public void Configure(XmlElement configurationElement)
{
var validatorEl = configurationElement.GetElementsByTagName("validator")
.OfType <XmlElement>().FirstOrDefault(x => x.HasAttribute("type"));
if (validatorEl == null)
{
throw new ConfigurationErrorsException("Missing required validator element for Basic Authentication authentication provider.");
}
var validatorType = Type.GetType(validatorEl.GetAttribute("type"));
if (validatorType == null)
{
throw new ConfigurationErrorsException(String.Format("Cannot resolve validator type '{0}'", validatorEl.GetAttribute("type")));
}
var userValidator = Activator.CreateInstance(validatorType) as IUserValidator;
if (userValidator == null)
{
throw new ConfigurationErrorsException(String.Format("Type {0} does not implement the IUserValidator interface.", validatorType.FullName));
}
if (userValidator is IConfigurableUserValidator)
{
(userValidator as IConfigurableUserValidator).Configure(validatorEl);
}
var realmEl = configurationElement.GetElementsByTagName("realm").OfType <XmlElement>().FirstOrDefault();
var realm = realmEl == null ? "BrightstarDB" : realmEl.InnerText;
_configuration = new BasicAuthenticationConfiguration(userValidator, realm);
}
public void Post_request_hook_should_not_return_a_challenge_on_an_ajax_request_when_set_to_nonajax()
{
// Given
var config = new BasicAuthenticationConfiguration(A.Fake <IUserValidator>(), "realm", UserPromptBehaviour.NonAjax);
var hooks = new Pipelines();
BasicAuthentication.Enable(hooks, config);
var headers = new Dictionary <string, IEnumerable <string> >();
headers.Add(ajaxRequestHeaderKey, new [] { ajaxRequestHeaderValue });
var context = new NancyContext()
{
Request = new FakeRequest("GET", "/", headers)
};
context.Response = new Response {
StatusCode = HttpStatusCode.Unauthorized
};
// When
hooks.AfterRequest.Invoke(context, new CancellationToken());
// Then
context.Response.Headers.ContainsKey("WWW-Authenticate").ShouldBeFalse();
}
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines)
{
base.ApplicationStartup(container, pipelines);
var configuration = new BasicAuthenticationConfiguration(container.Resolve <IUserValidator>(),
"MyRealm",
UserPromptBehaviour.NonAjax);
pipelines.EnableBasicAuthentication(configuration);
}
private void EnableBasicAuth(IUnityContainer container, IPipelines pipelines)
{
var config =
new BasicAuthenticationConfiguration(
container.Resolve <IUserValidator>()
, "you need login"
, UserPromptBehaviour.NonAjax);
BasicAuthentication.Enable(pipelines, config);
}
public BasicAuthenticationFixture()
{
this.config = new BasicAuthenticationConfiguration(A.Fake<IUserValidator>(), "realm");
this.context = new NancyContext()
{
Request = new FakeRequest("GET", "/")
};
this.hooks = new FakeApplicationPipelines();
BasicAuthentication.Enable(this.hooks, this.config);
}
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines)
{
base.ApplicationStartup(container, pipelines);
var configuration = new BasicAuthenticationConfiguration(
container.Resolve <IUserValidator>(),
"MessageVault"
);
pipelines.EnableBasicAuthentication(configuration);
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
var path = Path.Combine(_path, _jsonFileName);
services.AddSingleton <IDataStore>(new DataStore(path, reloadBeforeGetCollection: Configuration.GetValue <bool>("Common:EagerDataReload")));
services.AddSingleton <IMessageBus, MessageBus>();
services.AddSingleton(typeof(JobsService));
services.Configure <AuthenticationSettings>(Configuration.GetSection("Authentication"));
services.Configure <ApiSettings>(Configuration.GetSection("Api"));
services.Configure <JobsSettings>(Configuration.GetSection("Jobs"));
