コード例 #1
0
        public void AddPolicyRule(Uri scopeUri, PolicyRule rule)
        {
            var scopes = this.RetrieveScopes() as IList<PolicyScope>;
            var policyScope = (from s in scopes
                               where s.Uri.ToString() == scopeUri.ToString()
                               select s).FirstOrDefault();

            if (policyScope == null)
            {
                throw new PolicyScopeException(Resources.ScopeNotFound);
            }

            policyScope.AddRule(rule);

            this.SaveScopes(scopes);
        }
コード例 #2
0
        public void ShoudMatchInputClaimWithAssertionMatchAll()
        {
            var store = new MockPolicyStore();
            ClaimsPolicyEvaluator evaluator = new ClaimsPolicyEvaluator(store);

            InputPolicyClaim inputClaim = new InputPolicyClaim(this.issuer, this.inputClaimType, "myInputClaim");
            OutputPolicyClaim outputClaim = new OutputPolicyClaim(this.outputClaimType, "myOutputClaimValue");
            PolicyRule rule = new PolicyRule(AssertionsMatch.All, new[] { inputClaim }, outputClaim);
            store.RetrieveScopesReturnValue = new List<PolicyScope>() { new PolicyScope(new Uri("http://myScope"), new[] { rule }) };

            IEnumerable<Claim> evaluatedOutputClaims = evaluator.Evaluate(new Uri("http://myScope"), new[] { new Claim("http://myInputClaimType", "myInputClaim", string.Empty, "http://myInputClaimIssuer") });

            Assert.IsNotNull(evaluatedOutputClaims);
            Assert.AreEqual(1, evaluatedOutputClaims.Count());
            Assert.AreEqual("http://myOutputClaimType", evaluatedOutputClaims.ElementAt(0).ClaimType);
            Assert.AreEqual("myOutputClaimValue", evaluatedOutputClaims.ElementAt(0).Value);
        }
コード例 #3
0
        public void AddRuleShouldAddClaimTypeIfDoesNotExists()
        {
            var scope = RetrievePolicyScope();
            var claimFullName = "http://tests/newsampleclaimtype/";
            var inputClaim = new InputPolicyClaim(sampleIssuer, new ClaimType(claimFullName, string.Empty), "new sample value");
            var rule = new PolicyRule(AssertionsMatch.Any, new List<InputPolicyClaim> { inputClaim }, GetSampleOutputClaim());

            Assert.AreEqual(1, scope.ClaimTypes.Count);

            scope.AddRule(rule);

            Assert.AreEqual(2, scope.ClaimTypes.Count);

            var result = scope.ClaimTypes.ElementAt(1);

            Assert.AreEqual(claimFullName, result.FullName);
            Assert.AreEqual("newsampleclaimtype", result.DisplayName);
        }
コード例 #4
0
        public void AddRuleDoesNotAddPolicyRuleIfAlreadyExists()
        {
            var scope = RetrievePolicyScope();
            var orginalRule = new PolicyRule(AssertionsMatch.Any, GetSampleInputClaims(), GetSampleOutputClaim());

            Assert.AreEqual(0, scope.Rules.Count);

            scope.AddRule(orginalRule);

            Assert.AreEqual(1, scope.Rules.Count);
            Assert.AreSame(orginalRule, scope.Rules[0]);

            var copyRule = new PolicyRule(AssertionsMatch.Any, GetSampleInputClaims(), GetSampleOutputClaim());

            scope.AddRule(orginalRule);

            Assert.AreEqual(1, scope.Rules.Count);
            Assert.AreSame(orginalRule, scope.Rules[0]);
        }
コード例 #5
0
        public void ShouldMatchInputClaimAndCopyInputIssuerToOutputValue()
        {
            var store = new MockPolicyStore();
            ClaimsPolicyEvaluator evaluator = new ClaimsPolicyEvaluator(store);

            ClaimType inputClaimType = new ClaimType("http://myInputClaimType");
            ClaimType outputClaimType = new ClaimType("http://myOutputClaimType");
            Issuer issuer = new Issuer("http://myInputClaimIssuer");

