public void MismatchTokenBetweenAppsWhenAppSignedRequestThrows()
{
IAppIdentity appIdentityMaster = AutonomousAppIdentity.Master;
IAutonomousApp clientAppMaster = AutonomousApp.Initialize(CachePolicy.BypassCache)
.RoutingTo(TestingEndpointProvider.Default)
.WithIdentity(appIdentityMaster)
.Authenticate()
.GetClient();
Assert.That(clientAppMaster, Is.Not.Null);
Assert.That(clientAppMaster.AuthToken, Is.Not.Null);
Assert.That(clientAppMaster.AuthToken.Token, Is.Not.Null);
IAppIdentity appIdentityHelper = AutonomousAppIdentity.Helper;
IAutonomousApp clientAppHelper = AutonomousApp.Initialize(CachePolicy.BypassCache)
.RoutingTo(TestingEndpointProvider.Default)
.WithIdentity(appIdentityHelper)
.Authenticate()
.GetClient();
Assert.That(clientAppHelper, Is.Not.Null);
Assert.That(clientAppHelper.AuthToken, Is.Not.Null);
Assert.That(clientAppHelper.AuthToken.Token, Is.Not.Null);
IPayloadClaimsManager mismatchTokenClaimBehavior = InvalidTokenPayloadClaim.WithClaimBehavior(() => clientAppHelper.AuthToken.Token);
ServiceLocator.Instance.RegisterPayloadClaimsManager(mismatchTokenClaimBehavior);
AspenException exception = Assert.Throws <AspenException>(() => clientAppMaster.Settings.GetDocTypes());
Assert.That(exception.EventId, Is.EqualTo("15846"));
Assert.That(exception.StatusCode, Is.EqualTo(HttpStatusCode.Unauthorized));
StringAssert.IsMatch("No coinciden los datos recibidos del token vs los valores esperados. ¿Se modificaron los valores en tránsito o está utilizando el ApiKey en otra aplicación?", exception.Message);
}
public void UsingRandomDeviceIdWhenUserSigninRequestWorks()
{
IPayloadClaimsManager randomDeviceIdClaimBehavior = InvalidDeviceIdPayloadClaim.WithClaimBehavior(() => $"MyRandomDevice-{new Random().Next(999999, 9999999)}");
ServiceLocator.Instance.RegisterPayloadClaimsManager(randomDeviceIdClaimBehavior);
IDelegatedApp client = this.GetDelegatedClient();
Assert.That(client, Is.Not.Null);
Assert.That(client.AuthToken, Is.Not.Null);
Assert.That(client.AuthToken.Token, Is.Not.Null);
}
public void InvalidFormatTokenWhenSignedRequestThrows()
{
IDelegatedApp client = this.GetDelegatedClient();
IPayloadClaimsManager invalidFormatBehavior = InvalidTokenPayloadClaim.WithClaimBehavior(() => "gXjyhrYqannHUA$LLV&7guTHmF&1X5JB$Uobx3@!rPn9&x4BzE");
ServiceLocator.Instance.RegisterPayloadClaimsManager(invalidFormatBehavior);
AspenException exception = Assert.Throws <AspenException>(() => client.Settings.GetDocTypes());
Assert.That(exception.EventId, Is.EqualTo("20007"));
Assert.That(exception.StatusCode, Is.EqualTo(HttpStatusCode.BadRequest));
StringAssert.IsMatch("El contenido de la cabecera personalizada 'X-PRO-Auth-Payload' no es válido", exception.Message);
}
public void MismatchDeviceIdWhenUserSignedRequestThrows()
{
IDelegatedApp client = this.GetDelegatedClient();
IPayloadClaimsManager randomDeviceIdClaimBehavior = InvalidDeviceIdPayloadClaim.WithClaimBehavior(() => $"MyRandomDevice-{new Random().Next(999999, 9999999)}");
ServiceLocator.Instance.RegisterPayloadClaimsManager(randomDeviceIdClaimBehavior);
AspenException exception = Assert.Throws <AspenException>(() => client.Settings.GetDocTypes());
Assert.That(exception.EventId, Is.EqualTo("15847"));
Assert.That(exception.StatusCode, Is.EqualTo(HttpStatusCode.Unauthorized));
StringAssert.IsMatch("No hay un token de autenticación vigente.", exception.Message);
}
public void MismatchUsernameWhenUserSignedRequestThrows()
{
IDelegatedApp client = this.GetDelegatedClient();
