Example #1
0
        public async Task SetUp()
        {
            var dbContextOptions = new DbContextOptionsBuilder <LoginContext>()
                                   .UseInMemoryDatabase(databaseName: Guid.NewGuid().ToString())
                                   .Options;

            _loginContext = new LoginContext(dbContextOptions);
            _loginContext.Clients.Add(new Data.Entities.Client()
            {
                IdentityServerClientId = "mvc", ServiceDetails = new ServiceDetails {
                    ServiceName = "Acme Service", SupportUrl = "https://acme.gov.uk/Support"
                }
            });
            await _loginContext.SaveChangesAsync();

            _interactionService = Substitute.For <IIdentityServerInteractionService>();
            _interactionService.GetLogoutContextAsync("logoutid").Returns(new IdentityServer4.Models.LogoutRequest("iframeurl", new LogoutMessage())
            {
                ClientId = "mvc", PostLogoutRedirectUri = "https://postlogouturi"
            });

            _userService = Substitute.For <IUserService>();

            var principal = new TestPrincipal(new Claim(JwtClaimTypes.Subject, "user123"));

            _eventService = Substitute.For <IEventService>();

            _httpContextAccessor = Substitute.For <IHttpContextAccessor>();
            _httpContextAccessor.HttpContext.User.Returns(principal);

            _handler = new LogoutHandler(_interactionService, _loginContext, _userService, _eventService, _httpContextAccessor);
        }
Example #2
0
        public async void HandleRequirementAsync_WithNoPermissions_Failed()
        {
            // Arrange
            var expectedOktaId     = "oktaId";
            var expectedPermission = Permission.AddEventToExamination;
            var expectedLocation   = "expectedLocation";
            var requirements       = new List <IAuthorizationRequirement>()
            {
                new PermissionRequirement(expectedPermission)
            };
            var claim    = new Claim(MEClaimTypes.OktaUserId, expectedOktaId);
            var user     = new TestPrincipal(claim);
            var resource = new TestDocument()
            {
                NationalLocationId = expectedLocation,
            };
            var context = new AuthorizationHandlerContext(requirements, user, resource);

            _permissionServiceMock
            .Setup(ps => ps.HasPermission(expectedOktaId, resource, expectedPermission))
            .Returns(Task.FromResult(false));

            // Act
            await _sut.HandleAsync(context);

            // Assert
            context.HasSucceeded.Should().BeFalse();
        }
Example #3
0
        public async Task GetIdentityAsync_Throws_IfNotClaimsPrincipal()
        {
            // Arrange
            TestPrincipal      user    = new TestPrincipal();
            HttpRequestMessage request = new HttpRequestMessage();

            // Act
            ArgumentOutOfRangeException ex = await Assert.ThrowsAsync <ArgumentOutOfRangeException>(async() => await user.GetAppServiceIdentityAsync <FacebookCredentials>(request));

            // Assert
            Assert.Equal("The 'principal' parameter must be of type 'ClaimsPrincipal'.", ex.Message);
        }
Example #4
0
            public AuthenticateResult GenerateAuthenticateInfo(string issuer = null, bool hasIssuer = true, bool hasSubjectUserIdClaim = true, bool hasNameIdentifierClaim = true)
            {
                var dict = new Dictionary <string, string>();
                var authenticationScheme = $"{TestHelper.GenerateRandomString()}:{TestHelper.GenerateRandomString()}";

                dict.Add("scheme", authenticationScheme);

                var props = new AuthenticationProperties(dict);

                props.StoreTokens(new[] { new AuthenticationToken {
                                              Name = "id_token", Value = TestHelper.GenerateRandomString()
                                          } });

                var principal =
                    new TestPrincipal(GenerateClaims(issuer, hasIssuer, hasSubjectUserIdClaim, hasNameIdentifierClaim)
                                      .ToArray());

                return(AuthenticateResult.Success(new AuthenticationTicket(principal, props, authenticationScheme)));
            }
Example #5
0
        public void IPrincipalCtorNonClaimsPrincipalWithNonClaimsIdentityWorks()
        {
            var id = new TestIdentity {
                Name = "test_name",
                AuthenticationType = "test_auth"
            };
            var basePrincipal = new TestPrincipal {
                Identity = id
            };
            var p = new ClaimsPrincipal(basePrincipal);

