public void TryParseLoginToken_ReturnsExpectedClaims() { // Arrange MobileAppAuthenticationOptions options = new MobileAppAuthenticationOptions(); options.SigningKey = "SOME_SIGNING_KEY"; // SkipTokenSignatureValidation defaults to false JwtSecurityToken token = GetTestToken(options.SigningKey); // Act ClaimsPrincipal claimsPrincipal; bool result = this.handlerMock.TryParseLoginToken(token.RawData, options, out claimsPrincipal); // Assert Assert.True(result); MobileAppUser user = this.tokenHandler.CreateServiceUser((ClaimsIdentity)claimsPrincipal.Identity, token.RawData); Assert.Equal("Facebook:1234", user.Id); Assert.True(user.Identity.IsAuthenticated); Claim[] claims = user.Claims.ToArray(); Assert.Equal(8, claims.Length); Assert.Equal("Frank", claims.Single(p => p.Type == ClaimTypes.GivenName).Value); Assert.Equal("Miller", claims.Single(p => p.Type == ClaimTypes.Surname).Value); Assert.Equal("Admin", claims.Single(p => p.Type == ClaimTypes.Role).Value); Assert.Equal("Facebook:1234", claims.Single(p => p.Type == "uid").Value); Assert.Equal("MyClaimValue", claims.Single(p => p.Type == "my_custom_claim").Value); }
public void TryParseLoginToken_NoTokenValidation_ReturnsExpectedClaims() { // Arrange Mock <MobileAppTokenHandler> tokenHandlerMock = new Mock <MobileAppTokenHandler>(this.config); MobileAppAuthenticationHandlerMock authHandlerMock = new MobileAppAuthenticationHandlerMock(this.loggerMock.Object, tokenHandlerMock.Object); MobileAppAuthenticationOptions skipOptions = new MobileAppAuthenticationOptions(); skipOptions.SigningKey = "SOME_SIGNING_KEY"; skipOptions.SkipTokenSignatureValidation = true; JwtSecurityToken skipToken = GetTestToken("SOME_OTHER_KEY"); // Act ClaimsPrincipal skipClaimsPrincipal; bool skipResult = authHandlerMock.TryParseLoginToken(skipToken.RawData, skipOptions, out skipClaimsPrincipal); // Assert tokenHandlerMock.Verify(h => h.TryValidateLoginToken(It.IsAny <string>(), It.IsAny <string>(), out skipClaimsPrincipal), Times.Never); Assert.True(skipResult); MobileAppUser user = this.tokenHandler.CreateServiceUser((ClaimsIdentity)skipClaimsPrincipal.Identity, skipToken.RawData); Assert.Equal("Facebook:1234", user.Id); Assert.True(user.Identity.IsAuthenticated); Claim[] claims = user.Claims.ToArray(); Assert.Equal(8, claims.Length); Assert.Equal("Frank", claims.Single(p => p.Type == ClaimTypes.GivenName).Value); Assert.Equal("Miller", claims.Single(p => p.Type == ClaimTypes.Surname).Value); Assert.Equal("Admin", claims.Single(p => p.Type == ClaimTypes.Role).Value); Assert.Equal("Facebook:1234", claims.Single(p => p.Type == "uid").Value); Assert.Equal("MyClaimValue", claims.Single(p => p.Type == "my_custom_claim").Value); }
private TestServer CreateTestServer(HttpConfiguration config, bool skipTokenSignatureValidation) { config.MapHttpAttributeRoutes(); new MobileAppConfiguration() .MapApiControllers() .AddTables( new MobileAppTableConfiguration() .MapTableControllers()) .ApplyTo(config); // setup test authorization config values IMobileAppSettingsProvider settingsProvider = config.GetMobileAppSettingsProvider(); var settings = settingsProvider.GetMobileAppSettings(); settings.SigningKey = "signing_key"; return(TestServer.Create((appBuilder) => { MobileAppAuthenticationOptions options = new MobileAppAuthenticationOptions() { SigningKey = settings.SigningKey, SkipTokenSignatureValidation = skipTokenSignatureValidation }; appBuilder.UseMobileAppAuthentication(options, config.GetMobileAppTokenHandler()); appBuilder.UseWebApi(config); })); }
