public void KnownUserFactory_OriginalUrl_InvalidUrl_Test() { //Arrange string url = "http://q.queue-it.net/inqueue.aspx?q=yyyy&p=xxx&ts=345345&h=ttt"; string querystring = "q=yyyy&p=xxx&ts=345345&h=ttt"; HttpRequest httpRequest = new HttpRequest("inqueue.aspx", url, querystring); HttpContext.Current = new HttpContext(httpRequest, new HttpResponse(null)); //Act try { KnownUserFactory.VerifyMd5Hash(SharedSecreteEventKey); Assert.Fail(); } catch (InvalidKnownUserUrlException ex) { Assert.AreEqual("http://q.queue-it.net/inqueue.aspx", ex.OriginalUrl); } catch (Exception) { Assert.Fail(); } }
public void KnownUserFactory_VerifyMd5HashTest_BilletlugenUrl_Test() { //Arrange int expectedPlaceInqueue = 7810; Guid expectedQueueID = Guid.NewGuid(); string placeInQueueEncrypted = Hashing.EncryptPlaceInQueue(expectedPlaceInqueue); long unixTimestamp = Hashing.GetTimestamp(); DateTime expectedTimeStamp = Hashing.TimestampToDateTime(unixTimestamp); string urlNoHash = "http://www.billetlugen.dk/direkte/?token=ZBixHRJxbOeyWsfo3ynInq64Ngp10zvS5R2N0jaVJNijzuZpsJTfx4iwIkBpAK8q4bbgPpF2o5RRF4vlxn5OzgjBM%2ffiWNqZuvIjvyqQGbRekYeSkmd6TA%3d%3d&q=" + expectedQueueID + "&p=" + placeInQueueEncrypted + "&ts=" + unixTimestamp + "&h="; Uri hashUri = new Uri(urlNoHash); string hash = Hashing.GenerateMD5Hash(hashUri.AbsoluteUri, SharedSecreteEventKey); string querystring = "token=ZBixHRJxbOeyWsfo3ynInq64Ngp10zvS5R2N0jaVJNijzuZpsJTfx4iwIkBpAK8q4bbgPpF2o5RRF4vlxn5OzgjBM%2ffiWNqZuvIjvyqQGbRekYeSkmd6TA%3d%3d&q=" + expectedQueueID + "&p=" + placeInQueueEncrypted + "&ts=" + unixTimestamp + "&h=" + hash; string url = urlNoHash + hash; HttpRequest httpRequest = new HttpRequest(null, url, querystring); HttpContext.Current = new HttpContext(httpRequest, new HttpResponse(null)); //Act IKnownUser knownUser = KnownUserFactory.VerifyMd5Hash(SharedSecreteEventKey); //Assert Assert.AreEqual(expectedQueueID, knownUser.QueueId); Assert.IsTrue(knownUser.PlaceInQueue.HasValue); Assert.AreEqual(expectedPlaceInqueue, knownUser.PlaceInQueue); Assert.AreEqual(expectedTimeStamp, knownUser.TimeStamp); }
public void KnownUserFactory_OriginalUrl_InvalidHash_Test() { //Arrange Guid expectedQueueID = Guid.NewGuid(); int expectedPlaceInqueue = 7810; string placeInQueueEncrypted = Hashing.EncryptPlaceInQueue(expectedPlaceInqueue); long unixTimestamp = Hashing.GetTimestamp(); string urlNoHash = "http://q.queue-it.net/inqueue.aspx?q=" + expectedQueueID + "&p=" + placeInQueueEncrypted + "&ts=" + unixTimestamp + "&h="; string hash = "f83ab33400a630043591196134a01c01"; //invalid string querystring = "q=" + expectedQueueID + "&p=" + placeInQueueEncrypted + "&ts=" + unixTimestamp + "&h=" + hash; string url = urlNoHash + hash; HttpRequest httpRequest = new HttpRequest("inqueue.aspx", url, querystring); HttpContext.Current = new HttpContext(httpRequest, new HttpResponse(null)); //Act try { KnownUserFactory.VerifyMd5Hash(SharedSecreteEventKey); Assert.Fail(); } catch (InvalidKnownUserHashException ex) { Assert.AreEqual("http://q.queue-it.net/inqueue.aspx", ex.OriginalUrl); } catch (Exception) { Assert.Fail(); } }
/// <summary> /// Queue validation /// </summary> /// <remarks> /// Please be aware that this this implementation is not done on error handling pages (e.g. Error.aspx) which will cause users to get looped arround. /// </remarks> protected override void OnPreInit(EventArgs e) { try { IKnownUser knownUser = KnownUserFactory.VerifyMd5Hash(); if (knownUser == null) { Response.Redirect("Link.aspx"); } if (knownUser.TimeStamp < DateTime.UtcNow.Subtract(TimeSpan.FromMinutes(3))) { Response.Redirect("Link.aspx"); } PersistModel model = new PersistModel( knownUser.QueueId, knownUser.PlaceInQueue, knownUser.TimeStamp); model.Persist(); } catch (KnownUserException ex) { UriBuilder targetUrl = new UriBuilder(Request.Url); targetUrl.Path = "Link.aspx"; Response.Redirect("Error.aspx?queuename=link&t=" + HttpUtility.UrlEncode(targetUrl.Uri.AbsoluteUri)); } base.OnPreInit(e); }
