public async Task AspNetCoreWithLargeInteropCookieContainsIdentity() { var identity = new ClaimsIdentity("Cookies"); identity.AddClaim(new Claim(ClaimTypes.Name, new string('a', 1024 * 5))); var dataProtection = DataProtectionProvider.Create(new DirectoryInfo("..\\..\\artifacts")); var dataProtector = dataProtection.CreateProtector( "Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware", // full name of the ASP.NET Core type CookieAuthenticationDefaults.AuthenticationType, "v2"); var interopServer = TestServer.Create(app => { app.Properties["host.AppName"] = "Microsoft.Owin.Security.Tests"; app.UseCookieAuthentication(new Cookies.CookieAuthenticationOptions { TicketDataFormat = new AspNetTicketDataFormat(new DataProtectorShim(dataProtector)), CookieName = AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.CookiePrefix + AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.AuthenticationScheme, CookieManager = new ChunkingCookieManager(), }); app.Run(context => { context.Authentication.SignIn(identity); return(Task.FromResult(0)); }); }); var transaction = await SendAsync(interopServer, "http://example.com"); var builder = new WebHostBuilder() .Configure(app => { app.UseCookieAuthentication(new AspNetCore.Builder.CookieAuthenticationOptions { DataProtectionProvider = dataProtection }); app.Run(async context => { var result = await context.Authentication.AuthenticateAsync("Cookies"); await context.Response.WriteAsync(result.Identity.Name); }); }) .ConfigureServices(services => services.AddAuthentication()); var newServer = new AspNetCore.TestHost.TestServer(builder); var request = new HttpRequestMessage(HttpMethod.Get, "http://example.com/login"); foreach (var cookie in SetCookieHeaderValue.ParseList(transaction.SetCookie)) { request.Headers.Add("Cookie", cookie.Name + "=" + cookie.Value); } var response = await newServer.CreateClient().SendAsync(request); Assert.Equal(1024 * 5, (await response.Content.ReadAsStringAsync()).Length); }
public async Task AspNetCoreWithInteropCookieContainsIdentity() { var identity = new ClaimsIdentity("Cookies"); identity.AddClaim(new Claim(ClaimTypes.Name, "Alice")); var dataProtection = DataProtectionProvider.Create(new DirectoryInfo("..\\..\\artifacts")); var dataProtector = dataProtection.CreateProtector( "Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware", // full name of the ASP.NET Core type CookieAuthenticationDefaults.AuthenticationType, "v2"); var interopServer = TestServer.Create(app => { app.Properties["host.AppName"] = "Microsoft.Owin.Security.Tests"; app.UseCookieAuthentication(new Cookies.CookieAuthenticationOptions { TicketDataFormat = new AspNetTicketDataFormat(new DataProtectorShim(dataProtector)), CookieName = AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.CookiePrefix + AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.AuthenticationScheme, }); app.Run(context => { context.Authentication.SignIn(identity); return Task.FromResult(0); }); }); var transaction = await SendAsync(interopServer, "http://example.com"); var builder = new WebHostBuilder() .Configure(app => { app.UseCookieAuthentication(new AspNetCore.Builder.CookieAuthenticationOptions { DataProtectionProvider = dataProtection }); app.Run(async context => { var result = await context.Authentication.AuthenticateAsync("Cookies"); await context.Response.WriteAsync(result.Identity.Name); }); }) .ConfigureServices(services => services.AddAuthentication()); var newServer = new AspNetCore.TestHost.TestServer(builder); var request = new HttpRequestMessage(HttpMethod.Get, "http://example.com/login"); foreach (var cookie in SetCookieHeaderValue.ParseList(transaction.SetCookie)) { request.Headers.Add("Cookie", cookie.Name + "=" + cookie.Value); } var response = await newServer.CreateClient().SendAsync(request); Assert.Equal("Alice", await response.Content.ReadAsStringAsync()); }
private static async Task <string> SendAndGetCookie(AspNetCore.TestHost.TestServer server, string uri) { var request = new HttpRequestMessage(HttpMethod.Get, uri); var response = await server.CreateClient().SendAsync(request); if (response.Headers.Contains("Set-Cookie")) { return(response.Headers.GetValues("Set-Cookie").ToList().First()); } return(null); }
