public async Task ShouldReturnBadRequestWhenInvalidSAMLRequestInPOST() { var responseGenerator = new SignInResponseGenerator(new NullLogger <SignInResponseGenerator>(), _relyingPartyStore, _profileManager, _keyManager, _options ); var middleware = new Saml20Middleware( next: (innerHttpContext) => { return(Task.CompletedTask); }, _logger, _relyingPartyStore, responseGenerator, new SamlResponseSerializer(), _options ); var context = new DefaultHttpContext(); context.Request.Path = "/saml20/"; context.Request.Method = "POST"; context.Request.Form = new FormCollection(new Dictionary <string, StringValues>()); context.Response.Body = new MemoryStream(); await middleware.Invoke(context); Assert.Equal(400, context.Response.StatusCode); }
public async Task ShouldReturnMethodNotAllowed() { var responseGenerator = new SignInResponseGenerator(new NullLogger <SignInResponseGenerator>(), _relyingPartyStore, _profileManager, _keyManager, _options ); var middleware = new Saml20Middleware( next: (innerHttpContext) => { return(Task.CompletedTask); }, _logger, _relyingPartyStore, responseGenerator, new SamlResponseSerializer(), _options ); var context = new DefaultHttpContext(); context.Request.Path = "/saml20/"; context.Request.Method = "PUT"; context.Response.Body = new MemoryStream(); await middleware.Invoke(context); Assert.Equal(405, context.Response.StatusCode); }
public WsFedMiddleware(RequestDelegate next, ILogger <WsFedMiddleware> logger, IRelyingPartyStore relyingPartyStore, SignInResponseGenerator responseGenerator, WsTrustSerializer serializer, IOptions <FederationGatewayOptions> options) { if (next == null) { throw new ArgumentNullException(nameof(next)); } if (relyingPartyStore == null) { throw new ArgumentNullException(nameof(relyingPartyStore)); } if (responseGenerator == null) { throw new ArgumentNullException(nameof(responseGenerator)); } if (serializer == null) { throw new ArgumentNullException(nameof(serializer)); } if (options == null) { throw new ArgumentNullException(nameof(options)); } _next = next; _logger = logger; _relyingPartyStore = relyingPartyStore; _responseGenerator = responseGenerator; _serializer = serializer; _options = options.Value; }
public async Task ShouldGenerateToken() { var responseGenerator = new SignInResponseGenerator(_logger, _relyingPartyStore, _profileManager, _keyManager, _options ); var response = await responseGenerator.GenerateSignInResponse(new SignInRequest { Realm = "urn:test", User = new ClaimsPrincipal(new List <ClaimsIdentity> { new ClaimsIdentity(new List <Claim> { new Claim(ClaimTypes.NameIdentifier, "john foo") }, "federated") }), Parameters = new Dictionary <string, string>() { } }); Assert.NotNull(response.Token); }
public WsFederationController(SignInValidator validator, SignInResponseGenerator signInResponseGenerator, MetadataResponseGenerator metadataResponseGenerator, ITrackingCookieService cookies, WsFederationPluginOptions wsFedOptions) { _validator = validator; _signInResponseGenerator = signInResponseGenerator; _metadataResponseGenerator = metadataResponseGenerator; _cookies = cookies; _wsFedOptions = wsFedOptions; }
public WsFederationController(IdentityServerOptions options, IUserService users, SignInValidator validator, SignInResponseGenerator signInResponseGenerator, MetadataResponseGenerator metadataResponseGenerator, ITrackingCookieService cookies, WsFederationPluginOptions wsFedOptions) { _options = options; _validator = validator; _signInResponseGenerator = signInResponseGenerator; _metadataResponseGenerator = metadataResponseGenerator; _cookies = cookies; _wsFedOptions = wsFedOptions; }
