コード例 #1
0
		public async Task UnsolicitedAssertion() {
			var opStore = new StandardProviderApplicationStore();
			Handle(RPUri).By(
				async req => {
					var rp = new OpenIdRelyingParty(new StandardRelyingPartyApplicationStore(), this.HostFactories);
					IAuthenticationResponse response = await rp.GetResponseAsync(req);
					Assert.That(response, Is.Not.Null);
					Assert.AreEqual(AuthenticationStatus.Authenticated, response.Status);
					return new HttpResponseMessage();
				});
			Handle(OPUri).By(
				async (req, ct) => {
					var op = new OpenIdProvider(opStore, this.HostFactories);
					return await this.AutoProviderActionAsync(op, req, ct);
				});
			this.RegisterMockRPDiscovery(ssl: false);

			{
				var op = new OpenIdProvider(opStore, this.HostFactories);
				Identifier id = GetMockIdentifier(ProtocolVersion.V20);
				var assertion = await op.PrepareUnsolicitedAssertionAsync(OPUri, RPRealmUri, id, OPLocalIdentifiers[0]);

				using (var httpClient = this.HostFactories.CreateHttpClient()) {
					using (var response = await httpClient.GetAsync(assertion.Headers.Location)) {
						response.EnsureSuccessStatusCode();
					}
				}
			}
		}
コード例 #2
0
 public AuthorizationServerHost()
 {
     // Use a default in-memory provider application store. This is a class that is ideal for use in test
     // applications as it requires no further setup and can be used as both the crypto key- and nonce store.
     // In real-life situations you would of course implement your own crypto key- and nonce store, which will
     // most likely use some kind of persistent storage to store keys and nonces. As the nonces are kept in memory
     // only, it is not possible to refresh tokens as the issued tokens will have been removed from memory the moment
     // the refresh token request is being processed
     this.standardProviderApplicationStore = new StandardProviderApplicationStore();
 }
コード例 #3
0
        protected void Application_Start()
        {
            RouteConfig.RegisterRoutes(RouteTable.Routes);

            // DotNetOpenAuth only issues access tokens when the client uses an HTTPS connection. As we will most
            // likely run the server on our local development machine with only a self-signed SSL certificate, setting up
            // connection to the server will fail as the SSL certificate is considered invalid by the .NET framework.
            // To circumvent this, we add the line below that will consider all SSL certificates as valid, including
            // self-signed certificaties. Note: this should only be used for testing purposes.
            ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, errors) => true;

            // Use a default in-memory provider application store. This is a class that is ideal for use in test
            // applications as it requires no further setup and can be used as both the crypto key- and nonce store.
            // In real-life situations you would of course implement your own crypto key- and nonce store, which will
            // most likely use some kind of persistent storage to store keys and nonces. As the nonces are kept in memory
            // only, it is not possible to refresh tokens as the issued tokens will have been removed from memory the moment
            // the refresh token request is being processed
            var standardProviderApplicationStore = new StandardProviderApplicationStore();
            var clientRepository = new InMemoryClientRepository();
            clientRepository.Save(new Client()
                {
                    Id = "demo-client-auth-code-identifier",
                    SecretKey = "demo-client-auth-code-secret-key",
                    CallbackUrl = new Uri("http://localhost/OAuth2WebClient/")
                });
            clientRepository.Save(new Client()
            {
                Id = "demo-client-credentials-identifier",
                SecretKey = "demo-client-credentials-secret-key"
            });
            clientRepository.Save(new Client()
            {
                Id = "demo-client-res-owner-identifier"
            });

            var userRepository = new InMemoryUserRepository();
            userRepository.Save(new User
                {
                    Name = "demo-user-username",
                    Password = "demo-user-password"
                });

            var authorizationServerHost = new AuthorizationServerHost(standardProviderApplicationStore, standardProviderApplicationStore, clientRepository, userRepository);

            // Create our authorization server using our own, custom IAuthorizationServerHost implementation
            AuthorizationServer = new AuthorizationServer(authorizationServerHost);
        }
コード例 #4
0
		public async Task AssertionWithEndpointFilter() {
			var opStore = new StandardProviderApplicationStore();
			Handle(RPUri).By(
				async req => {
					var rp = new OpenIdRelyingParty(new StandardRelyingPartyApplicationStore(), this.HostFactories);

