public void UtcCreationDateConvertsToUniversal() { IReplayProtectedProtocolMessage responseReplay = this.response; DateTime local = DateTime.Parse("1982-01-01", CultureInfo.InvariantCulture, DateTimeStyles.AssumeLocal); if (local.Kind != DateTimeKind.Local) { Assert.Inconclusive("Test cannot manage to create a local time."); } responseReplay.UtcCreationDate = local; DateTime utcCreationDate = responseReplay.UtcCreationDate; Assert.AreEqual(DateTimeKind.Utc, utcCreationDate.Kind, "Local time should have been converted to universal time."); Assert.AreNotEqual(local.Hour, utcCreationDate.Hour, "The hour was expected to change (unless local time _is_ UTC time for this PC!)"); // Now try setting UTC time just to make sure it DOESN'T mangle the hour if (this.creationDate.Kind != DateTimeKind.Utc) { Assert.Inconclusive("We need a UTC datetime to set with."); } responseReplay.UtcCreationDate = this.creationDate; utcCreationDate = responseReplay.UtcCreationDate; Assert.AreEqual(DateTimeKind.Utc, utcCreationDate.Kind); Assert.AreEqual(this.creationDate.Hour, utcCreationDate.Hour, "The hour should match since both times are UTC time."); }
/// <summary> /// Performs any transformation on an incoming message that may be necessary and/or /// validates an incoming message based on the rules of this channel binding element. /// </summary> /// <param name="message">The incoming message to process.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. /// </returns> /// <exception cref="ProtocolException"> /// Thrown when the binding element rules indicate that this message is invalid and should /// NOT be processed. /// </exception> /// <remarks> /// Implementations that provide message protection must honor the /// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable. /// </remarks> public MessageProtections?ProcessIncomingMessage(IProtocolMessage message) { IndirectSignedResponse response = message as IndirectSignedResponse; if (this.UseRequestNonce(response)) { if (!response.ReturnToParametersSignatureValidated) { Logger.OpenId.Error("Incoming message is expected to have a nonce, but the return_to parameter is not signed."); } string nonceValue = response.GetReturnToArgument(NonceParameter); ErrorUtilities.VerifyProtocol( nonceValue != null && response.ReturnToParametersSignatureValidated, this.securitySettings.RejectUnsolicitedAssertions ? OpenIdStrings.UnsolicitedAssertionsNotAllowed : OpenIdStrings.UnsolicitedAssertionsNotAllowedFrom1xOPs); CustomNonce nonce = CustomNonce.Deserialize(nonceValue); DateTime expirationDate = nonce.CreationDateUtc + MaximumMessageAge; if (expirationDate < DateTime.UtcNow) { throw new ExpiredMessageException(expirationDate, message); } IReplayProtectedProtocolMessage replayResponse = response; if (!this.nonceStore.StoreNonce(replayResponse.NonceContext, nonce.RandomPartAsString, nonce.CreationDateUtc)) { Logger.OpenId.ErrorFormat("Replayed nonce detected ({0} {1}). Rejecting message.", replayResponse.Nonce, replayResponse.UtcCreationDate); throw new ReplayedMessageException(message); } return(MessageProtections.ReplayProtection); } return(null); }
public override void SetUp() { base.SetUp(); this.protocol = Protocol.Default; this.nonceStore = new NonceMemoryStore(TimeSpan.FromHours(3)); this.nonceElement = new StandardReplayProtectionBindingElement(this.nonceStore); this.nonceElement.Channel = new Mocks.TestChannel(); this.message = new TestReplayProtectedMessage(); this.message.UtcCreationDate = DateTime.UtcNow; }
public void ResponseNonceGetter() { IReplayProtectedProtocolMessage responseReplay = this.response; responseReplay.Nonce = "UnIqUe"; responseReplay.UtcCreationDate = this.creationDate; Assert.AreEqual(CreationDateString + "UnIqUe", this.response.ResponseNonceTestHook); Assert.AreEqual("UnIqUe", responseReplay.Nonce); Assert.AreEqual(this.creationDate, responseReplay.UtcCreationDate); }
public override void SetUp() { base.SetUp(); this.protocol = Protocol.Default; this.nonceStore = new NonceMemoryStore(TimeSpan.FromHours(3)); this.nonceElement = new StandardReplayProtectionBindingElement(this.nonceStore); this.nonceElement.Channel = new Mocks.TestChannel(); this.message = new TestReplayProtectedMessage(); this.message.UtcCreationDate = DateTime.UtcNow; }
