public HpkpMiddleware(AppFunc next, HpkpOptions options, bool reportOnly)
: base(next)
{
_config = options.Config;
var headerGenerator = new HeaderGenerator();
_headerResult = headerGenerator.CreateHpkpResult(_config, reportOnly);
}
public HpkpMiddleware(RequestDelegate next, HpkpOptions options, bool reportOnly)
: base(next)
{
_config = options.Config;
var headerGenerator = new HeaderGenerator();
_headerResult = headerGenerator.CreateHpkpResult(_config, reportOnly);
}
public void Called_MaxAgeSet(int maxAgeHours, int expected)
{
//Arrange
HpkpOptionsBuilder builder = new HpkpOptionsBuilder();
//Act
builder.AddPins("==somepinvalue").SetMaxAge(TimeSpan.FromHours(maxAgeHours));
//Assert
HpkpOptions result = builder.Build();
Assert.Equal(expected, result.MaxAge);
}
public void Called_IncludeSubdomainsSet()
{
//Arrange
HpkpOptionsBuilder builder = new HpkpOptionsBuilder();
//Act
builder.AddPins("==somepinvalue").IncludeSubdomains();
//Assert
HpkpOptions result = builder.Build();
Assert.True(result.IncludeSubdomains);
}
/// <summary>
/// Adds a middleware to the ASP.NET Core pipeline that sets the Public-Key-Pins header.
/// </summary>
/// <param name="app">The <see cref="IApplicationBuilder" /> to which the middleware is added.</param>
/// <param name="configurer">An <see cref="Action" /> that configures the options for the middleware.</param>
/// <returns>The <see cref="IApplicationBuilder" /> supplied in the app parameter.</returns>
public static IApplicationBuilder UseHpkp(this IApplicationBuilder app, Action <IFluentHpkpOptions> configurer)
{
if (app == null)
{
throw new ArgumentNullException(nameof(app));
}
if (configurer == null)
{
throw new ArgumentNullException(nameof(configurer));
}
var options = new HpkpOptions();
configurer(options);
new HpkpConfigurationValidator().ValidateNumberOfPins(options.Config);
return(app.UseMiddleware <HpkpMiddleware>(options, false));
}
public void Called_PinsAdded()
{
//Arrange
HpkpOptionsBuilder builder = new HpkpOptionsBuilder();
string pin1 = "==somepinvalue";
string pin2 = "==somepinvalue2";
//Act
builder.AddPins(pin1, pin2);
//Assert
HpkpOptions result = builder.Build();
Assert.Equal(2, result.Pins.Count);
Assert.Contains($"pin-sha256=\"{pin1}\"", result.Pins);
Assert.Contains($"pin-sha256=\"{pin2}\"", result.Pins);
}
/// <summary>
/// Adds a middleware to the OWIN pipeline that sets the Public-Key-Pins-Report-Only header.
/// </summary>
/// <param name="app">The <see cref="IAppBuilder" /> to which the middleware is added.</param>
/// <param name="configurer">An <see cref="Action" /> that configures the options for the middleware.</param>
/// <returns>The <see cref="IAppBuilder" /> supplied in the app parameter.</returns>
public static IAppBuilder UseHpkpReportOnly(this IAppBuilder app, Action <IFluentHpkpOptions> configurer)
{
if (app == null)
{
throw new ArgumentNullException(nameof(app));
}
if (configurer == null)
{
throw new ArgumentNullException(nameof(configurer));
}
var options = new HpkpOptions();
configurer(options);
new HpkpConfigurationValidator().ValidateNumberOfPins(options.Config);
return(app.Use(typeof(HpkpMiddleware), options, true));
}
public HpkpOptionsTest()
{
_options = new HpkpOptions();
}
public HpkpMiddleware(RequestDelegate next, HpkpOptions options)
{
_next = next;
_headerName = options.HeaderName;
_headerValue = options.HeaderValue;
}
