private void prepareRequest(IAuthenticationRequest request) { // Collect the PAPE policies requested by the user. List<string> policies = new List<string>(); foreach (ListItem item in this.papePolicies.Items) { if (item.Selected) { policies.Add(item.Value); } } // Add the PAPE extension if any policy was requested. var pape = new PolicyRequest(); if (policies.Count > 0) { foreach (string policy in policies) { pape.PreferredPolicies.Add(policy); } } if (this.maxAuthTimeBox.Text.Length > 0) { pape.MaximumAuthenticationAge = TimeSpan.FromSeconds(double.Parse(this.maxAuthTimeBox.Text)); } if (pape.PreferredPolicies.Count > 0 || pape.MaximumAuthenticationAge.HasValue) { request.AddExtension(pape); } }
/// <summary> /// Called when an authentication request is about to be sent. /// </summary> /// <param name="request">The request.</param> void IRelyingPartyBehavior.OnOutgoingAuthenticationRequest(RelyingParty.IAuthenticationRequest request) { RelyingParty.AuthenticationRequest requestInternal = (RelyingParty.AuthenticationRequest)request; ErrorUtilities.VerifyProtocol(string.Equals(request.Realm.Scheme, Uri.UriSchemeHttps, StringComparison.Ordinal) || DisableSslRequirement, BehaviorStrings.RealmMustBeHttps); var pape = requestInternal.AppliedExtensions.OfType<PolicyRequest>().SingleOrDefault(); if (pape == null) { request.AddExtension(pape = new PolicyRequest()); } if (!pape.PreferredPolicies.Contains(AuthenticationPolicies.PrivatePersonalIdentifier)) { pape.PreferredPolicies.Add(AuthenticationPolicies.PrivatePersonalIdentifier); } if (!pape.PreferredPolicies.Contains(AuthenticationPolicies.USGovernmentTrustLevel1)) { pape.PreferredPolicies.Add(AuthenticationPolicies.USGovernmentTrustLevel1); } if (!AllowPersonallyIdentifiableInformation && !pape.PreferredPolicies.Contains(AuthenticationPolicies.NoPersonallyIdentifiableInformation)) { pape.PreferredPolicies.Add(AuthenticationPolicies.NoPersonallyIdentifiableInformation); } if (pape.PreferredPolicies.Contains(AuthenticationPolicies.NoPersonallyIdentifiableInformation)) { ErrorUtilities.VerifyProtocol( (!requestInternal.AppliedExtensions.OfType<ClaimsRequest>().Any() && !requestInternal.AppliedExtensions.OfType<FetchRequest>().Any()), BehaviorStrings.PiiIncludedWithNoPiiPolicy); } Reporting.RecordEventOccurrence(this, "RP"); }
public void AddPolicies() { PolicyRequest resp = new PolicyRequest(); resp.PreferredPolicies.Add(AuthenticationPolicies.MultiFactor); resp.PreferredPolicies.Add(AuthenticationPolicies.PhishingResistant); Assert.AreEqual(2, resp.PreferredPolicies.Count); Assert.AreEqual(AuthenticationPolicies.MultiFactor, resp.PreferredPolicies[0]); Assert.AreEqual(AuthenticationPolicies.PhishingResistant, resp.PreferredPolicies[1]); }
public void MaximumAuthenticationAgeTest() { PolicyRequest req = new PolicyRequest(); req.MaximumAuthenticationAge = TimeSpan.FromHours(1); Assert.IsNotNull(req.MaximumAuthenticationAge); Assert.AreEqual(TimeSpan.FromHours(1), req.MaximumAuthenticationAge); req.MaximumAuthenticationAge = null; Assert.IsNull(req.MaximumAuthenticationAge); }
public void AddPolicyMultipleTimes() { // Although this isn't really the desired behavior (we'd prefer to see an // exception thrown), since we're using a List<string> internally we can't // expect anything better (for now). But if this is ever fixed, by all means // change this test to expect an exception or something else. PolicyRequest resp = new PolicyRequest(); resp.PreferredPolicies.Add(AuthenticationPolicies.MultiFactor); resp.PreferredPolicies.Add(AuthenticationPolicies.MultiFactor); Assert.AreEqual(2, resp.PreferredPolicies.Count); }