//shuo:end /// <summary> /// Applies a nonce to the message. /// </summary> /// <param name="message">The message to apply replay protection to.</param> /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. /// </returns> public Task <MessageProtections?> ProcessOutgoingMessageAsync(IProtocolMessage message, CancellationToken cancellationToken) { IReplayProtectedProtocolMessage nonceMessage = message as IReplayProtectedProtocolMessage; if (nonceMessage != null) { nonceMessage.Nonce = this.GenerateUniqueFragment(); return(CompletedReplayProtectionTask); } return(NullTask); }
public void ResponseNonceGetter() { var responseAccessor = IndirectSignedResponse_Accessor.AttachShadow(this.response); IReplayProtectedProtocolMessage responseReplay = this.response; responseReplay.Nonce = "UnIqUe"; responseReplay.UtcCreationDate = this.creationDate; Assert.AreEqual(CreationDateString + "UnIqUe", responseAccessor.ResponseNonce); Assert.AreEqual("UnIqUe", responseReplay.Nonce); Assert.AreEqual(this.creationDate, responseReplay.UtcCreationDate); }
/// <summary> /// Applies a nonce to the message. /// </summary> /// <param name="message">The message to apply replay protection to.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. /// </returns> public MessageProtections?ProcessOutgoingMessage(IProtocolMessage message) { IReplayProtectedProtocolMessage nonceMessage = message as IReplayProtectedProtocolMessage; if (nonceMessage != null) { nonceMessage.Nonce = this.GenerateUniqueFragment(); return(MessageProtections.ReplayProtection); } return(null); }
/// <summary> /// Applies a nonce to the message. /// </summary> /// <param name="message">The message to apply replay protection to.</param> /// <returns>True if the message protection was applied. False otherwise.</returns> public bool PrepareMessageForSending(IProtocolMessage message) { IReplayProtectedProtocolMessage nonceMessage = message as IReplayProtectedProtocolMessage; if (nonceMessage != null) { nonceMessage.Nonce = this.GenerateUniqueFragment(); return(true); } return(false); }
public void ResponseNonceSetter() { const string HybridValue = CreationDateString + "UNIQUE"; IReplayProtectedProtocolMessage responseReplay = this.response; this.response.ResponseNonceTestHook = HybridValue; Assert.AreEqual(HybridValue, this.response.ResponseNonceTestHook); Assert.AreEqual(this.creationDate, responseReplay.UtcCreationDate); Assert.AreEqual("UNIQUE", responseReplay.Nonce); this.response.ResponseNonceTestHook = null; Assert.IsNull(responseReplay.Nonce); }
public void ResponseNonceSetter() { const string HybridValue = CreationDateString + "UNIQUE"; var responseAccessor = IndirectSignedResponse_Accessor.AttachShadow(this.response); IReplayProtectedProtocolMessage responseReplay = this.response; responseAccessor.ResponseNonce = HybridValue; Assert.AreEqual(HybridValue, responseAccessor.ResponseNonce); Assert.AreEqual(this.creationDate, responseReplay.UtcCreationDate); Assert.AreEqual("UNIQUE", responseReplay.Nonce); responseAccessor.ResponseNonce = null; Assert.IsNull(responseReplay.Nonce); }
/// <summary> /// Verifies that the nonce in an incoming message has not been seen before. /// </summary> /// <param name="message">The incoming message.</param> /// <returns> /// True if the message nonce passed replay detection checks. /// False if the message did not have a nonce that could be checked at all. /// </returns> /// <exception cref="ReplayedMessageException">Thrown when the nonce check revealed a replayed message.</exception> public bool PrepareMessageForReceiving(IProtocolMessage message) { IReplayProtectedProtocolMessage nonceMessage = message as IReplayProtectedProtocolMessage; if (nonceMessage != null && nonceMessage.Nonce != null) { ErrorUtilities.VerifyProtocol(nonceMessage.Nonce.Length > 0 || this.AllowZeroLengthNonce, MessagingStrings.InvalidNonceReceived); if (!this.nonceStore.StoreNonce(nonceMessage.Nonce, nonceMessage.UtcCreationDate)) { throw new ReplayedMessageException(message); } return(true); } return(false); }
public Task <MessageProtections?> ProcessIncomingMessageAsync(IProtocolMessage message, CancellationToken cancellationToken) { IReplayProtectedProtocolMessage nonceMessage = message as IReplayProtectedProtocolMessage; if (nonceMessage != null && nonceMessage.Nonce != null) { ErrorUtilities.VerifyProtocol(nonceMessage.Nonce.Length > 0 || this.AllowZeroLengthNonce, MessagingStrings.InvalidNonceReceived); if (!this.nonceStore.StoreNonce(nonceMessage.NonceContext, nonceMessage.Nonce, nonceMessage.UtcCreationDate)) { Logger.OpenId.ErrorFormat("Replayed nonce detected ({0} {1}). Rejecting message.", nonceMessage.Nonce, nonceMessage.UtcCreationDate); throw new ReplayedMessageException(message); } return(CompletedReplayProtectionTask); } return(NullTask); }