public void AuthorizeWithOAuth()
{
var logger = Substitute.For <ILog>();
var testHandler = new TestHandler((request, cancelation) =>
{
Assert.AreEqual("Bearer",
request.Headers.Authorization.Scheme);
Assert.AreEqual("ABC", request.Headers.Authorization.Parameter);
return(Task.FromResult(new HttpResponseMessage(HttpStatusCode.OK)));
});
var credentials = new Credentials("ABC");
var handler = new AuthorizationHandler(credentials, logger)
{
InnerHandler = testHandler
};
var client = new HttpClient(handler);
// ReSharper disable once MethodSupportsCancellation
var response = client.GetAsync("http://lodididki");
Assert.AreEqual(HttpStatusCode.OK, response.Result.StatusCode);
}
//[Ignore("This test opens a browser window")]
public void CheckIfTokenCanBeRetrievedFromBrowserLoginPage()
{
var loginWindowFactoryMock = new Mock <ILoginWindowFactory>();
var apiBaseUrl = "https://localhost:44318/";
var webAppBaseUrl = "https://localhost:44376/";
//var apiBaseUrl = "http://guts-api.appspot.com/";
//var webAppBaseUrl = "http://guts-web.appspot.com/";
loginWindowFactoryMock.Setup(factory => factory.Create()).Returns(
() =>
{
var httpHandler = new HttpClientToHttpHandlerAdapter(apiBaseUrl);
return(new LoginWindow(httpHandler, webAppBaseUrl));
});
var authorizationHandler = new AuthorizationHandler(loginWindowFactoryMock.Object);
var retrieveTokenTask = authorizationHandler.RetrieveRemoteAccessTokenAsync();
var retrievedToken = retrieveTokenTask.Result;
Assert.That(retrievedToken, Is.Not.Empty);
}
public void AuthorizeWithBasicAuthentication()
{
var logger = Substitute.For <ILog>();
var testHandler = new TestHandler((request, cancelation) =>
{
Assert.AreEqual("Basic",
request.Headers.Authorization.Scheme);
var authDetailsBytes = Convert.FromBase64String(request.Headers.Authorization.Parameter);
var authDetails = Encoding.GetEncoding("iso-8859-1").GetString(authDetailsBytes);
var authArray = authDetails.Split(':');
Assert.AreEqual("testToken", authArray[0]);
Assert.AreEqual("testSecret", authArray[1]);
return(Task.FromResult(new HttpResponseMessage(HttpStatusCode.OK)));
});
var credentials = new Credentials("testToken", "testSecret");
var handler = new AuthorizationHandler(credentials, logger)
{
InnerHandler = testHandler
};
var client = new HttpClient(handler);
// ReSharper disable once MethodSupportsCancellation
var response = client.GetAsync("http://lodididki");
Assert.AreEqual(HttpStatusCode.OK, response.Result.StatusCode);
}
private bool AreValidCrendentials(Tuple <string, string> credentials)
{
var username = credentials.Item1;
var password = credentials.Item2;
return(AuthorizationHandler.AreValidCredentials(username, password));
}
// PUT api/values/5
public IHttpActionResult Put(int id, [FromBody] Board board)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var b = _context.Boards.FirstOrDefault(i => i.Id == id);
if (b == null)
{
return(NotFound());
}
if (!AuthorizationHandler.PasswordMatched(b.Password, Request))
{
return(Unauthorized());
}
b.Title = board.Title;
if (board.Password != null && board.Password.Trim().Length > 0)
{
b.Password = board.Password.Trim();
}
_context.SaveChanges();
b.PasswordConvert();
return(Ok(b));
}
// PUT api/values/5
public IHttpActionResult Put(int id, [FromBody] Card card)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var c = _context.Cards.FirstOrDefault(i => i.Id == id);
if (c == null)
{
return(NotFound());
}
var board = _context.Boards.Find(_context.CardCollections.Find(card.CardCollectionId).BoardId);
if (board == null)
{
return(NotFound());
}
