public void BadEggValidationInvalidRouteProvider()
{
ISettingsProvider settingsProvider = new pm.DefaultSettingProvider(Directory.GetCurrentDirectory());
TestHttpRequest httpRequest = new TestHttpRequest();
TestHttpResponse httpResponse = new TestHttpResponse();
IPluginClassesService pluginServices = new pm.PluginServices(_testPluginBadEgg) as IPluginClassesService;
IPluginHelperService pluginHelperServices = _testPluginBadEgg.GetRequiredService <IPluginHelperService>();
IPluginTypesService pluginTypesService = _testPluginBadEgg.GetRequiredService <IPluginTypesService>();
INotificationService notificationService = _testPluginBadEgg.GetRequiredService <INotificationService>();
IIpValidation iPValidation = new TestIPValidation();
TestHttpContext httpContext = new TestHttpContext(httpRequest, httpResponse);
httpRequest.SetContext(httpContext);
MockLoginProvider loginProvider = new MockLoginProvider();
MockClaimsProvider claimsProvider = new MockClaimsProvider(pluginServices);
TestAuthenticationService authenticationService = new TestAuthenticationService();
RequestDelegate requestDelegate = async(context) => { await Task.Delay(0); };
RouteDataServices routeDataServices = new RouteDataServices();
BadEggMiddleware badEgg = new BadEggMiddleware(requestDelegate, null,
routeDataServices, pluginHelperServices, pluginTypesService, iPValidation,
settingsProvider, notificationService);
}
public void BadEggValidationInvalidRequestDelegate()
{
ISettingsProvider settingsProvider = new pm.DefaultSettingProvider(Directory.GetCurrentDirectory());
TestHttpRequest httpRequest = new TestHttpRequest();
TestHttpResponse httpResponse = new TestHttpResponse();
IPluginClassesService pluginServices = new pm.PluginServices(_testPluginBadEgg) as IPluginClassesService;
IPluginHelperService pluginHelperServices = _testPluginBadEgg.GetRequiredService <IPluginHelperService>();
IPluginTypesService pluginTypesService = _testPluginBadEgg.GetRequiredService <IPluginTypesService>();
INotificationService notificationService = _testPluginBadEgg.GetRequiredService <INotificationService>();
IIpValidation iPValidation = new TestIPValidation();
TestHttpContext httpContext = new TestHttpContext(httpRequest, httpResponse);
httpRequest.SetContext(httpContext);
MockLoginProvider loginProvider = new MockLoginProvider();
MockClaimsProvider claimsProvider = new MockClaimsProvider(pluginServices);
TestAuthenticationService authenticationService = new TestAuthenticationService();
ActionDescriptorCollection actionDescriptorCollection = new ActionDescriptorCollection(new List <ActionDescriptor>(), 1);
TestActionDescriptorCollectionProvider testActionDescriptorCollectionProvider = new TestActionDescriptorCollectionProvider(actionDescriptorCollection);
RouteDataServices routeDataServices = new RouteDataServices();
BadEggMiddleware badEgg = new BadEggMiddleware(null, testActionDescriptorCollectionProvider,
routeDataServices, pluginHelperServices, pluginTypesService, iPValidation,
settingsProvider, notificationService);
}
public async Task UseAuthorization_HasRequiredSevices_RegistersMiddleware()
{
// Arrange
var authenticationService = new TestAuthenticationService();
var services = CreateServices(authenticationService);
var app = new ApplicationBuilder(services);
app.UseAuthorization();
var appFunc = app.Build();
var endpoint = new Endpoint(
null,
new EndpointMetadataCollection(new AuthorizeAttribute()),
"Test endpoint");
var httpContext = new DefaultHttpContext();
httpContext.RequestServices = services;
httpContext.SetEndpoint(endpoint);
// Act
await appFunc(httpContext);
// Assert
Assert.True(authenticationService.ChallengeCalled);
}
public async Task BadEggValidationSuccess()
{
ISettingsProvider settingsProvider = new pm.DefaultSettingProvider(Directory.GetCurrentDirectory());
TestHttpRequest httpRequest = new TestHttpRequest();
