コード例 #1
0
            public void ThrowsYubikeyInvalidResponseExceptionWhenExceptionWhileClientCall()
            {
                var response = new Mock <IYubicoResponse>();

                response.SetupGet(x => x.Status).Returns(YubicoResponseStatus.Ok);
                response.SetupGet(x => x.PublicId).Returns("some other id");

                var client = new Mock <IYubicoClient>();

                client.Setup(x => x.Verify(It.IsAny <string>())).Throws <WebException>();
                var configuration = new YubikeyConfiguration {
                    Users = new List <UserMapping> {
                        new UserMapping("some name", "some id")
                    }
                };
                var formCollection = new NameValueCollection {
                    { "yubiKey", "some id" }
                };
                var context = MvcTestBase.CreateRequestContext(new Uri("http://localhost/test/", UriKind.Absolute), null, null, formCollection);

                var target = new YubikeyCheckAttribute(configuration, client.Object)
                {
                    SkipIdentityNameCheck = true,
                };

                target.OnActionExecuting(context);
            }
コード例 #2
0
            public void NullConfigurationThrowsWhenInstance()
            {
                var target = new YubikeyCheckAttribute(null, new YubicoClientAdapter())
                {
                    ImageOnly = true
                };

                target.OnActionExecuting(MvcTestBase.CreateRequestContext(new Uri("http://localhost/test/?42FE943EC8A64735A978D1F81D5FFD00", UriKind.Absolute)));
            }
コード例 #3
0
            public void CreatesNoAuditByDefault()
            {
                var configuration = new ConfigurationBase();
                var target        = new SampleAuthenticator(configuration);

                target.AuditEvent(new Exception("Sample"), MvcTestBase.CreateRequestContext());
                var result = target.InternalAudit;

                Assert.IsNull(result);
            }
コード例 #4
0
            public void ContinuesProcessingWhenUrlIsNull()
            {
                var context = MvcTestBase.CreateRequestContext((Uri)null);

                var target = new SampleAuthenticator(new ConfigurationBase())
                {
                    ImageOnly = true,
                };

                target.OnActionExecuting(context);
            }
コード例 #5
0
            public void DoesNotInterceptNonImageRequestsWhenImageOnly()
            {
                var context = MvcTestBase.CreateRequestContext(new Uri("http://localhost/test/", UriKind.Absolute));

                var target = new YubikeyCheckAttribute(new YubikeyConfiguration(), new YubicoClientAdapter())
                {
                    ImageOnly = true
                };

                target.OnActionExecuting(context);

                Assert.IsNull(context.Result);
            }
コード例 #6
0
            public void NotBlocksLessThanConfiguredFastCalls()
            {
                var context = MvcTestBase.CreateRequestContext();

                // we want to allow max 1 requests in one second
                var target = new MinimumRequestTimeDistanceAttribute();

                // calling 1 times should NOT throw an exception
                target.OnActionExecuting(context);

                var contentResult = context.Result as ContentResult;

                Assert.IsNull(contentResult);
            }
コード例 #7
0
            public void NotBlocksConfiguredFastCallsWithoutClientId()
            {
                // we setup a request context that returns always the same session id
                var context = MvcTestBase.CreateRequestContext(new Uri("http://localhost"), string.Empty, string.Empty);

                // we want to allow max 1 requests in one second
                var target = new MinimumRequestTimeDistanceAttribute();

                // calling 2 times should not throw an exception
                target.OnActionExecuting(context);
                target.OnActionExecuting(context);

                Assert.IsNotNull(target);
            }
コード例 #8
0
            public void RedirectsIfExceptionAndActionIsSet()
            {
                // todo: still having issues testing this: the newly generated UrlHelper needs "something" to build up a URL
                var context = MvcTestBase.CreateRequestContext(new Uri("http://exception/Home/Index"));
                var target  = new SampleAuthenticator(new ConfigurationBase())
                {
                    InvalidKeyAction = "Index"
                };

                target.OnActionExecuting(context);
                var redirectResult = context.Result as RedirectResult;

                Assert.IsNotNull(redirectResult);
                Assert.AreEqual("/Home/Index/", redirectResult.Url);
            }
コード例 #9
0
            public void DeliversImageForCorrectRequest()
            {
                var context = MvcTestBase.CreateRequestContext(new Uri("http://localhost/test/?42FE943EC8A64735A978D1F81D5FFD00", UriKind.Absolute));

                var target = new YubikeyCheckAttribute(new YubikeyConfiguration(), new YubicoClientAdapter())
                {
                    ImageOnly = true
                };

                target.OnActionExecuting(context);

                var fileResult = context.Result as FileResult;

