Exemple #1
0
        public void GenerateHash_returns_hashes_for_timestamps_accurate_to_the_second()
        {
            // Given
            var now          = DateTime.UtcNow.Date;
            var stateString  = "stateString";
            var clockService = new BinaryClockService(now, now.AddMilliseconds(999));
            var service      = new LearningHubSsoSecurityService(clockService, Config, Logger);

            // When
            var hash1 = service.GenerateHash(stateString);
            var hash2 = service.GenerateHash(stateString);

            // Then
            hash1.Should().Be(hash2);
        }
Exemple #2
0
        public void GenerateHash_is_consistent()
        {
            // Given
            var now          = DateTime.UtcNow;
            var stateString  = "stateString";
            var clockService = new BinaryClockService(now, now);
            var service      = new LearningHubSsoSecurityService(clockService, Config, Logger);

            // When
            var hash1 = service.GenerateHash(stateString);
            var hash2 = service.GenerateHash(stateString);

            // Then
            hash1.Should().Be(hash2);
        }
Exemple #3
0
        public void GenerateHash_returns_different_hashes_for_different_timestamps()
        {
            // Given
            var now          = DateTime.UtcNow;
            var stateString  = "stateString";
            var clockService = new BinaryClockService(now, now.AddSeconds(1));
            var service      = new LearningHubSsoSecurityService(clockService, Config, Logger);

            // When
            var hash1 = service.GenerateHash(stateString);
            var hash2 = service.GenerateHash(stateString);

            // Then
            hash1.Should().NotBe(hash2);
        }
Exemple #4
0
        public void VerifyHash_returns_false_for_hashes_created_outside_tolerance_time([Values(-(TestTolerance + 1), TestTolerance + 1)] int delay)
        {
            // Given
            var now          = DateTime.UtcNow;
            var stateString  = "stateString";
            var clockService = new BinaryClockService(now, now.AddSeconds(delay));
            var helper       = new LearningHubSsoSecurityService(clockService, Config);

            // When
            var hash   = helper.GenerateHash(stateString);
            var result = helper.VerifyHash(stateString, hash);

            // Then
            result.Should().BeFalse();
        }
Exemple #5
0
        public void VerifyHash_returns_true_for_hashed_created_within_tolerance_time([Range(-TestTolerance, TestTolerance, 1)] int delay)
        {
            // Given
            var now          = DateTime.UtcNow;
            var stateString  = "stateString";
            var clockService = new BinaryClockService(now, now.AddSeconds(delay));
            var helper       = new LearningHubSsoSecurityService(clockService, Config);

            // When
            var hash   = helper.GenerateHash(stateString);
            var result = helper.VerifyHash(stateString, hash);

            // Then
            result.Should().BeTrue();
        }
Exemple #6
0
        public void GenerateHash_throws_if_secret_key_too_short()
        {
            // Given
            var now          = DateTime.UtcNow;
            var stateString  = "stateString";
            var clockService = new BinaryClockService(now, now);

            A.CallTo(() => Config["LearningHubSSO:SecretKey"]).Returns("1234567");
            var service = new LearningHubSsoSecurityService(clockService, Config, Logger);

            // When
            Action action = () => service.GenerateHash(stateString);

            // Then
            action.Should().Throw <CryptographicException>();
        }
Exemple #7
0
        public void GenerateHash_returns_different_hashes_for_different_state_input_strings()
        {
            // Given
            var now                  = DateTime.UtcNow;
            var stateString          = "stateString";
            var differentStateString = "stateStrinh";
            var clockService         = new BinaryClockService(now, now.AddSeconds(1));
            var helper               = new LearningHubSsoSecurityService(clockService, Config);

            // When
            var hash1 = helper.GenerateHash(stateString);
            var hash2 = helper.GenerateHash(differentStateString);

            // Then
            hash1.Should().NotBe(hash2);
        }
Exemple #8
0
        public void GenerateHash_returns_different_hashes_for_different_secret_keys()
        {
            // Given
            var now          = DateTime.UtcNow;
            var stateString  = "stateString";
            var clockService = new BinaryClockService(now, now);
            var service      = new LearningHubSsoSecurityService(clockService, Config, Logger);

            var alternateConfig = A.Fake <IConfiguration>();

            A.CallTo(() => alternateConfig["LearningHubSSO:ToleranceInSeconds"]).Returns(TestTolerance.ToString());
            A.CallTo(() => alternateConfig["LearningHubSSO:HashIterations"]).Returns(TestIterations.ToString());
            A.CallTo(() => alternateConfig["LearningHubSSO:ByteLength"]).Returns(TestLength.ToString());
            A.CallTo(() => alternateConfig["LearningHubSSO:SecretKey"]).Returns("open sesame");

            var helper2 = new LearningHubSsoSecurityService(clockService, alternateConfig, Logger);

            // When
            var hash1 = service.GenerateHash(stateString);
            var hash2 = helper2.GenerateHash(stateString);

            // Then
            hash1.Should().NotBe(hash2);
        }