public static void ClassSetup(TestContext context)
{
AppDomain.CurrentDomain.SetData(
"DataDirectory",
Path.Combine(context.TestDeploymentDir, string.Empty));
IPasswordHashingService hashingService = ApplicationContext.Current.GetService <IPasswordHashingService>();
var dataService = ApplicationContext.Current.GetService <IDataPersistenceService <SecurityUser> >();
dataService.Insert(new SecurityUser()
{
UserName = "******",
Email = "*****@*****.**",
PasswordHash = hashingService.EncodePassword("password"),
UserClass = UserClassKeys.HumanUser
}, AuthenticationContext.SystemPrincipal, TransactionMode.Commit);
dataService.Insert(new SecurityUser()
{
UserName = "******",
Email = "*****@*****.**",
PasswordHash = hashingService.EncodePassword("password"),
UserClass = UserClassKeys.HumanUser
}, AuthenticationContext.SystemPrincipal, TransactionMode.Commit);
IRoleProviderService roleService = ApplicationContext.Current.GetService <IRoleProviderService>();
roleService.AddUsersToRoles(new string[] { "*****@*****.**", "*****@*****.**" }, new string[] { "USERS" }, AuthenticationContext.SystemPrincipal);
roleService.AddUsersToRoles(new string[] { "*****@*****.**" }, new string[] { "ADMINISTRATORS" }, AuthenticationContext.SystemPrincipal);
}
public void TestUpdateValidSecurityUser()
{
IPasswordHashingService hashingService = ApplicationContext.Current.GetService <IPasswordHashingService>();
SecurityUser userUnderTest = new SecurityUser()
{
Email = "*****@*****.**",
EmailConfirmed = false,
PasswordHash = hashingService.EncodePassword("password"),
SecurityHash = "cert",
UserName = "******",
UserClass = UserClassKeys.HumanUser
};
// Store user
IIdentityProviderService identityService = ApplicationContext.Current.GetService <IIdentityProviderService>();
var authContext = AuthenticationContext.SystemPrincipal;
Assert.IsNotNull(authContext);
var userAfterUpdate = base.DoTestUpdate(userUnderTest, authContext, "PhoneNumber");
// Update
Assert.IsNotNull(userAfterUpdate.UpdatedTime);
Assert.IsNotNull(userAfterUpdate.PhoneNumber);
Assert.AreEqual(authContext.Identity.Name, userAfterUpdate.UpdatedBy.UserName);
}
public void TestDelayLoadUserProperties()
{
IPasswordHashingService hashingService = ApplicationContext.Current.GetService <IPasswordHashingService>();
String securityHash = Guid.NewGuid().ToString();
SecurityUser userUnderTest = new SecurityUser()
{
Email = "*****@*****.**",
EmailConfirmed = false,
PasswordHash = hashingService.EncodePassword("password"),
SecurityHash = securityHash,
UserName = "******",
UserClass = UserClassKeys.HumanUser
};
var userAfterInsert = base.DoTestInsert(userUnderTest, null);
var roleProvider = ApplicationContext.Current.GetService <IRoleProviderService>();
var identityProvider = ApplicationContext.Current.GetService <IIdentityProviderService>();
// Allow login
roleProvider.AddUsersToRoles(new string[] { "delayLoadTest" }, new string[] { "USERS" }, AuthenticationContext.SystemPrincipal);
var auth = identityProvider.Authenticate("delayLoadTest", "password");
roleProvider.CreateRole("TestDelayLoadUserPropertiesGroup", AuthenticationContext.SystemPrincipal);
roleProvider.AddUsersToRoles(new String[] { "delayLoadTest" }, new String[] { "TestDelayLoadUserPropertiesGroup" }, AuthenticationContext.SystemPrincipal);
// Now trigger a delay load
var userForTest = base.DoTestQuery(u => u.UserName == "delayLoadTest", userAfterInsert.Key, auth).First();
Assert.AreEqual(2, userForTest.Roles.Count);
Assert.IsTrue(userForTest.Roles.Exists(o => o.Name == "TestDelayLoadUserPropertiesGroup"));
}
public void TestQueryValidResult()
{
IPasswordHashingService hashingService = ApplicationContext.Current.GetService <IPasswordHashingService>();
String securityHash = Guid.NewGuid().ToString();
SecurityUser userUnderTest = new SecurityUser()
{
Email = "*****@*****.**",
EmailConfirmed = false,
PasswordHash = hashingService.EncodePassword("password"),
SecurityHash = securityHash,
UserName = "******",
UserClass = UserClassKeys.HumanUser
};
var testUser = base.DoTestInsert(userUnderTest);
IIdentityProviderService identityService = ApplicationContext.Current.GetService <IIdentityProviderService>();
var results = base.DoTestQuery(o => o.Email == "*****@*****.**", testUser.Key, AuthenticationContext.SystemPrincipal);
Assert.AreEqual(1, results.Count());
Assert.AreEqual(userUnderTest.Email, results.First().Email);
}
/// <summary>
/// Authenticate the application identity to an application principal
/// </summary>
public IPrincipal Authenticate(string applicationId, string applicationSecret)
{
// Data context
using (DataContext dataContext = this.m_configuration.Provider.GetWriteConnection())
{
try
{
dataContext.Open();
IPasswordHashingService hashService = ApplicationContext.Current.GetService <IPasswordHashingService>();
var client = dataContext.FirstOrDefault <DbSecurityApplication>("auth_app", applicationId, hashService.EncodePassword(applicationSecret));
if (client == null)
{
throw new SecurityException("Invalid application credentials");
}
IPrincipal applicationPrincipal = new ApplicationPrincipal(new OpenIZ.Core.Security.ApplicationIdentity(client.Key, client.PublicId, true));
new PolicyPermission(System.Security.Permissions.PermissionState.None, PermissionPolicyIdentifiers.Login, applicationPrincipal).Demand();
return(applicationPrincipal);
}
catch (Exception e)
{
this.m_traceSource.TraceEvent(TraceEventType.Error, e.HResult, "Error authenticating {0} : {1}", applicationId, e);
throw new AuthenticationException("Error authenticating application", e);
}
}
}
/// <summary>
/// Authenticate the application identity to an application principal
/// </summary>
public IPrincipal Authenticate(string applicationId, string applicationSecret)
{
// Data context
using (ModelDataContext dataContext = new ModelDataContext(this.m_configuration.ReadonlyConnectionString))
{
IPasswordHashingService hashService = ApplicationContext.Current.GetService <IPasswordHashingService>();
var client = dataContext.SecurityApplications.SingleOrDefault(o => o.ApplicationPublicId == applicationId && o.ApplicationSecret == hashService.EncodePassword(applicationSecret));
if (client == null)
{
throw new SecurityException("Invalid application credentials");
}
IPrincipal applicationPrincipal = new ApplicationPrincipal(new OpenIZ.Core.Security.ApplicationIdentity(client.ApplicationId, client.ApplicationPublicId, true));
new PolicyPermission(System.Security.Permissions.PermissionState.None, PermissionPolicyIdentifiers.Login, applicationPrincipal).Demand();
return(applicationPrincipal);
}
}
