public void ShouldParseValidAuthHeaderWithSha256() { var credential = new HawkCredential { Id = "123", Algorithm = "hmacsha256", Key = "werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn", User = "******" }; var filter = new RequiresHawkAttribute((id) => { return(credential); }); var ts = Math.Floor(Hawk.ConvertToUnixTimestamp(DateTime.Now) / 1000); var mac = Hawk.CalculateMac("example.com", "get", new Uri("http://example.com:8080/resource/4?filter=a"), "hello", ts.ToString(), "j4h3g2", credential, "header"); var request = new HttpRequestMessage(HttpMethod.Get, "http://example.com:8080/resource/4?filter=a"); request.Headers.Authorization = new AuthenticationHeaderValue("Hawk", string.Format("id = \"456\", ts = \"{0}\", nonce=\"j4h3g2\", mac = \"{1}\", ext = \"hello\"", ts, mac)); request.Headers.Host = "example.com"; var context = new HttpActionContext(); context.ControllerContext = new HttpControllerContext(); context.ControllerContext.Request = request; filter.OnAuthorization(context); Assert.AreEqual(Thread.CurrentPrincipal.GetType(), typeof(ClaimsPrincipal)); }
public void ShouldReturnChallengeOnEmptyAuthHeaderWithStatusUnauthorized() { var filter = new RequiresHawkAttribute((id) => { return(new HawkCredential { Id = "123", Algorithm = "hmac-sha-0", Key = "werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn", User = "******" }); }); var request = new HttpRequestMessage(HttpMethod.Get, "http://example.com:8080/resource/4?filter=a"); request.Headers.Host = "localhost"; var context = new HttpActionContext(); context.ControllerContext = new HttpControllerContext(); context.ControllerContext.Request = request; context.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized); filter.OnAuthorization(context); Assert.AreEqual(HttpStatusCode.Unauthorized, context.Response.StatusCode); Assert.IsTrue(context.Response.Headers.WwwAuthenticate.Any(h => h.Scheme == "Hawk")); }
public void ShouldParseValidBewit() { var credential = new HawkCredential { Id = "123", Algorithm = "hmacsha256", Key = "werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn", User = "******" }; var filter = new RequiresHawkAttribute((id) => { return(credential); }); var bewit = Hawk.GetBewit("example.com", new Uri("http://example.com:8080/resource/4?filter=a"), credential, 1000); var request = new HttpRequestMessage(HttpMethod.Get, "http://example.com:8080/resource/4?filter=a&bewit=" + bewit); request.Headers.Host = "example.com"; var context = new HttpActionContext(); context.ControllerContext = new HttpControllerContext(); context.ControllerContext.Request = request; filter.OnAuthorization(context); Assert.AreEqual(Thread.CurrentPrincipal.GetType(), typeof(ClaimsPrincipal)); }
public void ShouldFailOnInvalidCredentials() { var filter = new RequiresHawkAttribute((id) => { return new HawkCredential { Key = "werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn", User = "******" }; }); var ts = Math.Floor(Hawk.ConvertToUnixTimestamp(DateTime.Now) / 1000).ToString(); var request = new HttpRequestMessage(HttpMethod.Get, "http://example.com:8080/resource/4?filter=a"); request.Headers.Authorization = new AuthenticationHeaderValue("Hawk", "id = \"456\", ts = \"" + ts + "\", nonce=\"k3j4h2\", mac = \"qrP6b5tiS2CO330rpjUEym/USBM=\", ext = \"hello\""); request.Headers.Host = "localhost"; var context = new HttpActionContext(); context.ControllerContext = new HttpControllerContext(); context.ControllerContext.Request = request; filter.OnAuthorization(context); Assert.AreEqual(HttpStatusCode.Unauthorized, context.Response.StatusCode); Assert.AreEqual("Invalid credentials", context.Response.ReasonPhrase); }
public void ShouldFailOnUnknownBadMac() { var filter = new RequiresHawkAttribute((id) => { return(new HawkCredential { Id = "123", Algorithm = "hmacsha256", Key = "werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn", User = "******" }); }); var ts = Math.Floor(Hawk.ConvertToUnixTimestamp(DateTime.Now) / 1000).ToString(); var request = new HttpRequestMessage(HttpMethod.Get, "http://example.com:8080/resource/4?filter=a"); request.Headers.Authorization = new AuthenticationHeaderValue("Hawk", "id = \"456\", ts = \"" + ts + "\", nonce=\"k3j4h2\", mac = \"/qwS4UjfVWMcU4jlr7T/wuKe3dKijvTvSos=\", ext = \"hello\""); request.Headers.Host = "localhost"; var context = new HttpActionContext(); context.ControllerContext = new HttpControllerContext(); context.ControllerContext.Request = request; filter.OnAuthorization(context); Assert.AreEqual(HttpStatusCode.Unauthorized, context.Response.StatusCode); Assert.AreEqual("Bad mac", context.Response.ReasonPhrase); }
