public void EnsureGetDomainHintReturnsConsumersForNonTenant() { ClaimsPrincipal principal = ClaimsPrincipalFactory.FromTenantIdAndObjectId(TestConstants.MsaTenantId, TestConstants.ObjectId); string domainHint = principal.GetDomainHint(); Assert.AreEqual <string>("consumers", domainHint); }
public void Unprotecting_Ticket_With_Invalid_JWT_Throws_SecurityException() { // Arrange var ticketFormat = TicketFormat(); var authProps = new AuthenticationProperties(); authProps.StoreTokens(new[] { new AuthenticationToken() { Name = "jwt", Value = "Evil Token" } }); var encryptedString = ticketFormat.Protect( new AuthenticationTicket( ClaimsPrincipalFactory.CreatePrincipal(new[] { new Claim(ClaimTypes.GivenName, "Blah") }), authProps, "Cookies")); // Act & assert Assert.Null(ticketFormat.Unprotect(encryptedString)); }
public void FromTenantIdAndObjectId_NullParameters_ThrowsException() { var objectId = "objectId"; var tenantId = "tenantId"; Assert.Throws <ArgumentNullException>("value", () => ClaimsPrincipalFactory.FromTenantIdAndObjectId(tenantId, null)); Assert.Throws <ArgumentNullException>("value", () => ClaimsPrincipalFactory.FromTenantIdAndObjectId(null, objectId)); }
public void EnsureGetLoginHintIsNullWithSimpleClaimsPrincipal() { ClaimsPrincipal principal = ClaimsPrincipalFactory.FromTenantIdAndObjectId(TestConstants.TenantId, TestConstants.ObjectId); string loginHint = principal.GetLoginHint(); Assert.IsNull(loginHint); }
public void EnsureGetDisplayNameIsNullWithSimpleClaimsPrincipal() { ClaimsPrincipal principal = ClaimsPrincipalFactory.FromTenantIdAndObjectId(TestConstants.TenantId, TestConstants.ObjectId); string displayName = principal.GetDisplayName(); Assert.IsNull(displayName); }
public void EnsureGetTenantIdReturnsProperValue() { ClaimsPrincipal principal = ClaimsPrincipalFactory.FromTenantIdAndObjectId(TestConstants.TenantId, TestConstants.ObjectId); string tenantId = principal.GetTenantId(); Assert.AreEqual <string>(TestConstants.TenantId, tenantId); }
public void FromTenantIdAndObjectId_ValidParameters_ReturnsClaimsPrincipal() { var claimsIdentityResult = ClaimsPrincipalFactory.FromTenantIdAndObjectId(TestConstants.Utid, TestConstants.Uid).Identity as ClaimsIdentity; Assert.NotNull(claimsIdentityResult); Assert.Equal(2, claimsIdentityResult.Claims.Count()); Assert.Equal(TestConstants.Uid, claimsIdentityResult.FindFirst(ClaimConstants.UniqueObjectIdentifier)?.Value); Assert.Equal(TestConstants.Utid, claimsIdentityResult.FindFirst(ClaimConstants.UniqueTenantIdentifier)?.Value); }
public void FromTenantIdAndObjectId_ValidParameters_ReturnsClaimsPrincipal() { var claimsIdentityResult = ClaimsPrincipalFactory.FromTenantIdAndObjectId(_tenantId, _objectId).Identity as ClaimsIdentity; Assert.NotNull(claimsIdentityResult); Assert.Equal(2, claimsIdentityResult.Claims.Count()); Assert.Equal(_objectId, claimsIdentityResult.FindFirst(ClaimConstants.Oid)?.Value); Assert.Equal(_tenantId, claimsIdentityResult.FindFirst(ClaimConstants.Tid)?.Value); }
// Get information about the changed messages and send to browser via SignalR. // A production application would typically queue a background job for reliability. private async Task GetChangedMessagesAsync(IEnumerable <ChangeNotification> notifications) { List <NotificationViewModel> notificationsToDisplay = new List <NotificationViewModel>(); foreach (var notification in notifications) { SubscriptionStore subscription = subscriptionStore.GetSubscriptionInfo(notification.SubscriptionId.Value); // Set the claims for ObjectIdentifier and TenantId, and // use the above claims for the current HttpContext if (!string.IsNullOrEmpty(subscription.UserId)) { HttpContext.User = ClaimsPrincipalFactory.FromTenantIdAndObjectId(subscription.TenantId, subscription.UserId); } if (notification.Resource.Contains("/message", StringComparison.InvariantCultureIgnoreCase)) { // Initialize