            Assert.IsNotNull(p.Identities, "#1");
            Assert.AreEqual(1, p.Identities.Count(), "#2");

            Assert.AreNotEqual(id, p.Identities.First(), "#3");
            Assert.AreNotEqual(id, p.Identity, "#4");
            Assert.AreEqual(id.Name, p.Identity.Name, "#5");

            Assert.IsNotNull(p.Claims, "#6");
            Assert.AreEqual(1, p.Claims.Count(), "#7");
            Assert.IsTrue(p.Claims.Any(claim => claim.Type == ClaimsIdentity.DefaultNameClaimType && claim.Value == "test_name"), "#8");
        }
Example #6
0
        public async void HandleRequirementAsync_Succeeded()
        {
            // Arrange
            var expectedOktaId     = "oktaId";
            var expectedPermission = Permission.AddEventToExamination;
            var requirements       = new List <IAuthorizationRequirement>()
            {
                new PermissionRequirement(expectedPermission)
            };
            var          claim    = new Claim(MEClaimTypes.OktaUserId, expectedOktaId);
            var          user     = new TestPrincipal(claim);
            const object resource = (object)null;
            var          context  = new AuthorizationHandlerContext(requirements, user, resource);

            _permissionServiceMock
            .Setup(ps => ps.HasPermission(expectedOktaId, expectedPermission))
            .Returns(Task.FromResult(true));

            // Act
            await _sut.HandleAsync(context);

            // Assert
            context.HasSucceeded.Should().BeTrue();
        }
Example #7
0
        public async Task GetIdentityAsync_Throws_IfNotClaimsPrincipal()
        {
            // Arrange
            TestPrincipal user = new TestPrincipal();
            HttpRequestMessage request = new HttpRequestMessage();

            // Act
            ArgumentOutOfRangeException ex = await Assert.ThrowsAsync<ArgumentOutOfRangeException>(async () => await user.GetAppServiceIdentityAsync<FacebookCredentials>(request));

            // Assert
            Assert.Equal("The 'principal' parameter must be of type 'ClaimsPrincipal'.", ex.Message);
        }
Example #8
0
 public void CheckPrincipal_throws_on_null_principal_identity()
 {
     var principal = new TestPrincipal(null, new[] {"user"});
     Assert.Throws<Exception>(() => _authenticationMessageHandler.CheckPrincipalDouble(principal, GetType()));
 }
Example #9
0
		public void IPrincipalCtorNonClaimsPrincipalWithNonClaimsIdentityWorks ()
		{
			var id = new TestIdentity {
				Name = "test_name", 
				AuthenticationType = "test_auth"
			};
			var basePrincipal = new TestPrincipal { Identity = id };
			var p = new ClaimsPrincipal (basePrincipal);

			Assert.IsNotNull (p.Identities, "#1");
			Assert.AreEqual (1, p.Identities.Count (), "#2");

			Assert.AreNotEqual (id, p.Identities.First (), "#3");
			Assert.AreNotEqual (id, p.Identity, "#4");
			Assert.AreEqual (id.Name, p.Identity.Name, "#5");

			Assert.IsNotNull (p.Claims, "#6");
			Assert.AreEqual (1, p.Claims.Count (), "#7");
			Assert.IsTrue (p.Claims.Any (claim => claim.Type == ClaimsIdentity.DefaultNameClaimType && claim.Value == "test_name"), "#8");
		}
Example #10
0
        public void CheckPrincipal_throws_on_null_principal_identity()
        {
            var principal = new TestPrincipal(null, new[] { "user" });

            Assert.Throws <Exception>(() => _authenticationMessageHandler.CheckPrincipalDouble(principal, GetType()));
        }