public void Should_GetUserAuth() { // Arrange var createdUserAuth = Sut.CreateUserAuth(NewUserAuth, Password); CreateUserAuthDetails(createdUserAuth, "google"); var authSession = new AuthUserSession(); var tokens = new AuthTokens { UserId = createdUserAuth.Id.ToString(), Provider = "google" }; // Act var result = Sut.GetUserAuth(authSession, tokens); // Assert result.Should().BeEquivalentTo(NewUserAuth, options => options .Excluding(m => m.Id) .Excluding(m => m.PasswordHash) .Excluding(m => m.DigestHa1Hash) .Excluding(m => m.CreatedDate) .Excluding(m => m.ModifiedDate)); }
protected IAuthTokens Init(IServiceBase authService, ref IAuthSession session, Authenticate request) { Logger.Debug("SamlAuthProvider::Init:ENTER"); if (this.CallbackUrl.IsNullOrEmpty()) { this.CallbackUrl = authService.Request.AbsoluteUri; Logger.Debug("CallbackUrl was null, setting to: {0}".Fmt(this.CallbackUrl)); } if (session.ReferrerUrl.IsNullOrEmpty() && authService.Request != null && authService.Request.Verb == "POST") { session.ReferrerUrl = this.IdpInitiatedRedirect; } else { session.ReferrerUrl = GetReferrerUrl(authService, session, request); } Logger.Debug("Session ReferrerUrl Set to: {0}".Fmt(session.ReferrerUrl)); var tokens = session.ProviderOAuthAccess.FirstOrDefault(x => x.Provider == this.Provider); if (tokens == null) { Logger.Debug("Tokens were null, initializing"); session.ProviderOAuthAccess.Add(tokens = new AuthTokens { Provider = this.Provider }); } Logger.Debug("Tokens contains"); Logger.Debug(tokens.ToJson()); Logger.Debug("SamlAuthProvider::Init:RETURN"); return tokens; }
static MockAuthHttpGateway() { Tokens = new AuthTokens { UserId = "623501766", DisplayName = "Demis Bellot", FirstName = "Demis", LastName = "Bellot", Email = "*****@*****.**", }; }
public void LoadUserAuth_By_Name() { // Arrange var userAuth = Sut.CreateUserAuth(NewUserAuth, Password); var authSession = new AuthUserSession { UserAuthName = userAuth.UserName }; var tokens = new AuthTokens(); // Act Sut.LoadUserAuth(authSession, tokens); // Assert authSession.UserName.Should().Be(userAuth.UserName); }
public void LoadUserAuth_By_Token() { // Arrange var userAuth = Sut.CreateUserAuth(NewUserAuth, Password); CreateUserAuthDetails(userAuth, "google"); var authSession = new AuthUserSession(); var tokens = new AuthTokens { UserId = userAuth.Id.ToString(), Provider = "google" }; // Act Sut.LoadUserAuth(authSession, tokens); // Assert authSession.UserName.Should().Be(userAuth.UserName); }
public void CreateOrMergeAuthSession_Update() { // Arrange var userAuth = Sut.CreateUserAuth(NewUserAuth, Password); var userAuthDetails = CreateUserAuthDetails(userAuth, "google"); var authSession = new AuthUserSession(); var tokens = new AuthTokens { UserId = userAuth.Id.ToString(), Provider = "google", City = userAuthDetails.City }; // Act var result = Sut.CreateOrMergeAuthSession(authSession, tokens); // Assert result.Id.Should().BeGreaterThan(0); result.Id.Should().Be(result.UserAuthId); result.ModifiedDate.Should().BeAfter(userAuth.ModifiedDate); result.City.Should().Be(userAuthDetails.City); }
/// <summary> /// Sets the CallbackUrl and session.ReferrerUrl if not set and initializes the session tokens for this AuthProvider /// </summary> /// <param name="authService"></param> /// <param name="session"></param> /// <param name="request"> </param> /// <returns></returns> protected IAuthTokens Init(IServiceBase authService, ref IAuthSession session, Authenticate request) { if (request != null && !LoginMatchesSession(session, request.UserName)) { //authService.RemoveSession(); //session = authService.GetSession(); } var requestUri = authService.Request.AbsoluteUri; if (this.CallbackUrl.IsNullOrEmpty()) this.CallbackUrl = requestUri; if (session.ReferrerUrl.IsNullOrEmpty()) session.ReferrerUrl = (request != null ? request.Continue : null) ?? authService.Request.GetHeader("Referer"); if (session.ReferrerUrl.IsNullOrEmpty() || session.ReferrerUrl.IndexOf("/auth", StringComparison.OrdinalIgnoreCase) >= 0) session.ReferrerUrl = this.RedirectUrl ?? HttpHandlerFactory.GetBaseUrl() ?? requestUri.Substring(0, requestUri.IndexOf("/", "https://".Length + 1, StringComparison.Ordinal)); var tokens = session.ProviderOAuthAccess.FirstOrDefault(x => x.Provider == Provider); if (tokens == null) session.ProviderOAuthAccess.Add(tokens = new AuthTokens { Provider = Provider }); return tokens; }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { var user = authService.Request.GetUser(); var userName = user.GetUserName(); if (!LoginMatchesSession(session, userName)) { authService.RemoveSession(); session = authService.GetSession(); } if (IsAuthorized(user)) { session.IsAuthenticated = true; if (session.UserAuthName == null) { session.UserAuthName = userName; } var aspReq = (HttpRequestBase)authService.Request.OriginalRequest; var loginUser = aspReq.ServerVariables["LOGON_USER"].ToNullIfEmpty(); var remoteUser = aspReq.ServerVariables["REMOTE_USER"].ToNullIfEmpty(); var identityName = aspReq.LogonUserIdentity != null ? aspReq.LogonUserIdentity.Name : null; session.DisplayName = loginUser ?? remoteUser ?? identityName; var tokens = new AuthTokens { Provider = Name, UserName = userName, DisplayName = session.DisplayName, Items = new Dictionary<string, string> { {"LOGON_USER", loginUser}, {"REMOTE_USER", remoteUser}, {"LogonUserIdentityName", identityName}, } }; session.ReferrerUrl = GetReferrerUrl(authService, session, request); var response = OnAuthenticated(authService, session, tokens, new Dictionary<string, string>()); if (session.Roles == null) session.Roles = new List<string>(); foreach (var role in AllRoles.Safe()) { if (user.IsInRole(role)) session.Roles.AddIfNotExists(role); } this.SaveSession(authService, session, SessionExpiry); if (response != null) return response; return new AuthenticateResponse { UserName = userName, SessionId = session.Id, DisplayName = session.DisplayName, ReferrerUrl = request.Continue }; } throw HttpError.Unauthorized(ErrorMessages.WindowsAuthFailed); }
protected IAuthTokens Init(IServiceBase authService, ref IAuthSession session, Authenticate request) { var requestUri = authService.Request.AbsoluteUri; if (this.CallbackUrl.IsNullOrEmpty()) { this.CallbackUrl = requestUri; } if (session.ReferrerUrl.IsNullOrEmpty()) { session.ReferrerUrl = (request != null ? request.Continue : null) ?? authService.Request.GetHeader("Referer"); } if (session.ReferrerUrl.IsNullOrEmpty() || session.ReferrerUrl.IndexOf("/auth", StringComparison.OrdinalIgnoreCase) >= 0) { session.ReferrerUrl = this.RedirectUrl ?? HttpHandlerFactory.GetBaseUrl() ?? requestUri.Substring(0, requestUri.IndexOf("/", "https://".Length + 1, StringComparison.Ordinal)); } var tokens = session.GetAuthTokens(this.Provider); if (tokens == null) { session.AddAuthToken(tokens = new AuthTokens { Provider = this.Provider }); } return tokens; }
/// <summary> /// Sets the CallbackUrl and session.ReferrerUrl if not set and initializes the session tokens for this AuthProvider /// </summary> /// <param name="authService"></param> /// <param name="session"></param> /// <param name="request"> </param> /// <returns></returns> protected IAuthTokens Init(IServiceBase authService, ref IAuthSession session, Authenticate request) { if (this.CallbackUrl.IsNullOrEmpty()) this.CallbackUrl = authService.Request.AbsoluteUri; session.ReferrerUrl = GetReferrerUrl(authService, session, request); var tokens = session.ProviderOAuthAccess.FirstOrDefault(x => x.Provider == Provider); if (tokens == null) session.ProviderOAuthAccess.Add(tokens = new AuthTokens { Provider = Provider }); return tokens; }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { var user = authService.Request.GetUser(); var userName = user.GetUserName(); if (!LoginMatchesSession(session, userName)) { authService.RemoveSession(); session = authService.GetSession(); } if (IsAuthorized(user)) { session.IsAuthenticated = true; if (session.UserAuthName == null) { session.UserAuthName = userName; } var aspReq = (HttpRequestBase)authService.Request.OriginalRequest; var loginUser = aspReq.ServerVariables["LOGON_USER"].ToNullIfEmpty(); var remoteUser = aspReq.ServerVariables["REMOTE_USER"].ToNullIfEmpty(); var identityName = aspReq.LogonUserIdentity != null ? aspReq.LogonUserIdentity.Name : null; session.DisplayName = loginUser ?? remoteUser ?? identityName; var tokens = new AuthTokens { Provider = Name, UserName = userName, DisplayName = session.DisplayName, Items = new Dictionary <string, string> { { "LOGON_USER", loginUser }, { "REMOTE_USER", remoteUser }, { "LogonUserIdentityName", identityName }, } }; session.ReferrerUrl = GetReferrerUrl(authService, session, request); var response = OnAuthenticated(authService, session, tokens, new Dictionary <string, string>()); if (session.Roles == null) { session.Roles = new List <string>(); } foreach (var role in AllRoles.Safe()) { if (user.IsInRole(role)) { session.Roles.AddIfNotExists(role); } } this.SaveSession(authService, session, SessionExpiry); if (response != null) { return(response); } return(new AuthenticateResponse { UserName = userName, SessionId = session.Id, DisplayName = session.DisplayName, ReferrerUrl = request.Continue }); } throw HttpError.Unauthorized(ErrorMessages.WindowsAuthFailed); }
public void ShouldUseLoginHintWhenUserNameKnown() { using (TestAppHost()) { Subject.ClientId = "c1"; Subject.DomainHint = "domain.hint"; var tokens = new AuthTokens { Provider = "aad", UserName = "******" }; var session = new AuthUserSession(); session.ProviderOAuthAccess.Add(tokens); var response = Subject.Authenticate(MockAuthService().Object, session, new Authenticate()); var result = (IHttpResult)response; var codeRequest = new Uri(result.Headers["Location"]); var query = PclExportClient.Instance.ParseQueryString(codeRequest.Query); query["login_hint"].Should().Be(tokens.UserName); } }