public void TestModel_User_Invalid_State() { //Arrange _configurationRoot = MockConfigurationRoot(); _localizer = new MockStringLocalizer <AccountController>(); var controller = GetFakeController(_configurationRoot, _localizer, _claimApi); _user = new CISUser { UserName = "******", DomainName = "domain", UserRole = null }; //Act // Called the "CreateToken" of fake controller(FakeAccountController). // by introducing the model error making model state invalid controller.ModelState.AddModelError("key", "error message"); var result = controller.CreateToken(_user); //Assert Assert.Equal(((Microsoft.AspNetCore.Mvc.ObjectResult)result).StatusCode.ToString(), "400"); }
public void TestModel_User_Valid_State() { _user = new CISUser { UserName = "******", DomainName = "domain", UserRole = new UserRole { Role = Roles.CIS_Admin } }; //Arrange IAuthorisedClaimApi fakeApi = Substitute.For <IAuthorisedClaimApi>(); fakeApi.IssuerServer.Returns("fakeIssure"); fakeApi.AudianceServer.Returns("fakeAudianceServer"); fakeApi.ExpirationTime.Returns("fake ExpirationTime"); fakeApi.SymmetricSecurityKey.Returns("fake SymmetricSecurityKey"); fakeApi.CreateToken(_user).ReturnsForAnyArgs(_Token); IConfigurationRoot configurationRoot = Substitute.For <IConfigurationRoot>(); _localizer = new MockStringLocalizer <AccountController>(); AccountController ctrl = new AccountController(configurationRoot, _localizer, fakeApi); //Act var res = ctrl.CreateToken(_user); var result = res; //Assert Assert.Equal(JsonConvert.SerializeObject(_Token), ((Microsoft.AspNetCore.Mvc.ObjectResult)result).Value.ToString()); }
public void TestCreateToken() { //Arrange _user = new CISUser { UserName = "******", DomainName = "domain", UserRole = new UserRole { Role = Roles.CIS_Admin } }; IAuthorisedClaimApi fakeApi = Substitute.For <IAuthorisedClaimApi>(); fakeApi.IssuerServer.Returns("http://localhost:65517/"); fakeApi.AudianceServer.Returns("http://localhost:65517/"); fakeApi.ExpirationTime.Returns("30"); fakeApi.SymmetricSecurityKey.Returns(_symmetricKey); fakeApi.CreateToken(_user).ReturnsForAnyArgs(_Token); //Act fakeApi.CreateToken(_user).ReturnsForAnyArgs(_Token); var res = fakeApi.CreateToken(_user); var result = res; //Assert Assert.Contains(_Token, result); }
public UserRole GetUserRole(CISUser user) { UserRole _userRole = new UserRole(); //Logic to call AD for user Role goes here. //_userRole.Role = Roles.Admin; return(_userRole); }
protected void Application_AuthenticateRequest(object sender, EventArgs e) { // If the user is authenticated, create the custom principal, which is attached to the current request. // The user's role is stored in the CustomPrincipal object in the Global_AcquireRequestState event handler. string userInformation = String.Empty; if (Request.IsAuthenticated) { //Get user object identity for current request string usr = User.Identity.Name.ToString(); usr = usr.Substring(usr.LastIndexOf("\\") + 1); //Retrieve user info based on login CISUser colUsers = CISUser.GetCisUser(usr, System.Convert.ToInt32(ConfigurationSettings.AppSettings[strPubEntAdminAppId])); //Begin CR-11-001-36 if (colUsers == null) { Server.Transfer("~/UnauthorizedAccess.aspx", true); } //End CR-36 userInformation = colUsers.ID + ";" + colUsers.Role + ";" + colUsers.Login + ";" + colUsers.Name + ";" + colUsers.Email + ";" + colUsers.RegionNo; FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( 1, // version Context.User.Identity.Name, // user name DateTime.Now, // issue time DateTime.Now.AddHours(1), // expires every hour false, // don't persist cookie userInformation ); // Send the cookie to the client // Response.Cookies["rpd_cookie"].Value = FormsAuthentication.Encrypt(ticket); // Response.Cookies["rpd_cookie"].Path = "/"; // Response.Cookies["rpd_cookie"].Expires = DateTime.Now.AddMinutes(1); Context.User = new CustomPrincipal(User.Identity, colUsers.ID, colUsers.Role, colUsers.Login, colUsers.Name, colUsers.Email, colUsers.RegionNo, colUsers.LastName); //Response.Write("<h2>" + colUsers[0].Role + "</h2>"); if (!User.IsInRole(PubEntAdminManager.AdminRole) && !User.IsInRole(PubEntAdminManager.DWHStaffRole) && !User.IsInRole(PubEntAdminManager.RURole)) { Server.Transfer("~/UnauthorizedAccess.aspx", true); } } else { Server.Transfer("~/UnauthorizedAccess.aspx", true); } }
