public void Token19Test()
{
NameValueCollection headers = new NameValueCollection()
{
{ "X-Version", "1.9" },
{ "X-AUTHENTICATE-participantId", "AT:L6:1234789" },
{ "X-AUTHENTICATE-UserId", "*****@*****.**" },
{ "X-AUTHENTICATE-cn", "Max Mustermann" },
{ "X-AUTHENTICATE-gvGid", "AT:B:0:LxXnvpcYZesiqVXsZG0bB==" },
{ "X-AUTHENTICATE-gvOuId", "AT:GGA-60420:0815" },
{ "X-AUTHENTICATE-Ou", "Meldeamt" },
{ "X-AUTHENTICATE-gvOuOKZ", "AT:GGA-60420-Abt13" },
{ "X-AUTHENTICATE-mail", "*****@*****.**" },
{ "X-AUTHENTICATE-tel", "+43 3155 5153" },
{ "X-AUTHENTICATE-gvSecClass", "2" },
{ "X-AUTHORIZE-roles", "Beispielrolle(GKZ=60420)" },
{ "X-AUTHORIZE-roles", "Beispielrolle2(ABC=XYZ, DEF=4711)" },
};
PvpToken token = new PvpToken(headers);
Assert.AreEqual(PvpVersion.Version19, token.Version);
Assert.AreEqual("*****@*****.**", token.GetAttributeValue(PvpAttributes.USERID));
Assert.AreEqual("Beispielrolle(GKZ=60420);Beispielrolle2(ABC=XYZ, DEF=4711)",
token.GetAttributeValue(PvpAttributes.ROLES));
}
public void TwoLinesTest()
{
NameValueCollection headers = new NameValueCollection();
headers.Add("X-Version", "1.9");
headers.Add("X-Authorize-roles", "R1(p1=v1);R2(p1=v1,p1=v2,p2=v2)");
headers.Add("X-Authorize-roles", "R1(p1=v2);R3(p1=v1,p1=v2,p2=v2)");
PvpToken token = new PvpToken(headers);
PvpAttributeRoles authorization = token.RoleAttribute;
Assert.AreEqual(3, authorization.Roles.Count);
PvpRole role1 = authorization.GetRole("r1");
Assert.IsNotNull(role1);
Assert.AreEqual(1, role1.Parameters.Count);
Assert.AreEqual("p1", role1.Parameters.GetKey(0));
Assert.AreEqual("v1,v2", role1.Parameters["p1"]);
PvpRole role2 = authorization.GetRole("r2");
Assert.IsNotNull(role2);
Assert.AreEqual(2, role2.Parameters.Count);
Assert.AreEqual("p2", role2.Parameters.GetKey(1));
Assert.AreEqual("v1,v2", role2.Parameters["p1"]);
Assert.AreEqual("v2", role2.Parameters["p2"]);
PvpRole role3 = authorization.GetRole("r3");
Assert.IsNotNull(role3);
Assert.AreEqual(2, role3.Parameters.Count);
Assert.AreEqual("p1", role3.Parameters.GetKey(0));
Assert.AreEqual("v1,v2", role3.Parameters["p1"]);
Assert.AreEqual("v2", role2.Parameters["p2"]);
}
public CustomAuthorization GetAuthorization(string rootUrl, string userId)
{
if (rootUrl.Equals("dummy", StringComparison.InvariantCultureIgnoreCase))
{
var version = "1.9";
var pvpToken = new PvpToken(new Dictionary <PvpAttributes, string>()
{
{ PvpAttributes.VERSION, version },
{ PvpAttributes.PARTICIPANT_ID, "AT:L6:1234789" },
{ PvpAttributes.USERID, "egovstar.appserv1.intra.xyz.gv.at" },
{ PvpAttributes.X_AUTHENTICATE_cn, "Anwendung 1 Register-Interface" },
{ PvpAttributes.OU_GV_OU_ID, "AT:L6:4711" },
{ PvpAttributes.OU, "Fachabteilung 1B Informationstechnik" },
{ PvpAttributes.SECCLASS, "2" },
{ PvpAttributes.ROLES, "FixedRole(param=value)" },
}, false);
CustomAuthorization auth = new CustomAuthorization();
auth.TimeToLive = 60 * 10; //10 Minuten
auth.PvpVersion = version;
auth.SoapHeaderXmlFragment = pvpToken.GetSystemPrincipalSoapFragment();
return(auth);
}
return(CustomAuthorization.NoAuthorization);
}
public PvpToken GetPvpToken()
