private static void CompareRessouceServerAndRessourceServerDto(
IList <Scope> scopesFromDbs,
RessourceServer sourceRessourceServer,
RessourceServerDto validRessourceServer)
{
Assert.IsNotNull(validRessourceServer);
Assert.AreEqual(sourceRessourceServer.Id, validRessourceServer.Id);
Assert.AreEqual(sourceRessourceServer.CreationDate, validRessourceServer.CreationDate);
Assert.AreEqual(sourceRessourceServer.Description, validRessourceServer.Description);
Assert.AreEqual(sourceRessourceServer.Login, validRessourceServer.Login);
Assert.AreEqual(sourceRessourceServer.Name, validRessourceServer.Name);
Assert.AreEqual(scopesFromDbs.Count(), validRessourceServer.Scopes.Count());
Assert.IsTrue(scopesFromDbs.Count() > 0);
foreach (var scope in scopesFromDbs)
{
var myScope = validRessourceServer.Scopes.Where(s => s.IdScope.Equals(scope.Id)).SingleOrDefault();
Assert.IsNotNull(myScope);
Assert.AreEqual(scope.Id, myScope.IdScope);
Assert.AreEqual(scope.NiceWording, myScope.NiceWording);
Assert.AreEqual(scope.Wording, myScope.Wording);
if (scope.Wording.StartsWith("RW_"))
{
Assert.IsTrue(myScope.IsReadWrite);
}
else
{
Assert.IsFalse(myScope.IsReadWrite);
}
}
}
public int Add(RessourceServer toAdd)
{
toAdd.Id = FakeDataBase.Instance.RessourceServers.Count > 0 ?
FakeDataBase.Instance.RessourceServers.Max(u => u.Id) + 1 : 1;
FakeDataBase.Instance.RessourceServers.Add(toAdd);
return(toAdd.Id);
}
public void Update(RessourceServer toUpdate)
{
var rs = FakeDataBase.Instance.RessourceServers.FirstOrDefault(r => r.Id.Equals(toUpdate.Id));
if (rs != null)
{
rs = toUpdate;
}
}
public void Delete(RessourceServer toDelete)
{
var rs = FakeDataBase.Instance.RessourceServers.FirstOrDefault(r => r.Id.Equals(toDelete.Id));
if (rs != null)
{
FakeDataBase.Instance.RessourceServers.Remove(rs);
}
}
internal static RessourceServerDto ToDto(this RessourceServer value)
{
return(new RessourceServerDto()
{
CreationDate = value.CreationDate,
Description = value.Description,
Id = value.Id,
Login = value.Login,
Name = value.Name,
Scopes = value.Scopes != null?value.Scopes.Select(s => new RessourceServerScopeDto()
{
IdScope = s.Id,
IsReadWrite = s.Wording.StartsWith("RW"),
NiceWording = s.NiceWording,
Wording = s.Wording
}).ToList() : null
});
}
public async Task Get_Should_Return_All_Scopes_Of_Valids_Ressources_Servers()
{
IList <Scope> allScopesFromDb = null;
using (var context = new DaOAuthContext(_dbContextOptions))
{
allScopesFromDb = context.Scopes.Where(s => s.RessourceServer.IsValid).ToList();
}
Assert.IsNotNull(allScopesFromDb);
Assert.IsTrue(allScopesFromDb.Count() > 0);
var httpResponseMessage = await _client.GetAsync("scopes?skip=0&limit=50");
Assert.IsTrue(httpResponseMessage.IsSuccessStatusCode);
var scopes = JsonConvert.DeserializeObject <SearchResult <ScopeDto> >(
await httpResponseMessage.Content.ReadAsStringAsync());
Assert.AreEqual(allScopesFromDb.Count(), scopes.Count);
Assert.IsTrue(scopes.Count > 0);
Assert.AreEqual(scopes.Datas.Count(), allScopesFromDb.Count());
foreach (var scopeFromdb in allScopesFromDb)
{
var myScope = scopes.Datas.Where(s => s.Id.Equals(scopeFromdb.Id)).FirstOrDefault();
Assert.IsNotNull(myScope);
Assert.AreEqual(scopeFromdb.NiceWording, myScope.NiceWording);
Assert.AreEqual(scopeFromdb.Wording, myScope.Wording);
Assert.AreEqual(scopeFromdb.Id, myScope.Id);
RessourceServer myRessourceServer = null;
using (var context = new DaOAuthContext(_dbContextOptions))
{
myRessourceServer = context.RessourceServers.FirstOrDefault(rs => rs.Id.Equals(scopeFromdb.RessourceServerId));
}
Assert.IsNotNull(myRessourceServer);
