public void DpapiCredentialStore_Get_ReadProtectedFile()
{
var fs = new TestFileSystem();
var store = new DpapiCredentialStore(fs, TestStoreRoot, TestNamespace);
string service = "https://example.com";
const string userName = "******";
const string password = "******"; // [SuppressMessage("Microsoft.Security", "CS001:SecretInline", Justification="Fake credential")]
string serviceSlug = Path.Combine(TestNamespace, "https", "example.com");
string fileName = $"{userName}.credential";
string filePath = Path.Combine(TestStoreRoot, serviceSlug, fileName);
byte[] plainData = Encoding.UTF8.GetBytes(password);
byte[] cryptoData = ProtectedData.Protect(plainData, null, DataProtectionScope.CurrentUser);
string cryptoLine0 = Convert.ToBase64String(cryptoData);
var contents = new StringBuilder();
contents.AppendLine(cryptoLine0);
contents.AppendLine($"service={service}");
contents.AppendLine($"account={userName}");
contents.AppendLine();
byte[] data = Encoding.UTF8.GetBytes(contents.ToString());
fs.Directories.Add(Path.Combine(TestStoreRoot, serviceSlug));
fs.Files[filePath] = data;
ICredential credential = store.Get(service, userName);
Assert.Equal(password, credential.Password);
Assert.Equal(userName, credential.Account);
}
public void DpapiCredentialStore_Get_KeyNotFound_ReturnsNull()
{
var fs = new TestFileSystem();
var store = new DpapiCredentialStore(fs, TestStoreRoot, TestNamespace);
// Unique service; guaranteed not to exist!
string service = Guid.NewGuid().ToString("N");
ICredential credential = store.Get(service, account: null);
Assert.Null(credential);
}
