public static void ClassSetup(TestContext context) { AppDomain.CurrentDomain.SetData( "DataDirectory", Path.Combine(context.TestDeploymentDir, string.Empty)); IPasswordHashingService hashingService = ApplicationContext.Current.GetService <IPasswordHashingService>(); var dataService = ApplicationContext.Current.GetService <IDataPersistenceService <SecurityUser> >(); dataService.Insert(new SecurityUser() { UserName = "******", Email = "*****@*****.**", PasswordHash = hashingService.EncodePassword("password"), UserClass = UserClassKeys.HumanUser }, AuthenticationContext.SystemPrincipal, TransactionMode.Commit); dataService.Insert(new SecurityUser() { UserName = "******", Email = "*****@*****.**", PasswordHash = hashingService.EncodePassword("password"), UserClass = UserClassKeys.HumanUser }, AuthenticationContext.SystemPrincipal, TransactionMode.Commit); IRoleProviderService roleService = ApplicationContext.Current.GetService <IRoleProviderService>(); roleService.AddUsersToRoles(new string[] { "*****@*****.**", "*****@*****.**" }, new string[] { "USERS" }, AuthenticationContext.SystemPrincipal); roleService.AddUsersToRoles(new string[] { "*****@*****.**" }, new string[] { "ADMINISTRATORS" }, AuthenticationContext.SystemPrincipal); }
public void TestUpdateValidSecurityUser() { IPasswordHashingService hashingService = ApplicationContext.Current.GetService <IPasswordHashingService>(); SecurityUser userUnderTest = new SecurityUser() { Email = "*****@*****.**", EmailConfirmed = false, PasswordHash = hashingService.EncodePassword("password"), SecurityHash = "cert", UserName = "******", UserClass = UserClassKeys.HumanUser }; // Store user IIdentityProviderService identityService = ApplicationContext.Current.GetService <IIdentityProviderService>(); var authContext = AuthenticationContext.SystemPrincipal; Assert.IsNotNull(authContext); var userAfterUpdate = base.DoTestUpdate(userUnderTest, authContext, "PhoneNumber"); // Update Assert.IsNotNull(userAfterUpdate.UpdatedTime); Assert.IsNotNull(userAfterUpdate.PhoneNumber); Assert.AreEqual(authContext.Identity.Name, userAfterUpdate.UpdatedBy.UserName); }
public void TestDelayLoadUserProperties() { IPasswordHashingService hashingService = ApplicationContext.Current.GetService <IPasswordHashingService>(); String securityHash = Guid.NewGuid().ToString(); SecurityUser userUnderTest = new SecurityUser() { Email = "*****@*****.**", EmailConfirmed = false, PasswordHash = hashingService.EncodePassword("password"), SecurityHash = securityHash, UserName = "******", UserClass = UserClassKeys.HumanUser }; var userAfterInsert = base.DoTestInsert(userUnderTest, null); var roleProvider = ApplicationContext.Current.GetService <IRoleProviderService>(); var identityProvider = ApplicationContext.Current.GetService <IIdentityProviderService>(); // Allow login roleProvider.AddUsersToRoles(new string[] { "delayLoadTest" }, new string[] { "USERS" }, AuthenticationContext.SystemPrincipal); var auth = identityProvider.Authenticate("delayLoadTest", "password"); roleProvider.CreateRole("TestDelayLoadUserPropertiesGroup", AuthenticationContext.SystemPrincipal); roleProvider.AddUsersToRoles(new String[] { "delayLoadTest" }, new String[] { "TestDelayLoadUserPropertiesGroup" }, AuthenticationContext.SystemPrincipal); // Now trigger a delay load var userForTest = base.DoTestQuery(u => u.UserName == "delayLoadTest", userAfterInsert.Key, auth).First(); Assert.AreEqual(2, userForTest.Roles.Count); Assert.IsTrue(userForTest.Roles.Exists(o => o.Name == "TestDelayLoadUserPropertiesGroup")); }
public void TestQueryValidResult() { IPasswordHashingService hashingService = ApplicationContext.Current.GetService <IPasswordHashingService>(); String securityHash = Guid.NewGuid().ToString(); SecurityUser userUnderTest = new SecurityUser() { Email = "*****@*****.**", EmailConfirmed = false, PasswordHash = hashingService.EncodePassword("password"), SecurityHash = securityHash, UserName = "******", UserClass = UserClassKeys.HumanUser }; var testUser = base.DoTestInsert(userUnderTest); IIdentityProviderService identityService = ApplicationContext.Current.GetService <IIdentityProviderService>(); var results = base.DoTestQuery(o => o.Email == "*****@*****.**", testUser.Key, AuthenticationContext.SystemPrincipal); Assert.AreEqual(1, results.Count()); Assert.AreEqual(userUnderTest.Email, results.First().Email); }
/// <summary> /// Authenticate the application identity to an application principal /// </summary> public IPrincipal Authenticate(string applicationId, string applicationSecret) { // Data context using (DataContext dataContext = this.m_configuration.Provider.GetWriteConnection()) { try { dataContext.Open(); IPasswordHashingService hashService = ApplicationContext.Current.GetService <IPasswordHashingService>(); var client = dataContext.FirstOrDefault <DbSecurityApplication>("auth_app", applicationId, hashService.EncodePassword(applicationSecret)); if (client == null) { throw new SecurityException("Invalid application credentials"); } IPrincipal applicationPrincipal = new ApplicationPrincipal(new OpenIZ.Core.Security.ApplicationIdentity(client.Key, client.PublicId, true)); new PolicyPermission(System.Security.Permissions.PermissionState.None, PermissionPolicyIdentifiers.Login, applicationPrincipal).Demand(); return(applicationPrincipal); } catch (Exception e) { this.m_traceSource.TraceEvent(TraceEventType.Error, e.HResult, "Error authenticating {0} : {1}", applicationId, e); throw new AuthenticationException("Error authenticating application", e); } } }
/// <summary> /// Authenticate the application identity to an application principal /// </summary> public IPrincipal Authenticate(string applicationId, string applicationSecret) { // Data context using (ModelDataContext dataContext = new ModelDataContext(this.m_configuration.ReadonlyConnectionString)) { IPasswordHashingService hashService = ApplicationContext.Current.GetService <IPasswordHashingService>(); var client = dataContext.SecurityApplications.SingleOrDefault(o => o.ApplicationPublicId == applicationId && o.ApplicationSecret == hashService.EncodePassword(applicationSecret)); if (client == null) { throw new SecurityException("Invalid application credentials"); } IPrincipal applicationPrincipal = new ApplicationPrincipal(new OpenIZ.Core.Security.ApplicationIdentity(client.ApplicationId, client.ApplicationPublicId, true)); new PolicyPermission(System.Security.Permissions.PermissionState.None, PermissionPolicyIdentifiers.Login, applicationPrincipal).Demand(); return(applicationPrincipal); } }