public void RemoteCertificateValidationRulesTest() { //ARRANGE var configuration = new CertificateValidationConfiguration { UsePinningValidation = false, X509CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.Custom }; var configurationProvider = new CertificateValidationConfigurationProvider(() => configuration); var validator = new BackchannelCertificateValidator(configurationProvider); var certificateStore = new X509Store("TestCertStore", StoreLocation.LocalMachine); var validationResult = false; //ACT try { certificateStore.Open(OpenFlags.ReadOnly); var certificate = certificateStore.Certificates.Find(X509FindType.FindBySubjectName, "ApiraTestCertificate", false)[0]; var x509Chain = new X509Chain(true); x509Chain.Build(certificate); validationResult = validator.Validate(this, certificate, x509Chain, SslPolicyErrors.None); } finally { certificateStore.Close(); certificateStore.Dispose(); } //ASSERT Assert.True(validationResult); }
public void SerialiseMetadataTest() { //ARRANGE var logger = new LogProviderMock(); var contextBuilder = new InlineMetadataContextBuilder(); var metadataRequest = new MetadataGenerateRequest(MetadataType.SP, "local"); var context = contextBuilder.BuildContext(metadataRequest); var configurationProvider = new CertificateValidationConfigurationProvider(); var certificateValidator = new CertificateValidator(configurationProvider, logger); var metadata = context.EntityDesriptorConfiguration; var spDescriptorConfigurtion = context.EntityDesriptorConfiguration.RoleDescriptors.First() as SPSSODescriptorConfiguration; var descriptorBuilder = new ServiceProviderSingleSignOnDescriptorBuilder(); var descriptor = descriptorBuilder.BuildDescriptor(spDescriptorConfigurtion); var entityDescriptor = new EntityDescriptor(new EntityId("EntityIdTest")); entityDescriptor.RoleDescriptors.Add(descriptor); var metadataSerialiser = new FederationMetadataSerialiser(certificateValidator, logger); //ACT var sb = new StringBuilder(); using (var xmlWriter = XmlWriter.Create(sb)) { metadataSerialiser.Serialise(xmlWriter, entityDescriptor); } var xmlResult = sb.ToString(); //ASSERT Assert.IsFalse(String.IsNullOrWhiteSpace(xmlResult)); }
public async Task WsFederationConfigurationRetrieverTest() { //ARRANGE var webRequestHandler = new WebRequestHandler(); webRequestHandler.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback((_, __, ___, ____) => true); var httpClient = new HttpClient(webRequestHandler); var documentRetrieer = new HttpDocumentRetriever(() => httpClient); var configurationProvider = new CertificateValidationConfigurationProvider(); var certValidator = new CertificateValidator(configurationProvider); var logger = new LogProviderMock(); var serialiser = new FederationMetadataSerialiser(certValidator, logger); var configurationRetriever = new WsFederationConfigurationRetriever(documentRetrieer, serialiser); //ACT //var baseMetadata = await WsFederationConfigurationRetriever.GetAsync("https://dg-mfb/idp/shibboleth", documentRetrieer, new CancellationToken()); var context = new FederationPartyConfiguration("local", "https://www.testshib.org/metadata/testshib-providers.xml"); var baseMetadata = await configurationRetriever.GetAsync(context, new CancellationToken()); var metadata = baseMetadata as EntitiesDescriptor; //ASSERT Assert.IsTrue(metadata != null); Assert.AreEqual(2, metadata.ChildEntities.Count); }