public void ShouldFailOnInvalidCredentials() { var filter = new RequiresHawkAttribute((id) => { return(new HawkCredential { Key = "werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn", User = "******" }); }); var ts = Math.Floor(Hawk.ConvertToUnixTimestamp(DateTime.Now) / 1000).ToString(); var request = new HttpRequestMessage(HttpMethod.Get, "http://example.com:8080/resource/4?filter=a"); request.Headers.Authorization = new AuthenticationHeaderValue("Hawk", "id = \"456\", ts = \"" + ts + "\", nonce=\"k3j4h2\", mac = \"qrP6b5tiS2CO330rpjUEym/USBM=\", ext = \"hello\""); request.Headers.Host = "localhost"; var context = new HttpActionContext(); context.ControllerContext = new HttpControllerContext(); context.ControllerContext.Request = request; filter.OnAuthorization(context); Assert.AreEqual(HttpStatusCode.Unauthorized, context.Response.StatusCode); Assert.AreEqual("Invalid credentials", context.Response.ReasonPhrase); }
public void ShouldFailOnInvalidAuthFormat() { var filter = new RequiresHawkAttribute(GetCredential); var request = new HttpRequestMessage(HttpMethod.Get, "http://example.com:8080/resource/4?filter=a"); request.Headers.Authorization = new AuthenticationHeaderValue("Hawk", ""); request.Headers.Host = "localhost"; var context = new HttpActionContext(); context.ControllerContext = new HttpControllerContext(); context.ControllerContext.Request = request; filter.OnAuthorization(context); Assert.AreEqual(HttpStatusCode.BadRequest, context.Response.StatusCode); Assert.AreEqual("Invalid header format", context.Response.ReasonPhrase); }
public void ShouldFailOnWMissingHostHeader() { var filter = new RequiresHawkAttribute(GetCredential); var request = new HttpRequestMessage(); request.Headers.Authorization = new AuthenticationHeaderValue("Hawk", "id = \"123\", ts = \"1353788437\", mac = \"/qwS4UjfVWMcUyW6EEgUH4jlr7T/wuKe3dKijvTvSos=\", ext = \"hello\""); var context = new HttpActionContext(); context.ControllerContext = new HttpControllerContext(); context.ControllerContext.Request = request; filter.OnAuthorization(context); Assert.AreEqual(HttpStatusCode.BadRequest, context.Response.StatusCode); Assert.AreEqual("Missing Host header", context.Response.ReasonPhrase); }
public void ShouldNotAuthorizeOnWrongAuthScheme() { var filter = new RequiresHawkAttribute(GetCredential); var request = new HttpRequestMessage(HttpMethod.Get, "http://example.com:8080/resource/4?filter=a"); request.Headers.Authorization = new AuthenticationHeaderValue("Basic"); var context = new HttpActionContext(); context.ControllerContext = new HttpControllerContext(); context.ControllerContext.Request = request; filter.OnAuthorization(context); Assert.IsNotNull(context.Response); Assert.AreEqual(HttpStatusCode.Unauthorized, context.Response.StatusCode); }
public void ShouldFailOnMissingAuthAttribute() { var filter = new RequiresHawkAttribute(GetCredential); var request = new HttpRequestMessage(HttpMethod.Get, "http://example.com:8080/resource/4?filter=a"); request.Headers.Authorization = new AuthenticationHeaderValue("Hawk", "ts = \"1353788437\", mac = \"/qwS4UjfVWMcUyW6EEgUH4jlr7T/wuKe3dKijvTvSos=\", ext = \"hello\""); request.Headers.Host = "localhost"; var context = new HttpActionContext(); context.ControllerContext = new HttpControllerContext(); context.ControllerContext.Request = request; filter.OnAuthorization(context); Assert.AreEqual(HttpStatusCode.Unauthorized, context.Response.StatusCode); Assert.AreEqual("Missing attributes", context.Response.ReasonPhrase); }
public void ShouldFailOnCredentialsFuncException() { var filter = new RequiresHawkAttribute((id) => { throw new Exception("Invalid"); }); var ts = Math.Floor(Hawk.ConvertToUnixTimestamp(DateTime.Now) / 1000).ToString(); var request = new HttpRequestMessage(HttpMethod.Get, "http://example.com:8080/resource/4?filter=a"); request.Headers.Authorization = new AuthenticationHeaderValue("Hawk", "id = \"456\", ts = \"" + ts + "\", nonce=\"k3j4h2\", mac = \"qrP6b5tiS2CO330rpjUEym/USBM=\", ext = \"hello\""); request.Headers.Host = "localhost"; var context = new HttpActionContext(); context.ControllerContext = new HttpControllerContext(); context.ControllerContext.Request = request; filter.OnAuthorization(context); Assert.AreEqual(HttpStatusCode.Unauthorized, context.Response.StatusCode); Assert.AreEqual("Unknown user", context.Response.ReasonPhrase); }
public void ShouldSkipAuthenticationForEndpoint() { var filter = new RequiresHawkAttribute((id) => { return(new HawkCredential { Id = "123", Algorithm = "hmac-sha-0", Key = "werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn", User = "******" }); }, (r) => !r.RequestUri.AbsoluteUri.EndsWith("$metadata")); var request = new HttpRequestMessage(HttpMethod.Get, "http://example.com:8080/resource/$metadata"); var context = new HttpActionContext(); context.ControllerContext = new HttpControllerContext(); context.ControllerContext.Request = request; filter.OnAuthorization(context); Assert.IsNull(context.Response); }
