public void AuthExpiredRequestIdAreClearedFromCache() { Dictionary <string, string> GenerateAuthParameters() { return(new Dictionary <string, string> { { "awsAccessKeyId", "accessKey" }, { "awsSecretKey", "secretKey" }, { "requestId", Guid.NewGuid().ToString() }, { "issueDate", DateTime.UtcNow.ToString("yyyy-MM-dd'T'HH:mm:ss.fffzzz", DateTimeFormatInfo.InvariantInfo) } }); } var request1 = GenerateAuthParameters(); AwsCredentialsAuthenticationHandler.ValidateAuthParameters(request1); Assert.Contains(request1["requestId"], AwsCredentialsAuthenticationHandler.ProcessRequestIds); var request2 = GenerateAuthParameters(); AwsCredentialsAuthenticationHandler.ValidateAuthParameters(request2); Assert.Contains(request1["requestId"], AwsCredentialsAuthenticationHandler.ProcessRequestIds); Assert.Contains(request2["requestId"], AwsCredentialsAuthenticationHandler.ProcessRequestIds); Thread.Sleep(AwsCredentialsAuthenticationHandler.MaxIssueDateDuration.Add(TimeSpan.FromSeconds(3))); var request3 = GenerateAuthParameters(); AwsCredentialsAuthenticationHandler.ValidateAuthParameters(request3); Assert.DoesNotContain(request1["requestId"], AwsCredentialsAuthenticationHandler.ProcessRequestIds); Assert.DoesNotContain(request2["requestId"], AwsCredentialsAuthenticationHandler.ProcessRequestIds); Assert.Contains(request3["requestId"], AwsCredentialsAuthenticationHandler.ProcessRequestIds); }
public void AuthMissingRequestId() { var authParameters = new Dictionary <string, string> { { "awsAccessKeyId", "accessKey" }, { "awsSecretKey", "secretKey" }, { "issueDate", DateTime.UtcNow.ToString("yyyy-MM-dd'T'HH:mm:ss.fffzzz", DateTimeFormatInfo.InvariantInfo) } }; var results = AwsCredentialsAuthenticationHandler.ValidateAuthParameters(authParameters); Assert.False(results.Succeeded); Assert.Equal($"Authorization header missing {AwsCredentialsAuthenticationHandler.ClaimAwsRequestId} property", results.Failure.Message); }
public void AuthAttemptReplayRequestId() { var authParameters = new Dictionary <string, string> { { "awsAccessKeyId", "accessKey" }, { "awsSecretKey", "secretKey" }, { "requestId", Guid.NewGuid().ToString() }, { "issueDate", DateTime.UtcNow.ToString("yyyy-MM-dd'T'HH:mm:ss.fffzzz", DateTimeFormatInfo.InvariantInfo) } }; var results = AwsCredentialsAuthenticationHandler.ValidateAuthParameters(authParameters); Assert.Null(results); results = AwsCredentialsAuthenticationHandler.ValidateAuthParameters(authParameters); Assert.False(results.Succeeded); Assert.Equal($"Value for authorization header has already been used", results.Failure.Message); }