Assert.AreEqual(myRessourceServer.Name, myScope.RessourceServerName);
}
}
public async Task Delete_Should_Delete_Ressource_Server()
{
RessourceServer nonDeletedRessourceServer = null;
using (var context = new DaOAuthContext(_dbContextOptions))
{
nonDeletedRessourceServer = context.RessourceServers.Where(c => c.Id.Equals(_validRessourceServer.Id)).FirstOrDefault();
}
Assert.IsNotNull(nonDeletedRessourceServer);
var httpResponseMessage = await _client.DeleteAsync($"ressourcesServers/{_validRessourceServer.Id}");
Assert.IsTrue(httpResponseMessage.IsSuccessStatusCode);
RessourceServer deletedRessourceServer = null;
using (var context = new DaOAuthContext(_dbContextOptions))
{
deletedRessourceServer = context.RessourceServers.Where(c => c.Id.Equals(_validRessourceServer.Id)).FirstOrDefault();
}
Assert.IsNull(deletedRessourceServer);
}
public async Task Get_By_Id_Should_Return_Ressource_Server()
{
var httpResponseMessage = await _client.GetAsync($"ressourcesServers/{_validRessourceServer.Id}");
Assert.IsTrue(httpResponseMessage.IsSuccessStatusCode);
var myRessourceServer = JsonConvert.DeserializeObject <RessourceServerDto>(await httpResponseMessage.Content.ReadAsStringAsync());
Assert.IsNotNull(myRessourceServer);
RessourceServer rsFromDb = null;
IList <Scope> scopesFromDbs = null;
using (var context = new DaOAuthContext(_dbContextOptions))
{
rsFromDb = context.RessourceServers.SingleOrDefault(rs => rs.Id.Equals(_validRessourceServer.Id));
scopesFromDbs = context.Scopes.Where(s => s.RessourceServerId.Equals(_validRessourceServer.Id)).ToList();
}
Assert.IsNotNull(rsFromDb);
Assert.IsNotNull(scopesFromDbs);
CompareRessouceServerAndRessourceServerDto(scopesFromDbs, rsFromDb, myRessourceServer);
}
public async Task Post_Should_Create_Ressource_Server()
{
var scopeIsReadWrite = true;
var toCreateRessourceServer = new CreateRessourceServerDto()
{
Description = "new ressource server",
Login = "******",
Name = "newRs",
Password = "******",
RepeatPassword = "******",
Scopes = new List <CreateRessourceServerScopesDto>()
{
new CreateRessourceServerScopesDto()
{
IsReadWrite = scopeIsReadWrite,
NiceWording = "a new scope"
}
}
};
var httpResponseMessage = await _client.PostAsJsonAsync("ressourcesServers", toCreateRessourceServer);
Assert.AreEqual(HttpStatusCode.Created, httpResponseMessage.StatusCode);
Assert.IsTrue(httpResponseMessage.Headers.Contains("location"));
var location = httpResponseMessage.Headers.GetValues("location").Single();
Assert.IsTrue(location.Length > 0);
var ressourceServerId = Int32.Parse(location.Split('/', StringSplitOptions.RemoveEmptyEntries).Last());
RessourceServer myNewRessourceServer = null;
Scope myNewScopes = null;
using (var context = new DaOAuthContext(_dbContextOptions))
{
myNewRessourceServer = context.RessourceServers.Where(c => c.Id.Equals(ressourceServerId)).SingleOrDefault();
myNewScopes = context.Scopes.Where(s => s.RessourceServerId.Equals(ressourceServerId)).SingleOrDefault();
}
Assert.IsNotNull(myNewRessourceServer);
Assert.AreEqual(toCreateRessourceServer.Description, myNewRessourceServer.Description);
Assert.AreEqual(toCreateRessourceServer.Login, myNewRessourceServer.Login);
Assert.AreEqual(toCreateRessourceServer.Name, myNewRessourceServer.Name);
var encryptionServce = new EncryptionService();
Assert.IsTrue(encryptionServce.AreEqualsSha256(
String.Concat(GuiApiTestStartup.Configuration.PasswordSalt, toCreateRessourceServer.Password),
myNewRessourceServer.ServerSecret));
Assert.IsTrue(myNewRessourceServer.IsValid);
Assert.AreEqual(DateTime.Now.Date, myNewRessourceServer.CreationDate.Date);
