public void ReadNonExistentCookie() { //SETUP var mocks = new MockHttpContextCookies(); var eProvider = new EphemeralDataProtectionProvider(); var cookie = new ImpersonationCookie(mocks.MockContext, eProvider); //ATTEMPT var data = cookie.GetCookieInValue(); //VERIFY data.ShouldBeNull(); }
public void ReadEncryptedCookie() { //SETUP var mocks = new MockHttpContextCookies(); var eProvider = new EphemeralDataProtectionProvider(); var cookie = new ImpersonationCookie(mocks.MockContext, eProvider); //ATTEMPT mocks.RequestCookies["UserImpersonation"] = eProvider.CreateProtector(cookie.EncryptPurpose).Protect("Hello world"); var data = cookie.GetCookieInValue(); //VERIFY data.ShouldEqual("Hello world"); }
public void ReadEncryptedCookie() { //SETUP var httpContext = new DefaultHttpContext(); var eProvider = new EphemeralDataProtectionProvider(); var cookie = new ImpersonationCookie(httpContext, eProvider); var codedData = eProvider.CreateProtector(cookie.EncryptPurpose).Protect("Hello world"); //ATTEMPT httpContext.AddRequestCookie("UserImpersonation", codedData); var data = cookie.GetCookieInValue(); //VERIFY data.ShouldEqual("Hello world"); }
public void ReadEncryptedCookieBadDeletesCookie() { //SETUP var mocks = new MockHttpContextCookies(); var eProvider = new EphemeralDataProtectionProvider(); var cookie = new ImpersonationCookie(mocks.MockContext, eProvider); //ATTEMPT mocks.RequestCookies["UserImpersonation"] = "???"; var ex = Assert.Throws <CryptographicException>(() => cookie.GetCookieInValue()); //VERIFY ex.Message.ShouldStartWith("An error occurred during a cryptographic operation."); mocks.ResponseCookies["Set-Cookie"].ShouldNotBeNull(); mocks.ResponseCookies["Set-Cookie"][0].ShouldEndWith("expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; samesite=lax; httponly"); }
public void ReadEncryptedCookieBadDeletesCookie() { //SETUP var httpContext = new DefaultHttpContext(); var eProvider = new EphemeralDataProtectionProvider(); var cookie = new ImpersonationCookie(httpContext, eProvider); //ATTEMPT httpContext.AddRequestCookie("UserImpersonation", "???"); var ex = Assert.Throws <CryptographicException>(() => cookie.GetCookieInValue()); //VERIFY ex.Message.ShouldStartWith("An error occurred during a cryptographic operation."); httpContext.Response.Headers["Set-Cookie"].ShouldNotBeNull(); httpContext.Response.Headers["Set-Cookie"][0].ShouldEndWith("expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; httponly"); }