public void AuthorizationSimple() { PvpApplicationLdapAuthorizer authorizer = new PvpApplicationLdapAuthorizer("http://test.rubicon-it.com", @"egora1"); Assert.IsNotNull(authorizer); Assert.IsTrue(authorizer.IsValid); var fragment = authorizer.UserPrincipalSoapFragment; var ns = new XmlNamespaceManager(new NameTable()); ns.AddNamespace("pvp", PvpToken.PvpTokenNamespace); var userId = fragment.SelectSingleNode("//pvp:userId", ns); Assert.AreEqual("*****@*****.**", userId.InnerText); Assert.AreEqual("*****@*****.**", authorizer.Mail, "MailAddress"); Assert.AreEqual("&<>\"'ZMR-Behoerdenabfrage_(&GKZ=&1234)", authorizer.Roles, "Roles"); Assert.AreEqual("Vienna", authorizer.CostCenterId); Assert.AreEqual("egora/Development", authorizer.ChargeCode); Assert.AreEqual(600, authorizer.AuthorizationTimeToLive, "TimeToLive"); Assert.AreEqual( "<role value=\"&<>"'ZMR-Behoerdenabfrage_\">\n<param>\n<key>&GKZ</key><value>&1234</value>\n</param>\n</role>", authorizer.GetPvpToken().RoleAttribute.GetXmlPart(), "SoapRoles"); Assert.IsTrue(authorizer.GetAttributeValue(PvpAttributes.X_AUTHENTICATE_cn).EndsWith(" through formatter")); Assert.AreEqual("1.8", authorizer.Version); }
public void AuthorizationRecursive() { PvpApplicationLdapAuthorizer authorizer = new PvpApplicationLdapAuthorizer("http://testr.rubicon-it.com", @"rubicon\egora2"); Assert.AreEqual("1.9", authorizer.Version); Assert.IsNotNull(authorizer); Assert.IsTrue(authorizer.IsValid); Assert.AreEqual("*****@*****.**", authorizer.Mail, "MailAddress"); Assert.AreEqual("EineRolle;TestRolle", authorizer.Roles, "Roles"); Assert.AreEqual( "canonical int.rubicon-it.com/Development/egora/egora Zwei", authorizer.Ou, "with format."); Assert.AreEqual(500, authorizer.AuthorizationTimeToLive, "TimeToLive"); string outerXml = authorizer.UserPrincipalSoapFragment.OuterXml; Assert.IsTrue(outerXml.StartsWith("<pvpToken version=\"1.9\" xmlns=\"http://egov.gv.at/pvp1.xsd\"><authenticate><participantId>Max.Mustermann</participantId>")); string userPrincipal = outerXml.Substring(outerXml.IndexOf("<userPrincipal>")); Assert.IsTrue(userPrincipal.Contains("<userId>[email protected]</userId>")); Assert.IsTrue(userPrincipal.Contains("<cn>egora Zwei</cn>")); Assert.IsTrue(userPrincipal.Contains("<ou>canonical int.rubicon-it.com/Development/egora/egora Zwei</ou>")); Assert.IsTrue(userPrincipal.Contains("<mail>[email protected]</mail>")); Assert.IsTrue(userPrincipal.Contains("<tel>Wien, DW 0815</tel>")); string authorize = outerXml.Substring(outerXml.IndexOf("<authorize>")); Assert.IsTrue(authorize.Contains("<role value=\"TestRolle\"></role>")); }
public void OuPathSourceTest() { PvpApplicationLdapAuthorizer authorizer = new PvpApplicationLdapAuthorizer("http://test.rubicon-it.com", @"rubicon\bmi-pvp-user-1"); Assert.AreEqual("Vienna", authorizer.GetAttributeValue(PvpAttributes.COST_CENTER_ID)); }
public void OuPathFormatterTest() { PvpApplicationLdapAuthorizer authorizer = new PvpApplicationLdapAuthorizer("http://test.rubicon-it.com", @"rubicon\bmi-pvp-user-1"); Assert.AreEqual("ServiceUser/egora/Development", authorizer.GetAttributeValue(PvpAttributes.CHARGE_CODE)); }
public void AdditionalAttribute() { PvpApplicationLdapAuthorizer authorizer = new PvpApplicationLdapAuthorizer("http://test.rubicon-it.com", @"egora.drei"); Assert.AreEqual("egora Drei through formatter", authorizer.GetAttributeValue(PvpAttributes.X_AUTHENTICATE_cn)); }
private void GetAllUsers(string ldapBase, bool showOnlyUserWithRole) { List <PvpApplicationLdapAuthorizer> authorizers = new List <PvpApplicationLdapAuthorizer>(); string urls = AppConfig.WebUrls; if (String.IsNullOrEmpty(urls)) { urls = AppConfig.SoapUrls; } if (!String.IsNullOrEmpty(urls)) { SearchResultCollection allUsers = GetUsers(UserNameFilterTextBox.Text, ldapBase); foreach (SearchResult userResult in allUsers) { DirectoryEntry user = userResult.GetDirectoryEntry(); string userId = user.Properties["sAMAccountName"].Value.ToString(); PvpApplicationLdapAuthorizer authorizer = new PvpApplicationLdapAuthorizer(urls, userId); string roles = authorizer.Roles; if (!(showOnlyUserWithRole && String.IsNullOrEmpty(roles))) { authorizers.Add(authorizer); } } } authorizers.Sort(new Comparison <PvpApplicationLdapAuthorizer>(CompareAuthorizer)); AuthorizationGrid.DataSource = authorizers; AuthorizationGrid.DataBind(); }
public void AuthorizationSimpleNoRole() { PvpApplicationLdapAuthorizer authorizer = new PvpApplicationLdapAuthorizer("http://testrole.rubicon-it.com", @"rubicon\peter.grassnigg"); Assert.IsNotNull(authorizer); Assert.IsFalse(authorizer.IsValid); }