TestHttpResponse httpResponse = new TestHttpResponse();
IPluginClassesService pluginServices = new pm.PluginServices(_testPluginBadEgg) as IPluginClassesService;
IPluginHelperService pluginHelperServices = _testPluginBadEgg.GetRequiredService <IPluginHelperService>();
IPluginTypesService pluginTypesService = _testPluginBadEgg.GetRequiredService <IPluginTypesService>();
INotificationService notificationService = _testPluginBadEgg.GetRequiredService <INotificationService>();
IIpValidation iPValidation = new TestIPValidation();
TestHttpContext httpContext = new TestHttpContext(httpRequest, httpResponse);
httpRequest.SetContext(httpContext);
MockLoginProvider loginProvider = new MockLoginProvider();
MockClaimsProvider claimsProvider = new MockClaimsProvider(pluginServices);
TestAuthenticationService authenticationService = new TestAuthenticationService();
bool nextDelegateCalled = false;
RequestDelegate requestDelegate = async(context) => { nextDelegateCalled = true; await Task.Delay(0); };
ActionDescriptorCollection actionDescriptorCollection = new ActionDescriptorCollection(new List <ActionDescriptor>(), 1);
TestActionDescriptorCollectionProvider testActionDescriptorCollectionProvider = new TestActionDescriptorCollectionProvider(actionDescriptorCollection);
RouteDataServices routeDataServices = new RouteDataServices();
BadEggMiddleware badEgg = new BadEggMiddleware(requestDelegate, testActionDescriptorCollectionProvider,
routeDataServices, pluginHelperServices, pluginTypesService, iPValidation,
settingsProvider, notificationService);
await badEgg.Invoke(httpContext);
Assert.IsTrue(nextDelegateCalled);
}
public async Task LoginAutoLoginFromHeadersInvalidEncoding()
{
ISettingsProvider settingsProvider = new pm.DefaultSettingProvider(Directory.GetCurrentDirectory());
LoginControllerSettings loginControllerSettings = settingsProvider.GetSettings <LoginControllerSettings>(nameof(LoginPlugin));
TestHttpRequest httpRequest = new TestHttpRequest();
TestHttpResponse httpResponse = new TestHttpResponse();
IPluginClassesService pluginServices = new pm.PluginServices(_testPluginLogin) as IPluginClassesService;
TestHttpContext httpContext = new TestHttpContext(httpRequest, httpResponse);
httpRequest.SetContext(httpContext);
MockLoginProvider loginProvider = new MockLoginProvider();
MockClaimsProvider claimsProvider = new MockClaimsProvider(pluginServices);
TestAuthenticationService authenticationService = new TestAuthenticationService();
RequestDelegate requestDelegate = async(context) => { await Task.Delay(0); };
httpRequest.Headers.Add(SharedPluginFeatures.Constants.HeaderAuthorizationName, "Basic blahblahblah");
LoginMiddleware login = new LoginMiddleware(requestDelegate, loginProvider, settingsProvider,
claimsProvider);
await login.Invoke(httpContext, authenticationService);
Assert.AreEqual(400, httpContext.Response.StatusCode);
Assert.IsFalse(authenticationService.SignInAsyncCalled);
}
public async Task LoginAutoLoginFromHeadersInvalidUsernameAndPassword()
{
ISettingsProvider settingsProvider = new pm.DefaultSettingProvider(Directory.GetCurrentDirectory());
LoginControllerSettings loginControllerSettings = settingsProvider.GetSettings <LoginControllerSettings>(nameof(LoginPlugin));
TestHttpRequest httpRequest = new TestHttpRequest();
TestHttpResponse httpResponse = new TestHttpResponse();
IPluginClassesService pluginServices = new pm.PluginServices(_testPluginLogin) as IPluginClassesService;
TestHttpContext httpContext = new TestHttpContext(httpRequest, httpResponse);
httpRequest.SetContext(httpContext);
MockLoginProvider loginProvider = new MockLoginProvider();
MockClaimsProvider claimsProvider = new MockClaimsProvider(pluginServices);
TestAuthenticationService authenticationService = new TestAuthenticationService();
RequestDelegate requestDelegate = async(context) => { await Task.Delay(0); };
