public void PasswordIsOptional()
{
var usernameToken = new XElement(
_wsse + "UsernameToken",
new XElement(_wsse + "Username", "yourusername"));
var filter = new WsMessageFilter("yourusername", null);
filter.OnRequestExecuting(CreateMessage(usernameToken));
}
public void PasswordTypeTextIsComparedAsIs()
{
var usernameToken = new XElement(
_wsse + "UsernameToken",
new XElement(_wsse + "Username", "yourusername"),
new XElement(_wsse + "Password", new XAttribute("Type", _passwordText), "yourpassword"));
var filter = new WsMessageFilter("yourusername", "yourpassword");
filter.OnRequestExecuting(CreateMessage(usernameToken));
}
public void IncorrectCredentialsNotAuthrorized()
{
var usernameToken = new XElement(
_wsse + "UsernameToken",
new XElement(_wsse + "Username", "INVALID_USERNAME"),
new XElement(_wsse + "Password", "INAVLID_PASSWORD"));
var filter = new WsMessageFilter("yourusername", "yourpassword");
filter.OnRequestExecuting(CreateMessage(usernameToken));
}
public void CreatedCantBePresentWithoutNonce()
{
var usernameToken = new XElement(
_wsse + "UsernameToken",
new XElement(_wsse + "Username", "yourusername"),
new XElement(_wsse + "Password", "yourpassword"),
new XElement(_wsu + "Created", "2003-07-16T01:24:32Z"));
var filter = new WsMessageFilter("yourusername", "yourpassword");
filter.OnRequestExecuting(CreateMessage(usernameToken));
}
public void NonceCantBePresentWithoutCreated()
{
var usernameToken = new XElement(
_wsse + "UsernameToken",
new XElement(_wsse + "Username", "yourusername"),
new XElement(_wsse + "Password", "yourpassword"),
new XElement(_wsse + "Nonce", ToBase64String(Guid.NewGuid().ToByteArray())));
var filter = new WsMessageFilter("yourusername", "yourpassword");
filter.OnRequestExecuting(CreateMessage(usernameToken));
}
public void IncorrectPasswordNotAuthorizedAgainstDigest()
{
var usernameToken = new XElement(
_wsse + "UsernameToken",
new XElement(_wsse + "Username", "yourusername"),
new XElement(_wsse + "Password", new XAttribute("Type", _passwordDigest), "U1GjAqli//AHdFxRZUbVeJYz6GA="),
new XElement(_wsse + "Nonce", "l//4xNUs0LzslTkEA/Ch1Q=="),
new XElement(_wsu + "Created", "2020-03-06T19:58:28.134Z"));
var filter = new WsMessageFilter("yourusername", "IncorrectPassword");
filter.OnRequestExecuting(CreateMessage(usernameToken));
}
public void InvalidNonceIsNotAuthorizedEvenInCleartext()
{
var notBase64Encoded = "!@#$%^&*()_+";
var usernameToken = new XElement(
_wsse + "UsernameToken",
new XElement(_wsse + "Username", "yourusername"),
new XElement(_wsse + "Password", "yourpassword"),
new XElement(_wsse + "Nonce", notBase64Encoded),
new XElement(_wsu + "Created", "2020-03-06T19:58:28.134Z"));
var filter = new WsMessageFilter("yourusername", "yourpassword");
filter.OnRequestExecuting(CreateMessage(usernameToken));
}
public void PasswordInDigestIsDecoded()
{
var clearTextPassword = "******";
var passwordDigest = ToBase64String(SHA1.Create().ComputeHash(UTF8.GetBytes(clearTextPassword)));
var usernameToken = new XElement(
_wsse + "UsernameToken",
new XElement(_wsse + "Username", "yourusername"),
new XElement(
_wsse + "Password",
new XAttribute("Type", _passwordDigest),
new XText(passwordDigest)));
var filter = new WsMessageFilter("yourusername", clearTextPassword);
filter.OnRequestExecuting(CreateMessage(usernameToken));
}
