public static void BasicAuthenticationInvalidPwd_throw_MessageSecurityException()
    {
        StringBuilder errorBuilder = new StringBuilder();
        // Will need to use localized string once it is available
        // On Native retail, the message is stripped to 'HttpAuthorizationForbidden, Basic'
        // On Debug or .Net Core, the entire message is "The HTTP request was forbidden with client authentication scheme 'Basic'."
        // Thus we will only check message contains "forbidden"
        string message = "forbidden";

        MessageSecurityException exception = Assert.Throws <MessageSecurityException>(() =>
        {
            BasicHttpBinding basicHttpBinding = new BasicHttpBinding(BasicHttpSecurityMode.Transport);
            basicHttpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic;

            ChannelFactory <IWcfCustomUserNameService> factory = new ChannelFactory <IWcfCustomUserNameService>(basicHttpBinding, new EndpointAddress(Endpoints.Https_BasicAuth_Address));
            factory.Credentials.UserName.UserName = "******";
            factory.Credentials.UserName.Password = "******";

            IWcfCustomUserNameService serviceProxy = factory.CreateChannel();

            string testString = "I am a test";
            string result     = serviceProxy.Echo(testString);
        });

        Assert.True(exception.Message.ToLower().Contains(message), string.Format("Expected exception message to contain: '{0}', actual message is: '{1}'", message, exception.Message));
    }
    public static void BasicAuthenticationInvalidPwd_throw_MessageSecurityException()
    {
#if FULLXUNIT_NOTSUPPORTED
        bool root_Certificate_Installed = Root_Certificate_Installed();
        if (!root_Certificate_Installed)
        {
            Console.WriteLine("---- Test SKIPPED --------------");
            Console.WriteLine("Attempting to run the test in ToF, a ConditionalFact evaluated as FALSE.");
            Console.WriteLine("Root_Certificate_Installed evaluated as {0}", root_Certificate_Installed);
            return;
        }
#endif
        StringBuilder errorBuilder = new StringBuilder();
        // Will need to use localized string once it is available
        // On Native retail, the message is stripped to 'HttpAuthorizationForbidden, Basic'
        // On Debug or .Net Core, the entire message is "The HTTP request was forbidden with client authentication scheme 'Basic'."
        // Thus we will only check message contains "forbidden"
        string message = "forbidden";

        MessageSecurityException exception = Assert.Throws <MessageSecurityException>(() =>
        {
            BasicHttpBinding basicHttpBinding = new BasicHttpBinding(BasicHttpSecurityMode.Transport);
            basicHttpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic;

            ChannelFactory <IWcfCustomUserNameService> factory = new ChannelFactory <IWcfCustomUserNameService>(basicHttpBinding, new EndpointAddress(Endpoints.Https_BasicAuth_Address));
            string username = Guid.NewGuid().ToString("n").Substring(0, 8);
            string password = Guid.NewGuid().ToString("n").Substring(0, 16);
            factory.Credentials.UserName.UserName = username;
            factory.Credentials.UserName.Password = password + "Invalid";

            IWcfCustomUserNameService serviceProxy = factory.CreateChannel();

            string testString = "I am a test";
            using (var scope = new OperationContextScope((IContextChannel)serviceProxy))
            {
                HttpRequestMessageProperty requestMessageProperty;
                if (!OperationContext.Current.OutgoingMessageProperties.ContainsKey(HttpRequestMessageProperty.Name))
                {
                    requestMessageProperty = new HttpRequestMessageProperty();
                    OperationContext.Current.OutgoingMessageProperties[HttpRequestMessageProperty.Name] = requestMessageProperty;
                }
                else
                {
                    requestMessageProperty = (HttpRequestMessageProperty)OperationContext.Current.OutgoingMessageProperties[HttpRequestMessageProperty.Name];
                }

                requestMessageProperty.Headers[BasicUsernameHeaderName] = username;
                requestMessageProperty.Headers[BasicPasswordHeaderName] = password;
                string result = serviceProxy.Echo(testString);
            }
        });

        Assert.True(exception.Message.ToLower().Contains(message), string.Format("Expected exception message to contain: '{0}', actual message is: '{1}'", message, exception.Message));
    }
Esempio n. 3
0
        protected void ReportException(MessageSecurityException ex)
        {
            string msg;

            if (ex.InnerException is FaultException)
            {
                msg = (ex.InnerException as FaultException).Message;
            }
            else
            {
                msg = ex.Message;
            }
        }
Esempio n. 4
0
        private static void HandleSecurityException(MessageSecurityException e)
        {
            string template = GetTemplate("ERROR");

            /*
             * The string returned in this sample is mostly to demonstrate
             * how to retrieve the exception properties.  Your application
             * should display user-friendly messages.
             */
            string content = String.Format(
                "\nA Security exception was returned with message '{1}'.", e.Message);

