public void GetHttpClient_AddsHandler() { TestMessageHandler handler = new TestMessageHandler(); CloudFoundryOptions options = new CloudFoundryOptions() { BackchannelHttpHandler = handler }; var resolver = new CloudFoundryTokenKeyResolver(options); var client = resolver.GetHttpClient(); client.GetAsync("http://localhost/"); Assert.NotNull(handler.LastRequest); }
public async Task FetchKeySet_IssuesHttpRequest_ReturnsKeyset() { var keyset = "{ 'keys':[{'kid':'legacy-token-key','alg':'SHA256withRSA','value':'-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+7xH35bYBppsn54cBW+\nFlrveTe+3L4xl7ix13XK8eBcCmNOyBhNzhks6toDiRjrgw5QW76cFirVRFIVQkiZ\nsUwDyGOax3q8NOJyBFXiplIUScrx8aI0jkY/Yd6ixAc5yBSBfXThy4EF9T0xCyt4\nxWLYNXMRwe88Y+i+MEoLNXWRbhjJm76LN7rsdIxALbS0vJNWUDALWjtE6FeYX6uU\nL9msAzlCQkdnSvwMmr8Ij2O3IVMxHDJXOZinFqt9zVfXwO11o7ZmiskZnRz1/V0f\nvbUQAadkcDEUt1gk9cbrAhiipg8VWDMsC7VUXuekJZjme5f8oWTwpsgP6cTUzwSS\n6wIDAQAB\n-----END PUBLIC KEY-----','kty':'RSA','use':'sig','n':'AJPu8R9+W2AaabJ+eHAVvhZa73k3vty+MZe4sdd1yvHgXApjTsgYTc4ZLOraA4kY64MOUFu+nBYq1URSFUJImbFMA8hjmsd6vDTicgRV4qZSFEnK8fGiNI5GP2HeosQHOcgUgX104cuBBfU9MQsreMVi2DVzEcHvPGPovjBKCzV1kW4YyZu+ize67HSMQC20tLyTVlAwC1o7ROhXmF+rlC/ZrAM5QkJHZ0r8DJq/CI9jtyFTMRwyVzmYpxarfc1X18DtdaO2ZorJGZ0c9f1dH721EAGnZHAxFLdYJPXG6wIYoqYPFVgzLAu1VF7npCWY5nuX/KFk8KbID+nE1M8Ekus=','e':'AQAB'}]}"; var handler = new TestMessageHandler(); var response = new HttpResponseMessage(System.Net.HttpStatusCode.OK) { Content = new StringContent(keyset) }; handler.Response = response; CloudFoundryTokenKeyResolver.Resolved.Clear(); var resolver = new CloudFoundryTokenKeyResolver("https://foo.bar", handler, true); var result = await resolver.FetchKeySet(); Assert.NotNull(result); }
public void ResolveSigningKey_IssuesHttpRequest_DoesntResolveKey() { var token = "eyJhbGciOiJSUzI1NiIsImtpZCI6ImxlZ2FjeS10b2tlbi1rZXkiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOiI0YjM2NmY4MDdlMjU0MzlmYmRkOTEwZDc4ZjcwYzlhMSIsInN1YiI6ImZlNmExYmUyLWM5MTEtNDM3OC05Y2MxLTVhY2Y1NjA1Y2ZjMiIsInNjb3BlIjpbImNsb3VkX2NvbnRyb2xsZXIucmVhZCIsImNsb3VkX2NvbnRyb2xsZXJfc2VydmljZV9wZXJtaXNzaW9ucy5yZWFkIiwidGVzdGdyb3VwIiwib3BlbmlkIl0sImNsaWVudF9pZCI6Im15VGVzdEFwcCIsImNpZCI6Im15VGVzdEFwcCIsImF6cCI6Im15VGVzdEFwcCIsImdyYW50X3R5cGUiOiJhdXRob3JpemF0aW9uX2NvZGUiLCJ1c2VyX2lkIjoiZmU2YTFiZTItYzkxMS00Mzc4LTljYzEtNWFjZjU2MDVjZmMyIiwib3JpZ2luIjoidWFhIiwidXNlcl9uYW1lIjoiZGF2ZSIsImVtYWlsIjoiZGF2ZSIsImF1dGhfdGltZSI6MTQ3MzYxNTU0MSwicmV2X3NpZyI6IjEwZDM1NzEyIiwiaWF0IjoxNDczNjI0MjU1LCJleHAiOjE0NzM2Njc0NTUsImlzcyI6Imh0dHBzOi8vdWFhLnN5c3RlbS50ZXN0Y2xvdWQuY29tL29hdXRoL3Rva2VuIiwiemlkIjoidWFhIiwiYXVkIjpbImNsb3VkX2NvbnRyb2xsZXIiLCJteVRlc3RBcHAiLCJvcGVuaWQiLCJjbG91ZF9jb250cm9sbGVyX3NlcnZpY2VfcGVybWlzc2lvbnMiXX0.Hth_SXpMAyiTf--U75r40qODlSUr60U730IW28K2VidEltW3lN3_CE7HkSjolRGr-DYuWHRvy3i_EwBfj1WTkBaXL373UzPVvNBnat9Gi-vjz07LwmBohk3baG1mmlL8IoGbQwtsmfUPhmO5C6_M4s9wKmTf9XIZPVo_w7zPJadrXfHLfx6iQob7CYpTTix2VBWya29iL7kmD1J1UDT5YRg2J9XT30iFuL6BvPQTkuGnX3ivDuUOSdxM8Z451i0VJmc0LYFBCLJ-Tz6bJ2d0wrtfsbCfuNtxjmGJevcL2jKQbEoiliYj60qNtZdT-ijGUdZjE9caxQ2nOkDkowacpw"; var keyset = "{ 