Esempio n. 1
0
        public void Adds_SAuthc1_authorization_header()
        {
            IClientApiKey apiKey       = new DefaultClientApiKey("myAppId", "super-secret");
            var           uriQualifier = new UriQualifier("http://api.stormpath.com/v1");
            var           request      = new DefaultHttpRequest(HttpMethod.Get, new CanonicalUri(uriQualifier.EnsureFullyQualified("/accounts")));

            this.authenticator.AuthenticateCore(request, apiKey, this.fakeNow, this.fakeNonce);

            // Authorization: "SAuthc1 [signed hash]"
            var authenticationHeader = request.Headers.Authorization;

            authenticationHeader.Scheme.ShouldBe("SAuthc1");
            authenticationHeader.Parameter.ShouldNotBe(null);

            // Format "sauthc1Id=[id string], sauthc1SignedHeaders=[host;x-stormpath-date;...], sauthc1Signature=[signature in hex]"
            var parts                = authenticationHeader.Parameter.Split(' ');
            var sauthc1Id            = parts[0].TrimEnd(',').SplitToKeyValuePair('=');
            var sauthc1SignedHeaders = parts[1].TrimEnd(',').SplitToKeyValuePair('=');
            var sauthc1Signature     = parts[2].SplitToKeyValuePair('=');
            var dateString           = this.fakeNow.ToString("yyyyMMdd", CultureInfo.InvariantCulture);

            sauthc1Id.Key.ShouldBe("sauthc1Id");
            sauthc1Id.Value.ShouldBe($"{apiKey.GetId()}/{dateString}/{this.fakeNonce}/sauthc1_request");

            sauthc1SignedHeaders.Key.ShouldBe("sauthc1SignedHeaders");
            sauthc1SignedHeaders.Value.ShouldBe("host;x-stormpath-date");

            sauthc1Signature.Key.ShouldBe("sauthc1Signature");
            sauthc1Signature.Value.ShouldNotBe(null);
        }
Esempio n. 2
0
        public void Idempotent_on_already_fully_qualified_paths()
        {
            var qualifier = new UriQualifier(this.fakeBaseUrl);

            var alreadyQualified = qualifier.EnsureFullyQualified("http://api.foo.bar/foo/bar");

            alreadyQualified.ShouldBe("http://api.foo.bar/foo/bar");
        }
Esempio n. 3
0
        public void Relative_paths_with_leading_slash_are_fully_qualified()
        {
            var qualifier = new UriQualifier(this.fakeBaseUrl);

            var uri = qualifier.EnsureFullyQualified("/path/to/resource");

            uri.ShouldBe($"{this.fakeBaseUrl}/path/to/resource");
        }
Esempio n. 4
0
        public void Adds_Host_header_with_nondefault_port()
        {
            var apiKey       = new DefaultClientApiKey("foo", "bar");
            var uriQualifier = new UriQualifier("https://api.foo.bar:8088");
            var request      = new DefaultHttpRequest(HttpMethod.Get, new CanonicalUri(uriQualifier.EnsureFullyQualified("/baz")));

            this.authenticator.AuthenticateCore(request, apiKey, this.fakeNow, this.fakeNonce);

            // Host: [hostname]
            request.Headers.Host.ShouldBe("api.foo.bar:8088");
        }
Esempio n. 5
0
        public void Adds_XStormpathDate_header()
        {
            var apiKey       = new DefaultClientApiKey("foo", "bar");
            var uriQualifier = new UriQualifier("http://api.foo.bar");
            var request      = new DefaultHttpRequest(HttpMethod.Get, new CanonicalUri(uriQualifier.EnsureFullyQualified("/stuff")));

            this.authenticator.AuthenticateCore(request, apiKey, this.fakeNow, this.fakeNonce);

