private static void Load()
{
try
{
if (File.Exists(mStoreFileName))
{
using (FileStream fs = new FileStream(mStoreFileName, FileMode.Open, FileAccess.Read, FileShare.Read))
{
RijndaelFormatter <SecurityStore> formatter = new RijndaelFormatter <SecurityStore>(mIV, mKey, new BinarySerializerFormatter <SecurityStore>());
mSecurityStore = formatter.Read(fs);
if (mSecurityStore == null)
{
mSecurityStore = new SecurityStore();
}
}
}
}
catch (Exception ex)
{
if (LOGGER.IsErrorEnabled)
{
LOGGER.Error("REMOTE_DESKTOP_SERVICE: failed to load security information.", ex);
}
}
}
public void UserStoreInterface_FindByIdAsync_ThrowsWhenDisposed()
{
var instance = new SecurityStore(null) as IUserStore<User, int>;
instance.Dispose();
var exception = Assert.Throws<ObjectDisposedException>(() =>
instance.FindByIdAsync(new Random().Next(0, int.MaxValue)).Result);
exception.ShouldNotBeNull();
exception.ObjectName.ShouldEqual(instance.GetType().Name);
}
public void UserStoreInterface_FindByNameAsync_ThrowsWhenDisposed()
{
var instance = new SecurityStore(null) as IUserStore<User, int>;
instance.Dispose();
var exception = Assert.Throws<ObjectDisposedException>(() =>
instance.FindByNameAsync(Guid.NewGuid().ToString()).Result);
exception.ShouldNotBeNull();
exception.ObjectName.ShouldEqual(instance.GetType().Name);
}
public IActionResult Index()
{
var userData = SecurityStore.GetUserData(_httpContextAccessor);
if (null == userData)
{
return(Redirect("~/Home/Login"));
}
return(View());
}
// GET: Register
public ActionResult AccessDenied()
{
var userData = SecurityStore.GetUserData(_httpContextAccessor);
if (null != userData && !string.IsNullOrEmpty(userData.Role))
{
return(RedirectToAction("Index", "Home", new { Area = userData.Role }));
}
return(View());
}
public IActionResult Index()
{
var userData = SecurityStore.GetUserData(_httpContextAccessor);
if (null == userData || string.IsNullOrEmpty(userData.Role))
{
return(Redirect("~/Home/Login"));
}
return(View());
}
public IActionResult Index()
{
var userData = SecurityStore.GetUserData(_httpContextAccessor);
if (null == userData)
{
return(Redirect("~/Home/Login"));
}
//var model = new RefreshTokenRequest { RefreshToken = "sdsds", Token = "dfsds" };
//var response = WebAPI<string, RefreshTokenRequest>.Consume(CompareHelper.Request.SharedEndpoints.Test1, model, userData.Email);
//var response2 = WebAPI<string, RefreshTokenRequest>.Consume(CompareHelper.Request.SharedEndpoints.Test2, model, userData.Email);
return(View());
}
public void UserStoreInterface_FindByIdAsync_DelegatesToDataDependency(int userId, bool expectFound)
{
var entities = new Mock<IWriteEntities>(MockBehavior.Strict);
var instance = new SecurityStore(entities.Object) as IUserStore<User, int>;
var data = new[] { new FakeUser(1), new FakeUser(2), new FakeUser(3) }.AsQueryable();
var dbSet = new Mock<DbSet<User>>(MockBehavior.Strict).SetupDataAsync(data);
entities.Setup(x => x.Get<User>()).Returns(dbSet.Object);
Expression<Func<IQueryable<User>, bool>> expectedData = x => ReferenceEquals(x, dbSet.Object);
entities.Setup(x => x.EagerLoad(It.Is(expectedData), It.IsAny<Expression<Func<User, object>>>())).Returns(dbSet.Object);
var result = instance.FindByIdAsync(userId).Result;
(result != null).ShouldEqual(expectFound);
if (expectFound)
result.ShouldEqual(data.Single(x => userId.Equals(x.Id)));
entities.Verify(x => x.Get<User>(), Times.Once);
}
public void UserLoginStoreInterface_FindAsync_FindsMatchingRemoteMemberships()
{
using (var dbContext = new EntityDbContext())
