public void AddIssuer(Issuer issuer)
{
if (!this.Issuers.Contains(issuer))
{
this.Issuers.Add(issuer);
}
}
public void RemoveIssuer(Issuer issuer)
{
foreach (var rule in this.Rules)
{
foreach (var claim in rule.InputClaims)
{
if (claim.Issuer.Equals(issuer))
{
throw new PolicyScopeException(Resources.IssuerNotDefined);
}
}
}
this.Issuers.Remove(issuer);
}
public void RemoveIssuer(Uri scopeUri, Issuer issuer)
{
IList<PolicyScope> scopes = this.RetrieveScopes() as IList<PolicyScope>;
var policyScope = (from s in scopes
where s.Uri.ToString() == scopeUri.ToString()
select s).FirstOrDefault();
if (policyScope == null)
{
throw new PolicyScopeException(Resources.ScopeNotFound);
}
policyScope.RemoveIssuer(issuer);
this.SaveScopes(scopes);
}
public void AddPolicyRuleShouldPassIfExistingScope()
{
XmlPolicyStore store = new XmlPolicyStore("My Xml Store Path", new MockXmlRepository(@".\content\claimMappings-PassingTest2.xml"));
int initialScopeCount = store.RetrieveScopes().Count();
IList<InputPolicyClaim> inputClaims = new List<InputPolicyClaim>();
Issuer issuer = new Issuer("http://myIssuer1");
ClaimType claimType = new ClaimType("http://myClaimType", "myClaimType");
inputClaims.Add(new InputPolicyClaim(issuer, claimType, "nicolas"));
PolicyRule newRule = new PolicyRule(AssertionsMatch.Any, inputClaims, new OutputPolicyClaim(claimType, string.Empty, CopyFromConstants.InputValue));
store.AddPolicyRule(new Uri("http://localhost/1"), newRule);
int expectedScopeCount = initialScopeCount;
Assert.AreEqual(expectedScopeCount, store.RetrieveScopes().Count());
Assert.AreEqual(2, store.RetrieveScopes().ElementAt(0).Rules.Count());
}
public void ShouldMatchInputClaimAndCopyInputIssuerToOutputValue()
{
var store = new MockPolicyStore();
ClaimsPolicyEvaluator evaluator = new ClaimsPolicyEvaluator(store);
ClaimType inputClaimType = new ClaimType("http://myInputClaimType");
ClaimType outputClaimType = new ClaimType("http://myOutputClaimType");
Issuer issuer = new Issuer("http://myInputClaimIssuer");
InputPolicyClaim inputClaim = new InputPolicyClaim(issuer, inputClaimType, "myInputClaim");
OutputPolicyClaim outputClaim = new OutputPolicyClaim(outputClaimType, string.Empty, CopyFromConstants.InputIssuer);
PolicyRule rule = new PolicyRule(AssertionsMatch.Any, new[] { inputClaim }, outputClaim);
store.RetrieveScopesReturnValue = new List<PolicyScope>() { new PolicyScope(new Uri("http://myScope"), new[] { rule }) };
IEnumerable<Claim> evaluatedOutputClaims = evaluator.Evaluate(new Uri("http://myScope"), new[] { new Claim("http://myInputClaimType", "myInputClaim", string.Empty, "http://myInputClaimIssuer") });
Assert.IsNotNull(evaluatedOutputClaims);
Assert.AreEqual(1, evaluatedOutputClaims.Count());
Assert.AreEqual("http://myOutputClaimType", evaluatedOutputClaims.ElementAt(0).ClaimType);
Assert.AreEqual("http://myInputClaimIssuer", evaluatedOutputClaims.ElementAt(0).Value);
}
public void AddPolicyRuleShouldAddNewOutputClaimTypeIfDoesNotExists()
{
XmlPolicyStore store = new XmlPolicyStore("My Xml Store Path", new MockXmlRepository(@".\content\claimMappings-PassingTest3.xml"));
var scopeUri = new Uri("http://localhost/1");
IList<InputPolicyClaim> inputClaims = new List<InputPolicyClaim>();
Issuer issuer = new Issuer("http://myIssuer1", "6f7051ece706096ac5a05ecb1860e2151c11b491", "myIssuer1");
ClaimType claimType = new ClaimType("http://myClaimType", "myClaimType");
inputClaims.Add(new InputPolicyClaim(issuer, claimType, "nicolas"));
ClaimType newClaimType = new ClaimType("http://newClaimType", "myNewClaimType");
PolicyRule newRule = new PolicyRule(AssertionsMatch.Any, inputClaims, new OutputPolicyClaim(newClaimType, string.Empty, CopyFromConstants.InputValue));
store.AddPolicyRule(scopeUri, newRule);
var scope = store.RetrieveScope(scopeUri);
Assert.AreEqual(2, scope.ClaimTypes.Count);
Assert.AreEqual(newClaimType.FullName, scope.ClaimTypes.ElementAt(1).FullName);
Assert.AreEqual(newClaimType.DisplayName, scope.ClaimTypes.ElementAt(1).DisplayName);