public void CookieValidateResultRepository_SetValidationResult_CookieDomain_Test() { string secretKey = "acb"; string expectedCookieDomain = ".mydomain.com"; this._knownUser.Stub(knownUser => knownUser.CustomerId).Return("CustomerId"); this._knownUser.Stub(knownUser => knownUser.EventId).Return("EventId"); this._knownUser.Stub(knownUser => knownUser.QueueId).Return(Guid.NewGuid()); this._knownUser.Stub(knownUser => knownUser.OriginalUrl).Return("http://original.url/"); this._knownUser.Stub(knownUser => knownUser.PlaceInQueue).Return(5486); this._knownUser.Stub(knownUser => knownUser.RedirectType).Return(RedirectType.Queue); this._knownUser.Stub(knownUser => knownUser.TimeStamp).Return(DateTime.UtcNow); this._queue.Stub(queue => queue.CustomerId).Return("CustomerId"); this._queue.Stub(queue => queue.EventId).Return("EventId"); CookieValidateResultRepository.Configure(expectedCookieDomain); KnownUserFactory.Configure(secretKey); CookieValidateResultRepository repository = new CookieValidateResultRepository(); AcceptedConfirmedResult result = new AcceptedConfirmedResult(this._queue, this._knownUser, true); repository.SetValidationResult(this._queue, result); Assert.AreEqual(1, this._response.Cookies.Count); Assert.AreEqual(expectedCookieDomain, this._response.Cookies[0].Domain); }
public void KnownUserFactory_OriginalUri_NoParameters_Test() { int expectedPlaceInqueue = 7810; Guid expectedQueueID = Guid.NewGuid(); string placeInQueueEncrypted = Hashing.EncryptPlaceInQueue(expectedPlaceInqueue); long unixTimestamp = Hashing.GetTimestamp(); string expectedCustomerId = "somecust"; string expectedEventId = "someevent"; Uri expectedOriginalUrl = new Uri("http://www.google.com/"); string urlNoHash = expectedOriginalUrl.OriginalString + "?q=" + expectedQueueID + "&p=" + placeInQueueEncrypted + "&ts=" + unixTimestamp + "&c=" + expectedCustomerId + "&e=" + expectedEventId + "&h="; Uri hashUri = new Uri(urlNoHash); string hash = Hashing.GenerateMD5Hash(hashUri.AbsoluteUri, SharedSecreteEventKey); string querystring = "q=" + expectedQueueID + "&p=" + placeInQueueEncrypted + "&ts=" + unixTimestamp + "&c=" + expectedCustomerId + "&e=" + expectedEventId + "&h=" + hash; string url = urlNoHash + hash; HttpRequest httpRequest = new HttpRequest("inqueue.aspx", url, querystring); HttpContext.Current = new HttpContext(httpRequest, new HttpResponse(null)); //Act IKnownUser knownUser = KnownUserFactory.VerifyMd5Hash(SharedSecreteEventKey); Assert.AreEqual(expectedOriginalUrl.AbsoluteUri.ToString(), knownUser.OriginalUrl); }
public void CookieValidateResultRepository_SetValidationResult_CookieExpiration_Test() { DateTime testOffest = DateTime.UtcNow; string secretKey = "acb"; this._knownUser.Stub(knownUser => knownUser.CustomerId).Return("CustomerId"); this._knownUser.Stub(knownUser => knownUser.EventId).Return("EventId"); this._knownUser.Stub(knownUser => knownUser.QueueId).Return(Guid.NewGuid()); this._knownUser.Stub(knownUser => knownUser.OriginalUrl).Return("http://original.url/"); this._knownUser.Stub(knownUser => knownUser.PlaceInQueue).Return(5486); this._knownUser.Stub(knownUser => knownUser.RedirectType).Return(RedirectType.Queue); this._knownUser.Stub(knownUser => knownUser.TimeStamp).Return(DateTime.UtcNow); this._queue.Stub(queue => queue.CustomerId).Return("CustomerId"); this._queue.Stub(queue => queue.EventId).Return("EventId"); KnownUserFactory.Configure(secretKey); CookieValidateResultRepository.Configure(cookieExpiration: TimeSpan.FromMinutes(5)); CookieValidateResultRepository repository = new CookieValidateResultRepository(); AcceptedConfirmedResult result = new AcceptedConfirmedResult(this._queue, this._knownUser, true); repository.SetValidationResult(this._queue, result); Assert.AreEqual(1, this._response.Cookies.Count); Assert.IsTrue(this._response.Cookies[0].Expires >= testOffest.AddMinutes(5) && this._response.Cookies[0].Expires <= DateTime.UtcNow.AddMinutes(5)); }