					// Rig it to always deny the incoming OP
					rp.EndpointFilter = op => false;

					// Receive the unsolicited assertion
					var response = await rp.GetResponseAsync(req);
					Assert.That(response, Is.Not.Null);
					Assert.AreEqual(AuthenticationStatus.Failed, response.Status);
					return new HttpResponseMessage();
				});
			this.RegisterAutoProvider();
			{
				var op = new OpenIdProvider(opStore, this.HostFactories);
				Identifier id = GetMockIdentifier(ProtocolVersion.V20);
				var assertion = await op.PrepareUnsolicitedAssertionAsync(OPUri, GetMockRealm(false), id, id);
				using (var httpClient = this.HostFactories.CreateHttpClient()) {
					using (var response = await httpClient.GetAsync(assertion.Headers.Location)) {
						response.EnsureSuccessStatusCode();
					}
				}
			}
		}
コード例 #5
0
		/// <summary>
		/// Gets the standard state storage mechanism that uses ASP.NET's
		/// HttpApplication state dictionary to store associations and nonces.
		/// </summary>
		/// <param name="context">The context.</param>
		/// <returns>The application store.</returns>
		public static IOpenIdApplicationStore GetHttpApplicationStore(HttpContextBase context = null) {
			if (context == null) {
				ErrorUtilities.VerifyOperation(HttpContext.Current != null, Strings.StoreRequiredWhenNoHttpContextAvailable, typeof(IOpenIdApplicationStore).Name);
				context = new HttpContextWrapper(HttpContext.Current);
			}

			var store = (IOpenIdApplicationStore)context.Application[ApplicationStoreKey];
			if (store == null) {
				context.Application.Lock();
				try {
					if ((store = (IOpenIdApplicationStore)context.Application[ApplicationStoreKey]) == null) {
						context.Application[ApplicationStoreKey] = store = new StandardProviderApplicationStore();
					}
				} finally {
					context.Application.UnLock();
				}
			}

			return store;
		}
コード例 #6
0
		public async Task ExtensionsAreIdentifiedAsSignedOrUnsigned() {
			Protocol protocol = Protocol.Default;
			var opStore = new StandardProviderApplicationStore();
			int rpStep = 0;


			Handle(RPUri).By(
				async req => {
					var rp = new OpenIdRelyingParty(new StandardRelyingPartyApplicationStore(), this.HostFactories);
					RegisterMockExtension(rp.Channel);

					switch (++rpStep) {
						case 1:
							var response = await rp.Channel.ReadFromRequestAsync<IndirectSignedResponse>(req, CancellationToken.None);
							Assert.AreEqual(1, response.SignedExtensions.Count(), "Signed extension should have been received.");
							Assert.AreEqual(0, response.UnsignedExtensions.Count(), "No unsigned extension should be present.");
							break;
						case 2:
							response = await rp.Channel.ReadFromRequestAsync<IndirectSignedResponse>(req, CancellationToken.None);
							Assert.AreEqual(0, response.SignedExtensions.Count(), "No signed extension should have been received.");
							Assert.AreEqual(1, response.UnsignedExtensions.Count(), "Unsigned extension should have been received.");
							break;

						default:
							throw Assumes.NotReachable();
					}

					return new HttpResponseMessage();
				});
			Handle(OPUri).By(
				async req => {
					var op = new OpenIdProvider(opStore, this.HostFactories);
					return await AutoProviderActionAsync(op, req, CancellationToken.None);
				});

			{
				var op = new OpenIdProvider(opStore, this.HostFactories);
				RegisterMockExtension(op.Channel);
				var redirectingResponse = await op.Channel.PrepareResponseAsync(CreateResponseWithExtensions(protocol));
				using (var httpClient = this.HostFactories.CreateHttpClient()) {
					using (var response = await httpClient.GetAsync(redirectingResponse.Headers.Location)) {
						response.EnsureSuccessStatusCode();
					}
				}

				op.SecuritySettings.SignOutgoingExtensions = false;
				redirectingResponse = await op.Channel.PrepareResponseAsync(CreateResponseWithExtensions(protocol));
				using (var httpClient = this.HostFactories.CreateHttpClient()) {
					using (var response = await httpClient.GetAsync(redirectingResponse.Headers.Location)) {
						response.EnsureSuccessStatusCode();
					}
				}
			}
		}