services.Configure <SimulateSettings>(Configuration.GetSection("Simulate"));
services.AddCors(options =>
{
options.AddPolicy("AllowAnyPolicy",
builder => builder.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials());
});
if (Configuration.GetValue <bool>("Authentication:Enabled"))
{
if (Configuration.GetValue <string>("Authentication:AuthenticationType") == "token")
{
TokenConfiguration.Configure(services);
}
else
{
BasicAuthenticationConfiguration.Configure(services);
}
}
else
{
AllowAllAuthenticationConfiguration.Configure(services);
}
services.AddMvc();
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new Info {
Title = "Fake JSON API", Version = "v1"
});
var basePath = PlatformServices.Default.Application.ApplicationBasePath;
var xmlPath = Path.Combine(basePath, "FakeServer.xml");
c.IncludeXmlComments(xmlPath);
});
}
private bool IsAuthorized(BasicAuthenticationConfiguration config, AuthenticationHeaderValue header)
{
var credentials = GetCredentials(header);
if (credentials.Length != 2)
{
return(false);
}
var userName = credentials[0];
var password = credentials[1];
return(config.UserName == userName && config.Password == password);
}
public void Post_request_hook_should_not_return_a_challenge_when_set_to_never()
{
// Given
var config = new BasicAuthenticationConfiguration(A.Fake<IUserValidator>(), "realm", UserPromptBehaviour.Never);
var hooks = new Pipelines();
BasicAuthentication.Enable(hooks, config);
var context = new NancyContext()
{
Request = new FakeRequest("GET", "/")
};
context.Response = new Response { StatusCode = HttpStatusCode.Unauthorized };
// When
hooks.AfterRequest.Invoke(context);
// Then
context.Response.Headers.ContainsKey("WWW-Authenticate").ShouldBeFalse();
}
public void Post_request_hook_should_not_return_a_challenge_on_an_ajax_request_when_set_to_nonajax()
{
// Given
var config = new BasicAuthenticationConfiguration(A.Fake<IUserValidator>(), "realm", UserPromptBehaviour.NonAjax);
var hooks = new Pipelines();
BasicAuthentication.Enable(hooks, config);
var headers = new Dictionary<string,IEnumerable<string>>();
headers.Add(ajaxRequestHeaderKey, new [] { ajaxRequestHeaderValue });
var context = new NancyContext()
{
Request = new FakeRequest("GET", "/", headers)
};
context.Response = new Response { StatusCode = HttpStatusCode.Unauthorized };
// When
hooks.AfterRequest.Invoke(context);
// Then
context.Response.Headers.ContainsKey("WWW-Authenticate").ShouldBeFalse();
}
public void Post_request_hook_should_not_return_a_challenge_when_set_to_never()
{
// Given
var config = new BasicAuthenticationConfiguration(A.Fake <IUserValidator>(), "realm", UserPromptBehaviour.Never);
var hooks = new Pipelines();
BasicAuthentication.Enable(hooks, config);
var context = new NancyContext()
{
Request = new FakeRequest("GET", "/")
};
context.Response = new Response {
StatusCode = HttpStatusCode.Unauthorized
};
// When
hooks.AfterRequest.Invoke(context, new CancellationToken());
// Then
context.Response.Headers.ContainsKey("WWW-Authenticate").ShouldBeFalse();
}
public void Should_set_user_in_context_with_valid_username_in_auth_header()
{
// Given
var fakePipelines = new Pipelines();
var validator = A.Fake <IUserValidator>();
var fakeUser = A.Fake <ClaimsPrincipal>();
A.CallTo(() => validator.Validate("foo", "bar")).Returns(fakeUser);
var cfg = new BasicAuthenticationConfiguration(validator, "realm");
var context = CreateContextWithHeader(
"Authorization", new [] { "Basic" + " " + EncodeCredentials("foo", "bar") });
BasicAuthentication.Enable(fakePipelines, cfg);
// When
fakePipelines.BeforeRequest.Invoke(context, new CancellationToken());
// Then
context.CurrentUser.ShouldBeSameAs(fakeUser);
}
