public async Task UserSetupUrl() { // Construct a V1 immediate request Protocol protocol = Protocol.V11; OpenIdProvider provider = this.CreateProvider(); var immediateRequest = new CheckIdRequest(protocol.Version, OPUri, DotNetOpenAuth.OpenId.AuthenticationRequestMode.Immediate); immediateRequest.Realm = RPRealmUri; immediateRequest.ReturnTo = RPUri; immediateRequest.LocalIdentifier = "http://somebody"; var request = new AuthenticationRequest(provider, immediateRequest); // Now simulate the request being rejected and extract the user_setup_url request.IsAuthenticated = false; Uri userSetupUrl = ((NegativeAssertionResponse)await request.GetResponseAsync(CancellationToken.None)).UserSetupUrl; Assert.IsNotNull(userSetupUrl); // Now construct a new request as if it had just come in. var httpRequest = new HttpRequestMessage(HttpMethod.Get, userSetupUrl); var setupRequest = (AuthenticationRequest)await provider.GetRequestAsync(httpRequest); var setupRequestMessage = (CheckIdRequest)setupRequest.RequestMessage; // And make sure all the right properties are set. Assert.IsFalse(setupRequestMessage.Immediate); Assert.AreEqual(immediateRequest.Realm, setupRequestMessage.Realm); Assert.AreEqual(immediateRequest.ReturnTo, setupRequestMessage.ReturnTo); Assert.AreEqual(immediateRequest.LocalIdentifier, setupRequestMessage.LocalIdentifier); Assert.AreEqual(immediateRequest.Version, setupRequestMessage.Version); }
public void UserSetupUrl() { // Construct a V1 immediate request Protocol protocol = Protocol.V11; OpenIdProvider provider = this.CreateProvider(); CheckIdRequest immediateRequest = new CheckIdRequest(protocol.Version, OPUri, DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequestMode.Immediate); immediateRequest.Realm = RPRealmUri; immediateRequest.ReturnTo = RPUri; immediateRequest.LocalIdentifier = "http://somebody"; AuthenticationRequest request = new AuthenticationRequest(provider, immediateRequest); // Now simulate the request being rejected and extract the user_setup_url request.IsAuthenticated = false; Uri userSetupUrl = ((NegativeAssertionResponse)request.Response).UserSetupUrl; Assert.IsNotNull(userSetupUrl); // Now construct a new request as if it had just come in. HttpRequestInfo httpRequest = new HttpRequestInfo { UrlBeforeRewriting = userSetupUrl }; var setupRequest = AuthenticationRequest_Accessor.AttachShadow(provider.GetRequest(httpRequest)); CheckIdRequest_Accessor setupRequestMessage = setupRequest.RequestMessage; // And make sure all the right properties are set. Assert.IsFalse(setupRequestMessage.Immediate); Assert.AreEqual(immediateRequest.Realm, setupRequestMessage.Realm); Assert.AreEqual(immediateRequest.ReturnTo, setupRequestMessage.ReturnTo); Assert.AreEqual(immediateRequest.LocalIdentifier, setupRequestMessage.LocalIdentifier); Assert.AreEqual(immediateRequest.Version, setupRequestMessage.Version); }
public void IsReturnUrlDiscoverableValidButNoMatch() { this.MockResponder.RegisterMockRPDiscovery(); this.provider.SecuritySettings.RequireSsl = false; // reset for another failure test case this.checkIdRequest.ReturnTo = new Uri("http://somerandom/host"); this.request = new AuthenticationRequest(this.provider, this.checkIdRequest); Assert.AreEqual(RelyingPartyDiscoveryResult.NoMatchingReturnTo, this.request.IsReturnUrlDiscoverable(this.provider.Channel.WebRequestHandler)); }
public override void SetUp() { base.SetUp(); this.protocol = Protocol.Default; this.provider = this.CreateProvider(); this.checkIdRequest = new CheckIdRequest(this.protocol.Version, OPUri, DotNetOpenAuth.OpenId.AuthenticationRequestMode.Setup); this.checkIdRequest.Realm = RPRealmUri; this.checkIdRequest.ReturnTo = RPUri; this.request = new AuthenticationRequest(this.provider, this.checkIdRequest); }
public override void SetUp() { base.SetUp(); var op = this.CreateProvider(); var rpRequest = new CheckIdRequest(Protocol.Default.Version, OPUri, DotNetOpenAuth.OpenId.AuthenticationRequestMode.Setup); rpRequest.ReturnTo = RPUri; this.extensions = rpRequest.Extensions; this.request = new AuthenticationRequest(op, rpRequest); this.request.IsAuthenticated = true; }