the GraphServiceClient. var graphClient = await GraphServiceClientFactory.GetAuthenticatedGraphClient(appSettings.Value.BaseUrlWithoutVersion, async() => { return(await tokenAcquisition.GetAccessTokenForAppAsync($"{appSettings.Value.BaseUrlWithoutVersion}/.default")); }); var request = new MessageRequest(graphServiceClient.BaseUrl + "/" + notification.Resource, string.IsNullOrEmpty(subscription.UserId) ? graphClient : graphServiceClient, null); try { var responseValue = await request.GetAsync(); notificationsToDisplay.Add(new NotificationViewModel(new { From = responseValue?.From?.EmailAddress?.Address, responseValue?.Subject, SentDateTime = responseValue?.SentDateTime.HasValue ?? false ? responseValue?.SentDateTime.Value.ToString() : string.Empty, To = responseValue?.ToRecipients?.Select(x => x.EmailAddress.Address)?.ToList(), })); } catch (ServiceException se) { string errorMessage = se.Error.Message; string requestId = se.Error.InnerError?.AdditionalData["request-id"]?.ToString(); string requestDate = se.Error.InnerError?.AdditionalData["date"]?.ToString(); logger.LogError($"RetrievingMessages: { errorMessage } Request ID: { requestId } Date: { requestDate }"); } } else { notificationsToDisplay.Add(new NotificationViewModel(notification.Resource)); } } if (notificationsToDisplay.Count > 0) { await notificationService.SendNotificationToClient(notificationHub, notificationsToDisplay); } }
public void ValidateFromTenantIdAndObjectIdHaveExpectedClaims() { ClaimsPrincipal principal = ClaimsPrincipalFactory.FromTenantIdAndObjectId(TestConstants.TenantId, TestConstants.ObjectId); Assert.IsTrue(principal.HasClaim(x => x.Type == "tid")); Assert.IsTrue(principal.HasClaim(x => x.Type == "oid")); var tidClaim = principal.FindFirst("tid"); var oidClaim = principal.FindFirst("oid"); Assert.AreEqual <string>(TestConstants.TenantId, tidClaim.Value); Assert.AreEqual <string>(TestConstants.ObjectId, oidClaim.Value); }
public TokenWithClaimsPrincipal GenerateAccessTokenWithClaimsPrincipal(string userName, IEnumerable <Claim> userClaims) { var userClaimList = userClaims.ToList(); var accessToken = this.GenerateAccessToken(userName, userClaimList); return(new TokenWithClaimsPrincipal() { AccessToken = accessToken, ClaimsPrincipal = ClaimsPrincipalFactory.CreatePrincipal( MergeUserClaimsWithDefaultClaims(userName, userClaimList)), AuthProperties = CreateAuthProperties(accessToken) }); }
public void Unprotecting_Ticket_With_Empty_AuthProps_Throws_ArgumentNullException() { // Arrange var ticketFormat = TicketFormat(); var encryptedString = ticketFormat.Protect( new AuthenticationTicket( ClaimsPrincipalFactory.CreatePrincipal(new[] { new Claim(ClaimTypes.GivenName, "Blah") }), new AuthenticationProperties(), "Cookies")); // Act & assert Assert.Null(ticketFormat.Unprotect(encryptedString)); }
public async Task CreateUserAsync_should_transform_array_claims() { var accessorMock = new Mock <IAccessTokenProviderAccessor>(); var loggerMock = new Mock <ILogger <ClaimsPrincipalFactory> >(); var sut = new ClaimsPrincipalFactory(accessorMock.Object, loggerMock.Object); var user = await sut.CreateUserAsync(new RemoteUserAccount { AdditionalProperties = new Dictionary <string, object> { ["name"] = "name", ["role"] = "[\"role\"]" } }, new RemoteAuthenticationUserOptions { AuthenticationType = "oidc", NameClaim = "name", RoleClaim = "role" }).ConfigureAwait(false); Assert.Contains(user.Claims, c => c.Type == "role" && c.Value == "role"); }
public void FromTenantIdAndObjectId_NullParameters_ThrowsException() { Assert.Throws <ArgumentNullException>(TestConstants.Value, () => ClaimsPrincipalFactory.FromTenantIdAndObjectId(TestConstants.Utid, null)); Assert.Throws <ArgumentNullException>(TestConstants.Value, () => ClaimsPrincipalFactory.FromTenantIdAndObjectId(null, TestConstants.Uid)); }