public CasAuthenticationMiddlewareTest()
{
// Arrange
var principalName = Guid.NewGuid().ToString();
principal = new CasPrincipal(new Assertion(principalName), "CAS");
ticketValidator = Mock.Of <IServiceTicketValidator>();
options = new CasAuthenticationOptions
{
ServiceTicketValidator = ticketValidator,
CasServerUrlBase = "http://example.com/cas"
};
server = new TestServer(new WebHostBuilder()
.ConfigureServices(services =>
{
services.AddAuthentication(options => options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme);
services.Configure <CookieAuthenticationOptions>(options =>
{
options.AutomaticAuthenticate = true;
options.AutomaticChallenge = true;
options.LoginPath = new PathString("/login");
options.LogoutPath = new PathString("/logout");
});
})
.Configure(app =>
{
app.UseCookieAuthentication();
app.UseCasAuthentication(options);
app.Use(async(context, next) =>
{
var request = context.Request;
if (request.Path.StartsWithSegments(new PathString("/login")))
{
await context.Authentication.ChallengeAsync(options.AuthenticationScheme, new AuthenticationProperties {
RedirectUri = "/"
});
}
else if (request.Path.StartsWithSegments(new PathString("/logout")))
{
await context.Authentication.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
}
await next.Invoke();
});
app.Run(async context =>
{
var user = context.User;
// Deny anonymous request beyond this point.
if (user == null || !user.Identities.Any(identity => identity.IsAuthenticated))
{
await context.Authentication.ChallengeAsync(options.AuthenticationScheme);
return;
}
// Display authenticated user id
await context.Response.WriteAsync((user.Identity as ClaimsIdentity)?.FindFirst(ClaimTypes.NameIdentifier)?.Value);
});
}));
client = server.CreateClient();
}
public CasAuthenticationMiddlewareTest()
{
// Arrange
var principalName = Guid.NewGuid().ToString();
principal = new CasPrincipal(new Assertion(principalName), "CAS");
ticketValidator = Mock.Of <IServiceTicketValidator>();
options = new CasAuthenticationOptions
{
ServiceTicketValidator = ticketValidator,
CasServerUrlBase = "http://example.com/cas"
};
server = TestServer.Create(app =>
{
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
LoginPath = new PathString("/login"),
LogoutPath = new PathString("/logout")
});
app.UseCasAuthentication(options);
app.Use((context, next) =>
{
var request = context.Request;
if (request.Path.StartsWithSegments(new PathString("/login")))
{
context.Authentication.Challenge(new AuthenticationProperties()
{
RedirectUri = "/"
}, options.AuthenticationType);
}
else if (request.Path.StartsWithSegments(new PathString("/logout")))
{
context.Authentication.SignOut(CookieAuthenticationDefaults.AuthenticationType);
}
return(next.Invoke());
});
app.Run(async context =>
{
var user = context.Authentication.User;
// Deny anonymous request beyond this point.
if (user == null || !user.Identities.Any(identity => identity.IsAuthenticated))
{
context.Authentication.Challenge(options.AuthenticationType);
return;
}
// Display authenticated principal name
await context.Response.WriteAsync(user.GetPrincipalName());
});
});
client = server.HttpClient;
}
public CasAuthenticationTest(CasFixture fixture)
{
_fixture = fixture;
// Arrange
var principalName = Guid.NewGuid().ToString();
_principal = new CasPrincipal(new Assertion(principalName), CasDefaults.AuthenticationType);
_ticketValidator = Mock.Of <IServiceTicketValidator>();
_server = new TestServer(new WebHostBuilder()
.ConfigureServices(services =>
{
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
options.LoginPath = "/login";
options.LogoutPath = "/logout";
})
.AddCAS(options =>
{
options.CallbackPath = "/signin-cas";
options.ServiceTicketValidator = _ticketValidator;
options.CasServerUrlBase = fixture.Options.CasServerUrlBase;
options.Events = new CasEvents
{
OnCreatingTicket = context =>
{
var assertion = context.Assertion;
if (assertion == null)
{
return(Task.CompletedTask);
}
if (!(context.Principal.Identity is ClaimsIdentity identity))
{
return(Task.CompletedTask);
}
identity.AddClaim(new Claim(identity.NameClaimType, assertion.PrincipalName));
return(Task.CompletedTask);
}
};
});
})
.Configure(app =>
{
app.UseAuthentication();
app.Use(async(context, next) =>
{
var request = context.Request;
if (request.Path.StartsWithSegments(new PathString("/login")))
{
await context.ChallengeAsync(CasDefaults.AuthenticationType, new AuthenticationProperties {
RedirectUri = "/"
}).ConfigureAwait(false);
return;
}
if (request.Path.StartsWithSegments(new PathString("/logout")))
{
await context.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme).ConfigureAwait(false);
}
await next.Invoke().ConfigureAwait(false);
});
app.Run(async context =>
{
var user = context.User;
// Deny anonymous request beyond this point.
if (user?.Identities.Any(identity => identity.IsAuthenticated) != true)
{
await context.ChallengeAsync(CasDefaults.AuthenticationType).ConfigureAwait(false);
return;
}
// Display authenticated user id
var claimsIdentity = user.Identity as ClaimsIdentity;
await context.Response.WriteAsync(claimsIdentity?.FindFirst(claimsIdentity.NameClaimType)?.Value).ConfigureAwait(false);
});
}));
_client = _server.CreateClient();
}
public CasAuthenticationMiddlewareTest(CasFixture fixture)
{
_fixture = fixture;
// Arrange
var principalName = Guid.NewGuid().ToString();
_principal = new CasPrincipal(new Assertion(principalName), CasDefaults.AuthenticationType);
_ticketValidator = Mock.Of <IServiceTicketValidator>();
_server = TestServer.Create(app =>
{
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
LoginPath = new PathString("/login"),
LogoutPath = new PathString("/logout")
});
app.UseCasAuthentication(new CasAuthenticationOptions
{
CallbackPath = new PathString("/signin-cas"),
ServiceTicketValidator = _ticketValidator,
CasServerUrlBase = fixture.Options.CasServerUrlBase,
Provider = new CasAuthenticationProvider
{
OnCreatingTicket = context =>
{
var assertion = (context.Identity as CasIdentity)?.Assertion;
if (assertion == null)
{
return(Task.CompletedTask);
}
context.Identity.AddClaim(new Claim(context.Identity.NameClaimType, assertion.PrincipalName));
return(Task.CompletedTask);
}
}
});
app.Use(async(context, next) =>
{
var request = context.Request;
if (request.Path.StartsWithSegments(new PathString("/login")))
{
context.Authentication.Challenge(new AuthenticationProperties {
RedirectUri = "/"
}, CasDefaults.AuthenticationType);
return;
}
if (request.Path.StartsWithSegments(new PathString("/logout")))
{
context.Authentication.SignOut(CookieAuthenticationDefaults.AuthenticationType);
}
await next.Invoke();
});
app.Run(async context =>
{
var user = context.Authentication.User;
// Deny anonymous request beyond this point.
if (user == null || !user.Identities.Any(identity => identity.IsAuthenticated))
{
context.Authentication.Challenge(CasDefaults.AuthenticationType);
return;
}
// Display authenticated principal name
await context.Response.WriteAsync(user.GetPrincipalName());
});
});
_client = _server.HttpClient;
}