{
if (_pvpToken == null)
{
_pvpToken = new PvpToken(GetValueCollection(), true);
}
return(_pvpToken);
}
public void InvalidTokenTest()
{
NameValueCollection headers = new NameValueCollection()
{
{ "X-Version", "1.7" },
};
PvpToken token = new PvpToken(headers);
}
public void SystemPrincipalTest()
{
PvpToken token = new PvpToken(GetNameValueCollection19());
var xml = token.GetSystemPrincipalSoapFragment();
Assert.AreEqual("<pvpToken version=\"1.9\" xmlns=\"http://egov.gv.at/pvp1.xsd\"><authenticate><participantId>AT:L6:1234789</participantId><systemPrincipal><userId>[email protected]</userId><cn>Max Mustermann</cn><gvOuId>AT:GGA-60420:0815</gvOuId><ou>Meldeamt</ou><gvOuOKZ>AT:GGA-60420-Abt13</gvOuOKZ><gvSecClass>2</gvSecClass></systemPrincipal></authenticate><authorize><role value=\"Beispielrolle\"><param><key>GKZ</key><value>60420</value></param></role></authorize></pvpToken>"
, xml.OuterXml);
}
public void VersionEmptyTest()
{
Dictionary <PvpAttributes, string> values = new Dictionary <PvpAttributes, string>()
{
{ PvpAttributes.VERSION, String.Empty },
{ PvpAttributes.MAIL, "*****@*****.**" }
};
var token = new PvpToken(values, false);
}
public void AttributeNotDefinedTest()
{
NameValueCollection headers = new NameValueCollection()
{
{ "X-PVP-Version", "2.1" },
};
PvpToken token = new PvpToken(headers);
token.Attributes.Add(new PvpAttributeCn("blabla"));
}
public void MultipleValueTest()
{
NameValueCollection headers = new NameValueCollection()
{
{ "X-AUTHENTICATE-gvGid", "test1" },
{ "X-AUTHENTICATE-gvGid", "test2" },
{ "X-Version", "1.9" },
};
PvpToken token = new PvpToken(headers);
}
public void Token21Test()
{
NameValueCollection headers = GetNameValueCollection21();
PvpToken token = new PvpToken(headers);
Assert.AreEqual(PvpVersion.Version21, token.Version);
Assert.AreEqual("*****@*****.**", token.GetAttributeValue(PvpAttributes.USERID));
Assert.AreEqual("Beispielrolle(GKZ=60420);Beispielrolle2(ABC=XYZ, DEF=4711)",
token.GetAttributeValue(PvpAttributes.ROLES));
}
public void SamlTest()
{
PvpToken token = new PvpToken(PvpVersion.Version21);
token.Attributes.Add(new PvpAttributeUserId("*****@*****.**"));
token.Attributes.Add(new PvpAttributeRoles("Test(A=1)"));
string xml = token.GetSamlAttributeStatement().OuterXml;
Assert.IsTrue(xml.StartsWith("<AttributeStatement ID="));
Assert.IsTrue(xml.EndsWith(" Version=\"2.0\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"><Attribute Name=\"urn:oid:1.2.40.0.10.2.1.1.261.10\" FriendlyName=\"PVP-VERSION\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\"><AttributeValue>2.1</AttributeValue></Attribute><Attribute Name=\"urn:oid:0.9.2342.19200300.100.1.1\" FriendlyName=\"USERID\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\"><AttributeValue>[email protected]</AttributeValue></Attribute><Attribute Name=\"urn:oid:1.2.40.0.10.2.1.1.261.30\" FriendlyName=\"ROLES\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\"><AttributeValue>Test(A=1)</AttributeValue></Attribute></AttributeStatement>"));