public void SessionValidationController_ValidateRequest_KnownUserExpired_Test() { KnownUserFactory.Reset(false); KnownUserFactory.Configure(SharedSecreteEventKey); int expectedPlaceInqueue = 7810; Guid expectedQueueId = Guid.NewGuid(); string placeInQueueEncrypted = Hashing.EncryptPlaceInQueue(expectedPlaceInqueue); long unixTimestamp = (long)(DateTime.UtcNow.AddMinutes(-4) - new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalSeconds; string urlNoHash = "http://q.queue-it.net/inqueue.aspx?c=somecust&e=someevent&q=" + expectedQueueId + "&p=" + placeInQueueEncrypted + "&ts=" + unixTimestamp + "&h="; Uri hashUri = new Uri(urlNoHash); string hash = Hashing.GenerateMD5Hash(hashUri.AbsoluteUri, SharedSecreteEventKey); string querystring = "c=somecust&e=someevent&q=" + expectedQueueId + "&p=" + placeInQueueEncrypted + "&ts=" + unixTimestamp + "&h=" + hash; string url = urlNoHash + hash; HttpRequest httpRequest = new HttpRequest("inqueue.aspx", url, querystring); HttpContext.Current = new HttpContext(httpRequest, new HttpResponse(null)); SessionValidationController.ValidateRequest( QueueFactory.CreateQueue("somecust", "someevent")); }
public void CookieValidateResultRepository_GetValidationResult_ReadCookie_Test() { string secretKey = "acb"; string expectedCustomerId = "CustomerId"; string expectedEventId = "EventId"; Guid expectedQueueId = new Guid(4567846, 35, 87, 3, 5, 8, 6, 4, 8, 2, 3); Uri expectedOriginalUrl = new Uri("http://original.url/"); int expectedPlaceInQueue = 5486; RedirectType expectedRedirectType = RedirectType.Queue; long expectedSecondsSince1970 = 5465468; DateTime expectedTimeStamp = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc).AddSeconds(expectedSecondsSince1970); string cookieName = "QueueITAccepted-SDFrts345E-" + expectedCustomerId.ToLower() + "-" + expectedEventId.ToLower(); DateTime expectedExpires = DateTime.UtcNow.AddMinutes(2); string expectedHash = GenerateHash( expectedQueueId.ToString(), expectedOriginalUrl.AbsoluteUri, expectedPlaceInQueue.ToString(), expectedRedirectType, expectedSecondsSince1970.ToString(), expectedExpires, string.Empty, secretKey); this._queue.Stub(queue => queue.CustomerId).Return(expectedCustomerId); this._queue.Stub(queue => queue.EventId).Return(expectedEventId); HttpCookie cookie = new HttpCookie(cookieName); cookie.Values["QueueId"] = expectedQueueId.ToString(); cookie.Values["OriginalUrl"] = expectedOriginalUrl.AbsoluteUri; cookie.Values["PlaceInQueue"] = Hashing.EncryptPlaceInQueue(expectedPlaceInQueue); cookie.Values["RedirectType"] = expectedRedirectType.ToString(); cookie.Values["TimeStamp"] = expectedSecondsSince1970.ToString(); cookie.Values["Hash"] = expectedHash; cookie.Values["Expires"] = expectedExpires.ToString("o"); cookie.HttpOnly = true; this._request.Cookies.Add(cookie); KnownUserFactory.Configure(secretKey); CookieValidateResultRepository repository = new CookieValidateResultRepository(); AcceptedConfirmedResult actualResult = repository.GetValidationResult(this._queue) as AcceptedConfirmedResult; Assert.IsNotNull(actualResult); Assert.AreEqual(this._queue, actualResult.Queue); Assert.AreEqual(expectedCustomerId, actualResult.KnownUser.CustomerId); Assert.AreEqual(expectedEventId, actualResult.KnownUser.EventId); Assert.AreEqual(expectedQueueId, actualResult.KnownUser.QueueId); Assert.AreEqual(expectedOriginalUrl, actualResult.KnownUser.OriginalUrl); Assert.AreEqual(expectedPlaceInQueue, actualResult.KnownUser.PlaceInQueue); Assert.AreEqual(expectedRedirectType, actualResult.KnownUser.RedirectType); Assert.AreEqual(expectedTimeStamp, actualResult.KnownUser.TimeStamp); }
