private (Guid sessionIdentifier, int?resourceId) ParseAccountLinkingRequest( LinkLearningHubRequest linkLearningHubRequest, Guid storedSessionIdentifier ) { var stateItems = linkLearningHubRequest.State.Split("_refId:"); if (stateItems.Length != 2) { throw new LearningHubLinkingRequestException("Invalid Learning Hub linking state."); } if (!Guid.TryParse(stateItems[0], out var validSessionIdentifier) || validSessionIdentifier != storedSessionIdentifier) { throw new LearningHubLinkingRequestException("Invalid Learning Hub linking session."); } if (!int.TryParse(stateItems[1], out var validReferenceId)) { return(validSessionIdentifier, null); } return(validSessionIdentifier, validReferenceId); }
private void ValidateLearningHubUserId(LinkLearningHubRequest linkLearningHubRequest) { var isVerified = learningHubSsoSecurityService.VerifyHash( linkLearningHubRequest.UserId.ToString(), linkLearningHubRequest.Hash ); if (!isVerified) { throw new LearningHubLinkingRequestException("Invalid Learning Hub UserId hash."); } }
public int?ValidateLinkingRequestAndExtractDestinationResourceId( LinkLearningHubRequest linkLearningHubRequest, string linkRequestSessionIdentifier ) { if (!Guid.TryParse(linkRequestSessionIdentifier, out var storedSessionIdentifier)) { throw new LearningHubLinkingRequestException( "Invalid Learning Hub linking request session identifier." ); } ValidateLearningHubUserId(linkLearningHubRequest); var parsedState = ParseAccountLinkingRequest(linkLearningHubRequest, storedSessionIdentifier); return(parsedState.resourceId); }
ValidateLinkingRequestAndExtractDestinationResourceId_throws_exception_when_verifyHash_returns_false() { // Given var storedSessionIdentifier = Guid.NewGuid(); var linkLearningHubRequest = new LinkLearningHubRequest { Hash = "invalid-hash", State = $"{storedSessionIdentifier}_refId:56789", UserId = 56789, }; // When Action act = () => learningHubLinkService.ValidateLinkingRequestAndExtractDestinationResourceId( linkLearningHubRequest, storedSessionIdentifier.ToString() ); // Then act.Should().Throw <LearningHubLinkingRequestException>().WithMessage("Invalid Learning Hub UserId hash."); }
ValidateLinkingRequestAndExtractDestinationResourceId_returns_resourceId_when_request_parsed_successfully() { // Given var storedSessionIdentifier = Guid.NewGuid(); var linkLearningHubRequest = new LinkLearningHubRequest { Hash = "valid-hash", State = $"{storedSessionIdentifier}_refId:1234", UserId = 12345, }; // When var result = learningHubLinkService.ValidateLinkingRequestAndExtractDestinationResourceId( linkLearningHubRequest, storedSessionIdentifier.ToString() ); // Then result.Should().Be(1234); }
ValidateLinkingRequestAndExtractDestinationResourceId_returns_null_when_resource_id_could_not_be_parsed() { // Given var storedSessionIdentifier = Guid.NewGuid(); var linkLearningHubRequest = new LinkLearningHubRequest { Hash = "valid-hash", State = $"{storedSessionIdentifier}_refId:badInteger", UserId = 12345, }; // When var result = learningHubLinkService.ValidateLinkingRequestAndExtractDestinationResourceId( linkLearningHubRequest, storedSessionIdentifier.ToString() ); // Then result.Should().BeNull(); }
public void ValidateLinkingRequestAndExtractDestinationResourceId_throws_exception_when_state_is_incomplete() { // Given var storedSessionIdentifier = Guid.NewGuid(); var linkLearningHubRequest = new LinkLearningHubRequest { Hash = "valid-hash", State = $"{storedSessionIdentifier}", UserId = 12345, }; // When Action act = () => learningHubLinkService.ValidateLinkingRequestAndExtractDestinationResourceId( linkLearningHubRequest, storedSessionIdentifier.ToString() ); // Then act.Should().Throw <LearningHubLinkingRequestException>().WithMessage("Invalid Learning Hub linking state."); }
public IActionResult LinkLearningHubSso([FromQuery] LinkLearningHubRequest linkLearningHubRequest) { if (!ModelState.IsValid) { throw new LearningHubLinkingRequestException("Invalid Learning Hub request."); } var learningHubResourcedId = learningHubLinkService.ValidateLinkingRequestAndExtractDestinationResourceId( linkLearningHubRequest, HttpContext.Session.GetString(LinkLearningHubRequest.SessionIdentifierKey) ); var delegateId = User.GetCandidateIdKnownNotNull(); var isAccountAlreadyLinked = learningHubLinkService.IsLearningHubAccountLinked(delegateId); learningHubLinkService.LinkLearningHubAccountIfNotLinked(delegateId, linkLearningHubRequest.UserId); var model = new LinkLearningHubViewModel(isAccountAlreadyLinked, learningHubResourcedId); return(View("../LinkLearningHubSso", model)); }
ValidateLinkingRequestAndExtractDestinationResourceId_throws_exception_when_sessionIdentifier_does_not_match() { // Given var storedSessionIdentifier = Guid.NewGuid(); var linkLearningHubRequest = new LinkLearningHubRequest { Hash = "valid-hash", State = $"{Guid.NewGuid()}_refId:1234", UserId = 12345, }; // When Action act = () => learningHubLinkService.ValidateLinkingRequestAndExtractDestinationResourceId( linkLearningHubRequest, storedSessionIdentifier.ToString() ); // Then act.Should().Throw <LearningHubLinkingRequestException>() .WithMessage("Invalid Learning Hub linking session."); }
ValidateLinkingRequestAndExtractDestinationResourceId_throws_exception_when_stored_sessionIdentifier_is_invalid() { // Given var linkLearningHubRequest = new LinkLearningHubRequest { Hash = "valid-hash", State = $"{Guid.NewGuid()}_refId:1234", UserId = 12345, }; // When Action act = () => learningHubLinkService.ValidateLinkingRequestAndExtractDestinationResourceId( linkLearningHubRequest, "invalid-guid" ); // Then act.Should().Throw <LearningHubLinkingRequestException>() .WithMessage("Invalid Learning Hub linking request session identifier."); }