public void AuthServicesController_SignOut() { using(ShimsContext.Create()) { var substituteSessionAuthModule = Substitute.For<SessionAuthenticationModule>(); System.IdentityModel.Services.Fakes.ShimFederatedAuthentication.SessionAuthenticationModuleGet = () => substituteSessionAuthModule; var substituteRequestContext = Substitute.For<RequestContext>(); substituteRequestContext.HttpContext = Substitute.For<HttpContextBase>(); substituteRequestContext.HttpContext.Request.Returns(Substitute.For<HttpRequestBase>()); substituteRequestContext.HttpContext.Request.ApplicationPath.Returns("/path"); var subject = new AuthServicesController() { Url = new UrlHelper(substituteRequestContext) }.SignOut(); subject.Should().BeOfType<RedirectResult>().And .Subject.As<RedirectResult>().Url.Should().Be("/path/"); substituteSessionAuthModule.Received().SignOut(); } }
public void AuthServicesController_SignIn_Returns_SignIn() { var subject = new AuthServicesController().SignIn(); subject.Should().BeOfType<RedirectResult>().And .Subject.As<RedirectResult>().Url .Should().Contain("?SAMLRequest"); }
public void AuthServicesController_Acs_Throws_On_CommandResultHandled() { var request = Substitute.For<HttpRequestBase>(); request.HttpMethod.Returns("POST"); var response = @"<saml2p:Response xmlns:saml2p=""urn:oasis:names:tc:SAML:2.0:protocol"" xmlns:saml2=""urn:oasis:names:tc:SAML:2.0:assertion"" ID = """ + MethodBase.GetCurrentMethod().Name + @""" Version=""2.0"" IssueInstant=""2013-01-01T00:00:00Z""> <saml2:Issuer> https://idp.example.com </saml2:Issuer> <saml2p:Status> <saml2p:StatusCode Value=""urn:oasis:names:tc:SAML:2.0:status:Success"" /> </saml2p:Status> <saml2:Assertion Version=""2.0"" ID=""" + MethodBase.GetCurrentMethod().Name + @"_Assertion1"" IssueInstant=""2013-09-25T00:00:00Z""> <saml2:Issuer>https://idp.example.com</saml2:Issuer> <saml2:Subject> <saml2:NameID>SomeUser</saml2:NameID> <saml2:SubjectConfirmation Method=""urn:oasis:names:tc:SAML:2.0:cm:bearer"" /> </saml2:Subject> <saml2:Conditions NotOnOrAfter=""2100-01-01T00:00:00Z"" /> </saml2:Assertion> </saml2p:Response>"; var formValue = Convert.ToBase64String(Encoding.UTF8.GetBytes( SignedXmlHelper.SignXml(response))); request.Form.Returns(new NameValueCollection() { { "SAMLResponse", formValue } }); request.Url.Returns(new Uri("http://url.example.com/url")); var httpContext = Substitute.For<HttpContextBase>(); httpContext.Request.Returns(request); var subject = new AuthServicesController(); subject.ControllerContext = new ControllerContext(httpContext, new RouteData(), subject); AuthServicesController.Options.Notifications.AcsCommandResultCreated = (cr, r) => { cr.HandledResult = true; }; subject.Invoking(s => s.Acs()) .ShouldThrow<NotSupportedException>(); }
public void AuthServicesController_Acs_Works() { var request = Substitute.For<HttpRequestBase>(); request.HttpMethod.Returns("POST"); var response = @"<saml2p:Response xmlns:saml2p=""urn:oasis:names:tc:SAML:2.0:protocol"" xmlns:saml2=""urn:oasis:names:tc:SAML:2.0:assertion"" ID = ""AuthServicesController_Acs_Should_SetIdentity"" Version=""2.0"" IssueInstant=""2013-01-01T00:00:00Z""> <saml2:Issuer> https://idp.example.com </saml2:Issuer> <saml2p:Status> <saml2p:StatusCode Value=""urn:oasis:names:tc:SAML:2.0:status:Success"" /> </saml2p:Status> <saml2:Assertion Version=""2.0"" ID=""AuthServicesController_Acs_Should_SetIdentity_Assertion1"" IssueInstant=""2013-09-25T00:00:00Z""> <saml2:Issuer>https://idp.example.com</saml2:Issuer> <saml2:Subject> <saml2:NameID>SomeUser</saml2:NameID> <saml2:SubjectConfirmation Method=""urn:oasis:names:tc:SAML:2.0:cm:bearer"" /> </saml2:Subject> <saml2:Conditions NotOnOrAfter=""2100-01-01T00:00:00Z"" /> </saml2:Assertion> </saml2p:Response>"; var formValue = Convert.ToBase64String(Encoding.UTF8.GetBytes( SignedXmlHelper.SignXml(response))); request.Form.Returns(new NameValueCollection() { { "SAMLResponse", formValue } }); var httpContext = Substitute.For<HttpContextBase>(); httpContext.Request.Returns(request); var ids = new ClaimsIdentity[] { new ClaimsIdentity("Federation"), new ClaimsIdentity("ClaimsAuthenticationManager") }; ids[0].AddClaim(new Claim(ClaimTypes.NameIdentifier, "SomeUser", null, "https://idp.example.com")); ids[1].AddClaim(new Claim(ClaimTypes.Role, "RoleFromClaimsAuthManager", null, "ClaimsAuthenticationManagerMock")); var controller = new AuthServicesController(); controller.ControllerContext = new ControllerContext(httpContext, new RouteData(), controller); var expected = new { Permanent = false, Url = "http://localhost/LoggedIn"}; controller.Acs().As<RedirectResult>().ShouldBeEquivalentTo(expected); }