public WsFederationController(CoreSettings settings, IUserService users, ILogger logger, SignInValidator validator, SignInResponseGenerator signInResponseGenerator, MetadataResponseGenerator metadataResponseGenerator, ICookieService cookies) { _settings = settings; _logger = logger; _validator = validator; _signInResponseGenerator = signInResponseGenerator; _metadataResponseGenerator = metadataResponseGenerator; _cookies = cookies; }
public WsFederationController(CoreSettings settings, IUserService users, SignInValidator validator, SignInResponseGenerator signInResponseGenerator, MetadataResponseGenerator metadataResponseGenerator, ITrackingCookieService cookies, InternalConfiguration internalConfig, WsFederationPluginOptions wsFedOptions) { _settings = settings; _internalConfig = internalConfig; _wsfedOptions = wsFedOptions; _validator = validator; _signInResponseGenerator = signInResponseGenerator; _metadataResponseGenerator = metadataResponseGenerator; _cookies = cookies; }
public async Task ShouldGenerateSAMLResponseFromPOST() { var responseGenerator = new SignInResponseGenerator(new NullLogger <SignInResponseGenerator>(), _relyingPartyStore, _profileManager, _keyManager, _options ); var middleware = new Saml20Middleware( next: (innerHttpContext) => { return(Task.CompletedTask); }, _logger, _relyingPartyStore, responseGenerator, new SamlResponseSerializer(), _options ); var context = new DefaultHttpContext(); var requestBody = new Dictionary <string, StringValues>(); requestBody.Add("SAMLRequest", new StringValues("PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4NCjxzYW1scDpBdXRoblJlcXVlc3QgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgSUQ9ImlnZmtsb2xsa2Jvb2psYmhpZWluaGtuZm1nY2xkbWlhcGZnY2draGMiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDIwLTA0LTA5VDEzOjU1OjMyWiIgUHJvdG9jb2xCaW5kaW5nPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YmluZGluZ3M6SFRUUC1QT1NUIiBQcm92aWRlck5hbWU9Imdvb2dsZS5jb20iIElzUGFzc2l2ZT0iZmFsc2UiIEFzc2VydGlvbkNvbnN1bWVyU2VydmljZVVSTD0iaHR0cHM6Ly9sb2NhbGhvc3QvdGVzdCI + PHNhbWw6SXNzdWVyIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPnVybjp0ZXN0PC9zYW1sOklzc3Vlcj48c2FtbHA6TmFtZUlEUG9saWN5IEFsbG93Q3JlYXRlPSJ0cnVlIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OnVuc3BlY2lmaWVkIiAvPjwvc2FtbHA6QXV0aG5SZXF1ZXN0Pg0K")); context.Request.Form = new FormCollection(requestBody); context.Request.ContentType = "application/x-www-form-urlencoded"; context.Request.Path = "/saml20/"; context.Request.Method = "POST"; context.Response.Body = new MemoryStream(); context.User = new ClaimsPrincipal(new List <ClaimsIdentity> { new ClaimsIdentity(new List <Claim> { new Claim(ClaimTypes.NameIdentifier, "john foo") }, "federated") }); await middleware.Invoke(context); var body = ((MemoryStream)context.Response.Body).ToArray(); Assert.Equal(200, context.Response.StatusCode); Assert.True(body.Length > 0); }