public void UseMobileAppAuthentication_ConfiguresServiceAuthentication_WhenAuthEnabled() { // Arrange MobileAppConfiguration configOptions = new MobileAppConfiguration(); this.config.SetMobileAppConfiguration(configOptions); MobileAppAuthenticationOptions options = null; this.appBuilderMock.Setup(a => a.Properties) .Returns(new Dictionary <string, object> { { "integratedpipeline.StageMarker", (Action <IAppBuilder, string>)((app, stageName) => { }) } }); this.appBuilderMock.Setup(p => p.Use(It.IsAny <object>(), It.IsAny <object[]>())) .Callback <object, object[]>((mockObject, mockArgs) => { options = (MobileAppAuthenticationOptions)mockArgs[1]; }) .Returns(this.appBuilder) .Verifiable(); // Act this.appBuilder.UseMobileAppAuthentication(this.config); // Assert // We expect three pieces of middleware to be added this.appBuilderMock.Verify(p => p.Use(It.IsAny <object>(), It.IsAny <object[]>()), Times.Once); Assert.Equal("Service", options.Realm); Assert.Equal("MobileApp", options.AuthenticationType); }
/// <summary> /// Gets the <see cref="MobileAppAuthenticationOptions" /> that will be used by the <see cref="MobileAppAuthenticationHandler"/>./> /// </summary> /// <returns>The <see cref="MobileAppAuthenticationOptions" /> to use.</returns> private static MobileAppAuthenticationOptions GetMobileAppAuthenticationOptions(HttpConfiguration config, AuthenticationMode mode) { IMobileAppSettingsProvider settingsProvider = config.GetMobileAppSettingsProvider(); MobileAppSettingsDictionary settings = settingsProvider.GetMobileAppSettings(); MobileAppAuthenticationOptions serviceOptions = new MobileAppAuthenticationOptions { AuthenticationMode = mode, SigningKey = settings.SigningKey }; return(serviceOptions); }
public static IAppBuilder UseMobileAppAuthentication(this IAppBuilder appBuilder, HttpConfiguration config, AuthenticationMode mode = AuthenticationMode.Active) { if (appBuilder == null) { throw new ArgumentNullException("appBuilder"); } if (config == null) { throw new ArgumentNullException("config"); } // Add the service authentication middleware MobileAppAuthenticationOptions serviceOptions = GetMobileAppAuthenticationOptions(config, mode); IMobileAppTokenHandler tokenHandler = config.GetMobileAppTokenHandler(); appBuilder.UseMobileAppAuthentication(serviceOptions, tokenHandler); return(appBuilder); }
public void Authenticate_CorrectlyAuthenticates(MobileAppAuthenticationOptions options, bool expectAuthenticated) { // Arrange var mock = new MobileAppAuthenticationHandlerMock(this.loggerMock.Object, this.tokenHandler); var request = CreateAuthRequest("signing_key"); request.User = new ClaimsPrincipal(); // Act mock.Authenticate(request, options); // Assert if (expectAuthenticated) { Assert.NotNull(request.User.Identity); Assert.True(request.User.Identity.IsAuthenticated); Assert.IsType(typeof(MobileAppUser), request.User); } else { Assert.Null(request.User); } }
public new bool TryParseLoginToken(string token, MobileAppAuthenticationOptions options, out ClaimsPrincipal claimsPrincipal) { return(base.TryParseLoginToken(token, options, out claimsPrincipal)); }
public new AuthenticationTicket Authenticate(IOwinRequest request, MobileAppAuthenticationOptions options) { return(base.Authenticate(request, options)); }