Assert.IsNotNull(myNewScopes);
Assert.AreEqual(toCreateRessourceServer.Scopes.Single().NiceWording, myNewScopes.NiceWording);
Assert.AreEqual(ressourceServerId, myNewScopes.RessourceServerId);
Assert.IsTrue(myNewScopes.Wording.Length > 0);
if (scopeIsReadWrite)
{
Assert.IsTrue(myNewScopes.Wording.StartsWith("RW_"));
}
else
{
Assert.IsTrue(myNewScopes.Wording.StartsWith("R_"));
}
}
public async Task Put_Should_Update_Ressource_Server()
{
RessourceServer toUpdateRessourceServer = null;
using (var context = new DaOAuthContext(_dbContextOptions))
{
toUpdateRessourceServer = context.RessourceServers.Where(c => c.Id.Equals(_validRessourceServer.Id)).FirstOrDefault();
}
Assert.IsNotNull(toUpdateRessourceServer);
var updateRessourceServerDto = new UpdateRessourceServerDto()
{
Id = _validRessourceServer.Id,
Description = "new description",
IsValid = true,
Name = "new name",
Scopes = new List <UpdateRessourceServerScopesDto>()
{
new UpdateRessourceServerScopesDto()
{
IdScope = _scope1.Id,
IsReadWrite = false,
NiceWording = "new nice wording"
},
new UpdateRessourceServerScopesDto()
{
IdScope = null,
IsReadWrite = true,
NiceWording = "new scope"
}
}
};
var httpResponseMessage = await _client.PutAsJsonAsync("ressourcesServers", updateRessourceServerDto);
Assert.IsTrue(httpResponseMessage.IsSuccessStatusCode);
RessourceServer updatedRessourceServer = null;
IList <Scope> updatedScopes = null;
using (var context = new DaOAuthContext(_dbContextOptions))
{
updatedRessourceServer = context.RessourceServers.Where(c => c.Id.Equals(_validRessourceServer.Id)).FirstOrDefault();
updatedScopes = context.Scopes.Where(s => s.RessourceServerId.Equals(_validRessourceServer.Id)).ToList();
}
Assert.IsNotNull(updatedRessourceServer);
Assert.IsNotNull(updatedScopes);
Assert.AreEqual(updatedRessourceServer.Id, updateRessourceServerDto.Id);
Assert.AreEqual(updatedRessourceServer.Description, updateRessourceServerDto.Description);
Assert.AreEqual(updatedRessourceServer.IsValid, updateRessourceServerDto.IsValid);
Assert.AreEqual(updatedRessourceServer.Name, updateRessourceServerDto.Name);
Assert.AreEqual(updatedScopes.Count(), updateRessourceServerDto.Scopes.Count());
Assert.IsTrue(updatedScopes.Count() > 0);
foreach (var scope in updatedScopes)
{
var myScope = updateRessourceServerDto.Scopes.SingleOrDefault(s => s.IdScope.Equals(scope.Id));
if (myScope == null)
{
myScope = updateRessourceServerDto.Scopes.SingleOrDefault(s => !s.IdScope.HasValue);
}
Assert.IsNotNull(myScope);
if (myScope.IdScope.HasValue)
{
Assert.AreEqual(scope.Id, myScope.IdScope);
}
else
{
Assert.IsTrue(scope.Id > 0);
}
Assert.AreEqual(scope.NiceWording, myScope.NiceWording);
if (scope.Wording.StartsWith("RW_"))
{
Assert.IsTrue(myScope.IsReadWrite);
}
else
{
Assert.IsFalse(myScope.IsReadWrite);
}
}
}
public void Init()
{
_service = new RessourceServerService()
{
Configuration = FakeConfigurationHelper.GetFakeConf(),
RepositoriesFactory = new FakeRepositoriesFactory(),
StringLocalizerFactory = new FakeStringLocalizerFactory(),
Logger = new FakeLogger(),
EncryptonService = new FakeEncryptionService()
};
_adminUser = new User()
{
CreationDate = DateTime.Now,
EMail = "*****@*****.**",
FullName = "Samadmin",
Id = 123,
IsValid = true,
Password = new byte[] { 0 },
UserName = "******"
};
_normalUser = new User()
{
CreationDate = DateTime.Now,
EMail = "*****@*****.**",
FullName = "SamPasadmin",
Id = 124,
IsValid = true,
Password = new byte[] { 0 },
UserName = "******"
};
_invalidUser = new User()
{
CreationDate = DateTime.Now,
EMail = "*****@*****.**",