public void NoApplication() { PvpApplicationLdapAuthorizer authorizer = new PvpApplicationLdapAuthorizer("dummy", "dummy"); Assert.IsNotNull(authorizer); Assert.IsFalse(authorizer.IsValid); Assert.IsFalse(authorizer.IsWeb); Assert.IsFalse(authorizer.IsSoap); }
public void NoPvpAttribute() { PvpApplicationLdapAuthorizer authorizer = new PvpApplicationLdapAuthorizer("http://noattribute.test", "egora2"); Assert.IsNotNull(authorizer); Assert.AreEqual("*****@*****.**", authorizer.Mail); Assert.IsTrue(authorizer.IsValid); Assert.IsTrue(authorizer.IsWeb); Assert.IsFalse(authorizer.IsSoap); }
public void AuthorizationSimpleMustHaveRole() { PvpApplicationLdapAuthorizer authorizer = new PvpApplicationLdapAuthorizer("http://testrole.rubicon-it.com", @"rubicon\werner.kugler"); Assert.IsNotNull(authorizer); Assert.IsNotNull(authorizer.User); Assert.IsNotNull(authorizer.Roles); Assert.Greater(authorizer.Roles.Length, 0); Assert.IsTrue(authorizer.IsValid); }
public void NoAuthorizationRecursive() { PvpApplicationLdapAuthorizer authorizer = new PvpApplicationLdapAuthorizer("http://testnr.rubicon-it.com", @"egora.drei"); Assert.IsNotNull(authorizer); Assert.IsTrue(authorizer.IsValid); Assert.AreEqual("*****@*****.**", authorizer.Mail, "MailAddress"); Assert.IsNull(authorizer.Roles, "Roles"); Assert.AreEqual("Test", authorizer.Ou, "OU"); }
public void FixedRoleAttribute() { PvpApplicationLdapAuthorizer authorizer = new PvpApplicationLdapAuthorizer("https://dummy.com/fixedrole/", "egora2"); Assert.IsNotNull(authorizer); Assert.AreEqual("*****@*****.**", authorizer.Mail); Assert.IsTrue(authorizer.IsValid); Assert.IsFalse(authorizer.IsWeb); Assert.IsTrue(authorizer.IsSoap); Assert.That(authorizer.Roles, Is.EqualTo("FixedRole(param=val)")); var chainedToken = authorizer.GetPvpToken().GetChainedSoapFragment(); }
public CustomAuthorization GetAuthorization(string rootUrl, string userId) { var file = Path.Combine(Server.MapPath("~"), "ConfigurationFixed.xml"); LdapConfiguration configuration = LdapConfiguration.GetConfiguration(file); rootUrl = rootUrl.ToLowerInvariant(); PvpApplicationLdapAuthorizer authorizer = new PvpApplicationLdapAuthorizer(rootUrl, userId, configuration); if (!authorizer.IsValid) { return(CustomAuthorization.NoAuthorization); } CustomAuthorization auth = new CustomAuthorization(); auth.TimeToLive = authorizer.AuthorizationTimeToLive; auth.PvpVersion = authorizer.Version; var dummy = authorizer.GvGID; var chainedToken = authorizer.GetPvpToken().GetChainedSoapFragment(); var token = String.Format( @"<pvpToken version=""{0}"" xmlns=""http://egov.gv.at/pvp1.xsd""> <authenticate> <participantId>{1}</participantId> <systemPrincipal> <userId>egovstar.appserv1.intra.xyz.gv.at</userId> <cn>Anwendung 1 Register-Interface</cn> <gvOuId>AT:L6:4711</gvOuId> <ou>Fachabteilung 1B Informationstechnik</ou> <gvOuID>{2}</gvOuID> <gvSecClass>{3}</gvSecClass> </systemPrincipal> </authenticate> <authorize> <role value=""Registerabfrage""></role> </authorize> {4} </pvpToken>", authorizer.Version, authorizer.ParticipantID, authorizer.GvOuID, authorizer.GvSecClass, chainedToken.OuterXml); XmlDocument doc = new XmlDocument(); doc.LoadXml(token); auth.SoapHeaderXmlFragment = doc.DocumentElement; return(auth); }
public CustomAuthorization GetAuthorization(string rootUrl, string userId) { LdapConfiguration configuration = LdapConfiguration.GetConfiguration(); rootUrl = rootUrl.ToLowerInvariant(); PvpApplicationLdapAuthorizer authorizer = new PvpApplicationLdapAuthorizer(rootUrl, userId, configuration); if (!authorizer.IsValid) { return(null); } CustomAuthorization auth = new CustomAuthorization(); auth.TimeToLive = authorizer.AuthorizationTimeToLive; auth.PvpVersion = authorizer.Version; if (authorizer.IsWeb) { if (rootUrl.Contains("assertion")) { auth.SoapHeaderXmlFragment = authorizer.GetPvpToken().GetSamlAttributeStatement(); } else { List <HttpHeader> headers = authorizer.GetPvpToken().GetHeaders(); auth.HttpHeaders = headers.ToArray(); } } else if (authorizer.IsSoap) { auth.SoapHeaderXmlFragment = authorizer.UserPrincipalSoapFragment; } else { auth = CustomAuthorization.NoAuthorization; } return(auth); }
private int CompareAuthorizer(PvpApplicationLdapAuthorizer one, PvpApplicationLdapAuthorizer other) { return(String.Compare(one.CommonName, other.CommonName, StringComparison.InvariantCultureIgnoreCase)); }