public Request Construct(string url, string username, string password, string body) { var builder = new RequestBuilder(); builder.SetUrl(url); builder.AddHeader("username", username); builder.AddHeader("password", password); builder.SetBody(body); return(builder.Build()); }
private HttpResponseMessage SendRequest() { var requestBuilder = new RequestBuilder(_app.Server, _path); if (_method == HttpMethod.Post) { var tokens = AntiForgeryRequestTokens.GetFromApplication(_app); if (_postForm != null) { var dic = new Dictionary <string, string>(_postForm); requestBuilder.And(req => { dic["__RequestVerificationToken"] = tokens.VerificationToken; var content = new FormUrlEncodedContent(dic); content.Headers.ContentType = new MediaTypeHeaderValue(_contentType); req.Content = content; }) .WithCookie(tokens.Cookie); } else { requestBuilder.AddHeader("RequestVerificationToken", tokens.VerificationToken); if (_postEntity != null) { requestBuilder.And(req => { var content = new ByteArrayContent(_postEntity); content.Headers.ContentType = new MediaTypeHeaderValue(_contentType); req.Content = content; }); } requestBuilder.WithCookie(tokens.Cookie); } } if (_headers.Any()) { _headers.Keys.ToList().ForEach(key => requestBuilder.AddHeader(key, _headers[key])); } if (_cookies.Any()) { _cookies.ForEach(c => requestBuilder.WithCookie(c.Name.ToString(), c.Value.ToString())); } var response = requestBuilder.SendAsync(_method.ToString().ToUpper()).Result; _app.ResetUser(); return(response); }
public async Task CodeAllowRealIPNotOnBlacklist4Test() { using ( var server = new TestServer( WebHostBuilderHelper.CreateCodeBuilder( new IPFilteringOptions { DefaultBlockLevel = DefaultBlockLevel.None, Blacklist = new List <string> { "192.168.0.1" } }))) { // Act RequestBuilder request = server.CreateRequest("/"); request.AddHeader("X-Real-IP", "192.168.0.2"); HttpResponseMessage response = await request.SendAsync("PUT"); // Assert response.EnsureSuccessStatusCode(); Assert.AreEqual(HttpStatusCode.OK, response.StatusCode, "StatusCode != OK"); } }
public static RequestBuilder AddAsJson <T>(this RequestBuilder requestBuilder, T value) { requestBuilder.AddHeader("Accept", "application/json"); requestBuilder.And(r => r.Content = new ObjectContent <T>(value, new JsonMediaTypeFormatter())); return(requestBuilder); }
public async Task CodeBlockRealIPOnWhitelistBlacklistTest() { using ( var server = new TestServer( WebHostBuilderHelper.CreateCodeBuilder( new IPFilteringOptions { Whitelist = new List <string> { "192.168.0.10-192.168.10.20" }, Blacklist = new List <string> { "192.168.0.100-192.168.0.150" }, }))) { // Act RequestBuilder request = server.CreateRequest("/"); request.AddHeader("X-Real-IP", "192.168.0.120"); HttpResponseMessage response = await request.SendAsync("PUT"); // Assert Assert.AreEqual(HttpStatusCode.NotFound, response.StatusCode, "StatusCode != Not Found"); } }
public async Task CompressionMediaTest() { // Arrange using (var server = new TestServer( this.CreateBuilder(options => { options.MinimumCompressionThreshold = 0; options.AllowedMediaTypes = new List <MediaTypeHeaderValue> { MediaTypeHeaderValue.Parse("text/html") }; }))) { // Act RequestBuilder request = server.CreateRequest("/"); request.AddHeader(HeaderNames.AcceptEncoding, "gzip"); HttpResponseMessage response = await request.SendAsync("PUT"); // Assert response.EnsureSuccessStatusCode(); string responseText = await response.Content.ReadAsStringAsync(); Assert.AreEqual(HttpStatusCode.OK, response.StatusCode, "StatusCode != OK"); Assert.AreEqual(Helpers.ResponseText, responseText, "Response Text not equal"); Assert.AreEqual(124, response.Content.Headers.ContentLength, "Content-Length != 124"); Assert.AreEqual(false, response.Content.Headers.ContentEncoding.Any(), "Content-Encoding != null"); Assert.AreEqual(false, response.Headers.Vary.Contains(HeaderNames.AcceptEncoding), "Vary != Accept-Encoding"); } }
