public async Task WhenSignatureVerificationSucceeds_InvokesConfiguredCallback()
            {
                _request.Headers["Authorization"] = "TestScheme abc123";

                var principal     = new ClaimsPrincipal(new ClaimsIdentity(new[] { new Claim("name", "john.doe") }));
                var successResult = new RequestSignatureVerificationResultSuccess(
                    new Client("c1", "test", SignatureAlgorithm.CreateForVerification("s3cr3t"), TimeSpan.FromMinutes(1), TimeSpan.FromMinutes(1)),
                    new Signature(),
                    principal);

                A.CallTo(() => _options.RequestSignatureVerifier.VerifySignature(
                             A <IOwinRequest> .That.Matches(ConvertedRequest),
                             A <SignedHttpRequestAuthenticationOptions> ._))
                .Returns(successResult);

                RequestSignatureVerificationResult resultFromCallback = null;

                _options.OnIdentityVerified = (request, success) => {
                    resultFromCallback = success;
                    return(Task.CompletedTask);
                };

                await _method();

                resultFromCallback.Should().Be(successResult);
            }
            public async Task WhenSignatureVerificationSucceeds_ReturnsAuthenticationTicket()
            {
                _request.Headers["Authorization"] = "TestScheme abc123";

                var principal     = new ClaimsPrincipal(new ClaimsIdentity(new[] { new Claim("name", "john.doe") }));
                var successResult = new RequestSignatureVerificationResultSuccess(
                    new Client(
                        "c1",
                        "test",
                        SignatureAlgorithm.CreateForVerification("s3cr3t"),
                        TimeSpan.FromMinutes(1),
                        TimeSpan.FromMinutes(1),
                        RequestTargetEscaping.RFC3986),
                    new HttpRequestForVerification(),
                    principal);

                A.CallTo(() => _options.RequestSignatureVerifier.VerifySignature(
                             A <IOwinRequest> .That.Matches(ConvertedRequest),
                             A <SignedHttpRequestAuthenticationOptions> ._))
                .Returns(successResult);

                var actual = await _method();

                actual.Should().BeEquivalentTo(new AuthenticationTicket(principal.Identity as ClaimsIdentity, new AuthenticationProperties()));
            }
Esempio n. 3
0
            public async Task WhenVerificationSucceeds_InvokesConfiguredCallback()
            {
                _httpRequest.Headers["Authorization"] = "tests-scheme abc123";

                var principal     = new ClaimsPrincipal(new ClaimsIdentity(new[] { new Claim("name", "john.doe") }));
                var successResult = new RequestSignatureVerificationResultSuccess(
                    new Client(
                        "app1",
                        "Unit test app",
                        new CustomSignatureAlgorithm("test"),
                        TimeSpan.FromMinutes(1),
                        TimeSpan.FromMinutes(1),
                        RequestTargetEscaping.RFC3986),
                    new HttpRequestForVerification(),
                    principal);

                A.CallTo(() => _requestSignatureVerifier.VerifySignature(_httpRequest, _options))
                .Returns(successResult);

                RequestSignatureVerificationResult resultFromCallback = null;

                _options.OnIdentityVerified = (request, success) => {
                    resultFromCallback = success;
                    return(Task.CompletedTask);
                };

                await _sut.DoAuthenticate();

                resultFromCallback.Should().Be(successResult);
            }
 public VerifySignature()
 {
     _httpRequest            = new DefaultHttpContext().Request;
     _httpRequest.Method     = "POST";
     _httpRequest.Scheme     = "https";
     _httpRequest.Host       = new HostString("unittest.com", 9000);
     _options                = new SignedRequestAuthenticationOptions();
     _requestForVerification = new HttpRequestForVerification {
         Method     = HttpMethod.Post,
         RequestUri = "https://unittest.com:9000".ToUri(),
         Signature  = (Signature)TestModels.Signature.Clone()
     };
     _verificationSuccessResult = new RequestSignatureVerificationResultSuccess(
         new Client(
             _requestForVerification.Signature.KeyId,
             "Unit test app",
             new HMACSignatureAlgorithm("s3cr3t", HashAlgorithmName.SHA256),
             TimeSpan.FromMinutes(1),
             TimeSpan.FromMinutes(1),
             RequestTargetEscaping.RFC3986),
         _requestForVerification,
         new ClaimsPrincipal(new ClaimsIdentity(new[] { new Claim("name", "john.doe") })));
 }