string encoded = Convert.ToBase64String(System.Text.Encoding.GetEncoding("ISO-8859-1").GetBytes("Miley:Cyrus"));
httpRequest.Headers.Add(SharedPluginFeatures.Constants.HeaderAuthorizationName, "Basic " + encoded);
LoginMiddleware login = new LoginMiddleware(requestDelegate, loginProvider, settingsProvider,
claimsProvider);
await login.Invoke(httpContext, authenticationService);
Assert.IsFalse(authenticationService.SignInAsyncCalled);
}
public async Task LoginFromCookieValueCookieValidLoginUserFound()
{
ISettingsProvider settingsProvider = new pm.DefaultSettingProvider(Directory.GetCurrentDirectory());
LoginControllerSettings loginControllerSettings = settingsProvider.GetSettings <LoginControllerSettings>(nameof(LoginPlugin));
TestRequestCookieCollection cookies = new TestRequestCookieCollection();
cookies.AddCookie("RememberMe", Shared.Utilities.Encrypt("123", loginControllerSettings.EncryptionKey));
TestHttpRequest httpRequest = new TestHttpRequest(cookies);
TestHttpResponse httpResponse = new TestHttpResponse();
IPluginClassesService pluginServices = new pm.PluginServices(_testPluginLogin) as IPluginClassesService;
TestHttpContext httpContext = new TestHttpContext(httpRequest, httpResponse);
httpRequest.SetContext(httpContext);
MockLoginProvider loginProvider = new MockLoginProvider();
MockClaimsProvider claimsProvider = new MockClaimsProvider(pluginServices);
TestAuthenticationService authenticationService = new TestAuthenticationService();
RequestDelegate requestDelegate = async(context) => { await Task.Delay(0); };
LoginMiddleware login = new LoginMiddleware(requestDelegate, loginProvider, settingsProvider,
claimsProvider);
await login.Invoke(httpContext, authenticationService);
TestResponseCookies responseCookies = httpResponse.Cookies as TestResponseCookies;
Assert.IsNotNull(responseCookies);
Assert.IsTrue(authenticationService.SignInAsyncCalled);
}
public async Task LoginNullContextValue()
{
IPluginClassesService pluginServices = new pm.PluginServices(_testPluginLogin) as IPluginClassesService;
MockLoginProvider loginProvider = new MockLoginProvider();
ISettingsProvider settingsProvider = new pm.DefaultSettingProvider(Directory.GetCurrentDirectory());
MockClaimsProvider claimsProvider = new MockClaimsProvider(pluginServices);
TestAuthenticationService authenticationService = new TestAuthenticationService();
RequestDelegate requestDelegate = async(context) => { await Task.Delay(0); };
LoginMiddleware login = new LoginMiddleware(requestDelegate, loginProvider, settingsProvider,
claimsProvider);
await login.Invoke(null, authenticationService);
}
public void UseAuthorization_MissingRequiredSevices_FriendlyErrorMessage()
{
// Arrange
var authenticationService = new TestAuthenticationService();
var app = new ApplicationBuilder(new ServiceCollection().BuildServiceProvider());
// Act
var ex = Assert.Throws <InvalidOperationException>(() =>
{
app.UseAuthorization();
});
// Assert
Assert.Equal(
"Unable to find the required services. Please add all the required services by calling " +
"'IServiceCollection.AddAuthorization' in the application startup code.",
ex.Message);
}
public async Task BadEggValidationIgnoreValidation()
{
ISettingsProvider settingsProvider = new pm.DefaultSettingProvider(Directory.GetCurrentDirectory());
BadEggSettings badEggSettings = settingsProvider.GetSettings <BadEggSettings>(SharedPluginFeatures.Constants.BadEggSettingsName);
TestHttpRequest httpRequest = new TestHttpRequest();
TestHttpResponse httpResponse = new TestHttpResponse();
IPluginClassesService pluginServices = new pm.PluginServices(_testPluginBadEgg) as IPluginClassesService;
IPluginHelperService pluginHelperServices = _testPluginBadEgg.GetRequiredService <IPluginHelperService>();
IPluginTypesService pluginTypesService = _testPluginBadEgg.GetRequiredService <IPluginTypesService>();