'keys':[{'kid':'foobar','alg':'SHA256withRSA','value':'-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+7xH35bYBppsn54cBW+\nFlrveTe+3L4xl7ix13XK8eBcCmNOyBhNzhks6toDiRjrgw5QW76cFirVRFIVQkiZ\nsUwDyGOax3q8NOJyBFXiplIUScrx8aI0jkY/Yd6ixAc5yBSBfXThy4EF9T0xCyt4\nxWLYNXMRwe88Y+i+MEoLNXWRbhjJm76LN7rsdIxALbS0vJNWUDALWjtE6FeYX6uU\nL9msAzlCQkdnSvwMmr8Ij2O3IVMxHDJXOZinFqt9zVfXwO11o7ZmiskZnRz1/V0f\nvbUQAadkcDEUt1gk9cbrAhiipg8VWDMsC7VUXuekJZjme5f8oWTwpsgP6cTUzwSS\n6wIDAQAB\n-----END PUBLIC KEY-----','kty':'RSA','use':'sig','n':'AJPu8R9+W2AaabJ+eHAVvhZa73k3vty+MZe4sdd1yvHgXApjTsgYTc4ZLOraA4kY64MOUFu+nBYq1URSFUJImbFMA8hjmsd6vDTicgRV4qZSFEnK8fGiNI5GP2HeosQHOcgUgX104cuBBfU9MQsreMVi2DVzEcHvPGPovjBKCzV1kW4YyZu+ize67HSMQC20tLyTVlAwC1o7ROhXmF+rlC/ZrAM5QkJHZ0r8DJq/CI9jtyFTMRwyVzmYpxarfc1X18DtdaO2ZorJGZ0c9f1dH721EAGnZHAxFLdYJPXG6wIYoqYPFVgzLAu1VF7npCWY5nuX/KFk8KbID+nE1M8Ekus=','e':'AQAB'}]}"; var handler = new TestMessageHandler(); var response = new HttpResponseMessage(System.Net.HttpStatusCode.OK) { Content = new StringContent(keyset) }; handler.Response = response; CloudFoundryTokenKeyResolver.Resolved.Clear(); var resolver = new CloudFoundryTokenKeyResolver("https://foo.bar", handler, true); var result = resolver.ResolveSigningKey(token, null, "legacy-token-key", null); Assert.NotNull(handler.LastRequest); Assert.False(CloudFoundryTokenKeyResolver.Resolved.ContainsKey("legacy-token-key")); Assert.Null(result); }
public async void CreateTicketAsync_SendsTokenInfoRequest_ReturnsValidTokenInfo() { TestMessageHandler handler = new TestMessageHandler(); var response = new HttpResponseMessage(System.Net.HttpStatusCode.OK) { Content = new StringContent(TestHelpers.GetValidTokenInfoRequestResponse()) }; handler.Response = response; HttpClient client = new HttpClient(handler); var opts = new CloudFoundryOAuthOptions() { Backchannel = client }; MyTestCloudFoundryHandler testHandler = GetTestHandler(opts); ClaimsIdentity identity = new ClaimsIdentity(); #if NETCOREAPP3_0 var payload = JsonDocument.Parse(TestHelpers.GetValidTokenInfoRequestResponse()); var tokens = OAuthTokenResponse.Success(payload); #else var payload = JObject.Parse(TestHelpers.GetValidTokenInfoRequestResponse()); var tokens = OAuthTokenResponse.Success(payload); #endif var resp = await testHandler.TestCreateTicketAsync(identity, new AuthenticationProperties(), tokens); Assert.NotNull(handler.LastRequest); Assert.Equal(HttpMethod.Post, handler.LastRequest.Method); Assert.Equal(opts.TokenInfoUrl.ToLowerInvariant(), handler.LastRequest.RequestUri.ToString().ToLowerInvariant()); Assert.Equal("testssouser", identity.Name); Assert.Equal(4, identity.Claims.Count()); identity.HasClaim(ClaimTypes.Email, "*****@*****.**"); identity.HasClaim(ClaimTypes.NameIdentifier, "13bb6841-e4d6-4a9a-876c-9ef13aa61cc7"); identity.HasClaim(ClaimTypes.Name, "testssouser"); identity.HasClaim("openid", string.Empty); }