IUserIdentity userIdentityHelper = RecognizedUserIdentity.Helper;
IPayloadClaimsManager mismatchUsernameClaimBehavior = InvalidUsernamePayloadClaim.WithClaimBehavior(() => $"{userIdentityHelper.DocType}-{userIdentityHelper.DocNumber}");
ServiceLocator.Instance.RegisterPayloadClaimsManager(mismatchUsernameClaimBehavior);
AspenException exception = Assert.Throws <AspenException>(() => client.Settings.GetDocTypes());
Assert.That(exception.EventId, Is.EqualTo("15846"));
Assert.That(exception.StatusCode, Is.EqualTo(HttpStatusCode.Unauthorized));
StringAssert.IsMatch("No coinciden los datos recibidos del token vs los valores esperados. ¿Se modificaron los valores en tránsito o está utilizando el ApiKey en otra aplicación?", exception.Message);
}
public void NotFoundUsernameWhenUserSignedRequestThrows()
{
IDelegatedApp client = this.GetDelegatedClient();
string fixedDocType = "CC";
string randomDocNumber = new Random().Next(1000000000, int.MaxValue).ToString();
IPayloadClaimsManager randomUsernameClaimBehavior = InvalidUsernamePayloadClaim.WithClaimBehavior(() => $"{fixedDocType}-{randomDocNumber}");
ServiceLocator.Instance.RegisterPayloadClaimsManager(randomUsernameClaimBehavior);
AspenException exception = Assert.Throws <AspenException>(() => client.Settings.GetDocTypes());
Assert.That(exception.EventId, Is.EqualTo("15847"));
Assert.That(exception.StatusCode, Is.EqualTo(HttpStatusCode.Unauthorized));
StringAssert.IsMatch("No hay un token de autenticación vigente.", exception.Message);
}
/// <summary>
/// Inicializa una nueva instancia de la clase <see cref="ServiceLocator" />
/// </summary>
/// <param name="nonceGenerator">Instancia de <see cref="INonceGenerator" /> que se utiliza para inicializar el proveedor de valores nonce o <c>null</c> para utilizar la instancia predeterminada.</param>
/// <param name="epochGenerator">Instancia de <see cref="IEpochGenerator" /> que se utiliza para inicializar el proveedor de valores epoch o <c>null</c> para utilizar la instancia predeterminada.</param>
/// <param name="headersManager">Instancia de <see cref="IHeadersManager" /> que se utiliza para inicializar el proveedor de cabeceras para las solicitudes al servicio o <c>null</c> para utilizar la instancia predeterminada.</param>
/// <param name="requestHeaderNames">Instancia de <see cref="IHeaderElement" /> que se utiliza para inicializar el proveedor de los nombres de cabeceras personalizadas o <c>null</c> para utilizar la instancia predeterminada.</param>
/// <param name="payloadClaimNames">Instancia de <see cref="IPayloadClaimElement" /> que se utiliza para inicializar el proveedor de los nombres para las reclamaciones usadas en la carga útil del servicio o <c>null</c> para utilizar la instancia predeterminada.</param>
/// <param name="payloadClaimsManager">Instancia de <see cref="IPayloadClaimsManager" /> que se utiliza para inicializar el proveedor de reclamaciones de la carga útil o <c>null</c> para utilizar la instancia predeterminada.</param>
/// <param name="jwtJsonSerializer">Instancia de <see cref="IJsonSerializer" /> que se utiliza para inicializar el proveedor de serialización y deserialización de JWT o <c>null</c> para utilizar la instancia predeterminada.</param>
/// <param name="webProxy">Instancia de <see cref="IWebProxy" /> que se utiliza para inicializar el proveedor del servidor proxy o <c>null</c> para utilizar la instancia predeterminada.</param>