INotificationService notificationService = _testPluginBadEgg.GetRequiredService <INotificationService>();
IIpValidation iPValidation = new TestIPValidation();
IIpManagement ipManagement = _testPluginBadEgg.GetRequiredService <IIpManagement>();
TestHttpContext httpContext = new TestHttpContext(httpRequest, httpResponse);
httpRequest.SetContext(httpContext);
MockLoginProvider loginProvider = new MockLoginProvider();
MockClaimsProvider claimsProvider = new MockClaimsProvider(pluginServices);
TestAuthenticationService authenticationService = new TestAuthenticationService();
bool nextDelegateCalled = false;
RequestDelegate requestDelegate = async(context) => { nextDelegateCalled = true; await Task.Delay(0); };
ActionDescriptorCollection actionDescriptorCollection = new ActionDescriptorCollection(new List <ActionDescriptor>(), 1);
TestActionDescriptorCollectionProvider testActionDescriptorCollectionProvider = new TestActionDescriptorCollectionProvider(actionDescriptorCollection);
RouteDataServices routeDataServices = new RouteDataServices();
httpRequest.Headers.Add(SharedPluginFeatures.Constants.BadEggValidationIgnoreHeaderName,
badEggSettings.IgnoreValidationHeaderCode);
BadEggMiddleware badEgg = new BadEggMiddleware(requestDelegate, testActionDescriptorCollectionProvider,
routeDataServices, pluginHelperServices, pluginTypesService, iPValidation,
settingsProvider, notificationService);
await badEgg.Invoke(httpContext);
Assert.IsTrue(httpContext.Response.Headers.ContainsKey(Constants.BadEggValidationIgnoreHeaderName));
Assert.AreEqual(httpContext.Response.Headers[Constants.BadEggValidationIgnoreHeaderName], Boolean.TrueString);
Assert.IsTrue(nextDelegateCalled);
Assert.AreEqual(200, httpContext.Response.StatusCode);
}
public async Task Invoke_RequireUnknownRole_ForbidPerScheme()
{
// Arrange
var policy = new AuthorizationPolicyBuilder().RequireRole("Wut").AddAuthenticationSchemes("Basic", "Bearer").Build();
var policyProvider = new Mock <IAuthorizationPolicyProvider>();
policyProvider.Setup(p => p.GetDefaultPolicyAsync()).ReturnsAsync(policy);
var next = new TestRequestDelegate();
var authenticationService = new TestAuthenticationService();
var middleware = CreateMiddleware(next.Invoke, policyProvider.Object);
var context = GetHttpContext(endpoint: CreateEndpoint(new AuthorizeAttribute()), authenticationService: authenticationService);
// Act
await middleware.Invoke(context);
// Assert
Assert.False(next.Called);
Assert.Equal(2, authenticationService.ForbidCount);
}
public async Task HasEndpointWithAuth_AuthenticatedUser_Allows()
{
// Arrange
var policy = new AuthorizationPolicyBuilder().RequireAuthenticatedUser().Build();
var policyProvider = new Mock <IAuthorizationPolicyProvider>();
policyProvider.Setup(p => p.GetDefaultPolicyAsync()).ReturnsAsync(policy);
var next = new TestRequestDelegate();
var authenticationService = new TestAuthenticationService();
var middleware = CreateMiddleware(next.Invoke, policyProvider.Object);
var context = GetHttpContext(endpoint: CreateEndpoint(new AuthorizeAttribute()), authenticationService: authenticationService);
// Act
await middleware.Invoke(context);
// Assert
Assert.True(next.Called);
Assert.False(authenticationService.ChallengeCalled);
}
public async Task HasEndpointWithAuth_AnonymousUser_ChallengePerScheme()
{
// Arrange
var policy = new AuthorizationPolicyBuilder().RequireAuthenticatedUser().AddAuthenticationSchemes("schema1", "schema2").Build();
var policyProvider = new Mock <IAuthorizationPolicyProvider>();
policyProvider.Setup(p => p.GetDefaultPolicyAsync()).ReturnsAsync(policy);
var next = new TestRequestDelegate();
var authenticationService = new TestAuthenticationService();
var middleware = CreateMiddleware(next.Invoke, policyProvider.Object);
