public void SingleProvider_SamePurpose_RoundTripsData() { // Arrange var dataProtectionProvider = new EphemeralDataProtectionProvider(); var dataProtector1 = dataProtectionProvider.CreateProtector("purpose"); var dataProtector2 = dataProtectionProvider.CreateProtector("purpose"); // should be equivalent to the previous instance byte[] bytes = Encoding.UTF8.GetBytes("Hello there!"); // Act byte[] protectedBytes = dataProtector1.Protect(bytes); byte[] unprotectedBytes = dataProtector2.Unprotect(protectedBytes); // Assert Assert.Equal(bytes, unprotectedBytes); }
public void SingleProvider_DifferentPurpose_DoesNotRoundTripData() { // Arrange var dataProtectionProvider = new EphemeralDataProtectionProvider(); var dataProtector1 = dataProtectionProvider.CreateProtector("purpose"); var dataProtector2 = dataProtectionProvider.CreateProtector("different purpose"); byte[] bytes = Encoding.UTF8.GetBytes("Hello there!"); // Act & assert byte[] protectedBytes = dataProtector1.Protect(bytes); Assert.ThrowsAny<CryptographicException>(() => { byte[] unprotectedBytes = dataProtector2.Unprotect(protectedBytes); }); }
public TestState() { Mock <IGetPersonalProfileDependencies> dependencies = new Mock <IGetPersonalProfileDependencies>(); Mock <IHttpContextAccessor> httpContextAccessor = new Mock <IHttpContextAccessor>(); Mock <IHeaderDictionary> headerDictionary = new Mock <IHeaderDictionary>(); httpContextAccessor.Setup(a => a.HttpContext.Request.Headers) .Returns(headerDictionary.Object); IDataProtectionProvider provider = new EphemeralDataProtectionProvider(); _protector = provider.CreateProtector("PersonalProfile.Protector"); dependencies.Setup(a => a.GetUserId(Username)) .Returns(Task.FromResult(UserIdEntity.Create(Username, UserId))); dependencies.Setup(a => a.GetPersonalProfile(UserId)) .Returns(Task.FromResult(GetPersonalProfileEntity(UserId))); dependencies.Setup(a => a.GetSkills(UserId)) .Returns(Task.FromResult(GetSkills(UserId))); dependencies.Setup(a => a.GetInterests(UserId)) .Returns(Task.FromResult(GetInterests(UserId))); _dependencies = dependencies; Subject = new PersonalProfile(_dependencies.Object, provider, httpContextAccessor.Object); }
public void SingleProvider_DifferentPurpose_DoesNotRoundTripData() { // Arrange var dataProtectionProvider = new EphemeralDataProtectionProvider(); var dataProtector1 = dataProtectionProvider.CreateProtector("purpose"); var dataProtector2 = dataProtectionProvider.CreateProtector("different purpose"); byte[] bytes = Encoding.UTF8.GetBytes("Hello there!"); // Act & assert byte[] protectedBytes = dataProtector1.Protect(bytes); Assert.ThrowsAny <CryptographicException>(() => { byte[] unprotectedBytes = dataProtector2.Unprotect(protectedBytes); }); }
public void TestDataProtectionProvider() { //SETUP var eProvider = new EphemeralDataProtectionProvider(); //ATTEMPT var provider = eProvider.CreateProtector("XXX"); var encrypted = provider.Protect("Hello world"); var unencrypted = provider.Unprotect(encrypted); //VERIFY unencrypted.ShouldEqual("Hello world"); }
public void ReadEncryptedCookie() { //SETUP var mocks = new MockHttpContextCookies(); var eProvider = new EphemeralDataProtectionProvider(); var cookie = new ImpersonationCookie(mocks.MockContext, eProvider); //ATTEMPT mocks.RequestCookies["UserImpersonation"] = eProvider.CreateProtector(cookie.EncryptPurpose).Protect("Hello world"); var data = cookie.GetCookieInValue(); //VERIFY data.ShouldEqual("Hello world"); }
public void ReadEncryptedCookie() { //SETUP var httpContext = new DefaultHttpContext(); var eProvider = new EphemeralDataProtectionProvider(); var cookie = new ImpersonationCookie(httpContext, eProvider); var codedData = eProvider.CreateProtector(cookie.EncryptPurpose).Protect("Hello world"); //ATTEMPT httpContext.AddRequestCookie("UserImpersonation", codedData); var data = cookie.GetCookieInValue(); //VERIFY data.ShouldEqual("Hello world"); }
public PasswordServiceTests() { var dbContextOptions = new DbContextOptionsBuilder <ApplicationDbContext>() .UseInMemoryDatabase("Db").Options; _dbContext = new ApplicationDbContext(dbContextOptions); _dataProtectionProvider = new EphemeralDataProtectionProvider(); _dataProtector = _dataProtectionProvider.CreateProtector(PasswordService.ProtectorPurpose); _clock = new FakeClock(new Instant()); _sessionService = new Mock <ISessionService>(); _sut = new PasswordService( _dbContext, _dataProtectionProvider, _clock, _sessionService.Object, NullLogger <PasswordService> .Instance ); }
static void Main(string[] args) { // Short term provider IDataProtectionProvider provider = new EphemeralDataProtectionProvider(); //or long term provider from Extensions provider = DataProtectionProvider.Create(nameof(Main)); var protector = provider.CreateProtector("encrypt"); // Write File.WriteAllText("C:\\temp\\protected.txt", protector.Protect("Secret Text")); //return; // Read var secret = protector.Unprotect(File.ReadAllText("C:\\temp\\protected.txt")); Console.WriteLine(secret); }