public void SPMetadata_serialise_deserialise_Test() { ////ARRANGE var logger = new LogProviderMock(); string metadataXml = String.Empty; var metadataWriter = new TestMetadatWriter(el => metadataXml = el.OuterXml); var contextBuilder = new InlineMetadataContextBuilder(); var metadataRequest = new MetadataGenerateRequest(MetadataType.SP, "local"); var metadataContext = contextBuilder.BuildContext(metadataRequest); var context = new FederationPartyConfiguration(metadataRequest.FederationPartyId, "localhost"); context.MetadataContext = metadataContext; var configurationProvider = new CertificateValidationConfigurationProvider(); var certificateValidator = new CertificateValidator(configurationProvider); var ssoCryptoProvider = new CertificateManager(logger); var metadataSerialiser = new FederationMetadataSerialiser(certificateValidator, logger); var metadataDispatcher = new FederationMetadataDispatcherMock(() => new[] { metadataWriter }); var sPSSOMetadataProvider = new SPSSOMetadataProvider(metadataDispatcher, ssoCryptoProvider, metadataSerialiser, g => context, logger); //ACT sPSSOMetadataProvider.CreateMetadata(metadataRequest); var xmlReader = XmlReader.Create(new StringReader(metadataXml)); var deserialisedMetadata = metadataSerialiser.ReadMetadata(xmlReader) as EntityDescriptor; //ASSERT Assert.IsFalse(String.IsNullOrWhiteSpace(metadataXml)); Assert.AreEqual(1, deserialisedMetadata.RoleDescriptors.Count); }
public async Task SPMetadataGenerationTest() { ////ARRANGE var result = String.Empty; var metadataWriter = new TestMetadatWriter(el => result = el.OuterXml); var logger = new LogProviderMock(); var contextBuilder = new InlineMetadataContextBuilder(); var metadataRequest = new MetadataGenerateRequest(MetadataType.SP, "local"); var metadataContext = contextBuilder.BuildContext(metadataRequest); var context = new FederationPartyConfiguration(metadataRequest.FederationPartyId, "localhost"); context.MetadataContext = metadataContext; var configurationProvider = new CertificateValidationConfigurationProvider(); var certificateValidator = new CertificateValidator(configurationProvider, logger); var ssoCryptoProvider = new CertificateManager(logger); var metadataSerialiser = new FederationMetadataSerialiser(certificateValidator, logger); var metadataDispatcher = new FederationMetadataDispatcherMock(() => new[] { metadataWriter }); var sPSSOMetadataProvider = new SPSSOMetadataProvider(metadataDispatcher, ssoCryptoProvider, metadataSerialiser, g => context, logger); //ACT await sPSSOMetadataProvider.CreateMetadata(metadataRequest); //ASSERT Assert.IsFalse(String.IsNullOrWhiteSpace(result)); }
public void SPMetadata_serialise_deserialise_Test() { ////ARRANGE string metadataXml = String.Empty; var metadataWriter = new TestMetadatWriter(el => metadataXml = el.OuterXml); var contextBuilder = new InlineMetadataContextBuilder(); var context = contextBuilder.BuildContext(); var configurationProvider = new CertificateValidationConfigurationProvider(); var certificateValidator = new CertificateValidator(configurationProvider); var ssoCryptoProvider = new CertificateManager(); var metadataSerialiser = new FederationMetadataSerialiser(certificateValidator); var sPSSOMetadataProvider = new SPSSOMetadataProvider(metadataWriter, ssoCryptoProvider, metadataSerialiser, g => context); //ACT sPSSOMetadataProvider.CreateMetadata(MetadataType.SP); var xmlReader = XmlReader.Create(new StringReader(metadataXml)); var deserialisedMetadata = metadataSerialiser.ReadMetadata(xmlReader) as EntityDescriptor; //ASSERT Assert.IsFalse(String.IsNullOrWhiteSpace(metadataXml)); Assert.AreEqual(1, deserialisedMetadata.RoleDescriptors.Count); }
public void SPMetadataGenerationTest() { ////ARRANGE var result = String.Empty; var metadataWriter = new TestMetadatWriter(el => result = el.OuterXml); //var metadataWriter = new TestMetadatWriter(el => //{ // using (var writer = XmlWriter.Create(@"D:\Dan\Software\Apira\SPMetadata\SPMetadata.xml")) // { // el.WriteTo(writer); // writer.Flush(); // } //}); var contextBuilder = new InlineMetadataContextBuilder(); var context = contextBuilder.BuildContext(); var configurationProvider = new CertificateValidationConfigurationProvider(); var certificateValidator = new CertificateValidator(configurationProvider); var ssoCryptoProvider = new CertificateManager(); var metadataSerialiser = new FederationMetadataSerialiser(certificateValidator); var sPSSOMetadataProvider = new SPSSOMetadataProvider(metadataWriter, ssoCryptoProvider, metadataSerialiser, g => context); //ACT sPSSOMetadataProvider.CreateMetadata(MetadataType.SP); //ASSERT Assert.IsFalse(String.IsNullOrWhiteSpace(result)); }