private void ConfigureAuth(IServiceCollection services)
{
var authConfig = new BasicAuthenticationConfiguration();
this._configuration.Bind("BasicAuthentication", authConfig);
if (authConfig.IsDisabled)
{
return;
}
Func <(string username, string password), Task <bool> > verifyDelegate = null;
if (!string.IsNullOrEmpty(authConfig.Proxy))
{
_loggerFactory.CreateLogger <Startup>().LogInformation("Using ProxyAuthentication: {proxy}", authConfig.Proxy);
verifyDelegate = new ProxyCredentialVerifier(new Uri(authConfig.Proxy)).Verify;
}
else if (authConfig.IsSimple)
{
_loggerFactory.CreateLogger <Startup>().LogInformation("Using UsernameEqualsPasswordCredentialVerifier");
verifyDelegate = new UsernameEqualsPasswordCredentialVerifier().Verify;
}
if (verifyDelegate != null)
{
services.AddAuthentication(BasicAuthenticationDefaults.AuthenticationScheme)
.AddBasicAuthentication(verifyDelegate);
return;
}
var msg = "Authentication is not configured";
_loggerFactory.CreateLogger <Startup>().LogError(msg);
throw new Exception(msg);
}
public BasicAuthenticationFixture()
{
this.config = new BasicAuthenticationConfiguration(A.Fake<IUserValidator>(), "realm");
this.hooks = new FakeApplicationPipelines();
BasicAuthentication.Enable(this.hooks, this.config);
}
public BasicAuthAuthenticationProvider(BasicAuthenticationConfiguration configuration)
{
_configuration = configuration;
}
public BasicAuthenticationFixture()
{
this.config = new BasicAuthenticationConfiguration(A.Fake <IUserValidator>(), "realm", UserPromptBehaviour.Always);
this.hooks = new Pipelines();
BasicAuthentication.Enable(this.hooks, this.config);
}
private bool IsDisabled(BasicAuthenticationConfiguration config) => config == null || !config.IsEnabled;
public void ConfigureServices(IServiceCollection services)
{
var folder = Configuration["staticFolder"];
if (!string.IsNullOrEmpty(folder))
{
services.AddSpaStaticFiles((spa) =>
{
spa.RootPath = folder;
});
// No need to define anything else as this can only be used as a SPA server
return;
}
var jsonFilePath = Path.Combine(Configuration["currentPath"], Configuration["file"]);
services.AddSingleton <IDataStore>(new DataStore(jsonFilePath, reloadBeforeGetCollection: Configuration.GetValue <bool>("Common:EagerDataReload")));
services.AddSingleton <IMessageBus, MessageBus>();
services.AddSingleton <JobsService>();
services.Configure <AuthenticationSettings>(Configuration.GetSection("Authentication"));
services.Configure <ApiSettings>(Configuration.GetSection("Api"));
services.Configure <JobsSettings>(Configuration.GetSection("Jobs"));
services.Configure <SimulateSettings>(Configuration.GetSection("Simulate"));
services.AddCors(options =>
{
options.AddPolicy("AllowAnyPolicy",
builder => builder.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials());
});
var useAuthentication = Configuration.GetValue <bool>("Authentication:Enabled");
if (useAuthentication)
{
if (Configuration["Authentication:AuthenticationType"] == "token")
{
var blacklistService = new TokenBlacklistService();
services.AddSingleton(blacklistService);
TokenConfiguration.Configure(services);
}
else
{
BasicAuthenticationConfiguration.Configure(services);
}
}
else
{
AllowAllAuthenticationConfiguration.Configure(services);
}
services.AddMvc();
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new Info {
Title = "Fake JSON API", Version = "v1"
});
var basePath = PlatformServices.Default.Application.ApplicationBasePath;
var xmlPath = Path.Combine(basePath, "FakeServer.xml");
c.IncludeXmlComments(xmlPath);
if (useAuthentication)
{
c.OperationFilter <AddAuthorizationHeaderParameterOperationFilter>();
if (Configuration["Authentication:AuthenticationType"] == "token")