public void IsReturnUrlDiscoverable() { Protocol protocol = Protocol.Default; OpenIdProvider provider = this.CreateProvider(); CheckIdRequest checkIdRequest = new CheckIdRequest(protocol.Version, OPUri, DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequestMode.Setup); checkIdRequest.Realm = RPRealmUri; checkIdRequest.ReturnTo = RPUri; AuthenticationRequest request = new AuthenticationRequest(provider, checkIdRequest); Assert.IsFalse(request.IsReturnUrlDiscoverable(this.MockResponder.MockWebRequestHandler)); this.MockResponder.RegisterMockRPDiscovery(); request = new AuthenticationRequest(provider, checkIdRequest); Assert.IsTrue(request.IsReturnUrlDiscoverable(this.MockResponder.MockWebRequestHandler)); }
public void IsReturnUrlDiscoverableRequireSsl() { this.MockResponder.RegisterMockRPDiscovery(); this.checkIdRequest.Realm = RPRealmUriSsl; this.checkIdRequest.ReturnTo = RPUriSsl; // Try once with RequireSsl this.provider.SecuritySettings.RequireSsl = true; this.request = new AuthenticationRequest(this.provider, this.checkIdRequest); Assert.AreEqual(RelyingPartyDiscoveryResult.Success, this.request.IsReturnUrlDiscoverable(this.provider.Channel.WebRequestHandler)); // And again without RequireSsl this.provider.SecuritySettings.RequireSsl = false; this.request = new AuthenticationRequest(this.provider, this.checkIdRequest); Assert.AreEqual(RelyingPartyDiscoveryResult.Success, this.request.IsReturnUrlDiscoverable(this.provider.Channel.WebRequestHandler)); }
public void Serializable() { OpenIdProvider provider = this.CreateProvider(); CheckIdRequest immediateRequest = new CheckIdRequest(Protocol.Default.Version, OPUri, DotNetOpenAuth.OpenId.AuthenticationRequestMode.Immediate); immediateRequest.Realm = RPRealmUri; immediateRequest.ReturnTo = RPUri; immediateRequest.LocalIdentifier = "http://somebody"; AuthenticationRequest request = new AuthenticationRequest(provider, immediateRequest); MemoryStream ms = new MemoryStream(); IFormatter formatter = new BinaryFormatter(); formatter.Serialize(ms, request); ms.Position = 0; var req2 = (AuthenticationRequest)formatter.Deserialize(ms); Assert.That(req2, Is.Not.Null); }
public async Task IsReturnUrlDiscoverableRequireSsl() { this.RegisterMockRPDiscovery(ssl: false); this.RegisterMockRPDiscovery(ssl: true); this.checkIdRequest.Realm = RPRealmUriSsl; this.checkIdRequest.ReturnTo = RPUriSsl; // Try once with RequireSsl this.provider.SecuritySettings.RequireSsl = true; this.request = new AuthenticationRequest(this.provider, this.checkIdRequest); Assert.AreEqual(RelyingPartyDiscoveryResult.Success, await this.request.IsReturnUrlDiscoverableAsync(this.HostFactories, CancellationToken.None)); // And again without RequireSsl this.provider.SecuritySettings.RequireSsl = false; this.request = new AuthenticationRequest(this.provider, this.checkIdRequest); Assert.AreEqual(RelyingPartyDiscoveryResult.Success, await this.request.IsReturnUrlDiscoverableAsync(this.HostFactories, CancellationToken.None)); }
/// <summary> /// Gets the incoming OpenID request if there is one, or null if none was detected. /// </summary> /// <param name="request">The incoming HTTP request to extract the message from.</param> /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The request that the hosting Provider should process and then transmit the response for. /// Null if no valid OpenID request was detected in the given HTTP request. /// </returns> /// <exception cref="ProtocolException">Thrown if the incoming message is recognized /// but deviates from the protocol specification irrecoverably.</exception> /// <remarks> /// Requests may be infrastructural to OpenID and allow auto-responses, or they may /// be authentication requests where the Provider site has to make decisions based /// on its own user database and policies. /// </remarks> public async Task <IRequest> GetRequestAsync(HttpRequestMessage request, CancellationToken cancellationToken = default(CancellationToken)) { Requires.NotNull(request, "request"); IDirectedProtocolMessage incomingMessage = null; try { incomingMessage = await this.Channel.ReadFromRequestAsync(request, cancellationToken); if (incomingMessage == null) { // If the incoming request does not resemble an OpenID message at all, // it's probably a user who just navigated to this URL, and we should // just return null so the host can display a message to the user. if (request.Method == HttpMethod.Get && !request.RequestUri.QueryStringContainPrefixedParameters(Protocol.Default.openid.Prefix)) { return(null); } ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessageReceivedOfMany); } IRequest result = null; var checkIdMessage = incomingMessage as CheckIdRequest; if (checkIdMessage != null) { result = new AuthenticationRequest(this, checkIdMessage); } if (result == null) { var extensionOnlyRequest = incomingMessage as SignedResponseRequest; if (extensionOnlyRequest != null) { result = new AnonymousRequest(this, extensionOnlyRequest); } } if (result == null) { var checkAuthMessage = incomingMessage as CheckAuthenticationRequest; if (checkAuthMessage != null) { result = new AutoResponsiveRequest(incomingMessage, new CheckAuthenticationResponseProvider(checkAuthMessage, this), this.SecuritySettings); } } if (result == null) { var associateMessage = incomingMessage as IAssociateRequestProvider; if (associateMessage != null) { result = new AutoResponsiveRequest(incomingMessage, AssociateRequestProviderTools.CreateResponse(associateMessage, this.AssociationStore, this.SecuritySettings), this.SecuritySettings); } } if (result != null) { foreach (var behavior in this.Behaviors) { if (await behavior.OnIncomingRequestAsync(result, cancellationToken)) { // This behavior matched this request. break; } } return(result); } throw ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessageReceivedOfMany); } catch (ProtocolException ex) { IRequest errorResponse = this.GetErrorResponse(ex, request, incomingMessage); if (errorResponse == null) { throw; } return(errorResponse); } }
public void IsReturnUrlDiscoverableValidResponse() { this.MockResponder.RegisterMockRPDiscovery(); this.request = new AuthenticationRequest(this.provider, this.checkIdRequest); Assert.AreEqual(RelyingPartyDiscoveryResult.Success, this.request.IsReturnUrlDiscoverable(this.provider.Channel.WebRequestHandler)); }
/// <summary> /// Gets the incoming OpenID request if there is one, or null if none was detected. /// </summary> /// <param name="httpRequestInfo">The incoming HTTP request to extract the message from.</param> /// <returns> /// The request that the hosting Provider should process and then transmit the response for. /// Null if no valid OpenID request was detected in the given HTTP request. /// </returns> /// <remarks> /// Requests may be infrastructural to OpenID and allow auto-responses, or they may /// be authentication requests where the Provider site has to make decisions based /// on its own user database and policies. /// </remarks> /// <exception cref="ProtocolException">Thrown if the incoming message is recognized /// but deviates from the protocol specification irrecoverably.</exception> public IRequest GetRequest(HttpRequestInfo httpRequestInfo) { Contract.Requires(httpRequestInfo != null); ErrorUtilities.VerifyArgumentNotNull(httpRequestInfo, "httpRequestInfo"); IDirectedProtocolMessage incomingMessage = null; try { incomingMessage = this.Channel.ReadFromRequest(httpRequestInfo); if (incomingMessage == null) { // If the incoming request does not resemble an OpenID message at all, // it's probably a user who just navigated to this URL, and we should // just return null so the host can display a message to the user. if (httpRequestInfo.HttpMethod == "GET" && !httpRequestInfo.UrlBeforeRewriting.QueryStringContainPrefixedParameters(Protocol.Default.openid.Prefix)) { return null; } ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessageReceivedOfMany); } IRequest result = null; var checkIdMessage = incomingMessage as CheckIdRequest; if (checkIdMessage != null) { result = new AuthenticationRequest(this, checkIdMessage); } if (result == null) { var extensionOnlyRequest = incomingMessage as SignedResponseRequest; if (extensionOnlyRequest != null) { result = new AnonymousRequest(this, extensionOnlyRequest); } } if (result == null) { var checkAuthMessage = incomingMessage as CheckAuthenticationRequest; if (checkAuthMessage != null) { result = new AutoResponsiveRequest(incomingMessage, new CheckAuthenticationResponse(checkAuthMessage, this), this.SecuritySettings); } } if (result == null) { var associateMessage = incomingMessage as AssociateRequest; if (associateMessage != null) { result = new AutoResponsiveRequest(incomingMessage, associateMessage.CreateResponse(this.AssociationStore, this.SecuritySettings), this.SecuritySettings); } } if (result != null) { foreach (var behavior in this.Behaviors) { if (behavior.OnIncomingRequest(result)) { // This behavior matched this request. break; } } return result; } throw ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessageReceivedOfMany); } catch (ProtocolException ex) { IRequest errorResponse = this.GetErrorResponse(ex, httpRequestInfo, incomingMessage); if (errorResponse == null) { throw; } return errorResponse; } }