/// <param name="loggingProvider">Instancia de <see cref="ILoggingProvider" /> que se utiliza para inicializar el proveedor de escritura de trazas de seguimiento o <c>null</c> para utilizar la instancia predeterminada.</param>
/// <param name="endpointProvider">Instancia que implementa <see cref="IEndpointProvider"/> para la obtención de valores de configuración.</param>
/// <param name="appIdentity">Instancia que implementa <see cref="IAppIdentity"/> para la obtención de valores de configuración.</param>
private void RegisterInstance(
INonceGenerator nonceGenerator = null,
IEpochGenerator epochGenerator = null,
IHeadersManager headersManager = null,
IHeaderElement requestHeaderNames = null,
IPayloadClaimElement payloadClaimNames = null,
IPayloadClaimsManager payloadClaimsManager = null,
IJsonSerializer jwtJsonSerializer = null,
IWebProxy webProxy = null,
ILoggingProvider loggingProvider = null,
IEndpointProvider endpointProvider = null,
IAppIdentity appIdentity = null)
{
lock (padlock)
{
INonceGenerator instanceOfNonceGenerator = nonceGenerator ?? this.NonceGenerator ?? new GuidNonceGenerator();
IEpochGenerator instanceOfEpochGenerator = epochGenerator ?? this.EpochGenerator ?? new UnixEpochGenerator();
IHeaderElement instanceOfRequestHeaderNames = requestHeaderNames ?? this.RequestHeaderNames ?? new DefaultHeaderElement();
IPayloadClaimElement instanceOfPayloadClaimNames = payloadClaimNames ?? this.PayloadClaimNames ?? new DefaultPayloadClaimElement();
IPayloadClaimsManager instanceOfPayloadClaimsManager = payloadClaimsManager ?? this.PayloadClaimsManager ?? new DefaultPayloadClaimsManager();
IHeadersManager instanceOfHeadersManager = headersManager ?? this.HeadersManager ?? new DefaultHeadersManager();
IJsonSerializer instanceOfJwtJsonSerializer = jwtJsonSerializer ?? this.JwtJsonSerializer ?? new JsonNetSerializer();
IWebProxy instanceOfWebProxy = webProxy ?? this.WebProxy ?? new NullWebProxy();
ILoggingProvider instanceOfLoggingProvider = loggingProvider ?? this.LoggingProvider ?? new NullLoggingProvider();
IEndpointProvider instanceOfEndpointProvider = endpointProvider ?? new EnvironmentEndpoint();
IAppIdentity instanceOfAppIdentity = appIdentity ?? new EnvironmentIdentity();
if (this.container != null)
{
this.container.Dispose();
this.container = null;
}
this.container = new Container();
this.container.RegisterInstance <IEnvironmentRuntime>(new EnvironmentRuntime());
this.container.RegisterInstance(instanceOfNonceGenerator);
this.container.RegisterInstance(instanceOfEpochGenerator);
this.container.RegisterInstance(instanceOfRequestHeaderNames);
this.container.RegisterInstance(instanceOfHeadersManager);
this.container.RegisterInstance(instanceOfPayloadClaimNames);
this.container.RegisterInstance(instanceOfPayloadClaimsManager);
this.container.RegisterInstance(instanceOfJwtJsonSerializer);
this.container.RegisterInstance(instanceOfWebProxy);
this.container.RegisterInstance(instanceOfLoggingProvider);
this.container.RegisterInstance(instanceOfEndpointProvider);
this.container.RegisterInstance(instanceOfAppIdentity);
}
}
/// <summary>
/// Registra una instancia de <see cref="IPayloadClaimsManager" /> que permite agregar las reclamaciones requeridas a la carga útil de la solicitud.
/// </summary>
/// <param name="payloadClaimsManager">Instancia que implementa <see cref="IPayloadClaimsManager" />.</param>
public void RegisterPayloadClaimsManager(IPayloadClaimsManager payloadClaimsManager)
{
Throw.IfNull(payloadClaimsManager, nameof(payloadClaimsManager));
this.RegisterInstance(payloadClaimsManager: payloadClaimsManager);
}