public void TestInitialize() { this._resultRepository = new MockValidationResultRepository(); KnownUserFactory.Reset(false); KnownUserFactory.Configure(secretKey: SharedSecreteEventKey); QueueFactory.Reset(); QueueFactory.Configure(); SessionValidationController.Configure(validationResultProviderFactory: () => this._resultRepository); HttpContext.Current = new HttpContext( new HttpRequest("", "http://some.url", "someprop=somevalue&another=value"), new HttpResponse(null)); }
public void KnownUserFactory_VerifyMd5Hash_OnlyTSParameter_Test() { string sharedSecreteEventKey = "9d919dfb-00e2-4919-8695-469f5ebc91f7930edb9f-2339-4deb-864e-5f26269691b6"; string url = "http://www.google.com/"; string querystring = "ts=" + Hashing.GetTimestamp(); HttpRequest httpRequest = new HttpRequest("inqueue.aspx", url, querystring); HttpContext.Current = new HttpContext(httpRequest, new HttpResponse(null)); KnownUserFactory.VerifyMd5Hash(sharedSecreteEventKey); }
public void CookieValidateResultRepository_GetValidationResult_NoCookie_Test() { string secretKey = "acb"; this._queue.Stub(queue => queue.CustomerId).Return("CustomerId"); this._queue.Stub(queue => queue.EventId).Return("EventId"); KnownUserFactory.Configure(secretKey); CookieValidateResultRepository repository = new CookieValidateResultRepository(); IValidateResult actualResult = repository.GetValidationResult(this._queue); Assert.IsNull(actualResult); }
public void CookieValidateResultRepository_SetValidationResult_WriteCookie_Hash_Test() { string secretKey = "acb"; string expectedCustomerId = "CustomerId"; string expectedEventId = "EventId"; Guid expectedQueueId = Guid.Empty; string expectedOriginalUrl = "http://original.url/"; int expectedPlaceInQueue = 0; RedirectType expectedRedirectType = RedirectType.Idle; long expectedSecondsSince1970 = 0; DateTime expectedTimeStamp = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc).AddSeconds(expectedSecondsSince1970); string expectedCookieName = "QueueITAccepted-SDFrts345E-" + expectedCustomerId.ToLower() + "-" + expectedEventId.ToLower(); DateTime expectedExpires = DateTime.UtcNow.AddMinutes(2); string expectedHash = GenerateHash( expectedQueueId.ToString(), expectedOriginalUrl, expectedPlaceInQueue.ToString(), expectedRedirectType, expectedSecondsSince1970.ToString(), expectedExpires, string.Empty, secretKey); this._knownUser.Stub(knownUser => knownUser.CustomerId).Return(expectedCustomerId); this._knownUser.Stub(knownUser => knownUser.EventId).Return(expectedEventId); this._knownUser.Stub(knownUser => knownUser.QueueId).Return(expectedQueueId); this._knownUser.Stub(knownUser => knownUser.OriginalUrl).Return(expectedOriginalUrl); this._knownUser.Stub(knownUser => knownUser.PlaceInQueue).Return(expectedPlaceInQueue); this._knownUser.Stub(knownUser => knownUser.RedirectType).Return(expectedRedirectType); this._knownUser.Stub(knownUser => knownUser.TimeStamp).Return(expectedTimeStamp); this._queue.Stub(queue => queue.CustomerId).Return(expectedCustomerId); this._queue.Stub(queue => queue.EventId).Return(expectedEventId); CookieValidateResultRepository.Configure(null); KnownUserFactory.Configure(secretKey); CookieValidateResultRepository repository = new CookieValidateResultRepository(); AcceptedConfirmedResult result = new AcceptedConfirmedResult(this._queue, this._knownUser, true); repository.SetValidationResult(this._queue, result, expectedExpires); Assert.AreEqual(1, this._response.Cookies.Count); Assert.AreEqual(expectedCookieName, this._response.Cookies[0].Name); Assert.AreEqual(expectedHash, this._response.Cookies[0]["Hash"]); }
public void KnownUserFactory_VerifyMd5Hash_NoParameters_Test() { string sharedSecreteEventKey = "9d919dfb-00e2-4919-8695-469f5ebc91f7930edb9f-2339-4deb-864e-5f26269691b6"; string url = "http://www.google.com/"; string querystring = "x=sdf"; HttpRequest httpRequest = new HttpRequest("inqueue.aspx", url, querystring); HttpContext.Current = new HttpContext(httpRequest, new HttpResponse(null)); IKnownUser knownUser = KnownUserFactory.VerifyMd5Hash(sharedSecreteEventKey); Assert.IsNull(knownUser); }