{
var user = new User { Name = Guid.NewGuid().ToString() };
var remote1 = new RemoteMembership
{
Id =
{
LoginProvider = Guid.NewGuid().ToString(),
ProviderKey = Guid.NewGuid().ToString()
}
};
var remote2 = new RemoteMembership
{
Id =
{
LoginProvider = Guid.NewGuid().ToString(),
ProviderKey = Guid.NewGuid().ToString()
}
};
var remote3 = new RemoteMembership
{
Id =
{
LoginProvider = Guid.NewGuid().ToString(),
ProviderKey = Guid.NewGuid().ToString()
}
};
user.RemoteMemberships.Add(remote1);
user.RemoteMemberships.Add(remote2);
user.RemoteMemberships.Add(remote3);
dbContext.Create(user);
dbContext.SaveChangesAsync().GetAwaiter().GetResult();
var securityStore = new SecurityStore(dbContext);
var result = securityStore.FindAsync(new UserLoginInfo(remote2.LoginProvider, remote2.ProviderKey)).Result;
result.ShouldNotBeNull();
result.ShouldEqual(user);
}
}
public void UserRoleStoreInterface_AddToRoleAsync_GivesUserPermission()
{
using (var dbContext = new EntityDbContext())
{
var user = new User { Name = Guid.NewGuid().ToString() };
var permission1 = new Permission { Name = Guid.NewGuid().ToString() };
var permission2 = new Permission { Name = Guid.NewGuid().ToString() };
var permission3 = new Permission { Name = Guid.NewGuid().ToString() };
dbContext.Create(user);
dbContext.Create(permission1);
dbContext.Create(permission2);
dbContext.Create(permission3);
dbContext.SaveChangesAsync().GetAwaiter().GetResult();
var securityStore = new SecurityStore(dbContext);
securityStore.AddToRoleAsync(user, permission2.Name).Wait();
dbContext.SaveChangesAsync().Wait();
user.Permissions.ShouldContain(permission2);
permission2.Users.ShouldContain(user);
}
}
public void UserClaimStoreInterface_GetClaimsAsync_ThrowsWhenDisposed()
{
var instance = new SecurityStore(null) as IUserClaimStore<User, int>;
instance.Dispose();
var exception = Assert.Throws<ObjectDisposedException>(() =>
instance.GetClaimsAsync(null).Result);
exception.ShouldNotBeNull();
exception.ObjectName.ShouldEqual(instance.GetType().Name);
}
public void UserRoleStoreInterface_AddToRoleAsync_ThrowsInvalidOperation_WhenRoleNameDoesNotExist()
{
var entities = new Mock<IWriteEntities>(MockBehavior.Strict);
var instance = new SecurityStore(entities.Object) as IUserRoleStore<User, int>;
const string roleName = "test";
var data = new[]
{
new Permission { Name = Guid.NewGuid().ToString() },
new Permission { Name = Guid.NewGuid().ToString() },
new Permission { Name = Guid.NewGuid().ToString() },
}.AsQueryable();
var dbSet = new Mock<DbSet<Permission>>(MockBehavior.Strict).SetupDataAsync(data);
entities.Setup(x => x.Get<Permission>()).Returns(dbSet.Object);
var exception = Assert.Throws<InvalidOperationException>(() =>
instance.AddToRoleAsync(new User(), roleName).GetAwaiter().GetResult());
exception.ShouldNotBeNull();
exception.Message.ShouldEqual(string.Format(Resources.Exception_InvalidOperation_DoesNotExist,
Permission.Constraints.Label, roleName));
}
public void UserSecurityStampStoreInterface_GetSecurityStampAsync_GetsUserProperty()
{
var instance = new SecurityStore(null) as IUserSecurityStampStore<User, int>;
var user = new User();
var stamp = Guid.NewGuid().ToString();
user.SecurityStamp = stamp;
var result = instance.GetSecurityStampAsync(user).Result;
result.ShouldEqual(stamp);
}
public void UserSecurityStampStoreInterface_SetSecurityStampAsync_ThrowsWhenDisposed()
{
var instance = new SecurityStore(null) as IUserSecurityStampStore<User, int>;
instance.Dispose();
var exception = Assert.Throws<ObjectDisposedException>(() =>
