public void SshAuthenticationExceptionConstructorTest1()
{
string message = string.Empty; // TODO: Initialize to an appropriate value
SshAuthenticationException target = new SshAuthenticationException(message);
Assert.Inconclusive("TODO: Implement code to verify target");
}
protected void Act()
{
try
{
_connectionInfo.Authenticate(_sessionMock.Object, _serviceFactoryMock.Object);
}
catch (SshAuthenticationException ex)
{
_actualException = ex;
}
}
private bool TryAuthenticate(Session session, IList <string> allowedAuthenticationMethods, IList <AuthenticationMethod> failedAuthenticationMethods, ref SshAuthenticationException authenticationException)
{
if (!allowedAuthenticationMethods.Any())
{
authenticationException = new SshAuthenticationException("No authentication methods defined on SSH server.");
return(false);
}
// we want to try authentication methods in the order in which they were
// passed in the ctor, not the order in which the SSH server returns
// the allowed authentication methods
var matchingAuthenticationMethods = AuthenticationMethods.Where(a => allowedAuthenticationMethods.Contains(a.Name)).ToList();
if (!matchingAuthenticationMethods.Any())
{
authenticationException = new SshAuthenticationException(string.Format("No suitable authentication method found to complete authentication ({0}).", string.Join(",", allowedAuthenticationMethods.ToArray())));
return(false);
}
foreach (var authenticationMethod in matchingAuthenticationMethods)
{
if (failedAuthenticationMethods.Contains(authenticationMethod))
{
continue;
}
var authenticationResult = authenticationMethod.Authenticate(session);
switch (authenticationResult)
{
case AuthenticationResult.PartialSuccess:
if (TryAuthenticate(session, authenticationMethod.AllowedAuthentications.ToList(), failedAuthenticationMethods, ref authenticationException))
{
authenticationResult = AuthenticationResult.Success;
}
break;
case AuthenticationResult.Failure:
failedAuthenticationMethods.Add(authenticationMethod);
authenticationException = new SshAuthenticationException(string.Format("Permission denied ({0}).", authenticationMethod.Name));
break;
case AuthenticationResult.Success:
authenticationException = null;
break;
}
if (authenticationResult == AuthenticationResult.Success)
{
return(true);
}
}
return(false);
}
protected override void Act()
{
try
{
ClientAuthentication.Authenticate(ConnectionInfoMock.Object, SessionMock.Object);
Assert.Fail();
}
catch (SshAuthenticationException ex)
{
_actualException = ex;
}
}
protected void Arrange()
{
_serviceFactoryMock = new Mock <IServiceFactory>(MockBehavior.Strict);
_clientAuthenticationMock = new Mock <IClientAuthentication>(MockBehavior.Strict);
_sessionMock = new Mock <ISession>(MockBehavior.Strict);
_connectionInfo = new ConnectionInfo(Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, ProxyTypes.None,
Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, Resources.PASSWORD,
new KeyboardInteractiveAuthenticationMethod(Resources.USERNAME));
_authenticationException = new SshAuthenticationException();
_serviceFactoryMock.Setup(p => p.CreateClientAuthentication()).Returns(_clientAuthenticationMock.Object);
_clientAuthenticationMock.Setup(p => p.Authenticate(_connectionInfo, _sessionMock.Object))
.Throws(_authenticationException);
}
/// <summary>
/// Authenticates the specified session.
/// </summary>
/// <param name="session">The session to be authenticated.</param>
/// <exception cref="ArgumentNullException"><paramref name="session"/> is null.</exception>
/// <exception cref="SshAuthenticationException">No suitable authentication method found to complete authentication, or permission denied.</exception>
public void Authenticate(Session session)
{
if (session == null)
{
throw new ArgumentNullException("session");
}
session.RegisterMessage("SSH_MSG_USERAUTH_FAILURE");
session.RegisterMessage("SSH_MSG_USERAUTH_SUCCESS");
session.RegisterMessage("SSH_MSG_USERAUTH_BANNER");
session.UserAuthenticationBannerReceived += Session_UserAuthenticationBannerReceived;
try
{
// the exception to report an authentication failure with
SshAuthenticationException authenticationException = null;
// try to authenticate against none
var noneAuthenticationMethod = new NoneAuthenticationMethod(this.Username);
var authenticated = noneAuthenticationMethod.Authenticate(session);
if (authenticated != AuthenticationResult.Success)
{
var failedAuthenticationMethods = new List <AuthenticationMethod>();
if (TryAuthenticate(session, noneAuthenticationMethod.AllowedAuthentications.ToList(), failedAuthenticationMethods, ref authenticationException))
{
authenticated = AuthenticationResult.Success;
}
}
this.IsAuthenticated = authenticated == AuthenticationResult.Success;
if (!IsAuthenticated)
{
throw authenticationException;
}
}
finally
{
session.UserAuthenticationBannerReceived -= Session_UserAuthenticationBannerReceived;
session.UnRegisterMessage("SSH_MSG_USERAUTH_FAILURE");
session.UnRegisterMessage("SSH_MSG_USERAUTH_SUCCESS");
session.UnRegisterMessage("SSH_MSG_USERAUTH_BANNER");
}
}
public void Authenticate(IConnectionInfoInternal connectionInfo, ISession session)
{
if (connectionInfo == null)
{
throw new ArgumentNullException("connectionInfo");
}
if (session == null)
{
throw new ArgumentNullException("session");
}
session.RegisterMessage("SSH_MSG_USERAUTH_FAILURE");
session.RegisterMessage("SSH_MSG_USERAUTH_SUCCESS");
session.RegisterMessage("SSH_MSG_USERAUTH_BANNER");
session.UserAuthenticationBannerReceived += connectionInfo.UserAuthenticationBannerReceived;
try
{
// the exception to report an authentication failure with
SshAuthenticationException authenticationException = null;
// try to authenticate against none