public void QueueFactory_GetQueueUrl_IncludeTarget_Test() { string expectedCustomerId = "customerid"; string expectedEventId = "eventid"; string expectedTarget = "http://target.url/?someprop=somevalue&another=value"; string expectedQueueUrl = "&t=" + HttpUtility.UrlEncode(expectedTarget); KnownUserFactory.Configure(urlProviderFactory: () => new MockKnownUserUrlProvicer(expectedTarget)); IQueue queue = QueueFactory.CreateQueue(expectedCustomerId, expectedEventId); string actualQueueUrl = queue.GetQueueUrl(includeTargetUrl: true); Assert.IsTrue(actualQueueUrl.Contains(expectedQueueUrl)); }
public void KnownUserFactory_VerifyMd5Hash_EmptyQueueId_Test() { string sharedSecreteEventKey = "9d919dfb-00e2-4919-8695-469f5ebc91f7930edb9f-2339-4deb-864e-5f26269691b6"; string url = "http://www.google.com/"; string querystring = "q=00000000-0000-0000-0000-000000000000&p=ac498cf9-9b9d-4014-a9d5-6794af9bae43&ts=1346745696&h=8541c1937f5b7211a5008326e9d997dc"; HttpRequest httpRequest = new HttpRequest("inqueue.aspx", url, querystring); HttpContext.Current = new HttpContext(httpRequest, new HttpResponse(null)); IKnownUser knownUser = KnownUserFactory.VerifyMd5Hash(sharedSecreteEventKey); Assert.AreEqual(Guid.Empty, knownUser.QueueId); Assert.AreEqual(null, knownUser.PlaceInQueue); }
public void CookieValidateResultRepository_SetValidationResult_WriteCookie_Test() { string secretKey = "acb"; string expectedCustomerId = "CustomerId"; string expectedEventId = "EventId"; Guid expectedQueueId = new Guid(4567846, 35, 87, 3, 5, 8, 6, 4, 8, 2, 3); string expectedOriginalUrl = "http://original.url/"; int expectedPlaceInQueue = 5486; RedirectType expectedRedirectType = RedirectType.Queue; long expectedSecondsSince1970 = 5465468; DateTime expectedTimeStamp = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc).AddSeconds(expectedSecondsSince1970); string expectedCookieName = "QueueITAccepted-SDFrts345E-" + expectedCustomerId.ToLower() + "-" + expectedEventId.ToLower(); this._knownUser.Stub(knownUser => knownUser.CustomerId).Return(expectedCustomerId); this._knownUser.Stub(knownUser => knownUser.EventId).Return(expectedEventId); this._knownUser.Stub(knownUser => knownUser.QueueId).Return(expectedQueueId); this._knownUser.Stub(knownUser => knownUser.OriginalUrl).Return(expectedOriginalUrl); this._knownUser.Stub(knownUser => knownUser.PlaceInQueue).Return(expectedPlaceInQueue); this._knownUser.Stub(knownUser => knownUser.RedirectType).Return(expectedRedirectType); this._knownUser.Stub(knownUser => knownUser.TimeStamp).Return(expectedTimeStamp); this._queue.Stub(queue => queue.CustomerId).Return(expectedCustomerId); this._queue.Stub(queue => queue.EventId).Return(expectedEventId); CookieValidateResultRepository.Configure(null); KnownUserFactory.Configure(secretKey); CookieValidateResultRepository repository = new CookieValidateResultRepository(); AcceptedConfirmedResult result = new AcceptedConfirmedResult(this._queue, this._knownUser, true); repository.SetValidationResult(this._queue, result); Assert.AreEqual(1, this._response.Cookies.Count); Assert.AreEqual(expectedCookieName, this._response.Cookies[0].Name); Assert.IsNull(this._response.Cookies[0].Domain); Assert.IsTrue(this._response.Cookies[0].HttpOnly); Assert.IsTrue(this._response.Cookies[0].Expires > DateTime.UtcNow.AddMinutes(19).AddSeconds(50)); Assert.IsTrue(this._response.Cookies[0].Expires < DateTime.UtcNow.AddMinutes(20).AddSeconds(10)); Assert.AreEqual(expectedQueueId.ToString(), this._response.Cookies[0]["QueueId"]); Assert.AreEqual(expectedSecondsSince1970.ToString(), this._response.Cookies[0]["TimeStamp"]); Assert.AreEqual(expectedRedirectType.ToString(), this._response.Cookies[0]["RedirectType"]); Assert.AreEqual(expectedPlaceInQueue, Hashing.DecryptPlaceInQueue(this._response.Cookies[0]["PlaceInQueue"])); }