            InputPolicyClaim inputClaim = new InputPolicyClaim(issuer, inputClaimType, "myInputClaim");
            OutputPolicyClaim outputClaim = new OutputPolicyClaim(outputClaimType, string.Empty, CopyFromConstants.InputIssuer);
            PolicyRule rule = new PolicyRule(AssertionsMatch.Any, new[] { inputClaim }, outputClaim);
            store.RetrieveScopesReturnValue = new List<PolicyScope>() { new PolicyScope(new Uri("http://myScope"), new[] { rule }) };

            IEnumerable<Claim> evaluatedOutputClaims = evaluator.Evaluate(new Uri("http://myScope"), new[] { new Claim("http://myInputClaimType", "myInputClaim", string.Empty, "http://myInputClaimIssuer") });

            Assert.IsNotNull(evaluatedOutputClaims);
            Assert.AreEqual(1, evaluatedOutputClaims.Count());
            Assert.AreEqual("http://myOutputClaimType", evaluatedOutputClaims.ElementAt(0).ClaimType);
            Assert.AreEqual("http://myInputClaimIssuer", evaluatedOutputClaims.ElementAt(0).Value);
        }
コード例 #6
0
 public void RemovePolicyRule(Uri scopeUri, PolicyRule rule)
 {
     throw new NotImplementedException();
 }
コード例 #7
0
 public void AddPolicyRule(Uri scope, PolicyRule rule)
 {
     throw new NotImplementedException();
 }
コード例 #8
0
        public void ShouldOutputCorrectInputValue()
        {
            var store = new MockPolicyStore();
            ClaimsPolicyEvaluator evaluator = new ClaimsPolicyEvaluator(store);
            InputPolicyClaim inputPolicyClaim1 = new InputPolicyClaim(this.issuer, this.inputClaimType, "*");

            ClaimType outputClaimType1 = new ClaimType("http://myOutputClaimType1");
            OutputPolicyClaim outputPolicyClaim1 = new OutputPolicyClaim(outputClaimType1, "myOutputClaimValue");

            PolicyRule policyRule1 = new PolicyRule(AssertionsMatch.Any, new[] { inputPolicyClaim1 }, outputPolicyClaim1);

            InputPolicyClaim inputPolicyClaim2 = new InputPolicyClaim(this.issuer, this.inputClaimType, "inputClaimValue");

            ClaimType outputClaimType2 = new ClaimType("http://myOutputClaimType2");
            OutputPolicyClaim outputPolicyClaim2 = new OutputPolicyClaim(outputClaimType2, string.Empty, CopyFromConstants.InputValue);
            PolicyRule policyRule2 = new PolicyRule(AssertionsMatch.Any, new[] { inputPolicyClaim2 }, outputPolicyClaim2);
            store.RetrieveScopesReturnValue = new List<PolicyScope>() { new PolicyScope(new Uri("http://myScope"), new[] { policyRule1, policyRule2 }) };

            IEnumerable<Claim> evaluatedOutputClaims = evaluator.Evaluate(new Uri("http://myScope"), new[] { new Claim("http://myInputClaimType", "inputClaimValue", string.Empty, "http://myInputClaimIssuer") });

            Assert.IsNotNull(evaluatedOutputClaims);
            Assert.AreEqual(2, evaluatedOutputClaims.Count());
            var outputClaim1 = evaluatedOutputClaims.FirstOrDefault(c => c.ClaimType == "http://myOutputClaimType1");
            Assert.IsNotNull(outputClaim1);
            Assert.AreEqual("myOutputClaimValue", outputClaim1.Value);
            var outputClaim2 = evaluatedOutputClaims.FirstOrDefault(c => c.ClaimType == "http://myOutputClaimType2");
            Assert.IsNotNull(outputClaim2);
            Assert.AreEqual("inputClaimValue", outputClaim2.Value);
        }
コード例 #9
0
        public void ShouldMatchInputClaimValueInCaseInsensitiveFashion()
        {
            var store = new MockPolicyStore();
            var scopeUri = new Uri("http://myScope");
            var inputClaimValue = "myInputClaimValue";
            var outputClaimValue = "myOutputClaimValue";