public void Full() { var request = new PolicyRequest(); request.MaximumAuthenticationAge = TimeSpan.FromMinutes(10); request.PreferredAuthLevelTypes.Add(Constants.AssuranceLevels.NistTypeUri); request.PreferredAuthLevelTypes.Add("customAuthLevel"); request.PreferredPolicies.Add(AuthenticationPolicies.MultiFactor); request.PreferredPolicies.Add(AuthenticationPolicies.PhishingResistant); var response = new PolicyResponse(); response.ActualPolicies.Add(AuthenticationPolicies.MultiFactor); response.ActualPolicies.Add(AuthenticationPolicies.PhishingResistant); response.AuthenticationTimeUtc = DateTime.UtcNow - TimeSpan.FromMinutes(5); response.AssuranceLevels[Constants.AssuranceLevels.NistTypeUri] = "1"; response.AssuranceLevels["customlevel"] = "ABC"; response.NistAssuranceLevel = NistAssuranceLevel.Level2; ExtensionTestUtilities.Roundtrip(Protocol.Default, new[] { request }, new[] { response }); }
/// <summary> /// Determines whether the specified <see cref="T:System.Object"/> is equal to the current <see cref="T:System.Object"/>. /// </summary> /// <param name="obj">The <see cref="T:System.Object"/> to compare with the current <see cref="T:System.Object"/>.</param> /// <returns> /// true if the specified <see cref="T:System.Object"/> is equal to the current <see cref="T:System.Object"/>; otherwise, false. /// </returns> /// <exception cref="T:System.NullReferenceException"> /// The <paramref name="obj"/> parameter is null. /// </exception> public override bool Equals(object obj) { PolicyRequest other = obj as PolicyRequest; if (other == null) { return(false); } if (this.MaximumAuthenticationAge != other.MaximumAuthenticationAge) { return(false); } if (this.PreferredPolicies.Count != other.PreferredPolicies.Count) { return(false); } foreach (string policy in this.PreferredPolicies) { if (!other.PreferredPolicies.Contains(policy)) { return(false); } } if (this.PreferredAuthLevelTypes.Count != other.PreferredAuthLevelTypes.Count) { return(false); } foreach (string authLevel in this.PreferredAuthLevelTypes) { if (!other.PreferredAuthLevelTypes.Contains(authLevel)) { return(false); } } return(true); }
private void prepareRequest(IAuthenticationRequest request) { // Collect the PAPE policies requested by the user. List<string> policies = new List<string>(); foreach (ListItem item in this.papePolicies.Items) { if (item.Selected) { policies.Add(item.Value); } } // Add the PAPE extension if any policy was requested. if (policies.Count > 0) { var pape = new PolicyRequest(); foreach (string policy in policies) { pape.PreferredPolicies.Add(policy); } request.AddExtension(pape); } }
public void EqualsTest() { PolicyRequest req = new PolicyRequest(); PolicyRequest req2 = new PolicyRequest(); Assert.AreEqual(req, req2); Assert.AreNotEqual(req, null); Assert.AreNotEqual(null, req); // Test PreferredPolicies list comparison req.PreferredPolicies.Add(AuthenticationPolicies.PhishingResistant); Assert.AreNotEqual(req, req2); req2.PreferredPolicies.Add(AuthenticationPolicies.MultiFactor); Assert.AreNotEqual(req, req2); req2.PreferredPolicies.Clear(); req2.PreferredPolicies.Add(AuthenticationPolicies.PhishingResistant); Assert.AreEqual(req, req2); // Test PreferredPolicies