{
c.DocumentFilter <AuthTokenOperation>();
}
}
});
}
public void Should_set_username_in_context_with_valid_username_in_auth_header()
{
// Given
var fakePipelines = new FakeApplicationPipelines();
var validator = A.Fake<IUserValidator>();
A.CallTo(() => validator.Validate("foo", "bar")).Returns(true);
var cfg = new BasicAuthenticationConfiguration(validator, "realm");
var context = CreateContextWithHeader(
"Authorization", new [] { "Basic" + " " + EncodeCredentials("foo", "bar") });
BasicAuthentication.Enable(fakePipelines, cfg);
// When
fakePipelines.BeforeRequest.Invoke(context);
// Then
context.Items[SecurityConventions.AuthenticatedUsernameKey].ShouldEqual("foo");
}
public void Should_set_user_in_context_with_valid_username_in_auth_header()
{
// Given
var fakePipelines = new Pipelines();
var validator = A.Fake<IUserValidator>();
var fakeUser = A.Fake<IUserIdentity>();
A.CallTo(() => validator.Validate("foo", "bar")).Returns(fakeUser);
var cfg = new BasicAuthenticationConfiguration(validator, "realm");
var context = CreateContextWithHeader(
"Authorization", new [] { "Basic" + " " + EncodeCredentials("foo", "bar") });
BasicAuthentication.Enable(fakePipelines, cfg);
// When
fakePipelines.BeforeRequest.Invoke(context, new CancellationToken());
// Then
context.CurrentUser.ShouldBeSameAs(fakeUser);
}
public BasicAuthenticationFixture()
{
this.config = new BasicAuthenticationConfiguration(A.Fake<IUserValidator>(), "realm", UserPromptBehaviour.Always);
this.hooks = new Pipelines();
BasicAuthentication.Enable(this.hooks, this.config);
}
public BasicAuthenticationFixture()
{
this.config = new BasicAuthenticationConfiguration(A.Fake <IUserValidator>(), "realm");
this.hooks = new FakeApplicationPipelines();
BasicAuthentication.Enable(this.hooks, this.config);
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
var jsonFilePath = Path.Combine(Configuration.GetValue <string>("currentPath"), Configuration.GetValue <string>("file"));
services.AddSingleton <IDataStore>(new DataStore(jsonFilePath, reloadBeforeGetCollection: Configuration.GetValue <bool>("Common:EagerDataReload")));
services.AddSingleton <IMessageBus, MessageBus>();
services.AddSingleton(typeof(JobsService));
services.Configure <AuthenticationSettings>(Configuration.GetSection("Authentication"));
services.Configure <ApiSettings>(Configuration.GetSection("Api"));
services.Configure <JobsSettings>(Configuration.GetSection("Jobs"));
services.Configure <SimulateSettings>(Configuration.GetSection("Simulate"));
services.AddCors(options =>
{
options.AddPolicy("AllowAnyPolicy",
builder => builder.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials());
});
var useAuthentication = Configuration.GetValue <bool>("Authentication:Enabled");
if (useAuthentication)
{
if (Configuration.GetValue <string>("Authentication:AuthenticationType") == "token")
{
var blacklistService = new TokenBlacklistService();
services.AddSingleton(blacklistService);
TokenConfiguration.Configure(services, blacklistService);
}
else
{
BasicAuthenticationConfiguration.Configure(services);
}
}
else
{
AllowAllAuthenticationConfiguration.Configure(services);
}
services.AddMvc();
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new Info {
Title = "Generic JSON SQL Api", Version = "v1"
});
var basePath = PlatformServices.Default.Application.ApplicationBasePath;
var xmlPath = Path.Combine(basePath, "FakeServer.xml");
c.IncludeXmlComments(xmlPath);
if (useAuthentication)
{
c.OperationFilter <AddAuthorizationHeaderParameterOperationFilter>();
if (Configuration.GetValue <string>("Authentication:AuthenticationType") == "token")
{
c.DocumentFilter <AuthTokenOperation>();
}
}
});
}
