public Task Setup() { this.Port = new Random().Next(20000, 40000); var options = new ListenerOptions { DefaultRealm = "corp2.identityintervention.com".ToUpper(), RealmLocator = realm => LocateRealm(realm), Log = Logger }; options.Configuration.KdcDefaults.TcpListenBacklog = int.MaxValue; options.Configuration.KdcDefaults.ReceiveTimeout = TimeSpan.FromSeconds(15); options.Configuration.KdcDefaults.KdcTcpListenEndpoints.Clear(); options.Configuration.KdcDefaults.KdcTcpListenEndpoints.Add($"127.0.0.1:{this.Port}"); this.listener = new KdcServiceListener(options); _ = this.listener.Start(); this.credential = Creds.GetOrAdd(this.AlgorithmType, a => new KerberosPasswordCredential(a + this.user, this.password)); this.asReq = new ReadOnlySequence <byte>(KrbAsReq.CreateAsReq(this.credential, DefaultAuthentication).EncodeApplication()); return(Task.CompletedTask); }
static async Task Main() { var builder = new HostBuilder() .ConfigureLogging((_, factory) => { factory.AddConsole(opt => opt.IncludeScopes = true); factory.AddFilter <ConsoleLoggerProvider>(level => level >= LogLevel.Trace); }); var host = builder.Build(); var logger = (ILoggerFactory)host.Services.GetService(typeof(ILoggerFactory)); KdcServiceListener listener = new KdcServiceListener(new ListenerOptions { ListeningOn = new IPEndPoint(IPAddress.Loopback, 8888), Log = logger, DefaultRealm = "corp2.identityintervention.com".ToUpper(), IsDebug = true, RealmLocator = realm => LocateRealm(realm), ReceiveTimeout = TimeSpan.FromHours(1) }); await listener.Start(); listener.Dispose(); }
public async Task ReceiveTimeout() { var port = NextPort(); var log = new FakeExceptionLoggerFactory(); var options = new ListenerOptions { ListeningOn = new IPEndPoint(IPAddress.Loopback, port), DefaultRealm = "corp2.identityintervention.com".ToUpper(), IsDebug = true, RealmLocator = realm => LocateRealm(realm, slow: true), ReceiveTimeout = TimeSpan.FromMilliseconds(1), Log = log }; KdcServiceListener listener = new KdcServiceListener(options); _ = listener.Start(); try { await RequestAndValidateTickets(AdminAtCorpUserName, FakeAdminAtCorpPassword, $"127.0.0.1:{port}"); } catch { } listener.Stop(); var timeout = log.Exceptions.FirstOrDefault(e => e is TimeoutException); Assert.IsNotNull(timeout); throw timeout; }
static async Task Main() { var builder = new HostBuilder() .ConfigureLogging((_, factory) => { factory.AddConsole(opt => opt.IncludeScopes = true); factory.AddFilter <ConsoleLoggerProvider>(level => level >= LogLevel.Trace); }); var host = builder.Build(); var logger = (ILoggerFactory)host.Services.GetService(typeof(ILoggerFactory)); var options = new ListenerOptions { Log = logger, DefaultRealm = "corp2.identityintervention.com".ToUpper(), IsDebug = true, RealmLocator = realm => new FakeRealmService(realm) }; options.Configuration.KdcDefaults.KdcTcpListenEndpoints.Clear(); options.Configuration.KdcDefaults.KdcTcpListenEndpoints.Add("127.0.0.1:8888"); options.Configuration.KdcDefaults.ReceiveTimeout = TimeSpan.FromHours(1); var listener = new KdcServiceListener(options); await listener.Start(); listener.Dispose(); }
static async Task Main(string[] args) { KdcServiceListener listener = new KdcServiceListener(new ListenerOptions { ListeningOn = new IPEndPoint(IPAddress.Loopback, 8888), Log = new ConsoleLogger(), DefaultRealm = "corp2.identityintervention.com".ToUpper(), IsDebug = true, RealmLocator = realm => LocateRealm(realm), ReceiveTimeout = TimeSpan.FromHours(1) }); await listener.Start(); }
