { var stub = CreateStub(); var authorizationHandler = new AuthorizationHandler(stub); authorizationHandler.UseCache = true; authorizationHandler.CheckFunction("1", "UserPermission"); var accessStorageTimes = stub.accessTimes; authorizationHandler.CheckFunction("1", "UserPermission"); Assert.IsTrue(accessStorageTimes == stub.accessTimes); }
public IActionResult Add() { if (!AuthorizationHandler.IsSignedIn(HttpContext.Session)) { return(RedirectToAction("Index", "Home")); } Utilities.UserToView(this); ViewBag.Action = "Add"; return(View("Edit", new Recipe() { Username = AuthenticationHandler.CurrentUser(HttpContext.Session).Username })); }
public void TestThatGetTrustedClaimSetsThrowsArgumentNullExceptionWhenClaimSetsIsNull() { var authorizationHandler = new AuthorizationHandler(); Assert.That(authorizationHandler, Is.Not.Null); var exception = Assert.Throws <ArgumentNullException>(() => authorizationHandler.GetTrustedClaimSets(null)); Assert.That(exception, Is.Not.Null); Assert.That(exception.ParamName, Is.Not.Null); Assert.That(exception.ParamName, Is.Not.Empty); Assert.That(exception.ParamName, Is.EqualTo("claimSets")); Assert.That(exception.InnerException, Is.Null); }