                Assert.IsNotNull(fileResult);
                Assert.AreEqual("image/png", fileResult.ContentType);
            }
コード例 #10
0
            public void CallsRequestGateIfWanted()
            {
                var hasBeenCalled = false;
                var mock          = new Mock <IGate>();

                mock.Setup(x => x.CheckRequestGate).Returns(true);
                mock.Setup(x => x.CheckStatisticGate).Returns(false);
                mock.Setup(x => x.RequestGate(It.IsAny <string>(), It.IsAny <HttpRequestBase>())).Returns(() => hasBeenCalled = true);
                var context = MvcTestBase.CreateRequestContext(new Uri("http://localhost"), string.Empty, string.Empty);

                var target = new TestGateMvcAttribute(mock.Object);

                target.OnActionExecuting(context);

                Assert.IsTrue(hasBeenCalled);
            }
            public void NotBlocksLessThanConfiguredFastCalls()
            {
                var context = MvcTestBase.CreateRequestContext();

                // we want to allow max 2 requests in one second
                var target = new FastRequestsProtectionAttribute {
                    RequestsPerSecondAndClient = 2
                };

                // calling 2 times should NOT block
                target.OnActionExecuting(context);
                target.OnActionExecuting(context);

                Assert.IsNotNull(target);
                Assert.IsNull(context.Result);
            }
コード例 #12
0
            [ExcludeFromCodeCoverage]   // since we expect an exception, we cannot get 100% code coverage
            public void BlocksConfiguredFastCalls()
            {
                // we setup a request context that returns always the same session id
                var context = MvcTestBase.CreateRequestContext();

                // we want to allow max 1 requests in one second
                var target = new MinimumRequestTimeDistanceAttribute();

                // calling 2 times should block execution
                target.OnActionExecuting(context);
                target.OnActionExecuting(context);

                var contentResult = context.Result as ContentResult;

                Assert.IsNotNull(contentResult);
                Assert.AreEqual("client has been blocked...", contentResult.Content);
            }
コード例 #13
0
            public void CreatesCallsAuditForSuccessByDefault()
            {
                var configuration = new ConfigurationBase
                {
                    Audit = new TypeConfiguration
                    {
                        TypeName = "Sem.Authentication.AppInfrastructure.DebugAudit, Sem.Authentication",
                    }
                };

                var target = new SampleAuthenticator(configuration);

                target.AuditEvent(MvcTestBase.CreateRequestContext());
                var result = target.InternalAudit;

                Assert.IsNotNull(result);
            }
コード例 #14
0
            public void ThrowsInvalidOperationExceptionWhenNoUsers()
            {
                var client        = SetupClient(YubicoResponseStatus.Ok, "some id");
                var configuration = new YubikeyConfiguration {
                    Users = null
                };
                var formCollection = new NameValueCollection {
                    { "yubiKey", "some id" }
                };
                var context = MvcTestBase.CreateRequestContext(new Uri("http://localhost/test/", UriKind.Absolute), null, null, formCollection);

                var target = new YubikeyCheckAttribute(configuration, client.Object)
                {
                    SkipIdentityNameCheck = true,
                };

                target.OnActionExecuting(context);
            }
            public void NotBlocksConfiguredFastCallsWithoutClientId()
            {
                // we setup a request context that returns always the same session id
                var context = MvcTestBase.CreateRequestContext(new Uri("http://localhost"), string.Empty, string.Empty);

                // we want to allow max 2 requests in one second
                var target = new FastRequestsProtectionAttribute {
                    RequestsPerSecondAndClient = 2
                };

                // calling 4 times without client id should not block
                target.OnActionExecuting(context);
                target.OnActionExecuting(context);
                target.OnActionExecuting(context);
                target.OnActionExecuting(context);

                Assert.IsNotNull(target);
            }
コード例 #16
0
            public void RedirectsConfiguredFastCalls()
            {
                // we setup a request context that returns always the same session id
                var context = MvcTestBase.CreateRequestContext();

                // we want to allow max 1 requests in one second
                var target = new MinimumRequestTimeDistanceAttribute {
                    FaultAction = "Fault"
                };

                // calling 3 times should throw an exception
                target.OnActionExecuting(context);
                Assert.IsNotInstanceOfType(context.Result, typeof(RedirectResult));

                target.OnActionExecuting(context);
                target.OnActionExecuting(context);

                Assert.IsInstanceOfType(context.Result, typeof(RedirectResult));
            }
コード例 #17
0
            public void ThrowsWhenUnKnownIdAndMatchingUser()
            {
                var client        = SetupClient(YubicoResponseStatus.Ok, "some id");
                var configuration = new YubikeyConfiguration {
                    Users = new List <UserMapping> {
                        new UserMapping("some name", "some id")
                    }
                };
                var formCollection = new NameValueCollection {
                    { "yubiKey", "some id" }
                };
                var context = MvcTestBase.CreateRequestContext(new Uri("http://localhost/test/", UriKind.Absolute), null, null, formCollection, "some unknown name");

                var target = new YubikeyCheckAttribute(configuration, client.Object)
                {
                    SkipIdentityNameCheck = false,
                };

                target.OnActionExecuting(context);
            }
            [ExcludeFromCodeCoverage]   // since we expect an exception, we cannot get 100% code coverage
            public void BlocksConfiguredFastCalls()
            {
                // we setup a request context that returns always the same session id
                var context = MvcTestBase.CreateRequestContext();