var noneAuthenticationMethod = connectionInfo.CreateNoneAuthenticationMethod();
var authenticated = noneAuthenticationMethod.Authenticate(session);
if (authenticated != AuthenticationResult.Success)
{
if (!TryAuthenticate(session, new AuthenticationState(connectionInfo.AuthenticationMethods), noneAuthenticationMethod.AllowedAuthentications.ToList(), ref authenticationException))
{
throw authenticationException;
}
}
}
finally
{
session.UserAuthenticationBannerReceived -= connectionInfo.UserAuthenticationBannerReceived;
session.UnRegisterMessage("SSH_MSG_USERAUTH_FAILURE");
session.UnRegisterMessage("SSH_MSG_USERAUTH_SUCCESS");
session.UnRegisterMessage("SSH_MSG_USERAUTH_BANNER");
}
}
private bool TryAuthenticate(ISession session,
AuthenticationState authenticationState,
ICollection <string> allowedAuthenticationMethods,
ref SshAuthenticationException authenticationException)
{
if (allowedAuthenticationMethods.Count == 0)
{
authenticationException = new SshAuthenticationException("No authentication methods defined on SSH server.");
return(false);
}
// we want to try authentication methods in the order in which they were
// passed in the ctor, not the order in which the SSH server returns
// the allowed authentication methods
var matchingAuthenticationMethods = authenticationState.SupportedAuthenticationMethods.Where(a => allowedAuthenticationMethods.Contains(a.Name)).ToList();
if (matchingAuthenticationMethods.Count == 0)
{
authenticationException = new SshAuthenticationException(string.Format("No suitable authentication method found to complete authentication ({0}).", string.Join(",", allowedAuthenticationMethods.ToArray())));
return(false);
}
foreach (var authenticationMethod in GetOrderedAuthenticationMethods(authenticationState, matchingAuthenticationMethods))
{
if (authenticationState.FailedAuthenticationMethods.Contains(authenticationMethod))
{
continue;
}
// when the authentication method was previously executed, then skip the authentication
// method as long as there's another authentication method to try; this is done to avoid
// a stack overflow for servers that do not update the list of allowed authentication
// methods after a partial success
if (!authenticationState.ExecutedAuthenticationMethods.Contains(authenticationMethod))
{
// update state to reflect previosuly executed authentication methods
authenticationState.ExecutedAuthenticationMethods.Add(authenticationMethod);
}
var authenticationResult = authenticationMethod.Authenticate(session);
switch (authenticationResult)
{
case AuthenticationResult.PartialSuccess:
if (TryAuthenticate(session, authenticationState, authenticationMethod.AllowedAuthentications, ref authenticationException))
{
authenticationResult = AuthenticationResult.Success;
}
break;
case AuthenticationResult.Failure:
authenticationState.FailedAuthenticationMethods.Add(authenticationMethod);
authenticationException = new SshAuthenticationException(string.Format("Permission denied ({0}).", authenticationMethod.Name));
break;
case AuthenticationResult.Success:
authenticationException = null;
break;
}
if (authenticationResult == AuthenticationResult.Success)
{
return(true);
}
}
return(false);
}
public void SshAuthenticationExceptionConstructorTest()
{
SshAuthenticationException target = new SshAuthenticationException();
Assert.Inconclusive("TODO: Implement code to verify target");
}
private bool TryAuthenticate(ISession session,
AuthenticationState authenticationState,
string[] allowedAuthenticationMethods,
ref SshAuthenticationException authenticationException)
{
if (allowedAuthenticationMethods.Length == 0)
{
authenticationException = new SshAuthenticationException("No authentication methods defined on SSH server.");
return(false);
}
// we want to try authentication methods in the order in which they were
// passed in the ctor, not the order in which the SSH server returns
// the allowed authentication methods
var matchingAuthenticationMethods = authenticationState.GetSupportedAuthenticationMethods(allowedAuthenticationMethods);
if (matchingAuthenticationMethods.Count == 0)
{
authenticationException = new SshAuthenticationException(string.Format("No suitable authentication method found to complete authentication ({0}).",
string.Join(",", allowedAuthenticationMethods)));
return(false);
}
foreach (var authenticationMethod in authenticationState.GetActiveAuthenticationMethods(matchingAuthenticationMethods))
{
// guard against a stack overlow for servers that do not update the list of allowed authentication
// methods after a partial success
if (authenticationState.GetPartialSuccessCount(authenticationMethod) >= _partialSuccessLimit)
{
// TODO Get list of all authentication methods that have reached the partial success limit?
authenticationException = new SshAuthenticationException(string.Format("Reached authentication attempt limit for method ({0}).",
authenticationMethod.Name));
continue;
}
var authenticationResult = authenticationMethod.Authenticate(session);
switch (authenticationResult)
{
case AuthenticationResult.PartialSuccess:
authenticationState.RecordPartialSuccess(authenticationMethod);
if (TryAuthenticate(session, authenticationState, authenticationMethod.AllowedAuthentications, ref authenticationException))
{
authenticationResult = AuthenticationResult.Success;
}
break;
case AuthenticationResult.Failure:
authenticationState.RecordFailure(authenticationMethod);
authenticationException = new SshAuthenticationException(string.Format("Permission denied ({0}).", authenticationMethod.Name));
break;
case AuthenticationResult.Success:
authenticationException = null;
break;
}
if (authenticationResult == AuthenticationResult.Success)
{
return(true);
}
}
return(false);
}