//var x="<AttributeStatement ID=\"_aeb030e8-055d-4618-b0df-b8a0dcc4dd60\" Version=\"2.0\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"><Attribute Name=\"urn:oid:1.2.40.0.10.2.1.1.261.10\" FriendlyName=\"PVP-VERSION\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\"><AttributeValue>2.1</AttributeValue></Attribute><Attribute Name=\"urn:oid:0.9.2342.19200300.100.1.1\" FriendlyName=\"USERID\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\"><AttributeValue>[email protected]</AttributeValue></Attribute><Attribute Name=\"urn:oid:1.2.40.0.10.2.1.1.261.30\" FriendlyName=\"ROLES\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\"><AttributeValue>Test(A=1)</AttributeValue></Attribute></AttributeStatement>"
}
public void NewToken18Test()
{
PvpToken token18 = new PvpToken(PvpVersion.Version18);
Assert.AreEqual(PvpVersion.Version18, token18.Version);
var userId = new PvpAttributeUserId();
userId.Value = "abc";
token18.Attributes.Add(userId);
Assert.AreEqual(PvpVersion.Version18, userId.CurrentVersion);
Assert.AreEqual("abc", userId.Value);
Assert.AreEqual("X-AUTHENTICATE-UserID", userId.GetHeaderName());
Assert.AreEqual("1.8", token18.GetAttributeValue(PvpAttributes.VERSION));
}
public void NewToken20Test()
{
PvpToken token20 = new PvpToken(PvpVersion.Version20);
Assert.AreEqual(PvpVersion.Version20, token20.Version);
var userId = new PvpAttributeUserId();
userId.Value = "abc";
token20.Attributes.Add(userId);
Assert.AreEqual(PvpVersion.Version20, userId.CurrentVersion);
Assert.AreEqual("abc", userId.Value);
Assert.AreEqual("X-PVP-USERID", userId.GetHeaderName());
Assert.AreEqual("2.0", token20.GetAttributeValue(PvpAttributes.VERSION));
}
public void OrderTest()
{
NameValueCollection headers = new NameValueCollection()
{
{ "X-Version", "1.9" },
{ "X-AUTHENTICATE-UserId", "*****@*****.**" },
{ "X-AUTHENTICATE-cn", "Max Mustermann" },
{ "X-AUTHENTICATE-gvGid", "AT:B:0:LxXnvpcYZesiqVXsZG0bB==" },
{ "X-AUTHORIZE-roles", "Beispielrolle(GKZ=60420)" },
{ "X-AUTHENTICATE-gvOuId", "AT:GGA-60420:0815" },
{ "X-AUTHENTICATE-participantId", "AT:L6:1234789" },
{ "X-AUTHENTICATE-Ou", "Meldeamt" },
{ "X-AUTHENTICATE-gvOuOKZ", "AT:GGA-60420-Abt13" },
{ "X-AUTHENTICATE-mail", "*****@*****.**" },
{ "X-AUTHENTICATE-tel", "+43 3155 5153" },
{ "X-AUTHENTICATE-gvSecClass", "2" },
};
PvpToken token = new PvpToken(headers);
var httpHeaders = token.GetHeaders();
Assert.That(httpHeaders[0].Name, Is.EqualTo("X-Version"));
Assert.That(httpHeaders[1].Name, Is.EqualTo("X-AUTHENTICATE-participantId"));
Assert.That(httpHeaders[2].Name, Is.EqualTo("X-AUTHENTICATE-UserID"));
Assert.That(httpHeaders[3].Name, Is.EqualTo("X-AUTHENTICATE-cn"));
Assert.That(httpHeaders[4].Name, Is.EqualTo("X-AUTHENTICATE-gvOuId"));
Assert.That(httpHeaders[5].Name, Is.EqualTo("X-AUTHENTICATE-Ou"));
Assert.That(httpHeaders[6].Name, Is.EqualTo("X-AUTHENTICATE-gvOuOKZ"));
Assert.That(httpHeaders[7].Name, Is.EqualTo("X-AUTHENTICATE-gvSecClass"));
Assert.That(httpHeaders[8].Name, Is.EqualTo("X-AUTHENTICATE-mail"));
Assert.That(httpHeaders[9].Name, Is.EqualTo("X-AUTHENTICATE-tel"));
Assert.That(httpHeaders[10].Name, Is.EqualTo("X-AUTHENTICATE-gvGid"));