protected void RowDataBound(object sender, GridViewRowEventArgs e) { GridViewRow row = e.Row; if (row.DataItem == null) //**EAC make sure its a datarow { return; } CISUser o = (CISUser)row.DataItem; LinkButton lnkEdit = (LinkButton)row.FindControl("lnkEdit"); lnkEdit.PostBackUrl = "~/guam/edituser.aspx?userid=" + o.ID; }
public IActionResult CreateToken([FromBody] CISUser model) { try { if (model == null) { return(BadRequest(this._localizer?["ModelIsNull"]?.Value)); } if (model != null && model.UserName == null) { return(Unauthorized()); } if (!ModelState.IsValid) { return(BadRequest(this._localizer?["InvalidModelState"]?.Value)); } //if (model.DomainName != null && model.DomainName == "LYNK") //{ var authToken = _claimApi.CreateToken(model); //var authToken = GetToken(model); if (authToken.ToUpper().IndexOf(" ERROR") > 0 || authToken.ToUpper().IndexOf("NULLREFERENCE") > 0) { return(BadRequest(this._localizer?["ExceptionWhileCreatingAToken"]?.Value)); } else { return(Ok(JsonConvert.SerializeObject(authToken))); } //} //return Unauthorized(); } catch (Exception) { return(StatusCode((int)HttpStatusCode.InternalServerError, "error while creating token")); } }
/// <summary> /// /// </summary> /// <param name="model"></param> /// <returns></returns> public string CreateToken(CISUser model) { try { if (model.UserRole == null) { model.UserRole = GetUserRole(model); } //For now including the Admin Role if the Role of user is not assigned. List <Claim> userClaims = new List <Claim>() { new Claim(model.UserRole.Role.ToString() ?? "CIS_STAGE_Reader", "true") }; var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, model.UserName), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.Email, model.UserName) }.Union(userClaims); var symmetricSecurityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(SymmetricSecurityKey)); var signingCredentials = new SigningCredentials(symmetricSecurityKey, SecurityAlgorithms.HmacSha256); var jwtSecurityToken = new JwtSecurityToken( issuer: IssuerServer, audience: AudianceServer, claims: claims, expires: DateTime.UtcNow.AddMinutes(Convert.ToDouble(ExpirationTime)), signingCredentials: signingCredentials ); var token = new { token = new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken), expiration = jwtSecurityToken.ValidTo }; return(token.ToString()); } catch (Exception ex) { //logging of the error return(ex.ToString()); } }
protected void btnSave1_Click(object sender, EventArgs e) { //***EAC SAVE CURRENT RECORD if (Page.IsValid && _userid > 0) { //***EAC we only save ROLE for now ... CISUser c = new CISUser(this._userid, "dummy", "dummy", drpRoles.SelectedValue, "dummy", "dummy", "dummy", "dummy"); if (PubEntAdmin.DAL.PE_DAL.SaveGuamUser(c)) { lblMessage.Text = "Your changes have been saved"; } else { lblMessage.Text = "Error! There was a problem saving"; } } }
public void TestModel_User_IsNull_Invalid_State() { //Arrange _configurationRoot = MockConfigurationRoot(); _localizer = new MockStringLocalizer <AccountController>(); var controller = GetFakeController(_configurationRoot, _localizer, _claimApi); _user = new CISUser { UserName = null, DomainName = null, UserRole = null }; //Act var result = controller.CreateToken(_user); string statusCode = Convert.ToString(((Microsoft.AspNetCore.Mvc.UnauthorizedResult)result).StatusCode); //Assert Assert.Equal(statusCode, "401"); }
protected void Page_Load(object sender, EventArgs e) { if (Session.IsNewSession) { Response.Redirect("~/Home.aspx"); } System.Web.UI.UserControl userControl = (System.Web.UI.UserControl) this.LoadControl("~/UserControl/AdminMenu.ascx"); this.plcHldMenu.Controls.Add(userControl); if (!IsPostBack) { if (Request.QueryString["userid"] != null) { _userid = Int32.Parse(Request.QueryString["userid"]); CISUser c = PubEntAdmin.BLL.CISUser.GetGuamUserById(_userid); lblUsername.Text = c.Email; kvpaircoll = DAL.PE_DAL.GetGuamRoles(); drpRoles.DataSource = kvpaircoll; drpRoles.DataTextField = "Val"; drpRoles.DataValueField = "Val"; drpRoles.DataBind(); drpRoles.SelectedValue = c.Role; //foreach (KVPair kvpair in kvpaircoll) //{ // ListItem lstItem = new ListItem(); // lstItem.Text = kvpair.Val; // lstItem.Value = kvpair.Key; // if (kvpair.IsSelected == "1") // lstItem.Selected = true; // else // lstItem.Selected = false; // drpRoles.Items.Add(lstItem); //} } } }