private string GenerateHash( string queueId, string originalUrl, string placeInQueue, RedirectType redirectType, string timestamp, DateTime expires, string fingerprint, string secretKey) { using (SHA256 sha2 = SHA256.Create()) { string valueToHash = string.Concat( queueId, originalUrl, placeInQueue, redirectType.ToString(), timestamp, expires.ToString("o"), secretKey, fingerprint); byte[] hash = sha2.ComputeHash(Encoding.UTF8.GetBytes(valueToHash)); return(BitConverter.ToString(hash)); } }
private static void SetCookie( IQueue queue, string queueId, string originalUrl, int placeInQueue, RedirectType redirectType, string timeStamp, string hash, DateTime expirationTime) { var key = GenerateKey(queue.CustomerId, queue.EventId); HttpCookie validationCookie = new HttpCookie(key); validationCookie.Values["QueueId"] = queueId; validationCookie.Values["OriginalUrl"] = HttpUtility.UrlEncode(originalUrl); validationCookie.Values["PlaceInQueue"] = Hashing.EncryptPlaceInQueue(placeInQueue); validationCookie.Values["RedirectType"] = redirectType.ToString(); validationCookie.Values["TimeStamp"] = timeStamp; validationCookie.Values["Hash"] = hash; validationCookie.HttpOnly = true; validationCookie.Domain = CookieDomain; validationCookie.Expires = expirationTime; validationCookie.Values["Expires"] = expirationTime.ToString("o"); if (HttpContext.Current.Response.Cookies.AllKeys.Any(cookieKey => cookieKey == key)) { HttpContext.Current.Response.Cookies.Remove(key); } HttpContext.Current.Response.Cookies.Add(validationCookie); }
public void CookieValidateResultRepository_GetValidationResult_ReadCookie_Test() { string secretKey = "acb"; string expectedCustomerId = "CustomerId"; string expectedEventId = "EventId"; Guid expectedQueueId = new Guid(4567846, 35, 87, 3, 5, 8, 6, 4, 8, 2, 3); Uri expectedOriginalUrl = new Uri("http://original.url/"); int expectedPlaceInQueue = 5486; RedirectType expectedRedirectType = RedirectType.Queue; long expectedSecondsSince1970 = 5465468; DateTime expectedTimeStamp = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc).AddSeconds(expectedSecondsSince1970); string cookieName = "QueueITAccepted-SDFrts345E-" + expectedCustomerId.ToLower() + "-" + expectedEventId.ToLower(); DateTime expectedExpires = DateTime.UtcNow.AddMinutes(2); string expectedHash = GenerateHash( expectedQueueId.ToString(), expectedOriginalUrl.AbsoluteUri, expectedPlaceInQueue.ToString(), expectedRedirectType, expectedSecondsSince1970.ToString(), expectedExpires, string.Empty, secretKey); this._queue.Stub(queue => queue.CustomerId).Return(expectedCustomerId); this._queue.Stub(queue => queue.EventId).Return(expectedEventId); HttpCookie cookie = new HttpCookie(cookieName); cookie.Values["QueueId"] = expectedQueueId.ToString(); cookie.Values["OriginalUrl"] = expectedOriginalUrl.AbsoluteUri; cookie.Values["PlaceInQueue"] = Hashing.EncryptPlaceInQueue(expectedPlaceInQueue); cookie.Values["RedirectType"] = expectedRedirectType.ToString(); cookie.Values["TimeStamp"] = expectedSecondsSince1970.ToString(); cookie.Values["Hash"] = expectedHash; cookie.Values["Expires"] = expectedExpires.ToString("o"); cookie.HttpOnly = true; this._request.Cookies.Add(cookie); KnownUserFactory.Configure(secretKey); CookieValidateResultRepository repository = new CookieValidateResultRepository(); AcceptedConfirmedResult actualResult = repository.GetValidationResult(this._queue) as AcceptedConfirmedResult; Assert.IsNotNull(actualResult); Assert.AreEqual(this._queue, actualResult.Queue); Assert.AreEqual(expectedCustomerId, actualResult.KnownUser.CustomerId); Assert.AreEqual(expectedEventId, actualResult.KnownUser.EventId); Assert.AreEqual(expectedQueueId, actualResult.KnownUser.QueueId); Assert.AreEqual(expectedOriginalUrl, actualResult.KnownUser.OriginalUrl); Assert.AreEqual(expectedPlaceInQueue, actualResult.KnownUser.PlaceInQueue); Assert.AreEqual(expectedRedirectType, actualResult.KnownUser.RedirectType); Assert.AreEqual(expectedTimeStamp, actualResult.KnownUser.TimeStamp); }