}
public InputPolicyClaim(Issuer issuer, ClaimType claimType, string value)
: base(claimType, value)
{
this.Issuer = issuer;
}
public void RemoveIssuer(Uri scopeUri, Issuer issuer)
{
throw new NotImplementedException();
}
public void ShouldThrowIfScopeIsNotFoundOnStore()
{
var store = new MockPolicyStore();
Issuer issuer = new Issuer("http://myIssuer", "myIssuer");
ClaimType myClaimType = new ClaimType("http://myClaimType", "myClaimType");
store.RetrieveScopesReturnValue =
new List<PolicyScope>()
{
new PolicyScope(
new Uri("http://mappedScope"),
new[] { new PolicyRule(AssertionsMatch.All, new[] { new InputPolicyClaim(issuer, myClaimType, "myClaimValue") }, new OutputPolicyClaim(myClaimType, string.Empty, CopyFromConstants.InputValue)) })
};
ClaimsPolicyEvaluator evaluator = new ClaimsPolicyEvaluator(store);
evaluator.Evaluate(new Uri("http://unmappedScope"), new[] { new Claim("http://myInputClaimType", "myInputClaim") });
}
private static XElement SerializaIssuer(Issuer issuer)
{
XElement issuerElement = new XElement("issuer");
issuerElement.SetAttributeValue("uri", issuer.Uri);
issuerElement.SetAttributeValue("thumbprint", issuer.Thumbprint);
issuerElement.SetAttributeValue("displayName", issuer.DisplayName);
return issuerElement;
}
private static PolicyScope RetrieveScope(XElement scopeElement)
{
IDictionary<string, string> claimTypes = RetrieveReferences(scopeElement.Element("claimTypes"), "claimType", "displayName", "fullName");
IDictionary<string, Issuer> issuers = new Dictionary<string, Issuer>();
PolicyScope scope = new PolicyScope(new Uri(scopeElement.Attribute("uri").Value), new List<PolicyRule>());
var issuerElements = scopeElement.Element("issuers").Descendants("issuer");
foreach (var item in issuerElements)
{
Issuer issuer = new Issuer(
item.Attribute("uri").Value,
item.Attribute("thumbprint").Value.ToUpperInvariant(),
item.Attribute("displayName").Value);
scope.AddIssuer(issuer);
issuers.Add(issuer.DisplayName, issuer);
}
foreach (var item in claimTypes)
{
scope.AddClaimType(new ClaimType(item.Value, item.Key));
}
foreach (XElement ruleElement in scopeElement.Element("rules").Descendants("rule"))
{
AssertionsMatch assertionsMatch = RetrieveRuleAssertionsMatch(ruleElement);
IEnumerable<InputPolicyClaim> inputClaims = RetrieveInputClaims(ruleElement, issuers, claimTypes);
OutputPolicyClaim outputClaim = RetrieveOutputClaim(ruleElement, claimTypes);
scope.AddRule(new PolicyRule(assertionsMatch, inputClaims, outputClaim));
}
return scope;
}
public void RemoveIssuer(Issuer issuer)
{
foreach (var rule in this.Rules)
{
foreach (var claim in rule.InputClaims)
{
if (claim.Issuer.Equals(issuer))
{
throw new PolicyScopeException(Resources.IssuerNotDefined);
}
}
}
this.Issuers.Remove(issuer);
}
public InputPolicyClaim(Issuer issuer, ClaimType claimType, string value)
: base(claimType, value)
{
this.Issuer = issuer;
}
public void AddRuleThrowsIfIssuerOfInputClaimDoesNotExists()
{
var scope = RetrievePolicyScope();
var newIssuer = new Issuer("http://newsampleissuer");
var inputClaim = new InputPolicyClaim(newIssuer, sampleClaimType, "sample value");
var rule = new PolicyRule(AssertionsMatch.Any, new List<InputPolicyClaim> { inputClaim }, GetSampleOutputClaim());
scope.AddRule(rule);
}
public void AddPolicyRuleShouldThrowIfNotExistingScope()
{
XmlPolicyStore store = new XmlPolicyStore("My Xml Store Path", new MockXmlRepository(@".\content\claimMappings-PassingTest2.xml"));
IList<InputPolicyClaim> inputClaims = new List<InputPolicyClaim>();
Issuer issuer = new Issuer("http://myIssuer1");
ClaimType claimType = new ClaimType("http://myClaimType", "myClaimType");
inputClaims.Add(new InputPolicyClaim(issuer, claimType, "nicolas"));
PolicyRule newRule = new PolicyRule(AssertionsMatch.Any, inputClaims, new OutputPolicyClaim(claimType, string.Empty, CopyFromConstants.InputValue));
store.AddPolicyRule(new Uri("http://notExistingScope/1"), newRule);
}