list comparison when that list is not in the same order. req.PreferredPolicies.Add(AuthenticationPolicies.MultiFactor); Assert.AreNotEqual(req, req2); req2.PreferredPolicies.Insert(0, AuthenticationPolicies.MultiFactor); Assert.AreEqual(req, req2); // Test MaximumAuthenticationAge comparison. req.MaximumAuthenticationAge = TimeSpan.FromHours(1); Assert.AreNotEqual(req, req2); req2.MaximumAuthenticationAge = req.MaximumAuthenticationAge; Assert.AreEqual(req, req2); // Test PreferredAuthLevelTypes comparison. req.PreferredAuthLevelTypes.Add("authlevel1"); Assert.AreNotEqual(req, req2); req2.PreferredAuthLevelTypes.Add("authlevel2"); Assert.AreNotEqual(req, req2); req.PreferredAuthLevelTypes.Add("authlevel2"); req2.PreferredAuthLevelTypes.Add("authlevel1"); Assert.AreEqual(req, req2); }
public void AddAuthLevelTypes() { PolicyRequest req = new PolicyRequest(); req.PreferredAuthLevelTypes.Add(Constants.AssuranceLevels.NistTypeUri); Assert.AreEqual(1, req.PreferredAuthLevelTypes.Count); Assert.IsTrue(req.PreferredAuthLevelTypes.Contains(Constants.AssuranceLevels.NistTypeUri)); }
public void Ctor() { PolicyRequest req = new PolicyRequest(); Assert.IsNull(req.MaximumAuthenticationAge); Assert.IsNotNull(req.PreferredPolicies); Assert.AreEqual(0, req.PreferredPolicies.Count); }
public void Serialize() { PolicyRequest req = new PolicyRequest(); IMessageWithEvents reqEvents = req; var fields = this.MessageDescriptions.GetAccessor(req); reqEvents.OnSending(); Assert.AreEqual(1, fields.Count); Assert.IsTrue(fields.ContainsKey("preferred_auth_policies")); Assert.AreEqual(string.Empty, fields["preferred_auth_policies"]); req.MaximumAuthenticationAge = TimeSpan.FromHours(1); reqEvents.OnSending(); Assert.AreEqual(2, fields.Count); Assert.IsTrue(fields.ContainsKey("max_auth_age")); Assert.AreEqual(TimeSpan.FromHours(1).TotalSeconds.ToString(CultureInfo.InvariantCulture), fields["max_auth_age"]); req.PreferredPolicies.Add("http://pol1/"); reqEvents.OnSending(); Assert.AreEqual("http://pol1/", fields["preferred_auth_policies"]); req.PreferredPolicies.Add("http://pol2/"); reqEvents.OnSending(); Assert.AreEqual("http://pol1/ http://pol2/", fields["preferred_auth_policies"]); req.PreferredAuthLevelTypes.Add("http://authtype1/"); reqEvents.OnSending(); Assert.AreEqual(4, fields.Count); Assert.IsTrue(fields.ContainsKey("auth_level.ns.alias1")); Assert.AreEqual("http://authtype1/", fields["auth_level.ns.alias1"]); Assert.IsTrue(fields.ContainsKey("preferred_auth_level_types")); Assert.AreEqual("alias1", fields["preferred_auth_level_types"]); req.PreferredAuthLevelTypes.Add(Constants.AssuranceLevels.NistTypeUri); reqEvents.OnSending(); Assert.AreEqual(5, fields.Count); Assert.IsTrue(fields.ContainsKey("auth_level.ns.alias2")); Assert.AreEqual("http://authtype1/", fields["auth_level.ns.alias2"]); Assert.IsTrue(fields.ContainsKey("auth_level.ns.nist")); Assert.AreEqual(Constants.AssuranceLevels.NistTypeUri, fields["auth_level.ns.nist"]); Assert.AreEqual("alias2 nist", fields["preferred_auth_level_types"]); }
public void Trivial() { var request = new PolicyRequest(); var response = new PolicyResponse(); ExtensionTestUtilities.Roundtrip(Protocol.Default, new[] { request }, new[] { response }); }
public async Task Trivial() { var request = new PolicyRequest(); var response = new PolicyResponse(); await this.RoundtripAsync(Protocol.Default, new[] { request }, new[] { response }); }