static void Main(string[] args) { const string purpose = "Demonstration"; // instantiate the data protection system at this folder var dataProtectionProvider = new EphemeralDataProtectionProvider(); var protector = dataProtectionProvider.CreateProtector(purpose); Console.Write("Enter input: "); string input = Console.ReadLine(); // protect the payload string protectedPayload = protector.Protect(input); Console.WriteLine($"Protect returned: {protectedPayload}"); // unprotect the payload string unprotectedPayload = protector.Unprotect(protectedPayload); Console.WriteLine($"Unprotect returned: {unprotectedPayload}"); Console.ReadLine(); }
public async Task IndexMethod_ShouldReturn_SessionIdInViewModel() { var _dataProtectionProvider = new EphemeralDataProtectionProvider(); var controller = Substitute.ForPartsOf <HomeController>(new object[] { _logger, _apiServices, _dataProtectionProvider }); controller.ControllerContext = new ControllerContext { HttpContext = new DefaultHttpContext() }; controller.Request.Cookies = new RequestCookieCollection(new Dictionary <string, string> { { ".dysac-session", _dataProtectionProvider.CreateProtector("BaseController").Protect("abc123") } }); var result = await controller.Index(); var viewResult = Assert.IsType <ViewResult>(result); var viewModel = Assert.IsType <IndexViewModel>(viewResult.Model); Assert.Equal("abc123", viewModel.SessionId); }
public async Task Index_ShouldReturn_500WithException() { var _dataProtectionProvider = new EphemeralDataProtectionProvider(); var controller = Substitute.ForPartsOf <FinishController>(new object[] { _logger, _apiServices, _dataProtectionProvider }); controller.ControllerContext = new ControllerContext { HttpContext = new DefaultHttpContext() }; controller.Request.Cookies = new RequestCookieCollection(new Dictionary <string, string> { { ".dysac-session", _dataProtectionProvider.CreateProtector("BaseController").Protect("abc123") } }); controller.View("Finish", Arg.Any <FinishViewModel>()).Throws(new Exception()); var result = await controller.Index(); var viewResult = Assert.IsType <RedirectToActionResult>(result); Assert.Equal("Error500", viewResult.ActionName); Assert.Equal("Error", viewResult.ControllerName); }
public TestState() { DefaultPersonalProfile = BuildPersonalProfile(); IDataProtectionProvider provider = new EphemeralDataProtectionProvider(); IDataProtector protector = provider.CreateProtector("test"); var entities = DefaultPersonalProfile.MapToWraperEntities(protector); Mock <IPutPersonalProfileDependencies> dependencies = new Mock <IPutPersonalProfileDependencies>(); //TODO: modify the scenario to test as well updates. dependencies.Setup(a => a.InsertPersonalProfile(It.IsAny <PersonalProfileEntity>())) .Returns(entities.personalProfile.Success().Async()); dependencies.Setup(a => a.UpdatePersonalProfile(It.IsAny <PersonalProfileEntity>())) .Returns(entities.personalProfile.Success().Async()); dependencies.Setup(a => a.InsertInterests(It.IsAny <List <InterestEntity> >())) .Returns(entities.interestEntities.Success().Async()); dependencies.Setup(a => a.UpdateInterests(It.IsAny <List <InterestEntity> >())) .Returns(entities.interestEntities.Success().Async()); dependencies.Setup(a => a.InsertSkills(It.IsAny <List <SkillEntity> >())) .Returns(entities.skillEntities.Success().Async()); dependencies.Setup(a => a.UpdateSkills(It.IsAny <List <SkillEntity> >())) .Returns(entities.skillEntities.Success().Async()); dependencies.Setup(a => a.CommitTransaction()) .Returns(Task.CompletedTask); dependencies.Setup(a => a.GetUser(Username)) .Returns(Task.FromResult(UserIdEntity.Create(Username, UserId))); _dependencies = dependencies; Subject = new PutPersonalProfile(_dependencies.Object, provider); }
public async Task ResultsFilteredForJobCategory_ShouldReturn_500OnError() { _appSettings.Value.UseFilteringQuestions = true; var _dataProtectionProvider = new EphemeralDataProtectionProvider(); var controller = Substitute.ForPartsOf <ResultsController>(new object[] { _logger, _apiServices, _appSettings, _dataProtectionProvider }); controller.ControllerContext = new ControllerContext { HttpContext = new DefaultHttpContext() }; controller.Request.Cookies = new RequestCookieCollection(new Dictionary <string, string> { { ".dysac-session", _dataProtectionProvider.CreateProtector("BaseController").Protect("abc123") } }); controller.View("ResultsForJobCategory", Arg.Any <ResultsViewModel>()).Throws(new Exception()); var result = await controller.ResultsFilteredForJobCategory("animal-care"); var viewResult = Assert.IsType <RedirectToActionResult>(result); Assert.Equal("Error500", viewResult.ActionName); Assert.Equal("Error", viewResult.ControllerName); }