            // X-Stormpath-Date -> current time in UTC
            var stormpathDateHeader = Iso8601.Parse(request.Headers.GetFirst <string>("X-Stormpath-Date"));

            stormpathDateHeader.ShouldBe(this.fakeNow);
        }
Esempio n. 6
0
        internal DefaultDataStore(IClient client, IRequestExecutor requestExecutor, string baseUrl, IJsonSerializer serializer, ILogger logger, IUserAgentBuilder userAgentBuilder, ICacheProvider cacheProvider, TimeSpan identityMapExpiration)
        {
            if (client == null)
            {
                throw new ArgumentNullException(nameof(client));
            }

            if (requestExecutor == null)
            {
                throw new ArgumentNullException(nameof(requestExecutor));
            }

            if (string.IsNullOrEmpty(baseUrl))
            {
                throw new ArgumentNullException(nameof(baseUrl));
            }

            if (logger == null)
            {
                throw new ArgumentNullException(nameof(logger));
            }

            if (cacheProvider == null)
            {
                throw new ArgumentNullException(nameof(cacheProvider), "Use NullCacheProvider if you wish to turn off caching.");
            }

            this.baseUrl          = baseUrl;
            this.logger           = logger;
            this.requestExecutor  = requestExecutor;
            this.cacheProvider    = cacheProvider;
            this.cacheResolver    = new DefaultCacheResolver(cacheProvider, this.logger);
            this.userAgentBuilder = userAgentBuilder;

            this.client            = client;
            this.serializer        = new JsonSerializationProvider(serializer);
            this.identityMap       = new MemoryCacheIdentityMap <ResourceData>(identityMapExpiration, this.logger);
            this.resourceFactory   = new DefaultResourceFactory(this, this.identityMap);
            this.resourceConverter = new DefaultResourceConverter();

            this.uriQualifier = new UriQualifier(baseUrl);

            this.defaultAsyncFilters = this.BuildDefaultAsyncFilterChain();
            this.defaultSyncFilters  = this.BuildDefaultSyncFilterChain();
        }
Esempio n. 7
0
        public void Should_authenticate_request_with_multiple_query_params()
        {
            IClientApiKey apiKey       = new DefaultClientApiKey("MyId", "Shush!");
            var           uriQualifier = new UriQualifier("http://api.stormpath.com/v1");
            var           request      = new DefaultHttpRequest(HttpMethod.Get, new CanonicalUri(uriQualifier.EnsureFullyQualified("/applications/77JnfFiREjdfQH0SObMfjI/groups?q=group&limit=25&offset=25")));
            var           now          = new DateTimeOffset(2013, 7, 1, 0, 0, 0, TimeSpan.Zero);
            var           nonce        = "a43a9d25-ab06-421e-8605-33fd1e760825";

            this.authenticator.AuthenticateCore(request, apiKey, now, nonce);

            var sauthc1Id            = request.Headers.Authorization.Parameter.Split(' ')[0];
            var sauthc1SignedHeaders = request.Headers.Authorization.Parameter.Split(' ')[1];
            var sauthc1Signature     = request.Headers.Authorization.Parameter.Split(' ')[2];

            request.Headers.Authorization.Scheme.ShouldBe("SAuthc1");
            sauthc1Id.ShouldBe("sauthc1Id=MyId/20130701/a43a9d25-ab06-421e-8605-33fd1e760825/sauthc1_request,");
            sauthc1SignedHeaders.ShouldBe("sauthc1SignedHeaders=host;x-stormpath-date,");
            sauthc1Signature.ShouldBe("sauthc1Signature=e30a62c0d03ca6cb422e66039786865f3eb6269400941ede6226760553a832d3");
        }
Esempio n. 8
0
        public void Should_authenticate_request_with_query_params()
        {
            IClientApiKey apiKey       = new DefaultClientApiKey("MyId", "Shush!");
            var           uriQualifier = new UriQualifier("http://api.stormpath.com/v1");
            var           request      = new DefaultHttpRequest(HttpMethod.Get, new CanonicalUri(uriQualifier.EnsureFullyQualified("/directories?orderBy=name+asc")));
            var           now          = new DateTimeOffset(2013, 7, 1, 0, 0, 0, TimeSpan.Zero);
            var           nonce        = "a43a9d25-ab06-421e-8605-33fd1e760825";