                // we want to allow max 2 requests in one second
                var target = new FastRequestsProtectionAttribute {
                    RequestsPerSecondAndClient = 2
                };

                // calling 3 times should block access
                target.OnActionExecuting(context);
                target.OnActionExecuting(context);
                target.OnActionExecuting(context);

                var contentResult = context.Result as ContentResult;

                Assert.IsNotNull(contentResult);
                Assert.AreEqual("client has been blocked...", contentResult.Content);
            }
コード例 #19
0
            public void ThrowsNullResponseExceptionForNullResponse()
            {
                var client        = SetupClient();
                var configuration = new YubikeyConfiguration {
                    Users = new List <UserMapping> {
                        new UserMapping("some name", "some id")
                    }
                };
                var formCollection = new NameValueCollection {
                    { "yubiKey", "some id" }
                };
                var context = MvcTestBase.CreateRequestContext(new Uri("http://localhost/test/", UriKind.Absolute), null, null, formCollection);

                var target = new YubikeyCheckAttribute(configuration, client.Object)
                {
                    SkipIdentityNameCheck = true,
                };

                target.OnActionExecuting(context);
            }
            public void RedirectsConfiguredFastCalls()
            {
                // we setup a request context that returns always the same session id
                var context = MvcTestBase.CreateRequestContext();

                // we want to allow max 2 requests in one second
                var target = new FastRequestsProtectionAttribute {
                    RequestsPerSecondAndClient = 2, FaultAction = "Fault"
                };

                // first call should NOT redirect
                target.OnActionExecuting(context);
                Assert.IsNotInstanceOfType(context.Result, typeof(RedirectResult));

                target.OnActionExecuting(context);

                // calling 3 times should redirect
                target.OnActionExecuting(context);

                Assert.IsInstanceOfType(context.Result, typeof(RedirectResult));
            }
コード例 #21
0
            public void NotCallsStatisticsGateIfNotWanted()
            {
                var hasBeenCalled = false;
                var mock          = new Mock <IGate>();

                mock.Setup(x => x.CheckRequestGate).Returns(false);
                mock.Setup(x => x.CheckStatisticGate).Returns(false);
                mock.Setup(x => x.StatisticsGate(It.IsAny <string>(), It.IsAny <ConcurrentDictionary <string, ClientStatistic> >())).Returns(() => hasBeenCalled = true);
                var context = MvcTestBase.CreateRequestContext(new Uri("http://localhost"), string.Empty, string.Empty);

                var target = new TestGateMvcAttribute(mock.Object);

                target.OnActionExecuting(context);

                Assert.IsFalse(hasBeenCalled);

                // call gate to execute the code
                mock.Setup(x => x.CheckStatisticGate).Returns(true);
                target.OnActionExecuting(context);
                Assert.IsTrue(hasBeenCalled);
            }
コード例 #22
0
            public async Task NotBlocksMultipleLessThanConfiguredFastCalls()
            {
                // we setup a request context that returns always the same session id
                var context = MvcTestBase.CreateRequestContext();

                // we want to allow max 1 requests in one second
                var target = new MinimumRequestTimeDistanceAttribute();

                // calling 1 times should NOT throw an exception
                target.OnActionExecuting(context);
                var contentResult1 = context.Result as ContentResult;

                Assert.IsNull(contentResult1);

                await Task.Delay(1001);

                // calling 2 times should NOT throw an exception
                target.OnActionExecuting(context);

                var contentResult2 = context.Result as ContentResult;

                Assert.IsNull(contentResult2);
            }
            public async Task NotBlocksMultipleLessThanConfiguredFastCalls()
            {
                // we setup a request context that returns always the same session id
                var context = MvcTestBase.CreateRequestContext();

                // we want to allow max 2 requests in one second
                var target = new FastRequestsProtectionAttribute
                {
                    RequestsPerSecondAndClient   = 2,
                    MaxRetentionTimeOfStatistics = 50,
                };

                // calling 2 times should NOT throw an exception
                target.OnActionExecuting(context);
                target.OnActionExecuting(context);

                await Task.Delay(100);

                // calling 2 times should NOT throw an exception
                target.OnActionExecuting(context);
                target.OnActionExecuting(context);

                Assert.IsNotNull(target);
            }
コード例 #24
0
 public void RendersExpectedInputBoxWithImageForAction()
 {
     const string Expected = "<img class=\"yubikeyCaption\" alt=\"YubiKey: \" id=\"yubiKeyImage\" src=\"/Home/targetaction?42FE943EC8A64735A978D1F81D5FFD00\" /><input class=\"yubikeyInput\" id=\"yubiKey\" name=\"yubiKey\" text=\"\"/>";
     var result = MvcTestBase.CreateHtmlHelper().YubikeyInput("targetaction", new YubikeyConfiguration());
     Assert.AreEqual(Expected, result.ToHtmlString());
 }