if (!AuthorizationHandler.PasswordMatched(board.Password, Request))
{
return(Unauthorized());
}
c.Title = card.Title;
c.ImgData = card.ImgData;
c.Description = card.Description;
c.CardCollectionId = card.CardCollectionId;
_context.SaveChanges();
return(Ok(card));
}
private async Task <HttpResponseMessage> SendAsync(HttpMethod method, Func <Urls, string> relativePathSelector, string mediaType, bool cache, HttpContent content = null, bool authorize = false)
{
var client = await GetHttpClient();
var urls = await GetUrls();
var url = relativePathSelector(urls);
using (var message = new HttpRequestMessage(method, url))
{
message.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue(mediaType));
if (authorize)
{
AuthorizationHandler.SetDoAuthrozation(message);
}
if (content != null)
{
message.Content = content;
}
message.Headers.CacheControl = new CacheControlHeaderValue
{
NoCache = !cache
};
return(await client.SendAsync(message));
}
}
protected MonitoredTestFixtureBaseAttribute(string courseCode)
{
_courseCode = courseCode;
//var executingFolder = new DirectoryInfo(AppContext.BaseDirectory);
//var projectFolder = executingFolder.Parent?.Parent?.Parent;
//Assert.That(projectFolder, Is.Not.Null, () => "Technical error: could not find the path of the project.");
//.SetBasePath(projectFolder.FullName)
var gutsConfig = new ConfigurationBuilder().AddJsonFile("gutssettings.json", optional: false).Build();
var gutsSection = gutsConfig.GetSection("Guts");
string apiBaseUrl = gutsSection.GetValue("apiBaseUrl", string.Empty);
if (string.IsNullOrEmpty(apiBaseUrl))
{
throw new Exception("Could not find 'apiBaseUrl' setting in 'gutssettings.json'.");
}
string webAppBaseUrl = gutsSection.GetValue("webAppBaseUrl", string.Empty);
if (string.IsNullOrEmpty(webAppBaseUrl))
{
throw new Exception("Could not find 'webAppBaseUrl' setting in 'gutssettings.json'.");
}
var httpHandler = new HttpClientToHttpHandlerAdapter(apiBaseUrl);
var authorizationHandler = new AuthorizationHandler(new LoginWindowFactory(httpHandler, webAppBaseUrl));
_resultSender = new TestRunResultSender(httpHandler, authorizationHandler);
}
public void VerifyTheExistanceOfAuthenticationAndVersioning()
{
const string versionHeader = "api-version-header";
const string versionHeaderValue = "3.2";
var testHandler = new TestHandler((request, cancelation) =>
{
var requestVersionHeader = request.Headers.FirstOrDefault(h => h.Key == versionHeader);
Assert.IsNotNull(requestVersionHeader);
Assert.IsNotNullOrEmpty(requestVersionHeader.Value.FirstOrDefault());
Assert.AreEqual(versionHeaderValue, requestVersionHeader.Value.FirstOrDefault());
Assert.AreEqual("Bearer",
request.Headers.Authorization.Scheme);
Assert.AreEqual("ABC", request.Headers.Authorization.Parameter);
return(Task.FromResult(new HttpResponseMessage(HttpStatusCode.OK)));
});
var logger = Substitute.For <ILog>();
var credentials = new Credentials("ABC");
var versionHandler = new VersioningHandler(versionHeader, versionHeaderValue);
var authorizationHandlerhandler = new AuthorizationHandler(credentials, logger);
var clientWrapper = new HttpClientWrapper(versionHandler, authorizationHandlerhandler, testHandler);
var client = clientWrapper.HttpClient;
// ReSharper disable once MethodSupportsCancellation
var response = client.GetAsync("http://lodididki");
Assert.AreEqual(HttpStatusCode.OK, response.Result.StatusCode);
}
public void TestThatAuthorizeThrowsSecurityExceptionWhenServiceTypeHasRequiredClaimTypeAttributesAndClaimSetsDoesNotHaveRequiredClaimTypes()
{
var fixture = new Fixture();
var claimSetStub = MockRepository.GenerateStub <ClaimSet>();