FullName = "SamPasValid",
Id = 125,
IsValid = false,
Password = new byte[] { 0 },
UserName = "******"
};
FakeDataBase.Instance.Users.Add(_adminUser);
FakeDataBase.Instance.Users.Add(_normalUser);
FakeDataBase.Instance.Users.Add(_invalidUser);
_adminRole = new Role()
{
Id = (int)ERole.ADMIN,
Wording = RoleName.Administrator
};
_normalRole = new Role()
{
Id = (int)ERole.USER,
Wording = RoleName.User
};
FakeDataBase.Instance.Roles.Clear();
FakeDataBase.Instance.Roles.Add(_adminRole);
FakeDataBase.Instance.Roles.Add(_normalRole);
FakeDataBase.Instance.UsersRoles.Add(new UserRole()
{
Id = 345,
RoleId = _adminRole.Id,
UserId = _adminUser.Id
});
FakeDataBase.Instance.UsersRoles.Add(new UserRole()
{
Id = 346,
RoleId = _normalRole.Id,
UserId = _normalUser.Id
});
_existingRessourceServer = new RessourceServer()
{
CreationDate = DateTime.Now,
Description = "I Exist",
Id = 999,
IsValid = true,
Login = "******",
Name = "existing",
ServerSecret = new byte[] { 0 }
};
_validRessourceServer = new RessourceServer()
{
CreationDate = DateTime.Now,
Description = "I am valid, yeah",
Id = 1999,
IsValid = true,
Login = "******",
Name = "valid_rs_name",
ServerSecret = new byte[] { 0 }
};
_invalidRessourceServer = new RessourceServer()
{
CreationDate = DateTime.Now,
Description = "I am not valid, sad",
Id = 2000,
IsValid = false,
Login = "******",
Name = "invalid_rs_name",
ServerSecret = new byte[] { 0 }
};
FakeDataBase.Instance.RessourceServers.Add(_existingRessourceServer);
FakeDataBase.Instance.RessourceServers.Add(_validRessourceServer);
FakeDataBase.Instance.RessourceServers.Add(_invalidRessourceServer);
_existingScope = new Scope()
{
Id = 789,
RessourceServerId = _existingRessourceServer.Id,
NiceWording = "I Exist",
Wording = "RW_I_Exist"
};
FakeDataBase.Instance.Scopes.Add(_existingScope);
_createDto = new CreateRessourceServerDto()
{
Description = "Test ressource server",
Login = "******",
Name = "R-Serv",
Password = "******",
RepeatPassword = "******",
Scopes = new List <CreateRessourceServerScopesDto>()
{
new CreateRessourceServerScopesDto()
{
IsReadWrite = true,
NiceWording = "scope1 nice wording"
},
new CreateRessourceServerScopesDto()
{
IsReadWrite = false,
NiceWording = "scope2 another nice wording"
},
new CreateRessourceServerScopesDto()
{
IsReadWrite = true,
NiceWording = "scope3 juste another nice wording"
}
},
UserName = _adminUser.UserName
};
}
public int CreateRessourceServer(CreateRessourceServerDto toCreate)
{
var rsId = 0;
IList <ValidationResult> ExtendValidation(CreateRessourceServerDto toValidate)
{
var resource = this.GetErrorStringLocalizer();
IList <ValidationResult> result = new List <ValidationResult>();
if (!String.IsNullOrEmpty(toCreate.Password) &&
!toCreate.Password.Equals(toCreate.RepeatPassword, StringComparison.Ordinal))
{
result.Add(new ValidationResult(resource["CreateRessourceServerPasswordDontMatch"]));
}
if (!toValidate.Password.IsMatchPasswordPolicy())
{
result.Add(new ValidationResult(resource["CreateRessourceServerPasswordPolicyFailed"]));
}
// check empties or multiple scopes names
if (toValidate.Scopes != null)
{
if (toValidate.Scopes.Where(s => String.IsNullOrWhiteSpace(s.NiceWording)).Any())
{
result.Add(new ValidationResult(resource["CreateRessourceServerEmptyScopeWording"]));
}
if (toValidate.Scopes.Where(s => !String.IsNullOrWhiteSpace(s.NiceWording)).GroupBy(s => s.NiceWording.ToUpper()).Where(x => x.Count() > 1).Any())
{
result.Add(new ValidationResult(resource["CreateRessourceServerMultipleScopeWording"]));
}
}
return(result);
}
