public void AccessToken_Get_ForUser() { var userId = 42; var timeout = TimeSpan.FromMinutes(10); var savedToken = AccessTokenVault.CreateToken(userId, timeout); // ACTION var token = AccessTokenVault.GetToken(savedToken.Value); // ASSERT AssertTokensAreEqual(savedToken, token); }
public void AccessToken_Get_Expired() { var userId = 42; var timeout = TimeSpan.FromMilliseconds(1); var savedToken = AccessTokenVault.CreateToken(userId, timeout); // ACTION Thread.Sleep(10); var token = AccessTokenVault.GetToken(savedToken.Value); // ASSERT Assert.IsNull(token); }
public void AccessToken_Get_ForUserAndFeature() { var userId = 42; var feature = "Feature1"; var timeout = TimeSpan.FromMinutes(10); var savedToken = AccessTokenVault.CreateToken(userId, timeout, 0, feature); // ACTION var token = AccessTokenVault.GetToken(savedToken.Value, 0, feature); // ASSERT AssertTokensAreEqual(savedToken, token); Assert.IsNull(AccessTokenVault.GetToken(savedToken.Value)); }
public void AccessToken_Get_ForUserAndContent() { var userId = 42; var contentId = 142; var timeout = TimeSpan.FromMinutes(10); var savedToken = AccessTokenVault.CreateToken(userId, timeout, contentId); // ACTION var token = AccessTokenVault.GetToken(savedToken.Value, contentId); // ASSERT AssertTokensAreEqual(savedToken, token); Assert.IsNull(AccessTokenVault.GetToken(savedToken.Value)); }
public void AccessToken_Update() { var userId = 42; var timeout = TimeSpan.FromMinutes(10.0d); var savedToken = AccessTokenVault.CreateToken(userId, timeout); Assert.IsTrue(savedToken.ExpirationDate < DateTime.UtcNow.AddMinutes(20.0d)); // ACTION AccessTokenVault.UpdateToken(savedToken.Value, DateTime.UtcNow.AddMinutes(30.0d)); // ASSERT var loadedToken = AccessTokenVault.GetToken(savedToken.Value); Assert.IsNotNull(loadedToken); Assert.IsTrue(loadedToken.ExpirationDate > DateTime.UtcNow.AddMinutes(20.0d)); }
public void OnAuthenticateRequest(object sender, EventArgs e) { var application = sender as HttpApplication; var context = AuthenticationHelper.GetContext(sender); //HttpContext.Current; var basicAuthenticated = DispatchBasicAuthentication(context, out var anonymAuthenticated); var tokenAuthentication = new TokenAuthentication(new LogoutExecutor()); var tokenAuthenticated = tokenAuthentication.Authenticate(application, basicAuthenticated, anonymAuthenticated); if (!tokenAuthenticated) { tokenAuthenticated = OAuthManager.Instance.Authenticate(application, tokenAuthentication); } // if it is a simple basic authentication case or authenticated with a token if (basicAuthenticated || tokenAuthenticated) { return; } string authenticationType = null; string repositoryPath = string.Empty; // Get the current PortalContext var currentPortalContext = PortalContext.Current; if (currentPortalContext != null) { authenticationType = currentPortalContext.AuthenticationMode; } // default authentication mode if (string.IsNullOrEmpty(authenticationType)) { authenticationType = WebApplication.DefaultAuthenticationMode; } // if no site auth mode, no web.config default, then exception... if (string.IsNullOrEmpty(authenticationType)) { throw new ApplicationException( "The engine could not determine the authentication mode for this request. This request does not belong to a site, and there was no default authentication mode set in the web.config."); } if (currentPortalContext.IsWopiRequest) { var wopiRequest = currentPortalContext.WopiRequest; var tokenValue = wopiRequest.AccessTokenValue; var contentId = wopiRequest is FilesRequest fileRequest?int.Parse(fileRequest.FileId) : 0; var token = AccessTokenVault.GetToken(tokenValue, contentId, WopiHandler.AccessTokenFeatureName); if (token == null) { throw new UnauthorizedAccessException(); // 404 } using (new SystemAccount()) { if (Node.LoadNode(token.UserId) is IUser user) { // Authenticate user application.Context.User = new PortalPrincipal(user); SetApplicationUser(application, authenticationType); } } return; } switch (authenticationType) { case "Windows": EmulateWindowsAuthentication(application); SetApplicationUser(application, authenticationType); break; case "Forms": application.Context.User = null; CallInternalOnEnter(sender, e); SetApplicationUser(application, authenticationType); break; case "None": // "None" authentication: set the Visitor Identity application.Context.User = new PortalPrincipal(User.Visitor); break; default: Site site = null; var problemNode = Node.LoadNode(repositoryPath); if (problemNode != null) { site = Site.GetSiteByNode(problemNode); if (site != null) { authenticationType = site.GetAuthenticationType(application.Context.Request.Url); } } var message = site == null ? string.Format( HttpContext.GetGlobalResourceObject("Portal", "DefaultAuthenticationNotSupported") as string, authenticationType) : string.Format( HttpContext.GetGlobalResourceObject("Portal", "AuthenticationNotSupportedOnSite") as string, site.Name, authenticationType); throw new NotSupportedException(message); } }