Esempio n. 1
0
        public void ReadNonExistentCookie()
        {
            //SETUP
            var mocks     = new MockHttpContextCookies();
            var eProvider = new EphemeralDataProtectionProvider();
            var cookie    = new ImpersonationCookie(mocks.MockContext, eProvider);

            //ATTEMPT
            var data = cookie.GetCookieInValue();

            //VERIFY
            data.ShouldBeNull();
        }
Esempio n. 2
0
        public void ReadEncryptedCookie()
        {
            //SETUP
            var mocks     = new MockHttpContextCookies();
            var eProvider = new EphemeralDataProtectionProvider();
            var cookie    = new ImpersonationCookie(mocks.MockContext, eProvider);

            //ATTEMPT
            mocks.RequestCookies["UserImpersonation"] = eProvider.CreateProtector(cookie.EncryptPurpose).Protect("Hello world");
            var data = cookie.GetCookieInValue();

            //VERIFY
            data.ShouldEqual("Hello world");
        }
Esempio n. 3
0
        public void ReadEncryptedCookie()
        {
            //SETUP
            var httpContext = new DefaultHttpContext();
            var eProvider   = new EphemeralDataProtectionProvider();
            var cookie      = new ImpersonationCookie(httpContext, eProvider);
            var codedData   = eProvider.CreateProtector(cookie.EncryptPurpose).Protect("Hello world");

            //ATTEMPT
            httpContext.AddRequestCookie("UserImpersonation", codedData);

            var data = cookie.GetCookieInValue();

            //VERIFY
            data.ShouldEqual("Hello world");
        }
Esempio n. 4
0
        public void ReadEncryptedCookieBadDeletesCookie()
        {
            //SETUP
            var mocks     = new MockHttpContextCookies();
            var eProvider = new EphemeralDataProtectionProvider();
            var cookie    = new ImpersonationCookie(mocks.MockContext, eProvider);

            //ATTEMPT
            mocks.RequestCookies["UserImpersonation"] = "???";
            var ex = Assert.Throws <CryptographicException>(() =>
                                                            cookie.GetCookieInValue());

            //VERIFY
            ex.Message.ShouldStartWith("An error occurred during a cryptographic operation.");
            mocks.ResponseCookies["Set-Cookie"].ShouldNotBeNull();
            mocks.ResponseCookies["Set-Cookie"][0].ShouldEndWith("expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; samesite=lax; httponly");
        }
Esempio n. 5
0
        public void ReadEncryptedCookieBadDeletesCookie()
        {
            //SETUP
            var httpContext = new DefaultHttpContext();
            var eProvider   = new EphemeralDataProtectionProvider();
            var cookie      = new ImpersonationCookie(httpContext, eProvider);

            //ATTEMPT
            httpContext.AddRequestCookie("UserImpersonation", "???");
            var ex = Assert.Throws <CryptographicException>(() =>
                                                            cookie.GetCookieInValue());

            //VERIFY
            ex.Message.ShouldStartWith("An error occurred during a cryptographic operation.");
            httpContext.Response.Headers["Set-Cookie"].ShouldNotBeNull();
            httpContext.Response.Headers["Set-Cookie"][0].ShouldEndWith("expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; httponly");
        }