private static void RunVerifyMd5HashTest( bool configLoaded, string sharedSecreteEventKey = null, string prefix = null, string redirectTypeString = null, RedirectType redirectType = RedirectType.Unknown) { //Arrange int expectedPlaceInqueue = 7810; Guid expectedQueueId = Guid.NewGuid(); string placeInQueueEncrypted = Hashing.EncryptPlaceInQueue(expectedPlaceInqueue); long unixTimestamp = Hashing.GetTimestamp(); DateTime expectedTimeStamp = Hashing.TimestampToDateTime(unixTimestamp); string expectedCustomerId = "somecust"; string expectedEventId = "someevent"; string urlNoHash = "http://q.queue-it.net/inqueue.aspx?" + prefix + "c=somecust&" + prefix + "e=someevent&" + prefix + "q=" + expectedQueueId + "&" + prefix + "p=" + placeInQueueEncrypted + "&" + prefix + "ts=" + unixTimestamp + "&" + prefix + "rt=" + redirectTypeString + "&" + prefix + "h="; Uri hashUri = new Uri(urlNoHash); string hash = Hashing.GenerateMD5Hash(hashUri.AbsoluteUri, SharedSecreteEventKey); string querystring = prefix + "c=somecust&" + prefix + "e=someevent&" + prefix + "q=" + expectedQueueId + "&" + prefix + "p=" + placeInQueueEncrypted + "&" + prefix + "ts=" + unixTimestamp + "&" + prefix + "rt=" + redirectTypeString + "&" + prefix + "h=" + hash; string url = urlNoHash + hash; HttpRequest httpRequest = new HttpRequest("inqueue.aspx", url, querystring); HttpContext.Current = new HttpContext(httpRequest, new HttpResponse(null)); //Act IKnownUser knownUser = KnownUserFactory.VerifyMd5Hash( configLoaded ? sharedSecreteEventKey : SharedSecreteEventKey, querystringPrefix: configLoaded ? null : prefix); //Assert Assert.IsNotNull(knownUser); Assert.AreEqual(expectedQueueId, knownUser.QueueId); Assert.IsTrue(knownUser.PlaceInQueue.HasValue); Assert.AreEqual(expectedPlaceInqueue, knownUser.PlaceInQueue); Assert.AreEqual(expectedTimeStamp, knownUser.TimeStamp); Assert.AreEqual(expectedCustomerId, knownUser.CustomerId); Assert.AreEqual(redirectType, knownUser.RedirectType); Assert.AreEqual(expectedEventId, knownUser.EventId); }
public void KnownUserFactory_VerifyMd5HashTest_InvalidPlaceInQueue_Test() { //Arrange Guid expectedQueueID = Guid.NewGuid(); string placeInQueueEncrypted = "b89a605c-8f51-4769-a1ee-5e22c30fd754"; //invalid long unixTimestamp = Hashing.GetTimestamp(); string urlNoHash = "http://q.queue-it.net/inqueue.aspx?c=mpro&e=hashingtest&q=" + expectedQueueID + "&p=" + placeInQueueEncrypted + "&ts=" + unixTimestamp + "&h="; Uri hashUri = new Uri(urlNoHash); string hash = Hashing.GenerateMD5Hash(hashUri.AbsoluteUri, SharedSecreteEventKey); string querystring = "c=mpro&e=hashingtest&q=" + expectedQueueID + "&p=" + placeInQueueEncrypted + "&ts=" + unixTimestamp + "&h=" + hash; string url = urlNoHash + hash; HttpRequest httpRequest = new HttpRequest("inqueue.aspx", url, querystring); HttpContext.Current = new HttpContext(httpRequest, new HttpResponse(null)); //Act KnownUserFactory.VerifyMd5Hash(SharedSecreteEventKey); }
public void KnownUserFactory_VerifyMd5HashTest_InvalidHash_Test() { //Arrange Guid expectedQueueID = Guid.NewGuid(); int expectedPlaceInqueue = 7810; string placeInQueueEncrypted = Hashing.EncryptPlaceInQueue(expectedPlaceInqueue); long unixTimestamp = Hashing.GetTimestamp(); string urlNoHash = "http://q.queue-it.net/inqueue.aspx?c=mpro&e=hashingtest&q=" + expectedQueueID + "&p=" + placeInQueueEncrypted + "&ts=" + unixTimestamp + "&h="; string hash = "f83ab33400a630043591196134a01c01"; //invalid string querystring = "c=mpro&e=hashingtest&q=" + expectedQueueID + "&p=" + placeInQueueEncrypted + "&ts=" + unixTimestamp + "&h=" + hash; string url = urlNoHash + hash; HttpRequest httpRequest = new HttpRequest("inqueue.aspx", url, querystring); HttpContext.Current = new HttpContext(httpRequest, new HttpResponse(null)); //Act KnownUserFactory.VerifyMd5Hash(SharedSecreteEventKey); }
