The LOGIN SASL mechanism.
The LOGIN SASL mechanism provides little protection over the use of plain-text passwords by obscuring the user name and password within individual base64-encoded blobs and should be avoided unless used in combination with an SSL or TLS connection.
Inheritance: SaslMechanism
SaslMechanismLogin Class Documentation
Example #1
0
		public void TestArgumentExceptions ()
		{
			var credentials = new NetworkCredential ("username", "password");
			var uri = new Uri ("smtp://localhost");
			SaslMechanism sasl;

			Assert.Throws<ArgumentNullException> (() => new SaslException (null, SaslErrorCode.MissingChallenge, "message"));

			sasl = new SaslMechanismCramMd5 (uri, credentials);
			Assert.Throws<ArgumentNullException> (() => new SaslMechanismCramMd5 (null, credentials));
			Assert.Throws<ArgumentNullException> (() => new SaslMechanismCramMd5 (uri, null));
			Assert.Throws<NotSupportedException> (() => sasl.Challenge (null));

			sasl = new SaslMechanismDigestMd5 (uri, credentials);
			Assert.Throws<ArgumentNullException> (() => new SaslMechanismDigestMd5 (null, credentials));
			Assert.Throws<ArgumentNullException> (() => new SaslMechanismDigestMd5 (uri, null));
			Assert.Throws<NotSupportedException> (() => sasl.Challenge (null));

			sasl = new SaslMechanismLogin (uri, credentials);
			Assert.Throws<ArgumentNullException> (() => new SaslMechanismLogin (uri, null, credentials));
			Assert.Throws<ArgumentNullException> (() => new SaslMechanismLogin (null, credentials));
			Assert.Throws<ArgumentNullException> (() => new SaslMechanismLogin (uri, null));
			Assert.Throws<NotSupportedException> (() => sasl.Challenge (null));

			sasl = new SaslMechanismNtlm (uri, credentials);
			Assert.Throws<ArgumentNullException> (() => new SaslMechanismNtlm (null, credentials));
			Assert.Throws<ArgumentNullException> (() => new SaslMechanismNtlm (uri, null));
			Assert.DoesNotThrow (() => sasl.Challenge (null));

			sasl = new SaslMechanismOAuth2 (uri, credentials);
			Assert.Throws<ArgumentNullException> (() => new SaslMechanismOAuth2 (null, credentials));
			Assert.Throws<ArgumentNullException> (() => new SaslMechanismOAuth2 (uri, null));
			Assert.DoesNotThrow (() => sasl.Challenge (null));

			sasl = new SaslMechanismPlain (uri, credentials);
			Assert.Throws<ArgumentNullException> (() => new SaslMechanismPlain (uri, null, credentials));
			Assert.Throws<ArgumentNullException> (() => new SaslMechanismPlain (null, credentials));
			Assert.Throws<ArgumentNullException> (() => new SaslMechanismPlain (uri, null));
			Assert.DoesNotThrow (() => sasl.Challenge (null));

			sasl = new SaslMechanismScramSha1 (uri, credentials);
			Assert.Throws<ArgumentNullException> (() => new SaslMechanismScramSha1 (null, credentials));
			Assert.Throws<ArgumentNullException> (() => new SaslMechanismScramSha1 (uri, null));
			Assert.DoesNotThrow (() => sasl.Challenge (null));

			sasl = new SaslMechanismScramSha256 (uri, credentials);
			Assert.Throws<ArgumentNullException> (() => new SaslMechanismScramSha256 (null, credentials));
			Assert.Throws<ArgumentNullException> (() => new SaslMechanismScramSha256 (uri, null));
			Assert.DoesNotThrow (() => sasl.Challenge (null));
		}
Example #2
0
		public void TestLoginAuth ()
		{
			const string expected1 = "dXNlcm5hbWU=";
			const string expected2 = "cGFzc3dvcmQ=";
			var credentials = new NetworkCredential ("username", "password");
			var uri = new Uri ("imap://imap.gmail.com");
			var sasl = new SaslMechanismLogin (uri, credentials);
			string challenge;

			challenge = sasl.Challenge (string.Empty);

			Assert.AreEqual (expected1, challenge, "LOGIN initial challenge response does not match the expected string.");
			Assert.IsFalse (sasl.IsAuthenticated, "LOGIN should not be authenticated.");

			challenge = sasl.Challenge (string.Empty);

			Assert.AreEqual (expected2, challenge, "LOGIN final challenge response does not match the expected string.");
			Assert.IsTrue (sasl.IsAuthenticated, "LOGIN should be authenticated.");
		}