public void SingleProvider_SamePurpose_RoundTripsData()
{
// Arrange
var dataProtectionProvider = new EphemeralDataProtectionProvider();
var dataProtector1 = dataProtectionProvider.CreateProtector("purpose");
var dataProtector2 = dataProtectionProvider.CreateProtector("purpose"); // should be equivalent to the previous instance
byte[] bytes = Encoding.UTF8.GetBytes("Hello there!");
// Act
byte[] protectedBytes = dataProtector1.Protect(bytes);
byte[] unprotectedBytes = dataProtector2.Unprotect(protectedBytes);
// Assert
Assert.Equal(bytes, unprotectedBytes);
}
public void SingleProvider_DifferentPurpose_DoesNotRoundTripData()
{
// Arrange
var dataProtectionProvider = new EphemeralDataProtectionProvider();
var dataProtector1 = dataProtectionProvider.CreateProtector("purpose");
var dataProtector2 = dataProtectionProvider.CreateProtector("different purpose");
byte[] bytes = Encoding.UTF8.GetBytes("Hello there!");
// Act & assert
byte[] protectedBytes = dataProtector1.Protect(bytes);
Assert.ThrowsAny<CryptographicException>(() =>
{
byte[] unprotectedBytes = dataProtector2.Unprotect(protectedBytes);
});
}
public TestState()
{
Mock <IGetPersonalProfileDependencies> dependencies = new Mock <IGetPersonalProfileDependencies>();
Mock <IHttpContextAccessor> httpContextAccessor = new Mock <IHttpContextAccessor>();
Mock <IHeaderDictionary> headerDictionary = new Mock <IHeaderDictionary>();
httpContextAccessor.Setup(a => a.HttpContext.Request.Headers)
.Returns(headerDictionary.Object);
IDataProtectionProvider provider = new EphemeralDataProtectionProvider();
_protector = provider.CreateProtector("PersonalProfile.Protector");
dependencies.Setup(a => a.GetUserId(Username))
.Returns(Task.FromResult(UserIdEntity.Create(Username, UserId)));
dependencies.Setup(a => a.GetPersonalProfile(UserId))
.Returns(Task.FromResult(GetPersonalProfileEntity(UserId)));
dependencies.Setup(a => a.GetSkills(UserId))
.Returns(Task.FromResult(GetSkills(UserId)));
dependencies.Setup(a => a.GetInterests(UserId))
.Returns(Task.FromResult(GetInterests(UserId)));
_dependencies = dependencies;
Subject = new PersonalProfile(_dependencies.Object, provider, httpContextAccessor.Object);
}
public void SingleProvider_SamePurpose_RoundTripsData()
{
// Arrange
var dataProtectionProvider = new EphemeralDataProtectionProvider();
var dataProtector1 = dataProtectionProvider.CreateProtector("purpose");
var dataProtector2 = dataProtectionProvider.CreateProtector("purpose"); // should be equivalent to the previous instance
byte[] bytes = Encoding.UTF8.GetBytes("Hello there!");
// Act
byte[] protectedBytes = dataProtector1.Protect(bytes);
byte[] unprotectedBytes = dataProtector2.Unprotect(protectedBytes);
// Assert
Assert.Equal(bytes, unprotectedBytes);
}
public void SingleProvider_DifferentPurpose_DoesNotRoundTripData()
{
// Arrange
var dataProtectionProvider = new EphemeralDataProtectionProvider();
var dataProtector1 = dataProtectionProvider.CreateProtector("purpose");
var dataProtector2 = dataProtectionProvider.CreateProtector("different purpose");
byte[] bytes = Encoding.UTF8.GetBytes("Hello there!");
// Act & assert
byte[] protectedBytes = dataProtector1.Protect(bytes);
Assert.ThrowsAny <CryptographicException>(() =>
{
byte[] unprotectedBytes = dataProtector2.Unprotect(protectedBytes);
});
}
public void TestDataProtectionProvider()
{
//SETUP
var eProvider = new EphemeralDataProtectionProvider();
//ATTEMPT
var provider = eProvider.CreateProtector("XXX");
var encrypted = provider.Protect("Hello world");
var unencrypted = provider.Unprotect(encrypted);
//VERIFY
unencrypted.ShouldEqual("Hello world");
}
public void ReadEncryptedCookie()
{
//SETUP
var mocks = new MockHttpContextCookies();
var eProvider = new EphemeralDataProtectionProvider();
var cookie = new ImpersonationCookie(mocks.MockContext, eProvider);
//ATTEMPT
mocks.RequestCookies["UserImpersonation"] = eProvider.CreateProtector(cookie.EncryptPurpose).Protect("Hello world");
var data = cookie.GetCookieInValue();
//VERIFY
data.ShouldEqual("Hello world");
}
public void ReadEncryptedCookie()
{
//SETUP
var httpContext = new DefaultHttpContext();
var eProvider = new EphemeralDataProtectionProvider();
var cookie = new ImpersonationCookie(httpContext, eProvider);
var codedData = eProvider.CreateProtector(cookie.EncryptPurpose).Protect("Hello world");
//ATTEMPT
httpContext.AddRequestCookie("UserImpersonation", codedData);
var data = cookie.GetCookieInValue();
//VERIFY
data.ShouldEqual("Hello world");
}
public PasswordServiceTests()
{
var dbContextOptions = new DbContextOptionsBuilder <ApplicationDbContext>()
.UseInMemoryDatabase("Db").Options;
_dbContext = new ApplicationDbContext(dbContextOptions);
_dataProtectionProvider = new EphemeralDataProtectionProvider();
_dataProtector = _dataProtectionProvider.CreateProtector(PasswordService.ProtectorPurpose);
_clock = new FakeClock(new Instant());
_sessionService = new Mock <ISessionService>();
_sut = new PasswordService(
_dbContext,
_dataProtectionProvider,
_clock,
_sessionService.Object,
NullLogger <PasswordService> .Instance
);
}
static void Main(string[] args)
{
// Short term provider