public void KnownUserFactory_VerifyMd5HashTest_InvalidTimeStamp_Test() { //Arrange Guid expectedQueueID = Guid.NewGuid(); int expectedPlaceInqueue = 7810; string placeInQueueEncrypted = Hashing.EncryptPlaceInQueue(expectedPlaceInqueue); string urlNoHash = "http://q.queue-it.net/inqueue.aspx?c=mpro&e=hashingtest&q=" + expectedQueueID + "&p=" + placeInQueueEncrypted + "&ts=invalid&h="; Uri hashUri = new Uri(urlNoHash); string hash = Hashing.GenerateMD5Hash(hashUri.AbsoluteUri, SharedSecreteEventKey); string querystring = "c=mpro&e=hashingtest&q=" + expectedQueueID + "&p=" + placeInQueueEncrypted + "&ts=invalid&h=" + hash; string url = urlNoHash + hash; HttpRequest httpRequest = new HttpRequest("inqueue.aspx", url, querystring); HttpContext.Current = new HttpContext(httpRequest, new HttpResponse(null)); //Act KnownUserFactory.VerifyMd5Hash(SharedSecreteEventKey); }
public void CookieValidateResultRepository_SetValidationResult_NotAccepted_NoCookie_Test() { this._knownUser.Stub(knownUser => knownUser.CustomerId).Return("CustomerId"); this._knownUser.Stub(knownUser => knownUser.EventId).Return("EventId"); this._knownUser.Stub(knownUser => knownUser.QueueId).Return(Guid.NewGuid()); this._knownUser.Stub(knownUser => knownUser.OriginalUrl).Return("http://original.url/"); this._knownUser.Stub(knownUser => knownUser.PlaceInQueue).Return(5486); this._knownUser.Stub(knownUser => knownUser.RedirectType).Return(RedirectType.Queue); this._knownUser.Stub(knownUser => knownUser.TimeStamp).Return(DateTime.UtcNow); this._queue.Stub(queue => queue.CustomerId).Return("CustomerId"); this._queue.Stub(queue => queue.EventId).Return("EventId"); KnownUserFactory.Configure("acb"); CookieValidateResultRepository repository = new CookieValidateResultRepository(); EnqueueResult result = new EnqueueResult(this._queue, "http://q.queue-it.net/"); repository.SetValidationResult(this._queue, result); Assert.AreEqual(0, this._response.Cookies.Count); }
public void SessionValidationController_ValidateRequest_KnownUserAccepted_Test() { KnownUserFactory.Reset(false); KnownUserFactory.Configure(SharedSecreteEventKey); int expectedPlaceInqueue = 7810; Guid expectedQueueId = Guid.NewGuid(); string placeInQueueEncrypted = Hashing.EncryptPlaceInQueue(expectedPlaceInqueue); long unixTimestamp = Hashing.GetTimestamp(); string urlNoHash = "http://q.queue-it.net/inqueue.aspx?c=somecust&e=someevent&q=" + expectedQueueId + "&p=" + placeInQueueEncrypted + "&ts=" + unixTimestamp + "&h="; Uri hashUri = new Uri(urlNoHash); string hash = Hashing.GenerateMD5Hash(hashUri.AbsoluteUri, SharedSecreteEventKey); string querystring = "c=somecust&e=someevent&q=" + expectedQueueId + "&p=" + placeInQueueEncrypted + "&ts=" + unixTimestamp + "&h=" + hash; string url = urlNoHash + hash; HttpRequest httpRequest = new HttpRequest("inqueue.aspx", url, querystring); HttpContext.Current = new HttpContext(httpRequest, new HttpResponse(null)); AcceptedConfirmedResult firstResult = SessionValidationController.ValidateRequest( QueueFactory.CreateQueue("somecust", "someevent")) as AcceptedConfirmedResult; Assert.IsNotNull(firstResult); Assert.AreEqual(true, firstResult.IsInitialValidationRequest); Assert.AreEqual(expectedQueueId, firstResult.KnownUser.QueueId); AcceptedConfirmedResult secondResult = SessionValidationController.ValidateRequest( QueueFactory.CreateQueue("somecust", "someevent")) as AcceptedConfirmedResult; Assert.IsNotNull(secondResult); Assert.IsFalse(secondResult.IsInitialValidationRequest); }