var context = GetHttpContext(anonymous: true, endpoint: CreateEndpoint(new AuthorizeAttribute()), authenticationService: authenticationService);
// Act
await middleware.Invoke(context);
// Assert
Assert.False(next.Called);
Assert.Equal(2, authenticationService.ChallengeCount);
}
public async Task Invoke_AuthSchemesFailShouldSetEmptyPrincipalOnContext()
{
// Arrange
var policy = new AuthorizationPolicyBuilder("Fails").RequireAuthenticatedUser().Build();
var policyProvider = new Mock <IAuthorizationPolicyProvider>();
policyProvider.Setup(p => p.GetDefaultPolicyAsync()).ReturnsAsync(policy);
var next = new TestRequestDelegate();
var authenticationService = new TestAuthenticationService();
var middleware = CreateMiddleware(next.Invoke, policyProvider.Object);
var context = GetHttpContext(endpoint: CreateEndpoint(new AuthorizeAttribute()), authenticationService: authenticationService);
// Act
await middleware.Invoke(context);
// Assert
Assert.False(next.Called);
Assert.NotNull(context.User?.Identity);
Assert.True(authenticationService.AuthenticateCalled);
Assert.True(authenticationService.ChallengeCalled);
}
public async Task IAuthenticateResultFeature_NotSetOnUnsuccessfulAuthorize()
{
// Arrange
var policy = new AuthorizationPolicyBuilder().RequireRole("Wut").AddAuthenticationSchemes("NotImplemented").Build();
var policyProvider = new Mock <IAuthorizationPolicyProvider>();
policyProvider.Setup(p => p.GetDefaultPolicyAsync()).ReturnsAsync(policy);
var next = new TestRequestDelegate();
var authenticationService = new TestAuthenticationService();
var middleware = CreateMiddleware(next.Invoke, policyProvider.Object);
var context = GetHttpContext(endpoint: CreateEndpoint(new AuthorizeAttribute(), new AllowAnonymousAttribute()), authenticationService: authenticationService);
// Act
await middleware.Invoke(context);
// Assert
Assert.True(next.Called);
var authenticateResultFeature = context.Features.Get <IAuthenticateResultFeature>();
Assert.Null(authenticateResultFeature);
Assert.True(authenticationService.AuthenticateCalled);
}
public async Task Invoke_InvalidClaimShouldForbid()
{
// Arrange
var policy = new AuthorizationPolicyBuilder()
.RequireClaim("Permission", "CanViewComment")
.Build();
var policyProvider = new Mock <IAuthorizationPolicyProvider>();
policyProvider.Setup(p => p.GetDefaultPolicyAsync()).ReturnsAsync(policy);
var next = new TestRequestDelegate();
var authenticationService = new TestAuthenticationService();
var middleware = CreateMiddleware(next.Invoke, policyProvider.Object);
var context = GetHttpContext(endpoint: CreateEndpoint(new AuthorizeAttribute()), authenticationService: authenticationService);
// Act
await middleware.Invoke(context);
// Assert
Assert.False(next.Called);
Assert.False(authenticationService.ChallengeCalled);
Assert.True(authenticationService.ForbidCalled);
}
public async Task LoginFromCookieValueCookieValueNotEncrypted()
{
TestRequestCookieCollection cookies = new TestRequestCookieCollection();
cookies.AddCookie("RememberMe", "1");
TestHttpRequest httpRequest = new TestHttpRequest(cookies);
TestHttpResponse httpResponse = new TestHttpResponse();
IPluginClassesService pluginServices = new pm.PluginServices(_testPluginLogin) as IPluginClassesService;
TestHttpContext httpContext = new TestHttpContext(httpRequest, httpResponse);
MockLoginProvider loginProvider = new MockLoginProvider();
ISettingsProvider settingsProvider = new pm.DefaultSettingProvider(Directory.GetCurrentDirectory());
MockClaimsProvider claimsProvider = new MockClaimsProvider(pluginServices);
TestAuthenticationService authenticationService = new TestAuthenticationService();
RequestDelegate requestDelegate = async(context) => { await Task.Delay(0); };
LoginMiddleware login = new LoginMiddleware(requestDelegate, loginProvider, settingsProvider,
claimsProvider);
await login.Invoke(httpContext, authenticationService);
}