claimSetStub.Stub(m => m.FindClaims(Arg <string> .Is.Equal(FoodWasteClaimTypes.SystemManagement), Arg <string> .Is.Anything))
.Return(new List <Claim>(0))
.Repeat.Any();
claimSetStub.Stub(m => m.FindClaims(Arg <string> .Is.Equal(FoodWasteClaimTypes.HouseHoldManagement), Arg <string> .Is.Anything))
.Return(new List <Claim>(0))
.Repeat.Any();
claimSetStub.Stub(m => m.FindClaims(Arg <string> .Is.Equal(FoodWasteClaimTypes.ValidatedUser), Arg <string> .Is.Anything))
.Return(new List <Claim> {
new Claim(FoodWasteClaimTypes.ValidatedUser, fixture.Create <object>(), Rights.PossessProperty)
})
.Repeat.Any();
var authorizationHandler = new AuthorizationHandler();
Assert.That(authorizationHandler, Is.Not.Null);
var exception = Assert.Throws <SecurityException>(() => authorizationHandler.Authorize(new List <ClaimSet> {
claimSetStub
}, typeof(MySecuredService)));
Assert.That(exception, Is.Not.Null);
Assert.That(exception.Message, Is.Not.Null);
Assert.That(exception.Message, Is.Not.Empty);
Assert.That(exception.Message, Is.EqualTo(Resource.GetExceptionMessage(ExceptionMessage.MissingClaimTypeForIdentity)));
Assert.That(exception.InnerException, Is.Null);
}
public void TestThatAuthorizeReturnWhenServiceTypeHasRequiredClaimTypeAttributesAndClaimSetsHasRequiredClaimTypes()
{
var fixture = new Fixture();
var claimSetStub = MockRepository.GenerateStub <ClaimSet>();
claimSetStub.Stub(m => m.FindClaims(Arg <string> .Is.Equal(FoodWasteClaimTypes.SystemManagement), Arg <string> .Is.Anything))
.Return(new List <Claim> {
new Claim(FoodWasteClaimTypes.SystemManagement, fixture.Create <object>(), Rights.PossessProperty)
})
.Repeat.Any();
claimSetStub.Stub(m => m.FindClaims(Arg <string> .Is.Equal(FoodWasteClaimTypes.HouseHoldManagement), Arg <string> .Is.Anything))
.Return(new List <Claim> {
new Claim(FoodWasteClaimTypes.HouseHoldManagement, fixture.Create <object>(), Rights.PossessProperty)
})
.Repeat.Any();
claimSetStub.Stub(m => m.FindClaims(Arg <string> .Is.Equal(FoodWasteClaimTypes.ValidatedUser), Arg <string> .Is.Anything))
.Return(new List <Claim> {
new Claim(FoodWasteClaimTypes.ValidatedUser, fixture.Create <object>(), Rights.PossessProperty)
})
.Repeat.Any();
var authorizationHandler = new AuthorizationHandler();
Assert.That(authorizationHandler, Is.Not.Null);
authorizationHandler.Authorize(new List <ClaimSet> {
claimSetStub
}, typeof(MySecuredService));
claimSetStub.AssertWasCalled(m => m.FindClaims(Arg <string> .Is.Equal(FoodWasteClaimTypes.SystemManagement), Arg <string> .Is.Equal(Rights.PossessProperty)));
claimSetStub.AssertWasCalled(m => m.FindClaims(Arg <string> .Is.Equal(FoodWasteClaimTypes.HouseHoldManagement), Arg <string> .Is.Equal(Rights.PossessProperty)));
claimSetStub.AssertWasCalled(m => m.FindClaims(Arg <string> .Is.Equal(FoodWasteClaimTypes.ValidatedUser), Arg <string> .Is.Equal(Rights.PossessProperty)));
}
public DelegatingAuthorizationHandler(
AuthorizationHandler <TDelegateRequirement, TDelegateEntity> delegateHandler,
Func <TEntity, TDelegateEntity> delegateResourceFn)
{
_delegateHandler = delegateHandler;
_delegateResourceFn = delegateResourceFn;
}
private async Task <AuthorizationToken> GetAuthorizationTokenAsync()
{
var secret = await secretsService
.GetSecretAsync(nameof(AuthenticationService))
.ConfigureAwait(false);
if (string.IsNullOrEmpty(secret))
{
return(null);
}
var token = JsonConvert.DeserializeObject <AuthorizationToken>(secret);
if (token.AccessTokenExpires.GetValueOrDefault(DateTime.UtcNow).AddMinutes(-1) < DateTime.UtcNow)
{
token = await AuthorizationHandler