IDataProtectionProvider provider = new EphemeralDataProtectionProvider();
//or long term provider from Extensions
provider = DataProtectionProvider.Create(nameof(Main));
var protector = provider.CreateProtector("encrypt");
// Write
File.WriteAllText("C:\\temp\\protected.txt", protector.Protect("Secret Text"));
//return;
// Read
var secret = protector.Unprotect(File.ReadAllText("C:\\temp\\protected.txt"));
Console.WriteLine(secret);
}
static void Main(string[] args)
{
const string purpose = "Demonstration";
// instantiate the data protection system at this folder
var dataProtectionProvider = new EphemeralDataProtectionProvider();
var protector = dataProtectionProvider.CreateProtector(purpose);
Console.Write("Enter input: ");
string input = Console.ReadLine();
// protect the payload
string protectedPayload = protector.Protect(input);
Console.WriteLine($"Protect returned: {protectedPayload}");
// unprotect the payload
string unprotectedPayload = protector.Unprotect(protectedPayload);
Console.WriteLine($"Unprotect returned: {unprotectedPayload}");
Console.ReadLine();
}
public async Task IndexMethod_ShouldReturn_SessionIdInViewModel()
{
var _dataProtectionProvider = new EphemeralDataProtectionProvider();
var controller = Substitute.ForPartsOf <HomeController>(new object[] { _logger, _apiServices, _dataProtectionProvider });
controller.ControllerContext = new ControllerContext {
HttpContext = new DefaultHttpContext()
};
controller.Request.Cookies = new RequestCookieCollection(new Dictionary <string, string>
{
{ ".dysac-session", _dataProtectionProvider.CreateProtector("BaseController").Protect("abc123") }
});
var result = await controller.Index();
var viewResult = Assert.IsType <ViewResult>(result);
var viewModel = Assert.IsType <IndexViewModel>(viewResult.Model);
Assert.Equal("abc123", viewModel.SessionId);
}
public async Task Index_ShouldReturn_500WithException()
{
var _dataProtectionProvider = new EphemeralDataProtectionProvider();
var controller = Substitute.ForPartsOf <FinishController>(new object[] { _logger, _apiServices, _dataProtectionProvider });
controller.ControllerContext = new ControllerContext {
HttpContext = new DefaultHttpContext()
};
controller.Request.Cookies = new RequestCookieCollection(new Dictionary <string, string>
{
{ ".dysac-session", _dataProtectionProvider.CreateProtector("BaseController").Protect("abc123") }
});
controller.View("Finish", Arg.Any <FinishViewModel>()).Throws(new Exception());
var result = await controller.Index();
var viewResult = Assert.IsType <RedirectToActionResult>(result);
Assert.Equal("Error500", viewResult.ActionName);
Assert.Equal("Error", viewResult.ControllerName);
}
public TestState()
{
DefaultPersonalProfile = BuildPersonalProfile();
IDataProtectionProvider provider = new EphemeralDataProtectionProvider();
IDataProtector protector = provider.CreateProtector("test");
var entities = DefaultPersonalProfile.MapToWraperEntities(protector);
Mock <IPutPersonalProfileDependencies> dependencies = new Mock <IPutPersonalProfileDependencies>();
//TODO: modify the scenario to test as well updates.
dependencies.Setup(a => a.InsertPersonalProfile(It.IsAny <PersonalProfileEntity>()))
.Returns(entities.personalProfile.Success().Async());
dependencies.Setup(a => a.UpdatePersonalProfile(It.IsAny <PersonalProfileEntity>()))
.Returns(entities.personalProfile.Success().Async());
dependencies.Setup(a => a.InsertInterests(It.IsAny <List <InterestEntity> >()))
.Returns(entities.interestEntities.Success().Async());
dependencies.Setup(a => a.UpdateInterests(It.IsAny <List <InterestEntity> >()))
.Returns(entities.interestEntities.Success().Async());
dependencies.Setup(a => a.InsertSkills(It.IsAny <List <SkillEntity> >()))
.Returns(entities.skillEntities.Success().Async());
dependencies.Setup(a => a.UpdateSkills(It.IsAny <List <SkillEntity> >()))
.Returns(entities.skillEntities.Success().Async());
dependencies.Setup(a => a.CommitTransaction())
.Returns(Task.CompletedTask);
dependencies.Setup(a => a.GetUser(Username))
.Returns(Task.FromResult(UserIdEntity.Create(Username, UserId)));
_dependencies = dependencies;
Subject = new PutPersonalProfile(_dependencies.Object, provider);
}
public async Task ResultsFilteredForJobCategory_ShouldReturn_500OnError()
{
_appSettings.Value.UseFilteringQuestions = true;
var _dataProtectionProvider = new EphemeralDataProtectionProvider();
var controller = Substitute.ForPartsOf <ResultsController>(new object[] { _logger, _apiServices, _appSettings, _dataProtectionProvider });
controller.ControllerContext = new ControllerContext {
HttpContext = new DefaultHttpContext()
};
controller.Request.Cookies = new RequestCookieCollection(new Dictionary <string, string>
{
{ ".dysac-session", _dataProtectionProvider.CreateProtector("BaseController").Protect("abc123") }
});
controller.View("ResultsForJobCategory", Arg.Any <ResultsViewModel>()).Throws(new Exception());
var result = await controller.ResultsFilteredForJobCategory("animal-care");
var viewResult = Assert.IsType <RedirectToActionResult>(result);
Assert.Equal("Error500", viewResult.ActionName);
Assert.Equal("Error", viewResult.ControllerName);
}