private (Guid sessionIdentifier, int?resourceId) ParseAccountLinkingRequest(
LinkLearningHubRequest linkLearningHubRequest,
Guid storedSessionIdentifier
)
{
var stateItems = linkLearningHubRequest.State.Split("_refId:");
if (stateItems.Length != 2)
{
throw new LearningHubLinkingRequestException("Invalid Learning Hub linking state.");
}
if (!Guid.TryParse(stateItems[0], out var validSessionIdentifier) ||
validSessionIdentifier != storedSessionIdentifier)
{
throw new LearningHubLinkingRequestException("Invalid Learning Hub linking session.");
}
if (!int.TryParse(stateItems[1], out var validReferenceId))
{
return(validSessionIdentifier, null);
}
return(validSessionIdentifier, validReferenceId);
}
private void ValidateLearningHubUserId(LinkLearningHubRequest linkLearningHubRequest)
{
var isVerified = learningHubSsoSecurityService.VerifyHash(
linkLearningHubRequest.UserId.ToString(),
linkLearningHubRequest.Hash
);
if (!isVerified)
{
throw new LearningHubLinkingRequestException("Invalid Learning Hub UserId hash.");
}
}
public int?ValidateLinkingRequestAndExtractDestinationResourceId(
LinkLearningHubRequest linkLearningHubRequest,
string linkRequestSessionIdentifier
)
{
if (!Guid.TryParse(linkRequestSessionIdentifier, out var storedSessionIdentifier))
{
throw new LearningHubLinkingRequestException(
"Invalid Learning Hub linking request session identifier."
);
}
ValidateLearningHubUserId(linkLearningHubRequest);
var parsedState = ParseAccountLinkingRequest(linkLearningHubRequest, storedSessionIdentifier);
return(parsedState.resourceId);
}
ValidateLinkingRequestAndExtractDestinationResourceId_throws_exception_when_verifyHash_returns_false()
{
// Given
var storedSessionIdentifier = Guid.NewGuid();
var linkLearningHubRequest = new LinkLearningHubRequest
{
Hash = "invalid-hash",
State = $"{storedSessionIdentifier}_refId:56789",
UserId = 56789,
};
// When
Action act = () => learningHubLinkService.ValidateLinkingRequestAndExtractDestinationResourceId(
linkLearningHubRequest,
storedSessionIdentifier.ToString()
);
// Then
act.Should().Throw <LearningHubLinkingRequestException>().WithMessage("Invalid Learning Hub UserId hash.");
}
ValidateLinkingRequestAndExtractDestinationResourceId_returns_resourceId_when_request_parsed_successfully()
{
// Given
var storedSessionIdentifier = Guid.NewGuid();
var linkLearningHubRequest = new LinkLearningHubRequest
{
Hash = "valid-hash",
State = $"{storedSessionIdentifier}_refId:1234",
UserId = 12345,
};
// When
var result = learningHubLinkService.ValidateLinkingRequestAndExtractDestinationResourceId(
linkLearningHubRequest,
storedSessionIdentifier.ToString()
);
// Then
result.Should().Be(1234);
}
ValidateLinkingRequestAndExtractDestinationResourceId_returns_null_when_resource_id_could_not_be_parsed()
{
// Given
var storedSessionIdentifier = Guid.NewGuid();
var linkLearningHubRequest = new LinkLearningHubRequest
{
Hash = "valid-hash",
State = $"{storedSessionIdentifier}_refId:badInteger",
UserId = 12345,
};
// When
var result = learningHubLinkService.ValidateLinkingRequestAndExtractDestinationResourceId(
linkLearningHubRequest,
storedSessionIdentifier.ToString()
);
// Then
result.Should().BeNull();
}
public void ValidateLinkingRequestAndExtractDestinationResourceId_throws_exception_when_state_is_incomplete()
{
// Given
var storedSessionIdentifier = Guid.NewGuid();
var linkLearningHubRequest = new LinkLearningHubRequest
{
Hash = "valid-hash",
State = $"{storedSessionIdentifier}",
UserId = 12345,
};
// When
Action act = () => learningHubLinkService.ValidateLinkingRequestAndExtractDestinationResourceId(
linkLearningHubRequest,
storedSessionIdentifier.ToString()
);
// Then
act.Should().Throw <LearningHubLinkingRequestException>().WithMessage("Invalid Learning Hub linking state.");
}
public IActionResult LinkLearningHubSso([FromQuery] LinkLearningHubRequest linkLearningHubRequest)
{
if (!ModelState.IsValid)
{
throw new LearningHubLinkingRequestException("Invalid Learning Hub request.");
}
var learningHubResourcedId = learningHubLinkService.ValidateLinkingRequestAndExtractDestinationResourceId(
linkLearningHubRequest,
HttpContext.Session.GetString(LinkLearningHubRequest.SessionIdentifierKey)
);
var delegateId = User.GetCandidateIdKnownNotNull();
var isAccountAlreadyLinked = learningHubLinkService.IsLearningHubAccountLinked(delegateId);
learningHubLinkService.LinkLearningHubAccountIfNotLinked(delegateId, linkLearningHubRequest.UserId);
var model = new LinkLearningHubViewModel(isAccountAlreadyLinked, learningHubResourcedId);
return(View("../LinkLearningHubSso", model));
}
ValidateLinkingRequestAndExtractDestinationResourceId_throws_exception_when_sessionIdentifier_does_not_match()
{
// Given
var storedSessionIdentifier = Guid.NewGuid();
var linkLearningHubRequest = new LinkLearningHubRequest
{
Hash = "valid-hash",
State = $"{Guid.NewGuid()}_refId:1234",
UserId = 12345,
};
// When
Action act = () => learningHubLinkService.ValidateLinkingRequestAndExtractDestinationResourceId(
linkLearningHubRequest,
storedSessionIdentifier.ToString()
);
// Then
act.Should().Throw <LearningHubLinkingRequestException>()
.WithMessage("Invalid Learning Hub linking session.");
}
ValidateLinkingRequestAndExtractDestinationResourceId_throws_exception_when_stored_sessionIdentifier_is_invalid()
{
// Given
var linkLearningHubRequest = new LinkLearningHubRequest
{
Hash = "valid-hash",
State = $"{Guid.NewGuid()}_refId:1234",
UserId = 12345,
};
// When
Action act = () =>
learningHubLinkService.ValidateLinkingRequestAndExtractDestinationResourceId(
linkLearningHubRequest,
"invalid-guid"
);
// Then
act.Should().Throw <LearningHubLinkingRequestException>()
.WithMessage("Invalid Learning Hub linking request session identifier.");
}