public void TryParseLoginToken_ReturnsSameClaimsIdentity_WhetherValidatingTokensOrNot() { // Arrange MobileAppAuthenticationOptions options = new MobileAppAuthenticationOptions(); options.SigningKey = "SOME_SIGNING_KEY"; // SkipTokenSignatureValidation defaults to false JwtSecurityToken token = GetTestToken(options.SigningKey); MobileAppAuthenticationOptions skipOptions = new MobileAppAuthenticationOptions(); skipOptions.SigningKey = "SOME_SIGNING_KEY"; skipOptions.SkipTokenSignatureValidation = true; JwtSecurityToken skipToken = GetTestToken("SOME_OTHER_KEY"); // Act ClaimsPrincipal claimsPrincipal; this.handlerMock.TryParseLoginToken(token.RawData, options, out claimsPrincipal); Assert.True(claimsPrincipal.Identity.IsAuthenticated); ClaimsPrincipal skipClaimsPrincipal; this.handlerMock.TryParseLoginToken(skipToken.RawData, skipOptions, out skipClaimsPrincipal); Assert.True(claimsPrincipal.Identity.IsAuthenticated); // Assert ClaimsIdentity claimsIdentity = (ClaimsIdentity)claimsPrincipal.Identity; ClaimsIdentity skipClaimsIdentity = (ClaimsIdentity)skipClaimsPrincipal.Identity; Assert.Equal(claimsIdentity.Actor, skipClaimsIdentity.Actor); Assert.Equal(claimsIdentity.AuthenticationType, skipClaimsIdentity.AuthenticationType); Assert.Equal(claimsIdentity.BootstrapContext, skipClaimsIdentity.BootstrapContext); Assert.Equal(claimsIdentity.IsAuthenticated, skipClaimsIdentity.IsAuthenticated); Assert.Equal(claimsIdentity.Label, skipClaimsIdentity.Label); Assert.Equal(claimsIdentity.Name, skipClaimsIdentity.Name); Assert.Equal(claimsIdentity.NameClaimType, skipClaimsIdentity.NameClaimType); Assert.Equal(claimsIdentity.RoleClaimType, skipClaimsIdentity.RoleClaimType); Assert.Equal(claimsIdentity.Claims.Count(), skipClaimsIdentity.Claims.Count()); Claim[] claims = claimsIdentity.Claims.OrderBy(c => c.Type).ToArray(); Claim[] skipClaims = skipClaimsIdentity.Claims.OrderBy(c => c.Type).ToArray(); for (int i = 0; i < claims.Length; i++) { Claim claim = claims[i]; Claim skipClaim = skipClaims[i]; Assert.Equal(claim.Type, skipClaim.Type); Assert.Equal(claim.Issuer, skipClaim.Issuer); Assert.Equal(claim.OriginalIssuer, skipClaim.OriginalIssuer); Assert.Equal(claim.Subject, claimsIdentity); Assert.Equal(skipClaim.Subject, skipClaimsIdentity); Assert.Equal(claim.ValueType, skipClaim.ValueType); Assert.Equal(claim.Properties.Count, skipClaim.Properties.Count); if (claim.Type == "nbf") { // nbf can be slightly off int claimNbf = Int32.Parse(claim.Value); int skipClaimNbf = Int32.Parse(skipClaim.Value); Assert.True(Math.Abs(claimNbf - skipClaimNbf) < 10); } else { Assert.Equal(claim.Value, skipClaim.Value); } } }
/// <summary> /// Adds authentication using the built-in <see cref="MobileAppAuthenticationMiddleware"/> authentication model. /// </summary> /// <param name="appBuilder">The <see cref="IAppBuilder"/> passed to the configuration method.</param> /// <param name="options">Middleware configuration options.</param> /// <param name="tokenHandler">An <see cref="MobileAppTokenHandler"/> instance.</param> /// <returns>The updated <see cref="IAppBuilder"/>.</returns> public static IAppBuilder UseMobileAppAuthentication(this IAppBuilder appBuilder, MobileAppAuthenticationOptions options, IMobileAppTokenHandler tokenHandler) { if (appBuilder == null) { throw new ArgumentNullException("appBuilder"); } if (options == null) { throw new ArgumentNullException("options"); } appBuilder.Use(typeof(MobileAppAuthenticationMiddleware), new object[] { appBuilder, options, tokenHandler }); return(appBuilder); }
public void SkipTokenSignatureValidation_DefaultsFalse() { var opt = new MobileAppAuthenticationOptions(); Assert.False(opt.SkipTokenSignatureValidation); }
public MobileAppAuthenticationOptionsTests() { this.options = new MobileAppAuthenticationOptions(); this.options.SigningKey = SigningKey; }