            Console.WriteLine(template, content);
        }
Esempio n. 5
0
        protected void ReportException(MessageSecurityException ex)
        {
            string msg;

            if (ex.InnerException is FaultException)
            {
                msg = (ex.InnerException as FaultException).Message;
            }
            else
            {
                msg = ex.Message;
            }
            WriteError(new ErrorRecord(ex, "SwisError", ErrorCategory.InvalidOperation, null)
            {
                ErrorDetails = new ErrorDetails(msg)
            });
        }
Esempio n. 6
0
 static void HandleSessionException(MessageSecurityException e)
 {
     MessageBox.Show(ConnectionMessage.SessionExpired.NiceToString(), ConnectionMessage.SessionExpired.NiceToString(), MessageBoxButton.OK, MessageBoxImage.Hand);
 }
Esempio n. 7
0
 protected bool?ShouldRetry(MessageSecurityException messageSecurityException, bool?retry)
 {
     return(!retry.HasValue && messageSecurityException.InnerException is FaultException innerException && (innerException.Code.IsSenderFault && innerException.Code.SubCode.Name == "BadContextToken") ? new bool?(true) : new bool?(false));
 }
Esempio n. 8
0
        public Fault(MessageSecurityException e) : base(e.Message, e)
        {
            WebException we       = (WebException)e.GetBaseException();
            WebResponse  response = we.Response;

            this.Code = "qc:E401"; // 401 : unauthorised

            if (response.ContentType == "application/xml")
            {
                XmlDocument document = new XmlDocument();
                using (StreamReader streamReader = new System.IO.StreamReader(response.GetResponseStream(), ASCIIEncoding.ASCII))
                {
                    using (XmlReader xmlReader = XmlReader.Create(streamReader))
                    {
                        document.Load(xmlReader);
                        XmlNodeList moreInfo = document.GetElementsByTagName("moreInformation");
                        if (moreInfo.Count > 0)
                        {
                            MessageInserts = moreInfo[0].InnerText;
                        }
                        if (MessageInserts == "Invalid client id or secret.")
                        {
                            SubCode = "qc:dp100";
                        }
                        else if (MessageInserts == "Client id not registered.")
                        {
                            SubCode = "qc:dp101";
                        }
                        else if (MessageInserts == "Not Registered to Plan")
                        {
                            SubCode = "qc:dp102";
                        }
                        else if (MessageInserts == "Authentication Failure, Unable to Validate Credentials")
                        {
                            SubCode = "qc:dp103";
                        }
                        else if (MessageInserts == "Rate Limit - Rate Limit Exceeded")
                        {
                            SubCode = "qc:dp104";
                        }
                        else if (MessageInserts.StartsWith("Internal Server Error"))
                        {
                            SubCode = "qc:dp105";
                        }
                        else if (MessageInserts == "Authentication Failure, Unable to Validate Credentials")
                        {
                            SubCode = "qc:dp106";
                        }
                        else if (MessageInserts == "Client id missing.")
                        {
                            SubCode = "qc:dp107";
                        }
                        responseText = document.OuterXml;
                    }
                }
            }
            else if (response.ContentType.StartsWith("text/html"))
            {
                // this comes when the user/password fails to authenticate
                SubCode = "qc:ldap401";
            }
            else
            {
                using (StreamReader reader = new System.IO.StreamReader(we.Response.GetResponseStream(), ASCIIEncoding.ASCII))
                {
                    MessageInserts = reader.ReadToEnd();
                }
            }
        }
Esempio n. 9
0
    public static void BasicAuthenticationInvalidPwd_throw_MessageSecurityException()
    {
        BasicHttpBinding basicHttpBinding = null;
        ChannelFactory <IWcfCustomUserNameService> factory = null;
        EndpointAddress           endpointAddress          = null;
        string                    username     = null;
        string                    password     = null;
        IWcfCustomUserNameService serviceProxy = null;
        string                    testString   = null;
        // Will need to use localized string once it is available
        // On Native retail, the message is stripped to 'HttpAuthorizationForbidden, Basic'
        // On Debug or .Net Core, the entire message is "The HTTP request was forbidden with client authentication scheme 'Basic'."
        // Thus we will only check message contains "forbidden"
        string message = "forbidden";

        // *** VALIDATE *** \\
        MessageSecurityException exception = Assert.Throws <MessageSecurityException>(() =>
        {
            // *** SETUP *** \\
            basicHttpBinding = new BasicHttpBinding(BasicHttpSecurityMode.Transport);
            basicHttpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic;
            endpointAddress = new EndpointAddress(Endpoints.Https_BasicAuth_Address);
            factory         = new ChannelFactory <IWcfCustomUserNameService>(basicHttpBinding, endpointAddress);
            username        = Guid.NewGuid().ToString("n").Substring(0, 8);
            password        = Guid.NewGuid().ToString("n").Substring(0, 16);
            factory.Credentials.UserName.UserName = username;
            factory.Credentials.UserName.Password = password + "Invalid";
            serviceProxy = factory.CreateChannel();
            testString   = "I am a test";

            // *** EXECUTE *** \\
            using (var scope = new OperationContextScope((IContextChannel)serviceProxy))
            {
                HttpRequestMessageProperty requestMessageProperty;
                if (!OperationContext.Current.OutgoingMessageProperties.ContainsKey(HttpRequestMessageProperty.Name))
                {
                    requestMessageProperty = new HttpRequestMessageProperty();
                    OperationContext.Current.OutgoingMessageProperties[HttpRequestMessageProperty.Name] = requestMessageProperty;
                }
                else
                {
                    requestMessageProperty = (HttpRequestMessageProperty)OperationContext.Current.OutgoingMessageProperties[HttpRequestMessageProperty.Name];
                }

                requestMessageProperty.Headers[BasicUsernameHeaderName] = username;
                requestMessageProperty.Headers[BasicPasswordHeaderName] = password;

                try
                {
                    string result = serviceProxy.Echo(testString);
                }
                finally
                {
                    // *** ENSURE CLEANUP *** \\
                    ScenarioTestHelpers.CloseCommunicationObjects((ICommunicationObject)serviceProxy, factory);
                }
            }
        });

        // *** ADDITIONAL VALIDATION *** \\
        Assert.True(exception.Message.ToLower().Contains(message), string.Format("Expected exception message to contain: '{0}', actual message is: '{1}'", message, exception.Message));
    }