instance.SetSecurityStampAsync(null, null).GetAwaiter().GetResult());
exception.ShouldNotBeNull();
exception.ObjectName.ShouldEqual(instance.GetType().Name);
}
public void UserClaimStoreInterface_RemoveClaimAsync_ThrowsArgumentNullException_WhenClaimIsNull()
{
var instance = new SecurityStore(null) as IUserClaimStore<User, int>;
var exception = Assert.Throws<ArgumentNullException>(() =>
instance.RemoveClaimAsync(new User(), null).GetAwaiter().GetResult());
exception.ShouldNotBeNull();
exception.ParamName.ShouldEqual("claim");
}
public void UserRoleStoreInterface_IsInRoleAsync_DelegatesToUserCollection(string roleName, bool expect)
{
var instance = new SecurityStore(null) as IUserRoleStore<User, int>;
var user = new User();
user.Permissions.Add(new Permission { Name = "role1" });
user.Permissions.Add(new Permission { Name = "role2" });
user.Permissions.Add(new Permission { Name = "role3" });
var result = instance.IsInRoleAsync(user, roleName).Result;
result.ShouldEqual(expect);
}
public void UserRoleStoreInterface_IsInRoleAsync_ThrowsArgumentException_WhenRoleIsNullOrWhiteSpace(string roleName)
{
var instance = new SecurityStore(null) as IUserRoleStore<User, int>;
var exception = Assert.Throws<ArgumentException>(() =>
instance.IsInRoleAsync(new User(), roleName).Result);
exception.ShouldNotBeNull();
exception.ParamName.ShouldEqual("roleName");
exception.Message.ShouldStartWith(Resources.Exception_Argument_CannotBeNullOrEmpty);
}
public void UserRoleStoreInterface_GetRolesAsync_DelegatesToUserCollection(string roleName, bool expectInResult)
{
var instance = new SecurityStore(null) as IUserRoleStore<User, int>;
var user = new User();
user.Permissions.Add(new Permission { Name = "role1" });
user.Permissions.Add(new Permission { Name = "role2" });
user.Permissions.Add(new Permission { Name = "role3" });
var result = instance.GetRolesAsync(user).Result;
result.Count.ShouldEqual(3);
if (expectInResult) result.ShouldContain(roleName);
else result.ShouldNotContain(roleName);
}
public void UserRoleStoreInterface_RemoveFromRoleAsync_RemotesInstancesFromCollectionProperties_ForBothSidesOfEntityRelationship()
{
var instance = new SecurityStore(null) as IUserRoleStore<User, int>;
const string roleName = "test";
var user = new User();
var permission = new Permission { Name = roleName };
user.Permissions.Add(permission);
permission.Users.Add(user);
instance.RemoveFromRoleAsync(user, roleName).Wait();
user.Permissions.ShouldNotContain(permission);
permission.Users.ShouldNotContain(user);
}
public void UserRoleStoreInterface_RemoveFromRoleAsync_DoesNothing_WhenUserIsNotInRole()
{
var instance = new SecurityStore(null) as IUserRoleStore<User, int>;
var user = new User();
user.Permissions.Add(new Permission { Name = "test1" });
instance.RemoveFromRoleAsync(new User(), "test2");
user.Permissions.Count.ShouldEqual(1);
}
public void UserLoginStoreInterface_RemoveLoginAsync_DelegatesToUserCollectionProperty(string provider, string key, bool expectRemove)
{
var instance = new SecurityStore(null) as IUserLoginStore<User, int>;
var user = new FakeUser(6);
user.RemoteMemberships.Add(new RemoteMembership
{
UserId = user.Id,
Id = { LoginProvider = "provider1", ProviderKey = "key1" }
});
var login = new UserLoginInfo(provider, key);
instance.RemoveLoginAsync(user, login).Wait();
user.RemoteMemberships.Any(x => x.LoginProvider == provider && x.ProviderKey == provider).ShouldEqual(false);
user.RemoteMemberships.Any().ShouldEqual(!expectRemove);
}
