private string GenerateHash(
string queueId,
string originalUrl,
string placeInQueue,
RedirectType redirectType,
string timestamp,
DateTime expires,
string fingerprint,
string secretKey)
{
using (SHA256 sha2 = SHA256.Create())
{
string valueToHash = string.Concat(
queueId,
originalUrl,
placeInQueue,
redirectType.ToString(),
timestamp,
expires.ToString("o"),
secretKey,
fingerprint);
byte[] hash = sha2.ComputeHash(Encoding.UTF8.GetBytes(valueToHash));
return(BitConverter.ToString(hash));
}
}
private static void SetCookie(
IQueue queue,
string queueId,
string originalUrl,
int placeInQueue,
RedirectType redirectType,
string timeStamp,
string hash,
DateTime expirationTime)
{
var key = GenerateKey(queue.CustomerId, queue.EventId);
HttpCookie validationCookie = new HttpCookie(key);
validationCookie.Values["QueueId"] = queueId;
validationCookie.Values["OriginalUrl"] = HttpUtility.UrlEncode(originalUrl);
validationCookie.Values["PlaceInQueue"] = Hashing.EncryptPlaceInQueue(placeInQueue);
validationCookie.Values["RedirectType"] = redirectType.ToString();
validationCookie.Values["TimeStamp"] = timeStamp;
validationCookie.Values["Hash"] = hash;
validationCookie.HttpOnly = true;
validationCookie.Domain = CookieDomain;
validationCookie.Expires = expirationTime;
validationCookie.Values["Expires"] = expirationTime.ToString("o");
if (HttpContext.Current.Response.Cookies.AllKeys.Any(cookieKey => cookieKey == key))
{
HttpContext.Current.Response.Cookies.Remove(key);
}
HttpContext.Current.Response.Cookies.Add(validationCookie);
}
public void CookieValidateResultRepository_GetValidationResult_ReadCookie_Test()
{
string secretKey = "acb";
string expectedCustomerId = "CustomerId";
string expectedEventId = "EventId";
Guid expectedQueueId = new Guid(4567846, 35, 87, 3, 5, 8, 6, 4, 8, 2, 3);
Uri expectedOriginalUrl = new Uri("http://original.url/");
int expectedPlaceInQueue = 5486;
RedirectType expectedRedirectType = RedirectType.Queue;
long expectedSecondsSince1970 = 5465468;
DateTime expectedTimeStamp = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc).AddSeconds(expectedSecondsSince1970);
string cookieName = "QueueITAccepted-SDFrts345E-" + expectedCustomerId.ToLower() + "-" + expectedEventId.ToLower();
DateTime expectedExpires = DateTime.UtcNow.AddMinutes(2);
string expectedHash = GenerateHash(
expectedQueueId.ToString(),
expectedOriginalUrl.AbsoluteUri,
expectedPlaceInQueue.ToString(),
expectedRedirectType,
expectedSecondsSince1970.ToString(),
expectedExpires,
string.Empty,
secretKey);
this._queue.Stub(queue => queue.CustomerId).Return(expectedCustomerId);
this._queue.Stub(queue => queue.EventId).Return(expectedEventId);
HttpCookie cookie = new HttpCookie(cookieName);
cookie.Values["QueueId"] = expectedQueueId.ToString();
cookie.Values["OriginalUrl"] = expectedOriginalUrl.AbsoluteUri;
cookie.Values["PlaceInQueue"] = Hashing.EncryptPlaceInQueue(expectedPlaceInQueue);
cookie.Values["RedirectType"] = expectedRedirectType.ToString();
cookie.Values["TimeStamp"] = expectedSecondsSince1970.ToString();
cookie.Values["Hash"] = expectedHash;
cookie.Values["Expires"] = expectedExpires.ToString("o");
cookie.HttpOnly = true;
this._request.Cookies.Add(cookie);
KnownUserFactory.Configure(secretKey);
CookieValidateResultRepository repository = new CookieValidateResultRepository();
AcceptedConfirmedResult actualResult = repository.GetValidationResult(this._queue) as AcceptedConfirmedResult;
Assert.IsNotNull(actualResult);
Assert.AreEqual(this._queue, actualResult.Queue);
Assert.AreEqual(expectedCustomerId, actualResult.KnownUser.CustomerId);
Assert.AreEqual(expectedEventId, actualResult.KnownUser.EventId);
Assert.AreEqual(expectedQueueId, actualResult.KnownUser.QueueId);
Assert.AreEqual(expectedOriginalUrl, actualResult.KnownUser.OriginalUrl);