public void ShoulThrowWhenInvalidRepositoryType() { var filter = new RequiresHawkAttribute(typeof(object)); }
public void ShouldSkipAuthenticationForEndpoint() { var filter = new RequiresHawkAttribute((id) => { return new HawkCredential { Id = "123", Algorithm = "hmac-sha-0", Key = "werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn", User = "******" }; }, (r) => !r.RequestUri.AbsoluteUri.EndsWith("$metadata")); var request = new HttpRequestMessage(HttpMethod.Get, "http://example.com:8080/resource/$metadata"); var context = new HttpActionContext(); context.ControllerContext = new HttpControllerContext(); context.ControllerContext.Request = request; filter.OnAuthorization(context); Assert.IsNull(context.Response); }
public void ShouldReturnChallengeOnEmptyAuthHeaderWithStatusUnauthorized() { var filter = new RequiresHawkAttribute((id) => { return new HawkCredential { Id = "123", Algorithm = "hmac-sha-0", Key = "werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn", User = "******" }; }); var request = new HttpRequestMessage(HttpMethod.Get, "http://example.com:8080/resource/4?filter=a"); request.Headers.Host = "localhost"; var context = new HttpActionContext(); context.ControllerContext = new HttpControllerContext(); context.ControllerContext.Request = request; context.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized); filter.OnAuthorization(context); Assert.AreEqual(HttpStatusCode.Unauthorized, context.Response.StatusCode); Assert.IsTrue(context.Response.Headers.WwwAuthenticate.Any(h => h.Scheme == "Hawk")); }
public void ShouldParseValidBewit() { var credential = new HawkCredential { Id = "123", Algorithm = "hmacsha256", Key = "werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn", User = "******" }; var filter = new RequiresHawkAttribute((id) => { return credential; }); var bewit = Hawk.GetBewit("example.com", new Uri("http://example.com:8080/resource/4?filter=a"), credential, 1000); var request = new HttpRequestMessage(HttpMethod.Get, "http://example.com:8080/resource/4?filter=a&bewit=" + bewit); request.Headers.Host = "example.com"; var context = new HttpActionContext(); context.ControllerContext = new HttpControllerContext(); context.ControllerContext.Request = request; filter.OnAuthorization(context); Assert.AreEqual(Thread.CurrentPrincipal.GetType(), typeof(ClaimsPrincipal)); }
public void ShouldParseValidAuthHeaderWithSha256() { var credential = new HawkCredential { Id = "123", Algorithm = "hmacsha256", Key = "werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn", User = "******" }; var filter = new RequiresHawkAttribute((id) => { return credential; }); var ts = Math.Floor(Hawk.ConvertToUnixTimestamp(DateTime.Now) / 1000); var mac = Hawk.CalculateMac("example.com", "get", new Uri("http://example.com:8080/resource/4?filter=a"), "hello", ts.ToString(), "j4h3g2", credential, "header"); var request = new HttpRequestMessage(HttpMethod.Get, "http://example.com:8080/resource/4?filter=a"); request.Headers.Authorization = new AuthenticationHeaderValue("Hawk", string.Format("id = \"456\", ts = \"{0}\", nonce=\"j4h3g2\", mac = \"{1}\", ext = \"hello\"", ts, mac)); request.Headers.Host = "example.com"; var context = new HttpActionContext(); context.ControllerContext = new HttpControllerContext(); context.ControllerContext.Request = request; filter.OnAuthorization(context); Assert.AreEqual(Thread.CurrentPrincipal.GetType(), typeof(ClaimsPrincipal)); }
public void ShouldFailOnUnknownBadMac() { var filter = new RequiresHawkAttribute((id) => { return new HawkCredential { Id = "123", Algorithm = "hmacsha256", Key = "werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn", User = "******" }; }); var ts = Math.Floor(Hawk.ConvertToUnixTimestamp(DateTime.Now) / 1000).ToString(); var request = new HttpRequestMessage(HttpMethod.Get, "http://example.com:8080/resource/4?filter=a"); request.Headers.Authorization = new AuthenticationHeaderValue("Hawk", "id = \"456\", ts = \"" + ts + "\", nonce=\"k3j4h2\", mac = \"/qwS4UjfVWMcU4jlr7T/wuKe3dKijvTvSos=\", ext = \"hello\""); request.Headers.Host = "localhost"; var context = new HttpActionContext(); context.ControllerContext = new HttpControllerContext(); context.ControllerContext.Request = request; filter.OnAuthorization(context); Assert.AreEqual(HttpStatusCode.Unauthorized, context.Response.StatusCode); Assert.AreEqual("Bad mac", context.Response.ReasonPhrase); }