public void UserRoleStoreInterface_AddToRoleAsync_AddsInstancesToCollectionProperties_ForBothSidesOfEntityRelationship()
{
var entities = new Mock<IWriteEntities>(MockBehavior.Strict);
var instance = new SecurityStore(entities.Object) as IUserRoleStore<User, int>;
const string roleName = "test";
var user = new User();
var data = new[]
{
new Permission { Name = Guid.NewGuid().ToString() },
new Permission { Name = roleName },
new Permission { Name = Guid.NewGuid().ToString() },
}.AsQueryable();
var dbSet = new Mock<DbSet<Permission>>(MockBehavior.Strict).SetupDataAsync(data);
entities.Setup(x => x.Get<Permission>()).Returns(dbSet.Object);
instance.AddToRoleAsync(user, roleName).Wait();
user.Permissions.ShouldContain(data.ElementAt(1));
data.ElementAt(1).Users.ShouldContain(user);
}
public void UserClaimStoreInterface_GetClaimsAsync_DelegatesToUserPropertyCollection(string claimType, string claimValue, bool expectInResult)
{
var instance = new SecurityStore(null) as IUserClaimStore<User, int>;
var user = new User();
user.Claims.Add(new UserClaim { ClaimType = "type1", ClaimValue = "value1" });
user.Claims.Add(new UserClaim { ClaimType = "type2", ClaimValue = "value2" });
user.Claims.Add(new UserClaim { ClaimType = "type3", ClaimValue = "value3" });
var result = instance.GetClaimsAsync(user).Result;
result.ShouldNotBeNull();
result.Count.ShouldEqual(3);
result.Any(x => x.Type == claimType && x.Value == claimValue).ShouldEqual(expectInResult);
}
public void UserClaimStoreInterface_AddClaimAsync_AddsClaimToUserCollectionProperty()
{
var instance = new SecurityStore(null) as IUserClaimStore<User, int>;
var user = new User();
var claim = new Claim(Guid.NewGuid().ToString(), Guid.NewGuid().ToString());
instance.AddClaimAsync(user, claim).Wait();
user.Claims.Count.ShouldEqual(1);
user.Claims.Any(x => x.ClaimType == claim.Type && x.ClaimValue == claim.Value).ShouldBeTrue();
}
public void UserPasswordStoreInterface_SetPasswordHashAsync_CreatesLocalMembership_WhenUserDoesNotHaveOne()
{
var instance = new SecurityStore(null) as IUserPasswordStore<User, int>;
var user = new User();
var passwordHash = Guid.NewGuid().ToString();
instance.SetPasswordHashAsync(user, passwordHash).Wait();
user.LocalMembership.ShouldNotBeNull();
user.LocalMembership.PasswordHash.ShouldEqual(passwordHash);
}
public void UserClaimStoreInterface_RemoveClaimAsync_RemovesClaimFromUserCollectionProperty()
{
var instance = new SecurityStore(null) as IUserClaimStore<User, int>;
var user = new User();
var securityClaim = new Claim(Guid.NewGuid().ToString(), Guid.NewGuid().ToString());
user.Claims.Add(new UserClaim { ClaimType = securityClaim.Type, ClaimValue = securityClaim.Value });
user.Claims.Add(new UserClaim { ClaimType = Guid.NewGuid().ToString(), ClaimValue = Guid.NewGuid().ToString() });
user.Claims.Add(new UserClaim { ClaimType = Guid.NewGuid().ToString(), ClaimValue = Guid.NewGuid().ToString() });
instance.RemoveClaimAsync(user, securityClaim);
user.Claims.Count.ShouldEqual(2);
user.Claims.Any(x => x.ClaimType == securityClaim.Type && x.ClaimValue == securityClaim.Value).ShouldBeFalse();
}
public void UserLoginStoreInterface_RemoveLoginAsync_ThrowsArgumentNullException_WhenUserIsNull()
{
var instance = new SecurityStore(null) as IUserLoginStore<User, int>;
var exception = Assert.Throws<ArgumentNullException>(() =>
instance.RemoveLoginAsync(null, new UserLoginInfo("provider", "key")).GetAwaiter().GetResult());
exception.ShouldNotBeNull();
exception.ParamName.ShouldEqual("user");