Assert.AreEqual(expectedPlaceInQueue, actualResult.KnownUser.PlaceInQueue);
Assert.AreEqual(expectedRedirectType, actualResult.KnownUser.RedirectType);
Assert.AreEqual(expectedTimeStamp, actualResult.KnownUser.TimeStamp);
}
public void CookieValidateResultRepository_SetValidationResult_WriteCookie_Test()
{
string secretKey = "acb";
string expectedCustomerId = "CustomerId";
string expectedEventId = "EventId";
Guid expectedQueueId = new Guid(4567846, 35, 87, 3, 5, 8, 6, 4, 8, 2, 3);
string expectedOriginalUrl = "http://original.url/";
int expectedPlaceInQueue = 5486;
RedirectType expectedRedirectType = RedirectType.Queue;
long expectedSecondsSince1970 = 5465468;
DateTime expectedTimeStamp = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc).AddSeconds(expectedSecondsSince1970);
string expectedCookieName = "QueueITAccepted-SDFrts345E-" + expectedCustomerId.ToLower() + "-" + expectedEventId.ToLower();
this._knownUser.Stub(knownUser => knownUser.CustomerId).Return(expectedCustomerId);
this._knownUser.Stub(knownUser => knownUser.EventId).Return(expectedEventId);
this._knownUser.Stub(knownUser => knownUser.QueueId).Return(expectedQueueId);
this._knownUser.Stub(knownUser => knownUser.OriginalUrl).Return(expectedOriginalUrl);
this._knownUser.Stub(knownUser => knownUser.PlaceInQueue).Return(expectedPlaceInQueue);
this._knownUser.Stub(knownUser => knownUser.RedirectType).Return(expectedRedirectType);
this._knownUser.Stub(knownUser => knownUser.TimeStamp).Return(expectedTimeStamp);
this._queue.Stub(queue => queue.CustomerId).Return(expectedCustomerId);
this._queue.Stub(queue => queue.EventId).Return(expectedEventId);
CookieValidateResultRepository.Configure(null);
KnownUserFactory.Configure(secretKey);
CookieValidateResultRepository repository = new CookieValidateResultRepository();
AcceptedConfirmedResult result = new AcceptedConfirmedResult(this._queue, this._knownUser, true);
repository.SetValidationResult(this._queue, result);
Assert.AreEqual(1, this._response.Cookies.Count);
Assert.AreEqual(expectedCookieName, this._response.Cookies[0].Name);
Assert.IsNull(this._response.Cookies[0].Domain);
Assert.IsTrue(this._response.Cookies[0].HttpOnly);
Assert.IsTrue(this._response.Cookies[0].Expires > DateTime.UtcNow.AddMinutes(19).AddSeconds(50));
Assert.IsTrue(this._response.Cookies[0].Expires < DateTime.UtcNow.AddMinutes(20).AddSeconds(10));
Assert.AreEqual(expectedQueueId.ToString(), this._response.Cookies[0]["QueueId"]);
Assert.AreEqual(expectedSecondsSince1970.ToString(), this._response.Cookies[0]["TimeStamp"]);
Assert.AreEqual(expectedRedirectType.ToString(), this._response.Cookies[0]["RedirectType"]);
Assert.AreEqual(expectedPlaceInQueue, Hashing.DecryptPlaceInQueue(this._response.Cookies[0]["PlaceInQueue"]));
}
public void CookieValidateResultRepository_GetValidationResult_ModifiedCookie_Test()
{
string secretKey = "acb";
string expectedCustomerId = "CustomerId";
string expectedEventId = "EventId";
Guid expectedQueueId = new Guid(4567846, 35, 87, 3, 5, 8, 6, 4, 8, 2, 3);
Uri expectedOriginalUrl = new Uri("http://original.url/");
int expectedPlaceInQueue = 5486;
RedirectType expectedRedirectType = RedirectType.Queue;
long expectedSecondsSince1970 = 5465468;
DateTime expectedTimeStamp = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc).AddSeconds(expectedSecondsSince1970);
string cookieName = "QueueITAccepted-SDFrts345E-" + expectedCustomerId.ToLower() + "-" + expectedEventId.ToLower();
string expectedHash = "D5-48-23-FE-D0-42-D0-59-88-39-AB-D0-CA-A0-18-5D-B8-21-2C-A7-62-A9-65-73-62-68-74-C5-1C-50-09-BA";
this._queue.Stub(queue => queue.CustomerId).Return(expectedCustomerId);
this._queue.Stub(queue => queue.EventId).Return(expectedEventId);
HttpCookie cookie = new HttpCookie(cookieName);