.RefreshAsync(token)
.ConfigureAwait(false);
await((IAuthenticationSetup)this)
.SetupAsync(token)
.ConfigureAwait(false);
}
return(token);
}
public void CheckIfLoginWindowOpens()
{
var httpHandlerMock = new Mock <IHttpHandler>();
var loginWindowFactory = new LoginWindowFactory(httpHandlerMock.Object);
var authorizationHandler = new AuthorizationHandler(loginWindowFactory);
var token = authorizationHandler.RetrieveRemoteAccessTokenAsync().Result;
}
public void SetupOnce()
{
var logger = Substitute.For <ILog>();
var credentials = new Credentials("ABC");
_versionHandler = new VersioningHandler(API_VERSION);
_authorizationHandlerhandler = new AuthorizationHandler(credentials, logger);
}
public void TestThatAuthorizeReturnWhenServiceTypeDoesNotHaveAnyRequiredClaimTypeAttributes()
{
var authorizationHandler = new AuthorizationHandler();
Assert.That(authorizationHandler, Is.Not.Null);
authorizationHandler.Authorize(new List <ClaimSet>(0), typeof(MyUnsecuredService));
}
public void TestCheckUrlHasNoPermission3()
{
var stub = CreateStub();
var authorizationHandler = new AuthorizationHandler(stub);
var result = authorizationHandler.CheckUrl("1", "/api/TEST/abc?c=2", null, null);
Assert.IsFalse(result);
}
public void TestCheckUrlHasPermission2()
{
var stub = CreateStub();
var authorizationHandler = new AuthorizationHandler(stub);
var result = authorizationHandler.CheckUrl("1", "/api/Tns/abc?a=23", null, null);
Assert.IsTrue(result);
}
public void TestCheckFunctionHasNoPermission()
{
var stub = CreateStub();
var authorizationHandler = new AuthorizationHandler(stub);
var result = authorizationHandler.CheckFunction("1", "CustomerPermission");
Assert.IsFalse(result);
}
public static AbstractAccessHandler SetUpChain()
{
var authentication = new AuthenticationHandler();
var authorization = new AuthorizationHandler();
authentication.SetNext(authorization);
return(authentication);
}
public async Task <ActionResult <Player> > Post()
{
var player = await AuthorizationHandler.CheckAuthorization(HttpContext);
if (player == null)
{
return(Unauthorized());
}
return(player);
}
/*! @brief requests authorization to read the supplied data types, with a completion handler. */
public void Authorize(HealthKitDataTypes types, AuthorizationHandler handler)
{
#if UNITY_IOS && !UNITY_EDITOR
if (handler != null)
{
this.authorizationHandler += handler;
}
Debug.Log("--- authorizing ---");
_Authorize(types.Transmit());
#endif
}
public IActionResult Delete(int id)
{
if (!AuthorizationHandler.IsSignedIn(HttpContext.Session))
{
return(RedirectToAction("Index", "Home"));
}
Utilities.UserToView(this);
var recipe = context.Recipes.Find(id);
return(View(recipe));
}
public IActionResult Register()
{
Utilities.UserToView(this);
if (AuthorizationHandler.IsSignedIn(HttpContext.Session))
{
return(RedirectToAction("Index", "Home"));
}
return(View());
}
public void TestThatGetTrustedClaimSetsReturnsTrustedClaimSets(string trustedCertificateSubjectName, string untrustedCertificateSubjectName)
{
var trustedClaimSet1Stub = MockRepository.GenerateStub <ClaimSet>();
trustedClaimSet1Stub.Stub(m => m.Issuer)
.Return(new X509CertificateClaimSet(TestHelper.GetCertificate(trustedCertificateSubjectName)))
.Repeat.Any();
var trustedClaimSet2Stub = MockRepository.GenerateStub <ClaimSet>();
trustedClaimSet2Stub.Stub(m => m.Issuer)
.Return(new X509CertificateClaimSet(TestHelper.GetCertificate(trustedCertificateSubjectName)))
.Repeat.Any();
var untrustedClaimSet1Stub = MockRepository.GenerateStub <ClaimSet>();
untrustedClaimSet1Stub.Stub(m => m.Issuer)
