コード例 #1
0
        public void CommandResultExtensions_DoesNotApplyCookieWhenNoNameSet()
        {
            var cr = new CommandResult()
            {
                RequestState = new StoredRequestState(
                    new EntityId("http://idp.example.com"),
                    new Uri("http://sp.example.com/loggedout"),
                    new Saml2Id("id123"),
                    null),
                SetCookieName = null
            };

            var context = OwinTestHelpers.CreateOwinContext();

            var dataProtector = new StubDataProtector();

            cr.Apply(context, dataProtector);

            var setCookieHeader = context.Response.Headers["Set-Cookie"];

            var protectedData = HttpRequestData.ConvertBinaryData(
                StubDataProtector.Protect(cr.GetSerializedRequestState()));

            setCookieHeader.Should().Be(null);
        }
コード例 #2
0
        public void CommandREsultExtensions_Apply_Cookie_EmitSameSiteNone_AndSecure()
        {
            var cr = new CommandResult()
            {
                RequestState = new StoredRequestState(
                    new EntityId("http://idp.example.com"),
                    new Uri("http://sp.example.com/loggedout"),
                    new Saml2Id("id123"),
                    null),
                SetCookieName       = "CookieName",
                SetCookieSecureFlag = true,
            };

            var context = OwinTestHelpers.CreateOwinContext();

            var dataProtector = new StubDataProtector();

            cr.Apply(context, dataProtector, new CookieManager(), true);

            var setCookieHeader = context.Response.Headers["Set-Cookie"];

            var protectedData = HttpRequestData.ConvertBinaryData(
                StubDataProtector.Protect(cr.GetSerializedRequestState()));

            var expected = $"CookieName={protectedData}; path=/; secure; HttpOnly; SameSite=None";

            setCookieHeader.Should().Be(expected);
        }
コード例 #3
0
        public void CommandResultExtensions_Apply_Cookie()
        {
            var cr = new CommandResult()
            {
                RequestState = new StoredRequestState(
                    new EntityId("http://idp.example.com"),
                    new Uri("http://sp.example.com/loggedout"),
                    new Saml2Id("id123"),
                    null),
                SetCookieName       = "CookieName",
                SetCookieSecureFlag = false,
            };

            var context = OwinTestHelpers.CreateOwinContext();

            var mockCookieManager = Substitute.For <ICookieManager>();
            var dataProtector     = new StubDataProtector();

            cr.Apply(context, dataProtector, mockCookieManager, false);

            var protectedData = HttpRequestData.ConvertBinaryData(
                StubDataProtector.Protect(cr.GetSerializedRequestState()));

            mockCookieManager.Received().AppendResponseCookie(
                context,
                "CookieName",
                protectedData,
                Arg.Is <CookieOptions>(c => c.HttpOnly && c.Path == "/")
                );
        }
コード例 #4
0
        public void OwinContextExtensions_ToHttpRequestData_HandlesRelayStateWithoutCookie()
        {
            var ctx = OwinTestHelpers.CreateOwinContext();

            ctx.Request.QueryString = new QueryString("RelayState", "SomeState");

            ctx.Invoking(async c => await c.ToHttpRequestData(null))
            .ShouldNotThrow();
        }
コード例 #5
0
        public async Task OwinContextExtensions_ToHttpRequestData_ApplicationNotInRoot()
        {
            var ctx = OwinTestHelpers.CreateOwinContext();

            ctx.Request.PathBase = new PathString("/ApplicationPath");

            var actual = await ctx.ToHttpRequestData(null);

            actual.ApplicationUrl.Should().Be(new Uri("http://sp.example.com/ApplicationPath"));
        }
コード例 #6
0
        public async Task Saml2Urls_Ctor_FromOwinHttpRequestData_PublicOrigin()
        {
            var ctx     = OwinTestHelpers.CreateOwinContext();
            var options = StubFactory.CreateOptionsPublicOrigin(new Uri("https://my.public.origin:8443/"));
            var subject = await ctx.ToHttpRequestData(null, Options.FromConfiguration.Notifications?.GetRelayState);

            var urls = new Saml2Urls(subject, options);

            urls.AssertionConsumerServiceUrl.ShouldBeEquivalentTo("https://my.public.origin:8443/Saml2/Acs");
            urls.SignInUrl.ShouldBeEquivalentTo("https://my.public.origin:8443/Saml2/SignIn");
        }
コード例 #7
0
        public void CommandResult_Apply_Headers()
        {
            var cr = new CommandResult();

            cr.Headers.Add("header", "value");

            var context = OwinTestHelpers.CreateOwinContext();

            cr.Apply(context, null);

            context.Response.Headers["header"].Should().Be("value");
        }
コード例 #8
0
        public async Task Saml2Urls_Ctor_FromOwinHttpRequestData_PublicOrigin()
        {
            var ctx     = OwinTestHelpers.CreateOwinContext();
            var options = StubFactory.CreateOptionsPublicOrigin(new Uri("https://my.public.origin:8443/"));
            var subject = await ctx.ToHttpRequestData(Substitute.For <ICookieManager>(), null);

            var urls = new Saml2Urls(subject, options);