Logger.LogInformation(String.Format("Try to create ressource server for user {0}", toCreate != null ? toCreate.UserName : String.Empty));
Validate(toCreate, ExtendValidation);
using (var context = RepositoriesFactory.CreateContext())
{
var userRepo = RepositoriesFactory.GetUserRepository(context);
var rsRepo = RepositoriesFactory.GetRessourceServerRepository(context);
var scopeRepo = RepositoriesFactory.GetScopeRepository(context);
var myUser = userRepo.GetByUserName(toCreate.UserName);
if (myUser == null || !myUser.IsValid)
{
throw new DaOAuthServiceException("CreateRessourceServerInvalidUserName");
}
if (myUser.UsersRoles.FirstOrDefault(r => r.RoleId.Equals((int)ERole.ADMIN)) == null)
{
throw new DaOAuthServiceException("CreateRessourceServerNonAdminUserName");
}
var existingRs = rsRepo.GetByLogin(toCreate.Login);
if (existingRs != null)
{
throw new DaOAuthServiceException("CreateRessourceServerExistingLogin");
}
// create ressource server
var myRs = new RessourceServer()
{
CreationDate = DateTime.Now,
Description = toCreate.Description,
IsValid = true,
Login = toCreate.Login,
Name = toCreate.Name,
ServerSecret = EncryptonService.Sha256Hash(string.Concat(Configuration.PasswordSalt, toCreate.Password))
};
rsId = rsRepo.Add(myRs);
// check for existing scope, if ok, create
if (toCreate.Scopes != null)
{
foreach (var s in toCreate.Scopes)
{
var s1 = s.NiceWording.ToScopeWording(true);
var s2 = s.NiceWording.ToScopeWording(false);
var scope = scopeRepo.GetByWording(s1);
if (scope != null)
{
throw new DaOAuthServiceException("CreateRessourceServerExistingScope");
}
scope = scopeRepo.GetByWording(s2);
if (scope != null)
{
throw new DaOAuthServiceException("CreateRessourceServerExistingScope");
}
scope = new Scope()
{
NiceWording = s.NiceWording,
Wording = s.NiceWording.ToScopeWording(s.IsReadWrite),
RessourceServerId = rsId
};
scopeRepo.Add(scope);
}
}
context.Commit();
rsId = myRs.Id;
}
return(rsId);
}
public IntrospectInfoDto Introspect(AskIntrospectDto introspectInfo)
{
Validate(introspectInfo);
Logger.LogInformation($"Introspect token {introspectInfo.Token}");
var toReturn = new IntrospectInfoDto()
{
IsValid = false
};
var authsInfos = introspectInfo.AuthorizationHeader.Split(new char[] { ' ' }, StringSplitOptions.RemoveEmptyEntries);
if (authsInfos.Length != 2)
{
return(toReturn);
}
if (!authsInfos[0].Equals("Basic", StringComparison.OrdinalIgnoreCase))
{
return(toReturn);
}
var credentials = Encoding.UTF8.GetString(Convert.FromBase64String(authsInfos[1]));
var separatorIndex = credentials.IndexOf(':');
if (separatorIndex == -1)
{
return(toReturn);
}
var rsLogin = credentials.Substring(0, separatorIndex);
RessourceServer rs = null;
using (var context = RepositoriesFactory.CreateContext())
{
var rsRepo = RepositoriesFactory.GetRessourceServerRepository(context);
rs = rsRepo.GetByLogin(rsLogin);
if (rs == null)
{
return(toReturn);
}
var rsSecret = credentials.Substring(separatorIndex + 1);
if (!EncryptonService.AreEqualsSha256(String.Concat(Configuration.PasswordSalt, rsSecret), rs.ServerSecret))
{
return(toReturn);
}
if (!rs.IsValid)
{
return(toReturn);
}
var tokenInfo = JwtService.ExtractToken(new ExtractTokenDto()
{
TokenName = OAuthConvention.AccessToken,
Token = introspectInfo.Token
});
if (!tokenInfo.IsValid)
{
return(toReturn);
}
toReturn.ClientPublicId = tokenInfo.ClientId;
toReturn.Expire = tokenInfo.Expire;
toReturn.IsValid = true;
toReturn.Scope = tokenInfo.Scope;
toReturn.UserName = tokenInfo.UserName;
toReturn.Audiences = rsRepo.GetAll().Where(r => r.IsValid.Equals(true)).Select(r => r.Name).ToArray();
}
return(toReturn);
}