void AddToken(RequestBuilder requestBuilder) { if (Token != null) { requestBuilder.AddHeader(AuthorizationHeaderName, "Bearer " + Token); } }
public async Task IgnoredCompressionThresholdZeroGZipTest() { // Arrange using ( var server = new TestServer( this.CreateBuilder( options => { options.MinimumCompressionThreshold = 0; options.Compressors = new List <ICompressor> { new GZipCompressor() }; }))) { // Act RequestBuilder request = server.CreateRequest("/lib/ignore"); request.AddHeader(HeaderNames.AcceptEncoding, "gzip"); HttpResponseMessage response = await request.SendAsync("PUT"); // Assert response.EnsureSuccessStatusCode(); string responseText = await response.Content.ReadAsStringAsync(); Assert.AreEqual(HttpStatusCode.OK, response.StatusCode, "StatusCode != OK"); Assert.AreEqual(Helpers.ResponseText, responseText, "Response Text not equal"); Assert.AreEqual(Helpers.ResponseText.Length, response.Content.Headers.ContentLength, $"Content-Length != {Helpers.ResponseText.Length}"); Assert.AreEqual(false, response.Content.Headers.ContentEncoding.Any(), "Content-Encoding == null"); } }
public override void Update() { DB db = new DB("travox_global"); RequestBuilder doExchange = new RequestBuilder("127.0.0.1:3000/API-v3/exchange-rate/"); doExchange.By = RequestBuilder.Method.POST; doExchange.ContentType = "application/x-www-form-urlencoded"; doExchange.AddHeader("Token-Auth", "ZHNnc2RmaCxrZXIgbmFsZ25zIGRmZ2RzZmc"); doExchange.AddBody("from", db.GetField("SELECT ISNULL(currency,'') FROM currency FOR XML PATH('')")); doExchange.AddBody("to", "THB"); doExchange.AddBody("amt", "1"); XHR rate = new XHR().AsyncSend(doExchange).Wait(); try { foreach (RateAPI item in JsonConvert.DeserializeObject<List<RateAPI>>(rate.ToString())) { SQLCollection param = new SQLCollection(); param.Add("@to", DbType.String, item.currency); param.Add("@rate", DbType.Decimal, item.rate); param.Add("@date", DbType.DateTime, DateTime.Parse(item.updated).ToString("dd-MM-yyyy HH:mm:ss")); db.Execute("UPDATE currency SET currency_rate=@rate, last_update=@date WHERE currency = @to", param); } db.Apply(); } catch (Exception e) { db.Rollback(); throw e; } base.Update(); }
public static RequestBuilder WithIdentity(this RequestBuilder requestBuilder, IEnumerable <Claim> claims) { requestBuilder.AddHeader( Constants.AuthorizationHeaderName, $"{Constants.Scheme} {ClaimSerializer.Encode(claims)}"); return(requestBuilder); }
public static RequestBuilder WithIdentity(this RequestBuilder requestBuilder, IEnumerable <Claim> claims) { requestBuilder.AddHeader( Constants.AuthenticationHeaderName, $"{TestServerAuthenticationDefaults.AuthenticationScheme} {DefautClaimsEncoder.Encode(claims)}"); return(requestBuilder); }
private void _addCookies(RequestBuilder requestBuilder, Uri absoluteUrl) { var cookieHeader = Cookies.GetCookieHeader(absoluteUrl); if (!string.IsNullOrWhiteSpace(cookieHeader)) { requestBuilder.AddHeader(HeaderNames.Cookie, cookieHeader); } }