cookie.Values["QueueId"] = expectedQueueId.ToString();
cookie.Values["OriginalUrl"] = expectedOriginalUrl.AbsoluteUri;
cookie.Values["PlaceInQueue"] = Hashing.EncryptPlaceInQueue(expectedPlaceInQueue - 10);
cookie.Values["RedirectType"] = expectedRedirectType.ToString();
cookie.Values["TimeStamp"] = expectedSecondsSince1970.ToString();
cookie.Values["Hash"] = expectedHash;
this._request.Cookies.Add(cookie);
KnownUserFactory.Configure(secretKey);
CookieValidateResultRepository repository = new CookieValidateResultRepository();
AcceptedConfirmedResult actualResult = repository.GetValidationResult(this._queue) as AcceptedConfirmedResult;
Assert.IsNull(actualResult);
}
public void CookieValidateResultRepository_GetValidationResult_IdleQueue_NoRenewCookie_Test()
{
string secretKey = "acb";
string expectedCustomerId = "CustomerId";
string expectedEventId = "EventId";
Guid expectedQueueId = Guid.Empty;
Uri expectedOriginalUrl = new Uri("http://original.url/");
int expectedPlaceInQueue = 0;
RedirectType expectedRedirectType = RedirectType.Idle;
long expectedSecondsSince1970 = 0;
string cookieName = "QueueITAccepted-SDFrts345E-" + expectedCustomerId.ToLower() + "-" + expectedEventId.ToLower();
string expectedHash = "17-77-3F-7D-2E-10-B1-F0-9B-41-5A-DD-37-BB-8E-3A-F7-0B-F2-9F-E3-3B-2B-F5-83-CE-88-C5-8C-15-26-B4";
this._queue.Stub(queue => queue.CustomerId).Return(expectedCustomerId);
this._queue.Stub(queue => queue.EventId).Return(expectedEventId);
HttpCookie cookie = new HttpCookie(cookieName);
cookie.Values["QueueId"] = expectedQueueId.ToString();
cookie.Values["OriginalUrl"] = expectedOriginalUrl.AbsoluteUri;
cookie.Values["PlaceInQueue"] = Hashing.EncryptPlaceInQueue(expectedPlaceInQueue);
cookie.Values["RedirectType"] = expectedRedirectType.ToString();
cookie.Values["TimeStamp"] = expectedSecondsSince1970.ToString();
cookie.Values["Hash"] = expectedHash;
this._request.Cookies.Add(cookie);
KnownUserFactory.Configure(secretKey);
CookieValidateResultRepository repository = new CookieValidateResultRepository();
repository.GetValidationResult(this._queue);
Assert.AreEqual(0, this._response.Cookies.Count);
}
private string GenerateHash(
string queueId,
string originalUrl,
string placeInQueue,
RedirectType redirectType,
string timestamp,
DateTime expires)
{
using (SHA256 sha2 = SHA256.Create())
{
string valueToHash = string.Concat(
queueId,
originalUrl,
placeInQueue,
redirectType.ToString(),
timestamp,
expires.ToString("o"),
KnownUserFactory.SecretKey);
byte[] hash = sha2.ComputeHash(Encoding.UTF8.GetBytes(valueToHash));
return BitConverter.ToString(hash);
}
}
private static void SetCookie(
IQueue queue,
string queueId,
string originalUrl,
int placeInQueue,
RedirectType redirectType,
string timeStamp,
string hash,
DateTime expirationTime)
{
var key = GenerateKey(queue.CustomerId, queue.EventId);
HttpCookie validationCookie = new HttpCookie(key);
validationCookie.Values["QueueId"] = queueId;
validationCookie.Values["OriginalUrl"] = HttpUtility.UrlEncode(originalUrl);
validationCookie.Values["PlaceInQueue"] = Hashing.EncryptPlaceInQueue(placeInQueue);
validationCookie.Values["RedirectType"] = redirectType.ToString();
validationCookie.Values["TimeStamp"] = timeStamp;
validationCookie.Values["Hash"] = hash;
validationCookie.HttpOnly = true;
validationCookie.Domain = CookieDomain;
validationCookie.Expires = expirationTime;
validationCookie.Values["Expires"] = expirationTime.ToString("o");
if (HttpContext.Current.Response.Cookies.AllKeys.Any(cookieKey => cookieKey == key))
HttpContext.Current.Response.Cookies.Remove(key);
HttpContext.Current.Response.Cookies.Add(validationCookie);
}
public override string ToString()
{
return(String.Format("Redirect based on '{0}' to '{1}'.", RedirectType.ToString().ToLower(), RedirectTarget));
}