}
public void UserSecurityStampStoreInterface_SetSecurityStampAsync_SetsUserProperty()
{
var instance = new SecurityStore(null) as IUserSecurityStampStore<User, int>;
var user = new User();
var stamp = Guid.NewGuid().ToString();
instance.SetSecurityStampAsync(user, stamp).Wait();
user.SecurityStamp.ShouldEqual(stamp);
}
public void UserPasswordStoreInterface_GetPasswordHashAsync_ThrowsArgumentNullException_WhenUserIsNull()
{
var instance = new SecurityStore(null) as IUserPasswordStore<User, int>;
var exception = Assert.Throws<ArgumentNullException>(() =>
instance.GetPasswordHashAsync(null).Result);
exception.ShouldNotBeNull();
exception.ParamName.ShouldEqual("user");
}
public void UserStoreInterface_CreateAsync_ThrowsArgumentNullException_WhenUserIsNull()
{
var instance = new SecurityStore(null) as IUserStore<User, int>;
var exception = Assert.Throws<ArgumentNullException>(() =>
instance.CreateAsync(null).GetAwaiter().GetResult());
exception.ShouldNotBeNull();
exception.ParamName.ShouldEqual("user");
}
public void UserPasswordStoreInterface_GetPasswordHashAsync_DelegatesToUserLocalMembershipProperty()
{
var instance = new SecurityStore(null) as IUserPasswordStore<User, int>;
var user = new User();
var localMembership = new LocalMembership { PasswordHash = Guid.NewGuid().ToString() };
user.LocalMembership = localMembership;
var result = instance.GetPasswordHashAsync(user).Result;
result.ShouldEqual(localMembership.PasswordHash);
result.ShouldEqual(user.LocalMembership.PasswordHash);
}
public void UserPasswordStoreInterface_HasPasswordAsync_ReturnsFalse_WhenUserHasNoLocalMembership()
{
var instance = new SecurityStore(null) as IUserPasswordStore<User, int>;
var user = new User();
var result = instance.HasPasswordAsync(user).Result;
result.ShouldBeFalse();
}
public void UserPasswordStoreInterface_HasPasswordAsync_DelegatesToUserLocalMembershipProperty(string passwordHash, bool expect)
{
var instance = new SecurityStore(null) as IUserPasswordStore<User, int>;
var user = new User();
var localMembership = new LocalMembership { PasswordHash = passwordHash };
user.LocalMembership = localMembership;
var result = instance.HasPasswordAsync(user).Result;
result.ShouldEqual(expect);
}
public void UserPasswordStoreInterface_SetPasswordHashAsync_DelegatesToUserLocalMembership()
{
var instance = new SecurityStore(null) as IUserPasswordStore<User, int>;
var user = new User
{
LocalMembership = new LocalMembership()
};
var passwordHash = Guid.NewGuid().ToString();
instance.SetPasswordHashAsync(user, passwordHash).Wait();
user.LocalMembership.PasswordHash.ShouldEqual(passwordHash);
}
public void UserLoginStoreInterface_GetLoginsAsync_DelegatesToUserCollectionProperty()
{
var instance = new SecurityStore(null) as IUserLoginStore<User, int>;
var user = new FakeUser(6);
user.RemoteMemberships.Add(new RemoteMembership
{
UserId = user.Id,
Id = { LoginProvider = "provider1", ProviderKey = "key1" }
});
user.RemoteMemberships.Add(new RemoteMembership
{
UserId = user.Id,
Id = { LoginProvider = "provider2", ProviderKey = "key2" }
});
var result = instance.GetLoginsAsync(user).Result;
result.ShouldNotBeNull();
result.Count.ShouldEqual(2);
result.Any(x => x.LoginProvider == user.RemoteMemberships.ElementAt(0).LoginProvider
&& x.ProviderKey == user.RemoteMemberships.ElementAt(0).ProviderKey).ShouldBeTrue();
result.Any(x => x.LoginProvider == user.RemoteMemberships.ElementAt(1).LoginProvider
&& x.ProviderKey == user.RemoteMemberships.ElementAt(1).ProviderKey).ShouldBeTrue();
}
