Example #1
0
        public void DiscoverRequireSslWithSecureRedirects()
        {
            MockHttpRequest.Reset();
            Identifier claimedId = TestSupport.GetMockIdentifier(TestSupport.Scenarios.AutoApproval, ProtocolVersion.V20, true);

            // Add a couple of chained redirect pages that lead to the claimedId.
            // All redirects should be secure.
            Uri userSuppliedUri   = TestSupport.GetFullUrl("/someSecurePage", null, true);
            Uri secureMidpointUri = TestSupport.GetFullUrl("/secureStop", null, true);

            MockHttpRequest.RegisterMockRedirect(userSuppliedUri, secureMidpointUri);
            MockHttpRequest.RegisterMockRedirect(secureMidpointUri, new Uri(claimedId.ToString()));

            Identifier userSuppliedIdentifier = new UriIdentifier(userSuppliedUri, true);

            Assert.AreEqual(1, userSuppliedIdentifier.Discover().Count());
        }
Example #2
0
        public void DiscoveryWithRedirects()
        {
            MockHttpRequest.Reset();
            Identifier claimedId = TestSupport.GetMockIdentifier(TestSupport.Scenarios.AutoApproval, ProtocolVersion.V20);

            // Add a couple of chained redirect pages that lead to the claimedId.
            Uri userSuppliedUri     = TestSupport.GetFullUrl("/someSecurePage", null, true);
            Uri insecureMidpointUri = TestSupport.GetFullUrl("/insecureStop");

            MockHttpRequest.RegisterMockRedirect(userSuppliedUri, insecureMidpointUri);
            MockHttpRequest.RegisterMockRedirect(insecureMidpointUri, new Uri(claimedId.ToString()));

            // don't require secure SSL discovery for this test.
            Identifier userSuppliedIdentifier = new UriIdentifier(userSuppliedUri, false);

            Assert.AreEqual(1, userSuppliedIdentifier.Discover().Count());
        }
Example #3
0
        public void DiscoverRequireSslWithInsecureRedirect()
        {
            MockHttpRequest.Reset();
            Identifier claimedId = TestSupport.GetMockIdentifier(TestSupport.Scenarios.AutoApproval, ProtocolVersion.V20, true);

            // Add a couple of chained redirect pages that lead to the claimedId.
            // Include an insecure HTTP jump in those redirects to verify that
            // the ultimate endpoint is never found as a result of high security profile.
            Uri userSuppliedUri     = TestSupport.GetFullUrl("/someSecurePage", null, true);
            Uri insecureMidpointUri = TestSupport.GetFullUrl("/insecureStop");

            MockHttpRequest.RegisterMockRedirect(userSuppliedUri, insecureMidpointUri);
            MockHttpRequest.RegisterMockRedirect(insecureMidpointUri, new Uri(claimedId.ToString()));

            Identifier userSuppliedIdentifier = new UriIdentifier(userSuppliedUri, true);

            userSuppliedIdentifier.Discover();
        }