private void SetXSRFHeader(RequestBuilder requestBuilder, Uri absoluteUrl) { var cookies = Cookies.GetCookies(absoluteUrl); var cookie = cookies[XSRFCookieName]; if (cookie != null) { requestBuilder.AddHeader(XSRFHeaderName, cookie.Value); } }
private void addHeaders(RequestBuilder requestBuilder, Dictionary <string, string> headers) { if (headers != null && headers.Any()) { foreach (var header in headers) { requestBuilder.AddHeader(header.Key, header.Value); } } }
public static RequestBuilder AddAuthorizationHeader( this RequestBuilder requestBuilder, params Claim[] claims) { var jwt = CreateJwtAccessToken(claims); requestBuilder.AddHeader("Authorization", "bearer " + jwt); return(requestBuilder); }
public static async Task <HttpResponseMessage> PostFormAsync( this RequestBuilder request, IEnumerable <KeyValuePair <string, string> > formValues) { var response = await request .AddHeader("Content-Type", "application/x-www-form-urlencoded") .And(r => { r.Content = new FormUrlEncodedContent(formValues); }) .PostAsync(); return(response); }
public void BeforeRequest(RequestBuilder requestBuilder, Uri absoluteUrl) { var ticket = new AuthenticationTicket(principal, "FakeClaims"); var ser = new ClaimsSerializer(); var cookieValue = ser.SerializeTicket(ticket); var cookieContainer = new CookieContainer(); var cookie = new Cookie("FakeClaims", cookieValue, "/", absoluteUrl.Authority); cookieContainer.Add(cookie); var cookieHeader = cookieContainer.GetCookieHeader(absoluteUrl); requestBuilder.AddHeader(HeaderNames.Cookie, cookieHeader); }
public async Task FileBlockAllNotFoundTest() { using (var server = new TestServer(WebHostBuilderHelper.CreateBlockFileBuilder())) { // Act RequestBuilder request = server.CreateRequest("/"); request.AddHeader("X-Real-IP", "192.168.0.1"); HttpResponseMessage response = await request.SendAsync("PUT"); Assert.AreEqual(HttpStatusCode.Unauthorized, response.StatusCode, "StatusCode != Unauthorized"); } }
public async Task FileAllowRealIPOnBlacklistTest() { using var server = new TestServer(WebHostBuilderHelper.CreateAllowFileBuilder()); // Act RequestBuilder request = server.CreateRequest("/"); request.AddHeader("X-Real-IP", "192.168.0.10"); HttpResponseMessage response = await request.SendAsync("PUT"); // Assert Assert.AreEqual(HttpStatusCode.Unauthorized, response.StatusCode, "StatusCode != Unauthorized"); }
public async Task FilePathBlockRealIPOnWhitelistBlacklistTest() { using var server = new TestServer(WebHostBuilderHelper.CreatePathBlockFileBuilder()); // Act RequestBuilder request = server.CreateRequest("/pathget"); request.AddHeader("X-Real-IP", "192.168.0.120"); HttpResponseMessage response = await request.SendAsync("GET"); // Assert Assert.AreEqual(HttpStatusCode.Unauthorized, response.StatusCode, "StatusCode != Not Found"); }
public async Task FileIgnoreGetTest() { using (var server = new TestServer(WebHostBuilderHelper.CreateIgnoreFileBuilder())) { // Act RequestBuilder request = server.CreateRequest("/ignoreget"); request.AddHeader("X-Real-IP", "192.168.0.1"); HttpResponseMessage response = await request.SendAsync("GET"); // Assert response.EnsureSuccessStatusCode(); Assert.AreEqual(HttpStatusCode.OK, response.StatusCode, "StatusCode != OK"); } }