            InputPolicyClaim inputClaim = new InputPolicyClaim(
                new Issuer("http://myInputClaimIssuer", "myInputClaimIssuer"),
                new ClaimType("http://myInputClaimType", "myInputClaimType"),
                inputClaimValue);
            OutputPolicyClaim outputClaim = new OutputPolicyClaim(
                new ClaimType("http://myOutputClaimType", "myOutputClaimType"),
                outputClaimValue);
            PolicyRule rule = new PolicyRule(AssertionsMatch.Any, new[] { inputClaim }, outputClaim);
            store.RetrieveScopesReturnValue = new List<PolicyScope> { new PolicyScope(scopeUri, new[] { rule }) };

            var evaluator = new ClaimsPolicyEvaluator(store);
            var evaluatedOutputClaims = evaluator.Evaluate(scopeUri, new[] { new Claim("http://myInputClaimType", inputClaimValue.ToUpperInvariant(), string.Empty, "http://myInputClaimIssuer") });

            Assert.IsNotNull(evaluatedOutputClaims);
            Assert.AreEqual(1, evaluatedOutputClaims.Count());
            Assert.AreEqual(outputClaimValue, evaluatedOutputClaims.ElementAt(0).Value);
        }
コード例 #10
0
        public void AddRuleShouldAddNewPolicyRuleToTheScope()
        {
            var scope = RetrievePolicyScope();
            var rule = new PolicyRule(AssertionsMatch.Any, GetSampleInputClaims(), GetSampleOutputClaim());

            Assert.AreEqual(0, scope.Rules.Count);

            scope.AddRule(rule);

            Assert.AreEqual(1, scope.Rules.Count);
            Assert.AreSame(rule, scope.Rules[0]);
        }
コード例 #11
0
        public void AddRuleThrowsIfIssuerOfInputClaimIsNull()
        {
            var scope = RetrievePolicyScope();
            var inputClaim = new InputPolicyClaim(null, sampleClaimType, "sample value");
            var rule = new PolicyRule(AssertionsMatch.Any, new List<InputPolicyClaim> { inputClaim }, GetSampleOutputClaim());

            scope.AddRule(rule);
        }
コード例 #12
0
        public void AddRuleThrowsIfIssuerOfInputClaimDoesNotExists()
        {
            var scope = RetrievePolicyScope();
            var newIssuer = new Issuer("http://newsampleissuer");
            var inputClaim = new InputPolicyClaim(newIssuer, sampleClaimType, "sample value");
            var rule = new PolicyRule(AssertionsMatch.Any, new List<InputPolicyClaim> { inputClaim }, GetSampleOutputClaim());

            scope.AddRule(rule);
        }
コード例 #13
0
        public void AddRuleShouldSetTheRightClaimTypeDisplayName()
        {
            var scope = RetrievePolicyScope();
            var inputClaimType = new ClaimType("http://tests/sampleclaimtype/", string.Empty);

            var inputClaim = new InputPolicyClaim(sampleIssuer, inputClaimType, "new sample value");
            var rule = new PolicyRule(AssertionsMatch.Any, new List<InputPolicyClaim> { inputClaim }, GetSampleOutputClaim());

            Assert.AreEqual(string.Empty, inputClaimType.DisplayName);
            Assert.AreEqual(1, scope.ClaimTypes.Count);

            scope.AddRule(rule);

            Assert.AreEqual(sampleClaimType.DisplayName, inputClaimType.DisplayName);
            Assert.AreEqual(1, scope.ClaimTypes.Count);
        }
コード例 #14
0
        private static XElement SerializaRule(PolicyRule rule)
        {
            XElement ruleElement = new XElement("rule");
            ruleElement.SetAttributeValue("assertionsMatch", rule.AssertionsMatch.ToString());
            XElement inputElement = new XElement("input");
            ruleElement.Add(inputElement);
            foreach (var claim in rule.InputClaims)
            {
                inputElement.Add(SerializeInputClaim(claim));
            }

            ruleElement.Add(SerializeOutputClaim(rule.OutputClaim));
            return ruleElement;
        }