Assert.That(httpHeaders[11].Name, Is.EqualTo("X-AUTHORIZE-roles"));
var token21 = token.ConvertTo(PvpVersion.Version21);
var http21Headers = token21.GetHeaders();
Assert.That(http21Headers[0].Name, Is.EqualTo("X-PVP-VERSION"));
Assert.That(http21Headers[1].Name, Is.EqualTo("X-PVP-SECCLASS"));
Assert.That(http21Headers[2].Name, Is.EqualTo("X-PVP-PRINCIPAL-NAME"));
Assert.That(http21Headers[3].Name, Is.EqualTo("X-PVP-USERID"));
Assert.That(http21Headers[4].Name, Is.EqualTo("X-PVP-GID"));
Assert.That(http21Headers[5].Name, Is.EqualTo("X-PVP-MAIL"));
Assert.That(http21Headers[6].Name, Is.EqualTo("X-PVP-TEL"));
Assert.That(http21Headers[7].Name, Is.EqualTo("X-PVP-PARTICIPANT-ID"));
Assert.That(http21Headers[8].Name, Is.EqualTo("X-PVP-OU-OKZ"));
Assert.That(http21Headers[9].Name, Is.EqualTo("X-PVP-OU-GV-OU-ID"));
Assert.That(http21Headers[10].Name, Is.EqualTo("X-PVP-OU"));
Assert.That(http21Headers[11].Name, Is.EqualTo("X-PVP-ROLES"));
}
public void HasRoleTest()
{
PvpToken token = new PvpToken(PvpVersion.Version20);
token.Attributes.Add(new PvpAttributeRoles("R1(p1=v1);R2(p1=v1,p1=v2,p2=v2);R3(GKZ)"));
Assert.IsTrue(token.RoleAttribute.HasRole(new PvpRole("R1")));
Assert.IsTrue(token.RoleAttribute.HasRole(PvpRole.Parse("R1(p1=v1)")));
Assert.IsTrue(token.RoleAttribute.HasRole(PvpRole.Parse("R2(p1=v1,p1=v2,p2=v2)")));
Assert.IsTrue(token.RoleAttribute.HasRole(new PvpRole("R2")));
Assert.IsTrue(token.RoleAttribute.HasRole(PvpRole.Parse("R2()")));
Assert.IsFalse(token.RoleAttribute.HasRole(PvpRole.Parse("R4")));
Assert.IsFalse(token.RoleAttribute.HasRole(PvpRole.Parse("R1(p1=v2)")));
Assert.IsFalse(token.RoleAttribute.HasRole(PvpRole.Parse("R1(p1=v2)")));
Assert.IsTrue(token.RoleAttribute.HasRole(new PvpRole("R3")));
Assert.IsTrue(token.RoleAttribute.HasRole(PvpRole.Parse("R3(Gkz)")));
}
public void MultipleAttributesTest()
{
NameValueCollection headers = new NameValueCollection()
{
{ "X-Version", "1.9" },
{ "X-AUTHENTICATE-participantId", "AT:L6:1234789" },
};
PvpToken token = new PvpToken(headers);
PvpAttributeFunction function = new PvpAttributeFunction("SachbearbeiterIn");
token.Attributes.Add(function);
Assert.AreEqual(3, token.Attributes.Count);
Assert.AreEqual("SachbearbeiterIn", token.GetAttributeValue(PvpAttributes.FUNCTION));
PvpAttributeParticipantId participantId = new PvpAttributeParticipantId("AT:L9:Wien");
token.Attributes.Add(participantId);
}
public void ParseTokenTest()
{
NameValueCollection headers = GetNameValueCollection21();
PvpToken token = new PvpToken(headers);
PvpToken parsedToken = new PvpToken(token.GetSamlAttributeStatement());
Assert.AreEqual(PvpVersion.Version21, parsedToken.Version);
Assert.AreEqual("*****@*****.**", parsedToken.GetAttributeValue(PvpAttributes.USERID));
Assert.AreEqual("Beispielrolle(GKZ=60420);Beispielrolle2(ABC=XYZ, DEF=4711)",
parsedToken.GetAttributeValue(PvpAttributes.ROLES));
foreach (HttpHeader header in parsedToken.GetHeaders())
{
if (header.Name.Equals("X-PVP-roles", StringComparison.InvariantCultureIgnoreCase))
{
continue;
}
Assert.AreEqual(headers[header.Name], header.Value, "Fehler bei " + header.Name);