public void RemoteCertificateValidationCallbackTest() { //ARRANGE var configurationProvider = new CertificateValidationConfigurationProvider(); var validator = new CertificateValidator(configurationProvider); //ACT //ASSERT Assert.Throws <NotImplementedException>(() => validator.Validate(null, null, null, System.Net.Security.SslPolicyErrors.None)); }
public void MetadataSerialisationCertificateTest() { //ARRANGE var configurationProvider = new CertificateValidationConfigurationProvider(); var validator = new CertificateValidator(configurationProvider); //ACT //ASSERT Assert.Throws <NotImplementedException>(() => validator.Validate((X509Certificate2)null)); }
public void SPMetadataGenerationTest_sql_source() { ////ARRANGE var result = false; var metadataWriter = new TestMetadatWriter(el => { result = true; }); var cacheProvider = new CacheProviderMock(); var customConfiguration = new DbCustomConfiguration(); var connectionStringProvider = new MetadataConnectionStringProviderMock(); var models = ReflectionHelper.GetAllTypes(new[] { typeof(MetadataContextBuilder).Assembly }) .Where(t => !t.IsAbstract && !t.IsInterface && typeof(BaseModel).IsAssignableFrom(t)); customConfiguration.ModelsFactory = () => models; var seeders = ReflectionHelper.GetAllTypes(new[] { typeof(MetadataContextBuilder).Assembly }) .Where(t => !t.IsAbstract && !t.IsInterface && typeof(ISeeder).IsAssignableFrom(t)) .Select(x => (ISeeder)Activator.CreateInstance(x)); seeders .OrderBy(x => x.SeedingOrder) .Aggregate(customConfiguration.Seeders, (c, next) => { c.Add(next); return(c); }); object dbcontext = new DBContext(connectionStringProvider, customConfiguration); var metadataContextBuilder = new MetadataContextBuilder((IDbContext)dbcontext, cacheProvider); var metadataRequest = new MetadataGenerateRequest(MetadataType.SP, "local"); var metadatContext = metadataContextBuilder.BuildContext(metadataRequest); var context = new FederationPartyConfiguration(metadataRequest.FederationPartyId, "localhost") { MetadataContext = metadatContext }; var logger = new LogProviderMock(); var configurationProvider = new CertificateValidationConfigurationProvider((IDbContext)dbcontext, cacheProvider); var certificateValidator = new CertificateValidator(configurationProvider, logger); var ssoCryptoProvider = new CertificateManager(logger); var metadataSerialiser = new FederationMetadataSerialiser(certificateValidator, logger); var metadataDispatcher = new FederationMetadataDispatcherMock(() => new[] { metadataWriter }); var sPSSOMetadataProvider = new SPSSOMetadataProvider(metadataDispatcher, ssoCryptoProvider, metadataSerialiser, g => context, logger); //ACT sPSSOMetadataProvider.CreateMetadata(metadataRequest).Wait(); //ASSERT Assert.IsTrue(result); }
public void RemoteCertificateValidationCallbackTest() { //ARRANGE var configuration = new CertificateValidationConfiguration { UsePinningValidation = false, X509CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.Custom }; var configurationProvider = new CertificateValidationConfigurationProvider(() => configuration); var validator = new BackchannelCertificateValidator(configurationProvider); //ACT //ASSERT Assert.Throws <NotImplementedException>(() => validator.Validate(null, null, null, System.Net.Security.SslPolicyErrors.None)); }
