public void HexDigitConvertsIntegersToHexCharsCorrectly()
{
for (int i = 0; i < 0x10; i++)
{
Assert.Equal(i.ToString("X")[0], AntiForgeryDataSerializer.HexDigit(i));
}
}
public void CanRoundTripData()
{
// Arrange
AntiForgeryDataSerializer serializer = new AntiForgeryDataSerializer
{
Decoder = value => Convert.FromBase64String(value),
Encoder = bytes => Convert.ToBase64String(bytes),
};
AntiForgeryData input = new AntiForgeryData
{
Salt = "The Salt",
Username = "******",
Value = "The Value",
CreationDate = DateTime.Now,
};
// Act
AntiForgeryData output = serializer.Deserialize(serializer.Serialize(input));
// Assert
Assert.NotNull(output);
Assert.Equal(input.Salt, output.Salt);
Assert.Equal(input.Username, output.Username);
Assert.Equal(input.Value, output.Value);
Assert.Equal(input.CreationDate, output.CreationDate);
}
public void SerializerProperty() {
// Arrange
HtmlHelper helper = GetHtmlHelperForAntiForgeryToken(null);
AntiForgeryDataSerializer newSerializer = new AntiForgeryDataSerializer();
// Act & Assert
MemberHelper.TestPropertyWithDefaultInstance(helper, "Serializer", newSerializer);
}
public void HexValueConvertsCharValuesToIntegersCorrectly()
{
for (int i = 0; i < 0x10; i++)
{
var hexChar = i.ToString("X")[0];
Assert.Equal(i, AntiForgeryDataSerializer.HexValue(hexChar));
}
}
public void SerializerProperty()
{
// Arrange
HtmlHelper helper = GetHtmlHelperForAntiForgeryToken(null);
AntiForgeryDataSerializer newSerializer = new AntiForgeryDataSerializer();
// Act & Assert
MemberHelper.TestPropertyWithDefaultInstance(helper, "Serializer", newSerializer);
}
public void SerializerProperty()
{
// Arrange
ValidateAntiForgeryTokenAttribute attribute = new ValidateAntiForgeryTokenAttribute();
AntiForgeryDataSerializer newSerializer = new AntiForgeryDataSerializer();
// Act & Assert
MemberHelper.TestPropertyWithDefaultInstance(attribute, "Serializer", newSerializer);
}
public void DeserializeThrowsIfSerializedTokenIsNull()
{
// Arrange
AntiForgeryDataSerializer serializer = new AntiForgeryDataSerializer();
// Act & assert
ExceptionHelper.ExpectArgumentExceptionNullOrEmpty(
delegate {
serializer.Deserialize(null);
}, "serializedToken");
}
public void SerializeThrowsIfTokenIsNull()
{
// Arrange
AntiForgeryDataSerializer serializer = new AntiForgeryDataSerializer();
// Act & assert
ExceptionHelper.ExpectArgumentNullException(
delegate {
serializer.Serialize(null);
}, "token");
}
public void DeserializationExceptionDoesNotContainInnerException()
{
// Arrange
AntiForgeryDataSerializer serializer = new AntiForgeryDataSerializer();
// Act & assert
HttpAntiForgeryException exception = null;
try
{
serializer.Deserialize("Can't deserialize this.");
}
catch (HttpAntiForgeryException ex)
{
exception = ex;
}
Assert.NotNull(exception);
Assert.Null(exception.InnerException);
}
public void DeserializeReturnsDeserializedToken()
{
// Arrange
Mock <IStateFormatter> mockFormatter = new Mock <IStateFormatter>();
mockFormatter.Expect(f => f.Deserialize("serialized value")).Returns(new Triplet("the salt", "the value", new DateTime(2001, 1, 1)));
AntiForgeryDataSerializer serializer = new AntiForgeryDataSerializer()
{
Formatter = mockFormatter.Object
};
// Act
AntiForgeryData token = serializer.Deserialize("serialized value");
// Assert
Assert.IsNotNull(token);
Assert.AreEqual(new DateTime(2001, 1, 1), token.CreationDate);
Assert.AreEqual("the salt", token.Salt);
Assert.AreEqual("the value", token.Value);
}
public void SerializeReturnsSerializedString()
{
// Arrange
AntiForgeryData token = new AntiForgeryData()
{
CreationDate = new DateTime(2001, 1, 1),
Salt = "the salt",
Username = "******",
Value = "the value"
};
Mock <IStateFormatter> mockFormatter = new Mock <IStateFormatter>();
mockFormatter
.Expect(f => f.Serialize(It.IsAny <object>()))
.Returns(
delegate(object state) {
object[] t = state as object[];
Assert.IsNotNull(t);
Assert.AreEqual("the salt", t[0]);
Assert.AreEqual("the value", t[1]);
Assert.AreEqual(new DateTime(2001, 1, 1), t[2]);
Assert.AreEqual("someuser", t[3]);
return("serialized value");
}
);
AntiForgeryDataSerializer serializer = new AntiForgeryDataSerializer()
{
Formatter = mockFormatter.Object
};
// Act
string serializedValue = serializer.Serialize(token);
// Assert
Assert.AreEqual("serialized value", serializedValue);
}
public void DeserializeThrowsIfFormatterThrows()
{
// Arrange
Exception innerException = new Exception();
Mock <IStateFormatter> mockFormatter = new Mock <IStateFormatter>();
mockFormatter.Expect(f => f.Deserialize("bad value")).Throws(innerException);
AntiForgeryDataSerializer serializer = new AntiForgeryDataSerializer()
{
Formatter = mockFormatter.Object
};
// Act
HttpAntiForgeryException ex = ExceptionHelper.ExpectException <HttpAntiForgeryException>(
delegate {
serializer.Deserialize("bad value");
}, "A required anti-forgery token was not supplied or was invalid.");
// Assert
Assert.AreEqual(innerException, ex.InnerException);
}
public void GuardClauses()
{
// Arrange
AntiForgeryDataSerializer serializer = new AntiForgeryDataSerializer();
// Act & assert
Assert.ThrowsArgumentNull(
() => serializer.Serialize(null),
"token"
);
Assert.ThrowsArgumentNullOrEmptyString(
() => serializer.Deserialize(null),
"serializedToken"
);
Assert.ThrowsArgumentNullOrEmptyString(
() => serializer.Deserialize(String.Empty),
"serializedToken"
);
Assert.Throws <HttpAntiForgeryException>(
() => serializer.Deserialize("Corrupted Base-64 Value"),
"A required anti-forgery token was not supplied or was invalid."
);
}
public AntiForgeryWorker()
{
Serializer = new AntiForgeryDataSerializer();
}