public async Task ShouldSerializeToken() { var responseGenerator = new SignInResponseGenerator(_logger, _relyingPartyStore, _profileManager, _keyManager, _options ); var response = await responseGenerator.GenerateSignInResponse(new SignInRequest { Realm = "urn:test", User = new ClaimsPrincipal(new List <ClaimsIdentity> { new ClaimsIdentity(new List <Claim> { new Claim(ClaimTypes.NameIdentifier, "john foo") }) }), Parameters = new Dictionary <string, string>() { } }); var sb = new StringBuilder(); var xmlWriter = XmlWriter.Create(new StringWriter(sb), new XmlWriterSettings { Encoding = Encoding.UTF8 }); var serializer = new WsTrustSerializer(); var wsTrust = new WsTrustRequestSecurityTokenResponse(); wsTrust.LifeTime = new WsTrustLifetime { Expires = DateTime.Now.AddHours(8), Created = DateTime.Now }; wsTrust.AppliesTo = new Uri("urn:test"); wsTrust.RequestedSecurityToken = (Saml2SecurityToken)response.Token; serializer.Serialize(xmlWriter, wsTrust); xmlWriter.Flush(); Assert.True(sb.ToString().Length > 0); }
public async Task ShouldGenerateSAMLResponseFromGet() { var responseGenerator = new SignInResponseGenerator(new NullLogger <SignInResponseGenerator>(), _relyingPartyStore, _profileManager, _keyManager, _options ); var middleware = new Saml20Middleware( next: (innerHttpContext) => { return(Task.CompletedTask); }, _logger, _relyingPartyStore, responseGenerator, new SamlResponseSerializer(), _options ); var context = new DefaultHttpContext(); context.Request.Path = "/saml20/"; context.Request.QueryString = new QueryString("?SAMLRequest=fZJPT8MwDMXvSHyHKPeu3QAJorVogBCT%2BFNthQO3LHXbsDQucTrg25N2IMEBri%2FPfj87np%2B%2Ft4btwJFGm%2FLpJOEMrMJS2zrlj8V1dMrPs8ODOcnWdGLR%2B8au4LUH8ixUWhLjQ8p7ZwVK0iSsbIGEV2K9uLsVs0kiOoceFRrOllcp13W1NWjMdoP4YjaNBm2bra3aWpmy1bKralVvG8XZ0zfWbMBaEvWwtOSl9UFKZkmUHEfJWTE9Eicn4mj2zFn%2BlXSh7X6C%2F7A2exOJm6LIo%2FxhXYwNdroEdx%2FcKa8RawMThe0Qn0sivQtyJQ0BZwsicD4AXqKlvgW3BrfTCh5XtylvvO9IxLFBJU2D5GMfdsazcZFinMX92OD%2FpPI7iWeDbeg0j380yr6%2BZ6BeXuVotPpgC2Pw7dKB9AHZuz4QX6Nrpf87azqZjoouo2q0it5SB0pXGkrO4myf%2BvsOwnV8Ag%3D%3D"); context.Request.Method = "GET"; context.Response.Body = new MemoryStream(); context.User = new ClaimsPrincipal(new List <ClaimsIdentity> { new ClaimsIdentity(new List <Claim> { new Claim(ClaimTypes.NameIdentifier, "john foo") }, "federated") }); await middleware.Invoke(context); var body = ((MemoryStream)context.Response.Body).ToArray(); Assert.Equal(200, context.Response.StatusCode); Assert.True(body.Length > 0); }
public async Task ShouldGenerateSAMLResponseFromIDPInitiated() { var responseGenerator = new SignInResponseGenerator(new NullLogger <SignInResponseGenerator>(), _relyingPartyStore, _profileManager, _keyManager, _options ); var middleware = new Saml20Middleware( next: (innerHttpContext) => { return(Task.CompletedTask); }, _logger, _relyingPartyStore, responseGenerator, new SamlResponseSerializer(), _options ); var context = new DefaultHttpContext(); context.Request.Path = "/saml20/idpinitiated"; context.Request.QueryString = new QueryString("?realm=urn:test"); context.Request.Method = "GET"; context.Response.Body = new MemoryStream(); context.User = new ClaimsPrincipal(new List <ClaimsIdentity> { new ClaimsIdentity(new List <Claim> { new Claim(ClaimTypes.NameIdentifier, "john foo") }, "federated") }); await middleware.Invoke(context); var body = ((MemoryStream)context.Response.Body).ToArray(); Assert.Equal(200, context.Response.StatusCode); Assert.True(body.Length > 0); }