public void BuildChallengeUrl_CreatesCorrectUrl() { var handler = new TestMessageHandler(); var response = new HttpResponseMessage(System.Net.HttpStatusCode.OK) { Content = new StringContent(TestHelpers.GetValidTokenRequestResponse()) }; handler.Response = response; var client = new HttpClient(handler); var opts = new CloudFoundryOAuthOptions() { Backchannel = client }; var testHandler = GetTestHandler(opts); var props = new AuthenticationProperties(); var result = testHandler.TestBuildChallengeUrl(props, "https://foo.bar/redirect"); Assert.Equal("http://Default_OAuthServiceUrl/oauth/authorize?response_type=code&client_id=Default_ClientId&redirect_uri=https%3A%2F%2Ffoo.bar%2Fredirect&scope=", result); }
public async void CreateTicketAsync_SendsTokenInfoRequest_ReturnsValidTokenInfo() { TestMessageHandler handler = new TestMessageHandler(); var response = new HttpResponseMessage(System.Net.HttpStatusCode.OK); response.Content = new StringContent(TestHelpers.GetValidTokenInfoRequestResponse()); handler.Response = response; HttpClient client = new HttpClient(handler); MyTestCloudFoundryHandler testHandler = new MyTestCloudFoundryHandler(client); var opts = new CloudFoundryOptions(); var context = new DefaultHttpContext(); context.Features.Set <IHttpResponseFeature>(new TestResponse()); var logger = new LoggerFactory().CreateLogger("CreateTicketAsync_SendsTokenRequest"); await testHandler.InitializeAsync(opts, context, logger, UrlEncoder.Default); ClaimsIdentity identity = new ClaimsIdentity(); var payload = JObject.Parse(TestHelpers.GetValidTokenInfoRequestResponse()); var tokens = OAuthTokenResponse.Success(payload); var resp = await testHandler.TestCreateTicketAsync(identity, new AuthenticationProperties(), tokens); Assert.NotNull(handler.LastRequest); Assert.Equal(HttpMethod.Post, handler.LastRequest.Method); Assert.Equal(opts.TokenInfoUrl.ToLowerInvariant(), handler.LastRequest.RequestUri.ToString().ToLowerInvariant()); Assert.Equal("testssouser", identity.Name); Assert.Equal(4, identity.Claims.Count()); identity.HasClaim(ClaimTypes.Email, "*****@*****.**"); identity.HasClaim(ClaimTypes.NameIdentifier, "13bb6841-e4d6-4a9a-876c-9ef13aa61cc7"); identity.HasClaim(ClaimTypes.Name, "testssouser"); identity.HasClaim("openid", string.Empty); }
public async void BuildChallengeUrl_CreatesCorrectUrl() { TestMessageHandler handler = new TestMessageHandler(); var response = new HttpResponseMessage(System.Net.HttpStatusCode.OK); response.Content = new StringContent(TestHelpers.GetValidTokenRequestResponse()); handler.Response = response; HttpClient client = new HttpClient(handler); MyTestCloudFoundryHandler testHandler = new MyTestCloudFoundryHandler(client); var opts = new CloudFoundryOptions(); var context = new DefaultHttpContext(); context.Features.Set <IHttpResponseFeature>(new TestResponse()); var logger = new LoggerFactory().CreateLogger("ExchangeCodeAsync_SendsTokenRequest"); await testHandler.InitializeAsync(opts, context, logger, UrlEncoder.Default); AuthenticationProperties props = new AuthenticationProperties(); string result = testHandler.TestBuildChallengeUrl(props, "http://foo.bar/redirect"); Assert.Equal("http://Default_OAuthServiceUrl/oauth/authorize?response_type=code&client_id=Default_ClientId&redirect_uri=http%3A%2F%2Ffoo.bar%2Fredirect&scope=", result); }