}
}
private XmlNode GetChainedToken(XmlElement removedPvpToken)
{
// neither http headers nor soap headers avaiable
if (removedPvpToken == null && _headers == null)
{
return(null);
}
if (_headers != null && PvpToken.DeterminePvpVersion(_headers).HasValue)
{
PvpToken chainedToken = new PvpToken(_headers);
// Use http header if possible
if (chainedToken.ParticipantId != null)
{
return(chainedToken.GetChainedSoapFragment());
}
}
// http headers available, but not sufficent
if (removedPvpToken == null)
{
return(null);
}
XmlDocument tempDoc = new XmlDocument();
XmlNode chainedNode = tempDoc.CreateElement(_pvpChainedTokenTag, _pvpTokenNS);
XmlNode importedToken = tempDoc.ImportNode(removedPvpToken, true);
foreach (XmlNode child in importedToken.ChildNodes)
{
chainedNode.AppendChild(child);
}
foreach (XmlAttribute a in importedToken.Attributes)
{
chainedNode.Attributes.Append((XmlAttribute)a.Clone());
}
return(chainedNode);
}
public void ParseSamlValuesTest()
{
NameValueCollection headers = GetNameValueCollection21();
PvpToken token = new PvpToken(headers);
XElement statement = XElement.Parse(token.GetSamlAttributeStatement().OuterXml);
var values = statement.Elements(PvpToken.SamlXNamespace + "Attribute").ToDictionary(a => a.Attribute("Name").Value,
a =>
a.Elements(PvpToken.SamlXNamespace + "AttributeValue").Select(v => v.Value).ToList());
PvpToken parsedToken = new PvpToken(values);
Assert.AreEqual(PvpVersion.Version21, parsedToken.Version);
Assert.AreEqual("*****@*****.**", parsedToken.GetAttributeValue(PvpAttributes.USERID));
Assert.AreEqual("Beispielrolle(GKZ=60420);Beispielrolle2(ABC=XYZ, DEF=4711)",
parsedToken.GetAttributeValue(PvpAttributes.ROLES));
foreach (HttpHeader header in parsedToken.GetHeaders())
{
if (header.Name.Equals("X-PVP-roles", StringComparison.InvariantCultureIgnoreCase))
{
continue;
}
Assert.AreEqual(headers[header.Name], header.Value, "Fehler bei " + header.Name);
}
}
public void ChainedTokenTest()
{
var headers = GetNameValueCollection19();
PvpToken token = new PvpToken(headers);
string result = token.GetChainedSoapFragment().OuterXml;
Assert.IsTrue(
result.Contains(
@"<pvpChainedToken version=""1.9"" xmlns=""http://egov.gv.at/pvp1.xsd"">"))
;
Assert.IsTrue(result.Contains("<participantId>AT:L6:1234789</participantId>"));
Assert.IsTrue(result.Contains("<userId>[email protected]</userId>"));
Assert.IsTrue(result.Contains("<cn>Max Mustermann</cn>"));
Assert.IsTrue(result.Contains("<ou>Meldeamt</ou>"));
Assert.IsTrue(result.Contains("<gvOuOKZ>AT:GGA-60420-Abt13</gvOuOKZ>"));
Assert.IsTrue(result.Contains("<gvSecClass>2</gvSecClass>"));
Assert.IsTrue(result.Contains("<gvGid>AT:B:0:LxXnvpcYZesiqVXsZG0bB==</gvGid>"));
Assert.IsTrue(result.Contains("<gvOuId>AT:GGA-60420:0815</gvOuId>"));
Assert.IsTrue(result.Contains("<mail>[email protected]</mail>"));
Assert.IsTrue(result.Contains("<tel>+43 3155 5153</tel>"));
Assert.IsTrue(result.Contains("</userPrincipal></authenticate>"));
Assert.IsTrue(
result.Contains(@"<role value=""Beispielrolle""><param><key>GKZ</key><value>60420</value></param></role>"));
}