public WsFederationController( SignInValidator validator, SignInResponseGenerator signInResponseGenerator, MetadataResponseGenerator metadataResponseGenerator, ITrackingCookieService cookies, WsFederationPluginOptions wsFedOptions, IRedirectUriValidator redirectUriValidator, SignOutValidator signOutValidator, Core.Services.OwinEnvironmentService environment) { _validator = validator; _signInResponseGenerator = signInResponseGenerator; _metadataResponseGenerator = metadataResponseGenerator; _cookies = cookies; _wsFedOptions = wsFedOptions; _redirectUriValidator = redirectUriValidator; _signOutValidator = signOutValidator; _events = environment.Environment.ResolveDependency <Core.Services.IEventService>() ?? new DefaultEventService(); }
public async Task ShouldRedirectIfUserNotAuthenticated() { var serviceProviderMock = new Mock <IServiceProvider>(); serviceProviderMock .Setup(_ => _.GetService(typeof(IAuthenticationService))) .Returns(new MyAuthenticationService()); var responseGenerator = new SignInResponseGenerator(new NullLogger <SignInResponseGenerator>(), _relyingPartyStore, _profileManager, _keyManager, _options ); var middleware = new Saml20Middleware( next: (innerHttpContext) => { return(Task.CompletedTask); }, _logger, _relyingPartyStore, responseGenerator, new SamlResponseSerializer(), _options ); var context = new DefaultHttpContext { RequestServices = serviceProviderMock.Object }; context.Request.Path = "/saml20/"; context.Request.QueryString = new QueryString("?SAMLRequest=fZJPT8MwDMXvSHyHKPeu3QAJorVogBCT%2BFNthQO3LHXbsDQucTrg25N2IMEBri%2FPfj87np%2B%2Ft4btwJFGm%2FLpJOEMrMJS2zrlj8V1dMrPs8ODOcnWdGLR%2B8au4LUH8ixUWhLjQ8p7ZwVK0iSsbIGEV2K9uLsVs0kiOoceFRrOllcp13W1NWjMdoP4YjaNBm2bra3aWpmy1bKralVvG8XZ0zfWbMBaEvWwtOSl9UFKZkmUHEfJWTE9Eicn4mj2zFn%2BlXSh7X6C%2F7A2exOJm6LIo%2FxhXYwNdroEdx%2FcKa8RawMThe0Qn0sivQtyJQ0BZwsicD4AXqKlvgW3BrfTCh5XtylvvO9IxLFBJU2D5GMfdsazcZFinMX92OD%2FpPI7iWeDbeg0j380yr6%2BZ6BeXuVotPpgC2Pw7dKB9AHZuz4QX6Nrpf87azqZjoouo2q0it5SB0pXGkrO4myf%2BvsOwnV8Ag%3D%3D"); context.Request.Method = "GET"; context.Response.Body = new MemoryStream(); await middleware.Invoke(context); Assert.Equal(301, context.Response.StatusCode); }
public async Task ShouldRedirectIfUserNotAuthenticated() { var serviceProviderMock = new Mock <IServiceProvider>(); serviceProviderMock .Setup(_ => _.GetService(typeof(IAuthenticationService))) .Returns(new MyAuthenticationService()); var responseGenerator = new SignInResponseGenerator(new NullLogger <SignInResponseGenerator>(), _relyingPartyStore, _profileManager, _keyManager, _options ); var middleware = new WsFedMiddleware( next: (innerHttpContext) => { return(Task.CompletedTask); }, _logger, _relyingPartyStore, responseGenerator, new Core.Messaging.WsTrust.WsTrustSerializer(), _options ); var context = new DefaultHttpContext { RequestServices = serviceProviderMock.Object }; context.Request.Path = "/wsfed/"; context.Request.QueryString = new QueryString("?wa=wsignin1.0&wtrealm=urn:test"); context.Request.Method = "GET"; context.Response.Body = new MemoryStream(); await middleware.Invoke(context); Assert.Equal(301, context.Response.StatusCode); }
/// <summary> /// Constructor /// </summary> /// <param name="validator">The validator class</param> /// <param name="signInResponseGenerator">The response generator</param> /// <param name="httpUtility">The utily class used for url encoding and url decoding</param> public SiteFinityController(SignInValidator validator, SignInResponseGenerator signInResponseGenerator, HttpUtility httpUtility) { _validator = validator; _signInResponseGenerator = signInResponseGenerator; _httpUtility = httpUtility; }