public async Task U2U() { var port = new Random().Next(20000, 40000); var options = new ListenerOptions { ListeningOn = new IPEndPoint(IPAddress.Loopback, port), DefaultRealm = "corp2.identityintervention.com".ToUpper(), IsDebug = true, RealmLocator = realm => LocateRealm(realm), ReceiveTimeout = TimeSpan.FromHours(1) }; KdcServiceListener listener = new KdcServiceListener(options); _ = listener.Start(); var kerbClientCred = new KerberosPasswordCredential("*****@*****.**", "P@ssw0rd!"); var client = new KerberosClient($"127.0.0.1:{port}"); await client.Authenticate(kerbClientCred); var kerbServerCred = new KerberosPasswordCredential("*****@*****.**", "P@ssw0rd!"); var server = new KerberosClient($"127.0.0.1:{port}"); await server.Authenticate(kerbClientCred); var serverEntry = await server.Cache.Get <KerberosClientCacheEntry>($"krbtgt/{server.DefaultDomain}"); var serverTgt = serverEntry.Ticket.Ticket; var apReq = await client.GetServiceTicket("host/u2u", ApOptions.MutualRequired | ApOptions.UseSessionKey, u2uServerTicket : serverTgt); Assert.IsNotNull(apReq); var decrypted = new DecryptedKrbApReq(apReq); Assert.IsNull(decrypted.Ticket); decrypted.Decrypt(serverEntry.SessionKey.AsKey()); decrypted.Validate(ValidationActions.All); Assert.IsNotNull(decrypted.Ticket); Assert.AreEqual("host/u2u/CORP.IDENTITYINTERVENTION.COM", decrypted.SName.FullyQualifiedName); listener.Stop(); }
public static TcpKdcListener StartTcpListener(int port, bool slow = false) { var options = new KdcServerOptions { ListeningOn = new IPEndPoint(IPAddress.Loopback, port), DefaultRealm = "corp2.identityintervention.com".ToUpper(CultureInfo.InvariantCulture), IsDebug = true, RealmLocator = realm => LocateRealm(realm, slow), ReceiveTimeout = TimeSpan.FromHours(1) }; KdcServiceListener server = new KdcServiceListener(options); return(new TcpKdcListener(server)); }
public void Setup() { port = new Random().Next(20000, 40000); var options = new ListenerOptions { ListeningOn = new IPEndPoint(IPAddress.Loopback, port), DefaultRealm = "corp2.identityintervention.com".ToUpper(), IsDebug = true, RealmLocator = realm => LocateRealm(realm), ReceiveTimeout = TimeSpan.FromHours(1) }; listener = new KdcServiceListener(options); _ = listener.Start(); }
public static KdcServiceListener StartListener(int port, bool slow = false) { var options = new ListenerOptions { ListeningOn = new IPEndPoint(IPAddress.Loopback, port), DefaultRealm = "corp2.identityintervention.com".ToUpper(), IsDebug = true, RealmLocator = realm => LocateRealm(realm, slow), ReceiveTimeout = TimeSpan.FromHours(1) }; var listener = new KdcServiceListener(options); _ = listener.Start(); return(listener); }
public void Setup() { Port = new Random().Next(20000, 40000); var options = new ListenerOptions { ListeningOn = new IPEndPoint(IPAddress.Loopback, Port), DefaultRealm = "corp2.identityintervention.com".ToUpper(), RealmLocator = realm => LocateRealm(realm), QueueLength = 10 * 1000, ReceiveTimeout = TimeSpan.FromMinutes(60), Log = null }; listener = new KdcServiceListener(options); _ = listener.Start(); }
public void Setup() { this.port = new Random().Next(20000, 40000); var options = new ListenerOptions { DefaultRealm = "corp2.identityintervention.com".ToUpper(), IsDebug = true, RealmLocator = realm => this.LocateRealm(realm) }; options.Configuration.KdcDefaults.ReceiveTimeout = TimeSpan.FromHours(1); options.Configuration.KdcDefaults.KdcTcpListenEndpoints.Clear(); options.Configuration.KdcDefaults.KdcTcpListenEndpoints.Add($"127.0.0.1:{this.port}"); this.listener = new KdcServiceListener(options); _ = this.listener.Start(); }
public static TcpKdcListener StartTcpListener(int port, bool slow = false) { KdcServerOptions options = null; options = new KdcServerOptions { DefaultRealm = "corp2.identityintervention.com".ToUpper(CultureInfo.InvariantCulture), IsDebug = true, RealmLocator = realm => LocateRealm(realm, slow, options.Configuration) }; options.Configuration.KdcDefaults.ReceiveTimeout = TimeSpan.FromHours(1); options.Configuration.KdcDefaults.KdcTcpListenEndpoints.Clear(); options.Configuration.KdcDefaults.KdcTcpListenEndpoints.Add($"127.0.0.1:{port}"); var server = new KdcServiceListener(options); return(new TcpKdcListener(server)); }