.Return(new X509CertificateClaimSet(TestHelper.GetCertificate(untrustedCertificateSubjectName)))
.Repeat.Any();
var untrustedClaimSet2Stub = MockRepository.GenerateStub <ClaimSet>();
untrustedClaimSet2Stub.Stub(m => m.Issuer)
.Return(null)
.Repeat.Any();
var untrustedClaimSet3Stub = MockRepository.GenerateStub <ClaimSet>();
untrustedClaimSet3Stub.Stub(m => m.Issuer)
.Return(MockRepository.GenerateStub <ClaimSet>())
.Repeat.Any();
var claimSets = new List <ClaimSet>
{
trustedClaimSet1Stub,
trustedClaimSet2Stub,
untrustedClaimSet1Stub,
untrustedClaimSet2Stub,
untrustedClaimSet3Stub
};
var authorizationHandler = new AuthorizationHandler();
Assert.That(authorizationHandler, Is.Not.Null);
var trustedClaimSets = authorizationHandler.GetTrustedClaimSets(claimSets).ToList();
Assert.That(trustedClaimSets, Is.Not.Null);
Assert.That(trustedClaimSets, Is.Not.Empty);
Assert.That(trustedClaimSets.Count, Is.EqualTo(2));
Assert.That(trustedClaimSets.Contains(trustedClaimSet1Stub), Is.True);
Assert.That(trustedClaimSets.Contains(trustedClaimSet2Stub), Is.True);
}
public IActionResult SignOut(bool f = false)
{
Utilities.UserToView(this);
if (!AuthorizationHandler.IsSignedIn(HttpContext.Session))
{
return(RedirectToAction("Index", "Home"));
}
AuthenticationHandler.SignOut(HttpContext.Session);
return(RedirectToAction("Index", "Home"));
}
public Client(string userName, string password, string baseUrl)
{
var uri = new Uri(baseUrl);
_baseUrl = string.Concat(uri.Scheme, "://", uri.Host);
_siteUrl = uri.AbsolutePath;
_userName = userName;
_password = password;
_handler = new AuthorizationHandler(_baseUrl, _siteUrl);
_initTask = Task.Factory.StartNew(Authorize);
}
public static IHandler Build()
{
var okHandler = new OkHandler();
var putHandler = new PutHandler();
var notFoundHandler = new NotFoundHandler(putHandler);
var methodIsSupportedHandler = new MethodIsSupportedHandler(okHandler);
var resourceExistsHandler = new ResourceExistsHandler(methodIsSupportedHandler, notFoundHandler);
var endpointExistsHandler = new EndpointExistsHandler(resourceExistsHandler);
var optionsHandler = new OptionsHandler(endpointExistsHandler);
var authorizationHandler = new AuthorizationHandler(optionsHandler);
var authenticationHandler = new AuthenticationHandler(authorizationHandler);
return authenticationHandler;
}
public void TestCheckFunctionHasPermissionUseCache()
{
var stub = CreateStub();
var authorizationHandler = new AuthorizationHandler(stub);
authorizationHandler.UseCache = true;
authorizationHandler.CheckFunction("1", "UserPermission");
var accessStorageTimes = stub.accessTimes;
authorizationHandler.CheckFunction("1", "UserPermission");
Assert.IsTrue(accessStorageTimes == stub.accessTimes);
}
public IActionResult Add()
{
if (!AuthorizationHandler.IsSignedIn(HttpContext.Session))
{
return(RedirectToAction("Index", "Home"));
}
Utilities.UserToView(this);
ViewBag.Action = "Add";
return(View("Edit", new Recipe()
{
Username = AuthenticationHandler.CurrentUser(HttpContext.Session).Username
}));
}
public void TestThatGetTrustedClaimSetsThrowsArgumentNullExceptionWhenClaimSetsIsNull()
{
var authorizationHandler = new AuthorizationHandler();
Assert.That(authorizationHandler, Is.Not.Null);
var exception = Assert.Throws <ArgumentNullException>(() => authorizationHandler.GetTrustedClaimSets(null));
Assert.That(exception, Is.Not.Null);
Assert.That(exception.ParamName, Is.Not.Null);
Assert.That(exception.ParamName, Is.Not.Empty);
Assert.That(exception.ParamName, Is.EqualTo("claimSets"));
Assert.That(exception.InnerException, Is.Null);
}