            urls.AssertionConsumerServiceUrl.Should().BeEquivalentTo(
                new Uri("https://my.public.origin:8443/Saml2/Acs"));
            urls.SignInUrl.Should().BeEquivalentTo(
                new Uri("https://my.public.origin:8443/Saml2/SignIn"));
        }
コード例 #9
0
        public void CommandResultExtensions_Apply_Redirect()
        {
            string redirectUrl = "http://somewhere.else.example.com?Foo=Bar%20XYZ";
            var    cr          = new CommandResult()
            {
                HttpStatusCode = HttpStatusCode.SeeOther,
                Location       = new Uri(redirectUrl)
            };

            var context = OwinTestHelpers.CreateOwinContext();

            cr.Apply(context, null);

            context.Response.StatusCode.Should().Be(303);
            context.Response.Headers["Location"].Should().Be(redirectUrl);
        }
コード例 #10
0
        public void CommandResultExtensions_Apply_ClearCookie()
        {
            var cr = new CommandResult()
            {
                ClearCookieName = "CookieName"
            };

            var context       = OwinTestHelpers.CreateOwinContext();
            var dataProtector = new StubDataProtector();

            cr.Apply(context, dataProtector);

            var setCookieHeader = context.Response.Headers["Set-Cookie"];

            var expected = "CookieName=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT";

            setCookieHeader.Should().Be(expected);
        }
コード例 #11
0
        public async Task OwinContextExtensions_ToHttpRequestData_ReadsRelayStateCookie()
        {
            var ctx = OwinTestHelpers.CreateOwinContext();

            ctx.Request.QueryString = new QueryString("RelayState", "SomeState");

            var storedRequestState = new StoredRequestState(
                null, new Uri("http://sp.example.com"), null, null);

            var cookieData = HttpRequestData.ConvertBinaryData(
                StubDataProtector.Protect(storedRequestState.Serialize()));

            ctx.Request.Headers["Cookie"] = $"{StoredRequestState.CookieNameBase}SomeState={cookieData}";

            var actual = await ctx.ToHttpRequestData(StubDataProtector.Unprotect);

            actual.StoredRequestState.ShouldBeEquivalentTo(storedRequestState);
        }
コード例 #12
0
        public void CommandResultExtensions_Apply_ClearCookie()
        {
            var cr = new CommandResult()
            {
                ClearCookieName = "CookieName"
            };

            var context           = OwinTestHelpers.CreateOwinContext();
            var dataProtector     = new StubDataProtector();
            var mockCookieManager = Substitute.For <ICookieManager>();

            cr.Apply(context, dataProtector, mockCookieManager, true);

            mockCookieManager.Received().DeleteCookie(
                context,
                "CookieName",
                Arg.Is <CookieOptions>(c => c.Path == "/" && !c.Expires.HasValue)
                );
        }
コード例 #13
0
        public async Task OwinContextExtensions_ToHttpRequestData()
        {
            var ctx = OwinTestHelpers.CreateOwinContext();

            ctx.Request.Body        = new MemoryStream(Encoding.UTF8.GetBytes("Input1=Value1&Input2=Value2"));
            ctx.Request.Method      = "POST";
            ctx.Request.ContentType = "application/x-www-form-urlencoded";
            ctx.Request.Path        = new PathString("/somePath");
            ctx.Request.QueryString = new QueryString("param=value");

            var actual = await ctx.ToHttpRequestData(StubDataProtector.Unprotect);

            actual.Url.Should().Be(ctx.Request.Uri);
            actual.Form.Count.Should().Be(2);
            actual.Form["Input1"].Should().Be("Value1");
            actual.Form["Input2"].Should().Be("Value2");
            actual.HttpMethod.Should().Be("POST");
            actual.ApplicationUrl.Should().Be(new Uri("http://sp.example.com/"));
        }
コード例 #14
0
        public async Task OwinContextExtensions_ToHttpRequestData_ReadsRelayStateCookie()
        {
            var ctx = OwinTestHelpers.CreateOwinContext();

            ctx.Request.QueryString = new QueryString("RelayState", "SomeState");

            var storedRequestState = new StoredRequestState(
                null, new Uri("http://sp.example.com"), null, null);

            var cookieName = $"{StoredRequestState.CookieNameBase}SomeState";
            var cookieData = HttpRequestData.ConvertBinaryData(
                StubDataProtector.Protect(storedRequestState.Serialize()));

            var cookieManager = Substitute.For <ICookieManager>();

            cookieManager.GetRequestCookie(ctx, cookieName).Returns(cookieData);

            var actual = await ctx.ToHttpRequestData(cookieManager, StubDataProtector.Unprotect);

            actual.StoredRequestState.Should().BeEquivalentTo(storedRequestState);
        }
コード例 #15
0
        public void CommandResultExtensions_Apply_Content()
        {
            var cr = new CommandResult()
            {
                Content     = "Some Content!",
                ContentType = "application/whatever+text"
            };

            var context = OwinTestHelpers.CreateOwinContext();

            cr.Apply(context, null);

            context.Response.StatusCode.Should().Be(200);
            context.Response.ContentType.Should().Be("application/whatever+text");
            context.Response.Body.Seek(0, SeekOrigin.Begin);

            using (var reader = new StreamReader(context.Response.Body))
            {
                var bodyText = reader.ReadToEnd();
                bodyText.Should().Be("Some Content!");
            }
        }
コード例 #16
0
        public void CommandResultExtensions_Apply_NullCheck_CommandResult()
        {
            Action a = () => ((CommandResult)null).Apply(OwinTestHelpers.CreateOwinContext(), null);

            a.Should().Throw <ArgumentNullException>().And.ParamName.Should().Be("commandResult");
        }