public async Task TestE2E() { var port = new Random().Next(20000, 40000); var options = new ListenerOptions { ListeningOn = new IPEndPoint(IPAddress.Loopback, port), DefaultRealm = "corp2.identityintervention.com".ToUpper(), IsDebug = true, RealmLocator = realm => LocateRealm(realm), ReceiveTimeout = TimeSpan.FromHours(1) }; using (KdcServiceListener listener = new KdcServiceListener(options)) { _ = listener.Start(); await RequestAndValidateTickets("*****@*****.**", "P@ssw0rd!", $"127.0.0.1:{port}"); listener.Stop(); } }
public async Task TestReceiveTimeout() { var port = new Random().Next(20000, 40000); var log = new ExceptionTraceLog(); var options = new ListenerOptions { ListeningOn = new IPEndPoint(IPAddress.Loopback, port), DefaultRealm = "corp2.identityintervention.com".ToUpper(), IsDebug = true, RealmLocator = realm => LocateRealm(realm, slow: true), ReceiveTimeout = TimeSpan.FromMilliseconds(1), Log = log }; options.Log.Enabled = true; options.Log.Level = LogLevel.Verbose; KdcServiceListener listener = new KdcServiceListener(options); _ = listener.Start(); try { await RequestAndValidateTickets("*****@*****.**", "P@ssw0rd!", $"127.0.0.1:{port}"); } catch { } listener.Stop(); var timeout = log.Exceptions.FirstOrDefault(e => e is TimeoutException); Assert.IsNotNull(timeout); throw timeout; }
public Task Setup() { Port = new Random().Next(20000, 40000); var options = new ListenerOptions { ListeningOn = new IPEndPoint(IPAddress.Loopback, Port), DefaultRealm = "corp2.identityintervention.com".ToUpper(), RealmLocator = realm => LocateRealm(realm), QueueLength = 10 * 1000, ReceiveTimeout = TimeSpan.FromMinutes(60), Log = null }; listener = new KdcServiceListener(options); _ = listener.Start(); credential = Creds.GetOrAdd(AlgorithmType, a => new KerberosPasswordCredential(a + user, password)); asReq = new ReadOnlySequence <byte>(KrbAsReq.CreateAsReq(credential, DefaultAuthentication).EncodeApplication()); return(Task.CompletedTask); }
public async Task E2EMultithreadedClient() { var port = new Random().Next(20000, 40000); var options = new ListenerOptions { ListeningOn = new IPEndPoint(IPAddress.Loopback, port), DefaultRealm = "corp2.identityintervention.com".ToUpper(), IsDebug = true, RealmLocator = realm => LocateRealm(realm), ReceiveTimeout = TimeSpan.FromHours(1) }; using (KdcServiceListener listener = new KdcServiceListener(options)) { _ = listener.Start(); var exceptions = new List <Exception>(); var kerbCred = new KerberosPasswordCredential("*****@*****.**", "P@ssw0rd!"); string kdc = $"127.0.0.1:{port}"; //string kdc = "10.0.0.21:88"; using (KerberosClient client = new KerberosClient(kdc)) { client.CacheServiceTickets = false; await client.Authenticate(kerbCred); Task.WaitAll(Enumerable.Range(0, 2).Select(taskNum => Task.Run(async() => { for (var i = 0; i < 100; i++) { try { if (i % 2 == 0) { await client.Authenticate(kerbCred); } var ticket = await client.GetServiceTicket(new RequestServiceTicket { ServicePrincipalName = "host/appservice.corp.identityintervention.com", ApOptions = ApOptions.MutualRequired }); Assert.IsNotNull(ticket.ApReq); await ValidateTicket(ticket); } catch (Exception ex) { exceptions.Add(ex); } } })).ToArray()); } listener.Stop(); if (exceptions.Count > 0) { throw new AggregateException($"Failed {exceptions.Count}", exceptions.GroupBy(e => e.GetType()).Select(e => e.First())); } } }
public TcpKdcListener(KdcServiceListener server) { this.server = server; }