Example #1
0
            public async Task WhenVerificationFails_ReturnsFailureResult()
            {
                A.CallTo(() => _signatureParser.Parse(_httpRequest, _options))
                .Returns(_signature);

                var client = new Client(_signature.KeyId, "Unit test app", new HMACSignatureAlgorithm("s3cr3t", HashAlgorithmName.SHA256), TimeSpan.FromMinutes(1), TimeSpan.FromMinutes(1));

                A.CallTo(() => _clientStore.Get(_signature.KeyId))
                .Returns(client);

                var verificationResultCreator = A.Fake <IVerificationResultCreator>();

                A.CallTo(() => _verificationResultCreatorFactory.Create(client, _signature))
                .Returns(verificationResultCreator);

                var failure = SignatureVerificationFailure.SignatureExpired("Invalid signature.");

                A.CallTo(() => _signatureVerifier.VerifySignature(A <HttpRequestForSigning> ._, A <Signature> ._, A <Client> ._))
                .Returns(failure);

                A.CallTo(() => verificationResultCreator.CreateForFailure(failure))
                .Returns(new RequestSignatureVerificationResultFailure(client, _signature, failure));

                var actual = await _sut.VerifySignature(_httpRequest, _options);

                actual.Should().BeAssignableTo <RequestSignatureVerificationResultFailure>();
                actual.As <RequestSignatureVerificationResultFailure>().IsSuccess.Should().BeFalse();
                actual.As <RequestSignatureVerificationResultFailure>().Failure.Should().Be(failure);
            }
Example #2
0
        public override SignatureVerificationFailure VerifySync(HttpRequestForVerification signedRequest, Signature signature, Client client)
        {
            if (signature.Headers.Contains(HeaderName.PredefinedHeaderNames.Expires) && !signature.Expires.HasValue)
            {
                return(SignatureVerificationFailure.HeaderMissing($"The signature does not contain a value for the {nameof(signature.Expires)} property, but it is required."));
            }

            if (signature.Expires.HasValue && signature.Expires.Value < _systemClock.UtcNow.Add(-client.ClockSkew))
            {
                return(SignatureVerificationFailure.SignatureExpired("The signature is expired."));
            }

            return(null);
        }
        public override SignatureVerificationFailure VerifySync(HttpRequestForSigning signedRequest, Signature signature, Client client)
        {
            if (!signature.Expires.HasValue)
            {
                return(SignatureVerificationFailure.HeaderMissing($"The signature does not contain a value for the {nameof(signature.Expires)} property, but it is required."));
            }

            if (signature.Expires.Value < _systemClock.UtcNow)
            {
                return(SignatureVerificationFailure.SignatureExpired("The signature is expired."));
            }

            return(null);
        }