public void CookieValidateResultRepository_GetValidationResult_ModifiedCookie_Test() { string secretKey = "acb"; string expectedCustomerId = "CustomerId"; string expectedEventId = "EventId"; Guid expectedQueueId = new Guid(4567846, 35, 87, 3, 5, 8, 6, 4, 8, 2, 3); Uri expectedOriginalUrl = new Uri("http://original.url/"); int expectedPlaceInQueue = 5486; RedirectType expectedRedirectType = RedirectType.Queue; long expectedSecondsSince1970 = 5465468; DateTime expectedTimeStamp = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc).AddSeconds(expectedSecondsSince1970); string cookieName = "QueueITAccepted-SDFrts345E-" + expectedCustomerId.ToLower() + "-" + expectedEventId.ToLower(); string expectedHash = "D5-48-23-FE-D0-42-D0-59-88-39-AB-D0-CA-A0-18-5D-B8-21-2C-A7-62-A9-65-73-62-68-74-C5-1C-50-09-BA"; this._queue.Stub(queue => queue.CustomerId).Return(expectedCustomerId); this._queue.Stub(queue => queue.EventId).Return(expectedEventId); HttpCookie cookie = new HttpCookie(cookieName); cookie.Values["QueueId"] = expectedQueueId.ToString(); cookie.Values["OriginalUrl"] = expectedOriginalUrl.AbsoluteUri; cookie.Values["PlaceInQueue"] = Hashing.EncryptPlaceInQueue(expectedPlaceInQueue - 10); cookie.Values["RedirectType"] = expectedRedirectType.ToString(); cookie.Values["TimeStamp"] = expectedSecondsSince1970.ToString(); cookie.Values["Hash"] = expectedHash; this._request.Cookies.Add(cookie); KnownUserFactory.Configure(secretKey); CookieValidateResultRepository repository = new CookieValidateResultRepository(); AcceptedConfirmedResult actualResult = repository.GetValidationResult(this._queue) as AcceptedConfirmedResult; Assert.IsNull(actualResult); }
/// <summary> /// /// </summary> /// <param name="filterContext">The Action Executing Filter Context</param> public sealed override void OnActionExecuting(ActionExecutingContext filterContext) { try { IKnownUser knownUser = KnownUserFactory.VerifyMd5Hash(); if (knownUser == null) { throw new UnverifiedKnownUserException(); } foreach (var value in filterContext.ActionParameters.Values) { if (value is KnownUserModel) { (value as KnownUserModel).KnownUser = knownUser; } } } catch (KnownUserException ex) { OnException(filterContext, ex); } }
public void CookieValidateResultRepository_GetValidationResult_IdleQueue_NoRenewCookie_Test() { string secretKey = "acb"; string expectedCustomerId = "CustomerId"; string expectedEventId = "EventId"; Guid expectedQueueId = Guid.Empty; Uri expectedOriginalUrl = new Uri("http://original.url/"); int expectedPlaceInQueue = 0; RedirectType expectedRedirectType = RedirectType.Idle; long expectedSecondsSince1970 = 0; string cookieName = "QueueITAccepted-SDFrts345E-" + expectedCustomerId.ToLower() + "-" + expectedEventId.ToLower(); string expectedHash = "17-77-3F-7D-2E-10-B1-F0-9B-41-5A-DD-37-BB-8E-3A-F7-0B-F2-9F-E3-3B-2B-F5-83-CE-88-C5-8C-15-26-B4"; this._queue.Stub(queue => queue.CustomerId).Return(expectedCustomerId); this._queue.Stub(queue => queue.EventId).Return(expectedEventId); HttpCookie cookie = new HttpCookie(cookieName); cookie.Values["QueueId"] = expectedQueueId.ToString(); cookie.Values["OriginalUrl"] = expectedOriginalUrl.AbsoluteUri; cookie.Values["PlaceInQueue"] = Hashing.EncryptPlaceInQueue(expectedPlaceInQueue); cookie.Values["RedirectType"] = expectedRedirectType.ToString(); cookie.Values["TimeStamp"] = expectedSecondsSince1970.ToString(); cookie.Values["Hash"] = expectedHash; this._request.Cookies.Add(cookie); KnownUserFactory.Configure(secretKey); CookieValidateResultRepository repository = new CookieValidateResultRepository(); repository.GetValidationResult(this._queue); Assert.AreEqual(0, this._response.Cookies.Count); }
static CodeOnlyController() { KnownUserFactory.Configure("a774b1e2-8da7-4d51-b1a9-7647147bb13bace77210-a488-4b6f-afc9-8ba94551a7d7"); }
public void KnownUserFactory_Configure_Test() { KnownUserFactory.Configure(SharedSecreteEventKey, querystringPrefix: "prefix"); RunVerifyMd5HashTest(false, null, "prefix"); }
public void KnownUserFactory_VerifyMd5HashTest_ConfigurationSection_Test() { KnownUserFactory.Reset(true); RunVerifyMd5HashTest(true, null, "prefix"); }
static CodeOnly() { // Configure the shared key (should be done once - e.g. in global.asax) KnownUserFactory.Configure("a774b1e2-8da7-4d51-b1a9-7647147bb13bace77210-a488-4b6f-afc9-8ba94551a7d7"); }