            this.authenticator.AuthenticateCore(request, apiKey, now, nonce);

            var sauthc1Id            = request.Headers.Authorization.Parameter.Split(' ')[0];
            var sauthc1SignedHeaders = request.Headers.Authorization.Parameter.Split(' ')[1];
            var sauthc1Signature     = request.Headers.Authorization.Parameter.Split(' ')[2];

            request.Headers.Authorization.Scheme.ShouldBe("SAuthc1");
            sauthc1Id.ShouldBe("sauthc1Id=MyId/20130701/a43a9d25-ab06-421e-8605-33fd1e760825/sauthc1_request,");
            sauthc1SignedHeaders.ShouldBe("sauthc1SignedHeaders=host;x-stormpath-date,");
            sauthc1Signature.ShouldBe("sauthc1Signature=fc04c5187cc017bbdf9c0bb743a52a9487ccb91c0996267988ceae3f10314176");
        }
Esempio n. 9
0
        public void Should_authenticate_request_without_query_params()
        {
            IClientApiKey apiKey       = new DefaultClientApiKey("MyId", "Shush!");
            var           uriQualifier = new UriQualifier("http://api.stormpath.com/v1");
            var           request      = new DefaultHttpRequest(HttpMethod.Get, new CanonicalUri(uriQualifier.EnsureFullyQualified("/")));
            var           now          = new DateTimeOffset(2013, 7, 1, 0, 0, 0, TimeSpan.Zero);
            var           nonce        = "a43a9d25-ab06-421e-8605-33fd1e760825";

            this.authenticator.AuthenticateCore(request, apiKey, now, nonce);

            var sauthc1Id            = request.Headers.Authorization.Parameter.Split(' ')[0];
            var sauthc1SignedHeaders = request.Headers.Authorization.Parameter.Split(' ')[1];
            var sauthc1Signature     = request.Headers.Authorization.Parameter.Split(' ')[2];

            request.Headers.Authorization.Scheme.ShouldBe("SAuthc1");
            sauthc1Id.ShouldBe("sauthc1Id=MyId/20130701/a43a9d25-ab06-421e-8605-33fd1e760825/sauthc1_request,");
            sauthc1SignedHeaders.ShouldBe("sauthc1SignedHeaders=host;x-stormpath-date,");
            sauthc1Signature.ShouldBe("sauthc1Signature=990a95aabbcbeb53e48fb721f73b75bd3ae025a2e86ad359d08558e1bbb9411c");
        }
Esempio n. 10
0
        /// <summary>
        /// Initializes a new instance of the <see cref="CanonicalUri"/> class from a fully-qualified URI.
        /// </summary>
        /// <param name="href">The value for <see cref="ResourcePath"/>.</param>
        public CanonicalUri(string href)
        {
            if (string.IsNullOrEmpty(href))
            {
                throw new ArgumentNullException(nameof(href));
            }

            if (!UriQualifier.IsFullyQualified(href))
            {
                throw new ArgumentException("URI must be fully-qualified.", nameof(href));
            }

            Uri parsedUri = null;

            if (!Uri.TryCreate(href, UriKind.Absolute, out parsedUri))
            {
                throw new ArgumentException("URI is invalid.", nameof(href));
            }

            this.resourcePath = parsedUri.WithoutQueryAndFragment();
            var queryPart = GetQueryParametersFromHref(href) ?? string.Empty;

            this.query = new QueryString(queryPart);
        }
Esempio n. 11
0
 public BasicRequestAuthenticator_tests()
 {
     this.uriQualifier  = new UriQualifier(this.fakeBaseHref);
     this.authenticator = new BasicRequestAuthenticator();
     this.apiKey        = new DefaultClientApiKey(this.fakeApiKeyId, this.fakeApiKeySecret);
 }