public void SPMetadataGeneration_create_file() { ////ARRANGE var result = false; var path = @"D:\Dan\Software\Apira\SPMetadata\SPMetadataTest.xml"; var metadataWriter = new TestMetadatWriter(el => { if (File.Exists(path)) { File.Delete(path); } using (var writer = XmlWriter.Create(path)) { el.WriteTo(writer); writer.Flush(); } result = true; }); var logger = new LogProviderMock(); var contextBuilder = new InlineMetadataContextBuilder(); var metadataRequest = new MetadataGenerateRequest(MetadataType.SP, "local"); var metadatContext = contextBuilder.BuildContext(metadataRequest); var context = new FederationPartyConfiguration(metadataRequest.FederationPartyId, "localhost"); var configurationProvider = new CertificateValidationConfigurationProvider(); var certificateValidator = new CertificateValidator(configurationProvider); var ssoCryptoProvider = new CertificateManager(logger); var metadataSerialiser = new FederationMetadataSerialiser(certificateValidator, logger); var metadataDispatcher = new FederationMetadataDispatcherMock(() => new[] { metadataWriter }); var sPSSOMetadataProvider = new SPSSOMetadataProvider(metadataDispatcher, ssoCryptoProvider, metadataSerialiser, g => context, logger); //ACT sPSSOMetadataProvider.CreateMetadata(metadataRequest); //ASSERT Assert.IsTrue(result); }
public void SPMetadataGeneration_create_file() { ////ARRANGE var result = false; var path = @"D:\Dan\Software\Apira\SPMetadata\SPMetadataTest.xml"; var metadataWriter = new TestMetadatWriter(el => { if (File.Exists(path)) { File.Delete(path); } using (var writer = XmlWriter.Create(path)) { el.WriteTo(writer); writer.Flush(); } result = true; }); var contextBuilder = new InlineMetadataContextBuilder(); var context = contextBuilder.BuildContext(); var configurationProvider = new CertificateValidationConfigurationProvider(); var certificateValidator = new CertificateValidator(configurationProvider); var ssoCryptoProvider = new CertificateManager(); var metadataSerialiser = new FederationMetadataSerialiser(certificateValidator); var sPSSOMetadataProvider = new SPSSOMetadataProvider(metadataWriter, ssoCryptoProvider, metadataSerialiser, g => context); //ACT sPSSOMetadataProvider.CreateMetadata(MetadataType.SP); //ASSERT Assert.IsTrue(result); }
public async Task WsFederationConfigurationRetrieverTest() { //ARRANGE var logger = new LogProviderMock(); var bckChannelcertValidator = new CertificateValidatorMock(); var documentRetrieer = new HttpDocumentRetrieverMock(bckChannelcertValidator); var configurationProvider = new CertificateValidationConfigurationProvider(); var certValidator = new CertificateValidator(configurationProvider, logger); var serialiser = new FederationMetadataSerialiser(certValidator, logger); var configurationRetriever = new WsFederationConfigurationRetriever(_ => documentRetrieer, serialiser); //ACT var context = new FederationPartyConfiguration("local", "https://localhost"); var baseMetadata = await configurationRetriever.GetAsync(context, new CancellationToken()); var metadata = baseMetadata as EntityDescriptor; //ASSERT Assert.IsTrue(metadata != null); Assert.AreEqual(1, metadata.RoleDescriptors.Count); }
public void SPMetadataGenerationTest() { ////ARRANGE var result = String.Empty; var metadataWriter = new TestMetadatWriter(el => result = el.OuterXml); //var metadataWriter = new TestMetadatWriter(el => //{ // using (var writer = XmlWriter.Create(@"D:\Dan\Software\Apira\SPMetadata\SPMetadata.xml")) // { // el.WriteTo(writer); // writer.Flush(); // } //}); var logger = new LogProviderMock(); var contextBuilder = new InlineMetadataContextBuilder(); var metadataRequest = new MetadataGenerateRequest(MetadataType.SP, "local"); var metadataContext = contextBuilder.BuildContext(metadataRequest); var context = new FederationPartyConfiguration(metadataRequest.FederationPartyId, "localhost"); context.MetadataContext = metadataContext; var configurationProvider = new CertificateValidationConfigurationProvider(); var certificateValidator = new CertificateValidator(configurationProvider); var ssoCryptoProvider = new CertificateManager(logger); var metadataSerialiser = new FederationMetadataSerialiser(certificateValidator, logger); var metadataDispatcher = new FederationMetadataDispatcherMock(() => new[] { metadataWriter }); var sPSSOMetadataProvider = new SPSSOMetadataProvider(metadataDispatcher, ssoCryptoProvider, metadataSerialiser, g => context, logger); //ACT sPSSOMetadataProvider.CreateMetadata(metadataRequest); //ASSERT Assert.IsFalse(String.IsNullOrWhiteSpace(result)); }