public async Task FileAllowRealIPOnWhitelistBlacklistTest() { using (var server = new TestServer(WebHostBuilderHelper.CreateBlockFileBuilder())) { // Act RequestBuilder request = server.CreateRequest("/"); request.AddHeader("X-Real-IP", "192.168.0.10"); HttpResponseMessage response = await request.SendAsync("PUT"); // Assert response.EnsureSuccessStatusCode(); Assert.AreEqual(HttpStatusCode.OK, response.StatusCode, "StatusCode != OK"); } }
public async Task FileAllowAllNotFoundTest2() { using var server = new TestServer(WebHostBuilderHelper.CreatePathBlockFileBuilder()); // Act RequestBuilder request = server.CreateRequest("/"); request.AddHeader("X-Real-IP", "192.168.0.1"); HttpResponseMessage response = await request.SendAsync("PUT"); // Assert response.EnsureSuccessStatusCode(); Assert.AreEqual(HttpStatusCode.OK, response.StatusCode, "StatusCode != OK"); }
public async Task FilePathAllowRealIPNotOnBlacklistTest() { using var server = new TestServer(WebHostBuilderHelper.CreatePathAllowFileBuilder()); // Act RequestBuilder request = server.CreateRequest("/pathget"); request.AddHeader("X-Real-IP", "192.168.0.1"); HttpResponseMessage response = await request.SendAsync("GET"); // Assert response.EnsureSuccessStatusCode(); Assert.AreEqual(HttpStatusCode.OK, response.StatusCode, "StatusCode != OK"); }
private async Task GetVerificationTokenAsync(Uri uri, RequestBuilder parentBuilder) { /** * ASP's Antiforgery has two parts: * * - 1. It stores half of the token inside of the __RequestVerificationToken input * - 2. It stores the other half inside of the .AspNetCore.Antiforgery.XXXXXXX cookie * * So we GET the Account/Login page, which we should always have anon access to as well as it always providing * these two values for us. * * We then extract these values, and use them to build up the parentBuilder's request further. * * This allows us to satisfy [ValidateAntiforgeryToken] :) * **/ // Expire the forgery token, to ensure we're sent a fresh pair of tokens. var loginUri = new Uri(this._server.BaseAddress, "Account/Login"); foreach (Cookie cookie in this.GetAllCookies().Where(c => c.Name.StartsWith(".AspNetCore.Antiforgery."))) { cookie.Expires = DateTime.Now.Subtract(TimeSpan.FromDays(1)); } var builder = this.BuildRequest("Account/Login", true); using (var response = await builder.GetAsync()) { var content = await response.Content.ReadAsStringAsync(); var match = Regex.Match(content, @"<input\s+name=""__RequestVerificationToken""\s+type=""hidden""\s+value=""([^""]+)""\s+/>"); if (!match.Success) { throw new InvalidOperationException("Could not retrieve verification token."); } parentBuilder.AddHeader("X-CSRF-TOKEN", match.Groups[1].Value); var forgeryCookie = response .Headers .GetValues(HeaderNames.SetCookie) .SelectMany(c => c.Split(";")) .Where(c => c.StartsWith(".AspNetCore.Antiforgery.")) .Select(c => new Cookie(c.Split("=")[0], c.Split("=")[1])) .First(); this._cookies.Add(uri, forgeryCookie); } }
public async Task CompressionThresholdZeroGZipNoCompressionTest() { // Arrange using ( var server = new TestServer( this.CreateBuilder( new CompressionOptions { MinimumCompressionThreshold = 0, Compressors = new List <ICompressor> { new GZipCompressor(CompressionLevel.NoCompression) } }))) { // Act RequestBuilder request = server.CreateRequest("/"); request.AddHeader(HeaderNames.AcceptEncoding, "gzip"); HttpResponseMessage response = await request.SendAsync("PUT"); // Assert response.EnsureSuccessStatusCode(); Stream stream = await response.Content.ReadAsStreamAsync(); string responseText; using (var decompression = new GZipStream(stream, CompressionMode.Decompress)) { using (var ms = new MemoryStream()) { await decompression.CopyToAsync(ms); responseText = Encoding.UTF8.GetString(ms.ToArray()); } } Assert.AreEqual(HttpStatusCode.OK, response.StatusCode, "StatusCode != OK"); Assert.AreEqual(Helpers.ResponseText, responseText, "Response Text not equal"); Assert.AreEqual(147, response.Content.Headers.ContentLength, $"Content-Length != 147"); Assert.AreEqual(true, response.Content.Headers.ContentEncoding.Any(), "Content-Encoding == null"); Assert.AreEqual("gzip", response.Content.Headers.ContentEncoding.ToString(), "Content-Encoding != gzip"); Assert.AreEqual(true, response.Headers.Vary.Contains(HeaderNames.AcceptEncoding), "Vary != Accept-Encoding"); } }
public async Task CodeBlockForwarderForNotOnWhitelistTest() { using var server = new TestServer( WebHostBuilderHelper.CreateCodeBuilder( new IPFilteringOptions { Whitelist = new List <string> { "192.168.0.10-192.168.10.20" } })); // Act RequestBuilder request = server.CreateRequest("/"); request.AddHeader("X-Forwarded-For", "192.168.0.9, 192.168.0.10, 192.168.0.11"); HttpResponseMessage response = await request.SendAsync("PUT"); // Assert Assert.AreEqual(HttpStatusCode.NotFound, response.StatusCode, "StatusCode != Not Found"); }
public async Task CodeBlockRealIPNotOnWhitelist3Test() { using var server = new TestServer( WebHostBuilderHelper.CreateCodeBuilder( new IPFilteringOptions { Whitelist = new List <string> { "fe80::/10" } })); // Act RequestBuilder request = server.CreateRequest("/"); request.AddHeader("X-Real-IP", "::1"); HttpResponseMessage response = await request.SendAsync("PUT"); // Assert Assert.AreEqual(HttpStatusCode.NotFound, response.StatusCode, "StatusCode != Not Found"); }
public async Task CodeAllowRealIPOnWhitelist3Test() { using var server = new TestServer( WebHostBuilderHelper.CreateCodeBuilder( new IPFilteringOptions { Whitelist = new List <string> { "fe80::/10" } })); // Act RequestBuilder request = server.CreateRequest("/"); request.AddHeader("X-Real-IP", "fe80::d503:4ee:3882:c586"); HttpResponseMessage response = await request.SendAsync("PUT"); // Assert response.EnsureSuccessStatusCode(); Assert.AreEqual(HttpStatusCode.OK, response.StatusCode, "StatusCode != OK"); }
public async Task CodeAllowForwardedForOnWhitelistTest() { using var server = new TestServer( WebHostBuilderHelper.CreateCodeBuilder( new IPFilteringOptions { Whitelist = new List <string> { "192.168.0.10-192.168.10.20" } })); // Act RequestBuilder request = server.CreateRequest("/"); request.AddHeader("X-Forwarded-For", "192.168.0.10, 192.168.0.9, 192.168.0.8"); HttpResponseMessage response = await request.SendAsync("PUT"); // Assert response.EnsureSuccessStatusCode(); Assert.AreEqual(HttpStatusCode.OK, response.StatusCode, "StatusCode != OK"); }
/// <summary> /// 2 /// </summary> /// <param name="props"></param> /// <param name="requestBuilder"></param> public static void FillRequestBuilderFromProperties(IBasicProperties props, RequestBuilder requestBuilder) { requestBuilder.And(it => { if (props.Headers["AMQP_CONTENTTYPE"] != null) { it.Content.Headers.ContentType = MediaTypeHeaderValue.Parse(props.Headers["AMQP_CONTENTTYPE"].UTF8GetString()); it.Content.Headers.ContentLength = (long)props.Headers["AMQP_CONTENTLENGTH"]; } }); foreach (var header in props.Headers) { if (!header.Key.StartsWith("AMQP_")) { requestBuilder.AddHeader(header.Key, header.Value.UTF8GetString()); } } }