public async Task InteropWithLargeNewCookieContainsIdentity() { var user = new ClaimsPrincipal(); var identity = new ClaimsIdentity("scheme"); identity.AddClaim(new Claim(ClaimTypes.Name, new string('a', 1024 * 5))); user.AddIdentity(identity); var dataProtection = DataProtectionProvider.Create(new DirectoryInfo("..\\..\\artifacts")); var dataProtector = dataProtection.CreateProtector( "Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware", // full name of the ASP.NET Core type CookieAuthenticationDefaults.AuthenticationType, "v2"); var builder = new WebHostBuilder() .Configure(app => { app.UseCookieAuthentication(new AspNetCore.Builder.CookieAuthenticationOptions { DataProtectionProvider = dataProtection }); app.Run(context => context.Authentication.SignInAsync("Cookies", user)); }) .ConfigureServices(services => services.AddAuthentication()); var newServer = new AspNetCore.TestHost.TestServer(builder); var cookies = await SendAndGetCookies(newServer, "http://example.com/login"); var server = TestServer.Create(app => { app.Properties["host.AppName"] = "Microsoft.Owin.Security.Tests"; app.UseCookieAuthentication(new Cookies.CookieAuthenticationOptions { TicketDataFormat = new AspNetTicketDataFormat(new DataProtectorShim(dataProtector)), CookieName = AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.CookiePrefix + AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.AuthenticationScheme, CookieManager = new ChunkingCookieManager(), }); app.Run(async context => { var result = await context.Authentication.AuthenticateAsync("Cookies"); Describe(context.Response, result); }); }); var transaction2 = await SendAsync(server, "http://example.com/me/Cookies", cookies); Assert.Equal(1024 * 5, FindClaimValue(transaction2, ClaimTypes.Name).Length); }
private static async Task <IList <string> > SendAndGetCookies(AspNetCore.TestHost.TestServer server, string uri) { var request = new HttpRequestMessage(HttpMethod.Get, uri); var response = await server.CreateClient().SendAsync(request); if (response.Headers.Contains("Set-Cookie")) { IList <string> cookieHeaders = new List <string>(); foreach (var cookie in SetCookieHeaderValue.ParseList(response.Headers.GetValues("Set-Cookie").ToList())) { cookieHeaders.Add(cookie.Name + "=" + cookie.Value); } return(cookieHeaders); } return(null); }
public async Task InteropWithNewCookieContainsIdentity() { var user = new ClaimsPrincipal(); var identity = new ClaimsIdentity("scheme"); identity.AddClaim(new Claim(ClaimTypes.Name, "Alice")); user.AddIdentity(identity); var dataProtection = DataProtectionProvider.Create(new DirectoryInfo("..\\..\\artifacts")); var dataProtector = dataProtection.CreateProtector( "Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware", // full name of the ASP.NET Core type CookieAuthenticationDefaults.AuthenticationType, "v2"); var builder = new WebHostBuilder() .Configure(app => { app.UseCookieAuthentication(new AspNetCore.Builder.CookieAuthenticationOptions { DataProtectionProvider = dataProtection }); app.Run(context => context.Authentication.SignInAsync("Cookies", user)); }) .ConfigureServices(services => services.AddAuthentication()); var newServer = new AspNetCore.TestHost.TestServer(builder); var cookie = await SendAndGetCookie(newServer, "http://example.com/login"); var server = TestServer.Create(app => { app.Properties["host.AppName"] = "Microsoft.Owin.Security.Tests"; app.UseCookieAuthentication(new Owin.Security.Cookies.CookieAuthenticationOptions { TicketDataFormat = new AspNetTicketDataFormat(new DataProtectorShim(dataProtector)), CookieName = AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.CookiePrefix + AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.AuthenticationScheme, }); app.Run(async context => { var result = await context.Authentication.AuthenticateAsync("Cookies"); Describe(context.Response, result); }); }); var transaction2 = await SendAsync(server, "http://example.com/me/Cookies", cookie); Assert.Equal("Alice", FindClaimValue(transaction2, ClaimTypes.Name)); }