public void AuthServicesController_Acs_Works() { var request = Substitute.For<HttpRequestBase>(); request.HttpMethod.Returns("POST"); var response = @"<saml2p:Response xmlns:saml2p=""urn:oasis:names:tc:SAML:2.0:protocol"" xmlns:saml2=""urn:oasis:names:tc:SAML:2.0:assertion"" ID = """ + MethodBase.GetCurrentMethod().Name + @""" Version=""2.0"" IssueInstant=""2013-01-01T00:00:00Z""> <saml2:Issuer> https://idp.example.com </saml2:Issuer> <saml2p:Status> <saml2p:StatusCode Value=""urn:oasis:names:tc:SAML:2.0:status:Success"" /> </saml2p:Status> <saml2:Assertion Version=""2.0"" ID=""" + MethodBase.GetCurrentMethod().Name + @"_Assertion1"" IssueInstant=""2013-09-25T00:00:00Z""> <saml2:Issuer>https://idp.example.com</saml2:Issuer> <saml2:Subject> <saml2:NameID>SomeUser</saml2:NameID> <saml2:SubjectConfirmation Method=""urn:oasis:names:tc:SAML:2.0:cm:bearer"" /> </saml2:Subject> <saml2:Conditions NotOnOrAfter=""2100-01-01T00:00:00Z"" /> </saml2:Assertion> </saml2p:Response>"; var formValue = Convert.ToBase64String(Encoding.UTF8.GetBytes( SignedXmlHelper.SignXml(response))); request.Form.Returns(new NameValueCollection() { { "SAMLResponse", formValue } }); request.Url.Returns(new Uri("http://url.example.com/url")); var httpContext = Substitute.For<HttpContextBase>(); httpContext.Request.Returns(request); var controller = new AuthServicesController(); controller.ControllerContext = new ControllerContext(httpContext, new RouteData(), controller); var expected = new { Permanent = false, Url = "http://localhost/LoggedIn" }; controller.Acs().As<RedirectResult>().ShouldBeEquivalentTo(expected); }
public void AuthServicesController_Acs_Works() { var request = Substitute.For<HttpRequestBase>(); request.HttpMethod.Returns("POST"); var response = @"<saml2p:Response xmlns:saml2p=""urn:oasis:names:tc:SAML:2.0:protocol"" xmlns:saml2=""urn:oasis:names:tc:SAML:2.0:assertion"" ID = """ + MethodBase.GetCurrentMethod().Name + @""" Version=""2.0"" IssueInstant=""2013-01-01T00:00:00Z"" InResponseTo=""InResponseToId""> <saml2:Issuer> https://idp.example.com </saml2:Issuer> <saml2p:Status> <saml2p:StatusCode Value=""urn:oasis:names:tc:SAML:2.0:status:Success"" /> </saml2p:Status> <saml2:Assertion Version=""2.0"" ID=""" + MethodBase.GetCurrentMethod().Name + @"_Assertion1"" IssueInstant=""2013-09-25T00:00:00Z""> <saml2:Issuer>https://idp.example.com</saml2:Issuer> <saml2:Subject> <saml2:NameID>SomeUser</saml2:NameID> <saml2:SubjectConfirmation Method=""urn:oasis:names:tc:SAML:2.0:cm:bearer"" /> </saml2:Subject> <saml2:Conditions NotOnOrAfter=""2100-01-01T00:00:00Z"" /> </saml2:Assertion> </saml2p:Response>"; var formValue = Convert.ToBase64String(Encoding.UTF8.GetBytes( SignedXmlHelper.SignXml(response))); var relayState = "rs1234"; request.Form.Returns(new NameValueCollection() { { "SAMLResponse", formValue }, { "RelayState", relayState } }); request.Url.Returns(new Uri("http://url.example.com/url")); request.Cookies.Returns(new HttpCookieCollection()); request.Cookies.Add(new HttpCookie("Kentor." + relayState, HttpRequestData.ConvertBinaryData( MachineKey.Protect( new StoredRequestState(null, null, new Saml2Id("InResponseToId"), null).Serialize(), HttpRequestBaseExtensions.ProtectionPurpose)))); var httpContext = Substitute.For<HttpContextBase>(); httpContext.Request.Returns(request); var controller = new AuthServicesController(); controller.ControllerContext = new ControllerContext(httpContext, new RouteData(), controller); var expected = new { Permanent = false, Url = AuthServicesController.Options.SPOptions.ReturnUrl.OriginalString }; controller.Acs().As<RedirectResult>().ShouldBeEquivalentTo(expected); controller.Response.Received().SetCookie( Arg.Is<HttpCookie>(c => c.Expires.Year == 1970)); }