/// <summary> /// Gets the incoming OpenID request if there is one, or null if none was detected. /// </summary> /// <param name="httpRequestInfo">The incoming HTTP request to extract the message from.</param> /// <returns> /// The request that the hosting Provider should process and then transmit the response for. /// Null if no valid OpenID request was detected in the given HTTP request. /// </returns> /// <remarks> /// Requests may be infrastructural to OpenID and allow auto-responses, or they may /// be authentication requests where the Provider site has to make decisions based /// on its own user database and policies. /// </remarks> /// <exception cref="ProtocolException">Thrown if the incoming message is recognized /// but deviates from the protocol specification irrecoverably.</exception> public IRequest GetRequest(HttpRequestInfo httpRequestInfo) { Contract.Requires <ArgumentNullException>(httpRequestInfo != null); IDirectedProtocolMessage incomingMessage = null; try { incomingMessage = this.Channel.ReadFromRequest(httpRequestInfo); if (incomingMessage == null) { // If the incoming request does not resemble an OpenID message at all, // it's probably a user who just navigated to this URL, and we should // just return null so the host can display a message to the user. if (httpRequestInfo.HttpMethod == "GET" && !httpRequestInfo.UrlBeforeRewriting.QueryStringContainPrefixedParameters(Protocol.Default.openid.Prefix)) { return(null); } ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessageReceivedOfMany); } IRequest result = null; var checkIdMessage = incomingMessage as CheckIdRequest; if (checkIdMessage != null) { result = new AuthenticationRequest(this, checkIdMessage); } if (result == null) { var extensionOnlyRequest = incomingMessage as SignedResponseRequest; if (extensionOnlyRequest != null) { result = new AnonymousRequest(this, extensionOnlyRequest); } } if (result == null) { var checkAuthMessage = incomingMessage as CheckAuthenticationRequest; if (checkAuthMessage != null) { result = new AutoResponsiveRequest(incomingMessage, new CheckAuthenticationResponse(checkAuthMessage, this), this.SecuritySettings); } } if (result == null) { var associateMessage = incomingMessage as AssociateRequest; if (associateMessage != null) { result = new AutoResponsiveRequest(incomingMessage, associateMessage.CreateResponse(this.AssociationStore, this.SecuritySettings), this.SecuritySettings); } } if (result != null) { foreach (var behavior in this.Behaviors) { if (behavior.OnIncomingRequest(result)) { // This behavior matched this request. break; } } return(result); } throw ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessageReceivedOfMany); } catch (ProtocolException ex) { IRequest errorResponse = this.GetErrorResponse(ex, httpRequestInfo, incomingMessage); if (errorResponse == null) { throw; } return(errorResponse); } }
public async Task IsReturnUrlDiscoverableValidButNoMatch() { this.RegisterMockRPDiscovery(false); this.provider.SecuritySettings.RequireSsl = false; // reset for another failure test case this.checkIdRequest.ReturnTo = new Uri("http://somerandom/host"); this.request = new AuthenticationRequest(this.provider, this.checkIdRequest); Assert.AreEqual( RelyingPartyDiscoveryResult.NoMatchingReturnTo, await this.request.IsReturnUrlDiscoverableAsync(this.provider.Channel.HostFactories, CancellationToken.None)); }
public async Task IsReturnUrlDiscoverableValidResponse() { this.RegisterMockRPDiscovery(false); this.request = new AuthenticationRequest(this.provider, this.checkIdRequest); Assert.AreEqual(RelyingPartyDiscoveryResult.Success, await this.request.IsReturnUrlDiscoverableAsync(this.provider.Channel.HostFactories, CancellationToken.None)); }