public void MetadataSerialisationCertificateTest_failed() { //ARRANGE var store = new X509Store("TestCertStore"); try { store.Open(OpenFlags.ReadOnly); var certificate = store.Certificates.Find(X509FindType.FindBySubjectName, "ApiraTestCertificate", false)[0]; var configuration = new CertificateValidationConfiguration { UsePinningValidation = false, X509CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.Custom }; var rule1 = typeof(CertificateValidationRuleMock1).AssemblyQualifiedName; var rule2 = typeof(CertificateValidationRuleFailedMock).AssemblyQualifiedName; var ruleDescriptor = new ValidationRuleDescriptor(rule1); var ruleDescriptor2 = new ValidationRuleDescriptor(rule2); configuration.ValidationRules.Add(ruleDescriptor); configuration.ValidationRules.Add(ruleDescriptor2); configuration.ValidationRules.Add(new ValidationRuleDescriptor(rule1)); var configurationProvider = new CertificateValidationConfigurationProvider(() => configuration); var validator = new CertificateValidator(configurationProvider); //ACT //ASSERT Assert.Throws <InvalidOperationException>(() => validator.Validate(certificate)); } finally { store.Close(); store.Dispose(); } }
public void MetadataSerialisationCertificateTest_success() { //ARRANGE var logger = new LogProviderMock(); var store = new X509Store("TestCertStore"); try { store.Open(OpenFlags.ReadOnly); var certificate = store.Certificates.Find(X509FindType.FindBySubjectName, "www.eca-international.com", false)[0]; var configuration = new CertificateValidationConfiguration { X509CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.Custom }; var rule1 = typeof(CertificateValidationRuleMock1).AssemblyQualifiedName; var rule2 = typeof(CertificateValidationRuleMock).AssemblyQualifiedName; var ruleDescriptor = new ValidationRuleDescriptor(rule1); var ruleDescriptor2 = new ValidationRuleDescriptor(rule2); configuration.ValidationRules.Add(ruleDescriptor); configuration.ValidationRules.Add(ruleDescriptor2); configuration.ValidationRules.Add(new ValidationRuleDescriptor(rule1)); var configurationProvider = new CertificateValidationConfigurationProvider(() => configuration); var validator = new CertificateValidator(configurationProvider, logger); //ACT validator.Validate(certificate); //ASSERT } finally { store.Close(); store.Dispose(); } }
public async Task IdPMetadata_serialise_deserialise_Test() { ////ARRANGE var logger = new LogProviderMock(); string metadataXml = String.Empty; var metadataWriter = new TestMetadatWriter(el => metadataXml = el.OuterXml); CertificateValidationRulesFactory.InstanceCreator = ValidationRuleInstanceCreatorMock.CreateInstance; var contextBuilder = new InlineMetadataContextBuilder(); var metadataRequest = new MetadataGenerateRequest(MetadataType.Idp, "local"); var metadataContext = contextBuilder.BuildContext(metadataRequest); var context = new FederationPartyConfiguration(metadataRequest.FederationPartyId, "localhost"); context.MetadataContext = metadataContext; var configurationProvider = new CertificateValidationConfigurationProvider(); var certificateValidator = new CertificateValidator(configurationProvider, logger); var ssoCryptoProvider = new CertificateManager(logger); var metadataSerialiser = new FederationMetadataSerialiser(certificateValidator, logger); var metadataDispatcher = new FederationMetadataDispatcherMock(() => new[] { metadataWriter }); var idPSSOMetadataProvider = new IdpSSOMetadataProvider(metadataDispatcher, ssoCryptoProvider, metadataSerialiser, g => context, logger); //ACT await idPSSOMetadataProvider.CreateMetadata(metadataRequest); var xmlReader = XmlReader.Create(new StringReader(metadataXml)); var deserialisedMetadata = metadataSerialiser.Deserialise(xmlReader) as EntityDescriptor; //ASSERT Assert.IsFalse(String.IsNullOrWhiteSpace(metadataXml)); Assert.AreEqual(1, deserialisedMetadata.RoleDescriptors.Count); Assert.IsInstanceOf <IdentityProviderSingleSignOnDescriptor>(deserialisedMetadata.RoleDescriptors.Single()); }