public void CookieValidateResultRepository_SetValidationResult_WriteCookie_Test() { string secretKey = "acb"; string expectedCustomerId = "CustomerId"; string expectedEventId = "EventId"; Guid expectedQueueId = new Guid(4567846, 35, 87, 3, 5, 8, 6, 4, 8, 2, 3); string expectedOriginalUrl = "http://original.url/"; int expectedPlaceInQueue = 5486; RedirectType expectedRedirectType = RedirectType.Queue; long expectedSecondsSince1970 = 5465468; DateTime expectedTimeStamp = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc).AddSeconds(expectedSecondsSince1970); string expectedCookieName = "QueueITAccepted-SDFrts345E-" + expectedCustomerId.ToLower() + "-" + expectedEventId.ToLower(); this._knownUser.Stub(knownUser => knownUser.CustomerId).Return(expectedCustomerId); this._knownUser.Stub(knownUser => knownUser.EventId).Return(expectedEventId); this._knownUser.Stub(knownUser => knownUser.QueueId).Return(expectedQueueId); this._knownUser.Stub(knownUser => knownUser.OriginalUrl).Return(expectedOriginalUrl); this._knownUser.Stub(knownUser => knownUser.PlaceInQueue).Return(expectedPlaceInQueue); this._knownUser.Stub(knownUser => knownUser.RedirectType).Return(expectedRedirectType); this._knownUser.Stub(knownUser => knownUser.TimeStamp).Return(expectedTimeStamp); this._queue.Stub(queue => queue.CustomerId).Return(expectedCustomerId); this._queue.Stub(queue => queue.EventId).Return(expectedEventId); CookieValidateResultRepository.Configure(null); KnownUserFactory.Configure(secretKey); CookieValidateResultRepository repository = new CookieValidateResultRepository(); AcceptedConfirmedResult result = new AcceptedConfirmedResult(this._queue, this._knownUser, true); repository.SetValidationResult(this._queue, result); Assert.AreEqual(1, this._response.Cookies.Count); Assert.AreEqual(expectedCookieName, this._response.Cookies[0].Name); Assert.IsNull(this._response.Cookies[0].Domain); Assert.IsTrue(this._response.Cookies[0].HttpOnly); Assert.IsTrue(this._response.Cookies[0].Expires > DateTime.UtcNow.AddMinutes(19).AddSeconds(50)); Assert.IsTrue(this._response.Cookies[0].Expires < DateTime.UtcNow.AddMinutes(20).AddSeconds(10)); Assert.AreEqual(expectedQueueId.ToString(), this._response.Cookies[0]["QueueId"]); Assert.AreEqual(expectedSecondsSince1970.ToString(), this._response.Cookies[0]["TimeStamp"]); Assert.AreEqual(expectedRedirectType.ToString(), this._response.Cookies[0]["RedirectType"]); Assert.AreEqual(expectedPlaceInQueue, Hashing.DecryptPlaceInQueue(this._response.Cookies[0]["PlaceInQueue"])); }
public void CookieValidateResultRepository_GetValidationResult_ModifiedCookie_Test() { string secretKey = "acb"; string expectedCustomerId = "CustomerId"; string expectedEventId = "EventId"; Guid expectedQueueId = new Guid(4567846, 35, 87, 3, 5, 8, 6, 4, 8, 2, 3); Uri expectedOriginalUrl = new Uri("http://original.url/"); int expectedPlaceInQueue = 5486; RedirectType expectedRedirectType = RedirectType.Queue; long expectedSecondsSince1970 = 5465468; DateTime expectedTimeStamp = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc).AddSeconds(expectedSecondsSince1970); string cookieName = "QueueITAccepted-SDFrts345E-" + expectedCustomerId.ToLower() + "-" + expectedEventId.ToLower(); string expectedHash = "D5-48-23-FE-D0-42-D0-59-88-39-AB-D0-CA-A0-18-5D-B8-21-2C-A7-62-A9-65-73-62-68-74-C5-1C-50-09-BA"; this._queue.Stub(queue => queue.CustomerId).Return(expectedCustomerId); this._queue.Stub(queue => queue.EventId).Return(expectedEventId); HttpCookie cookie = new HttpCookie(cookieName); cookie.Values["QueueId"] = expectedQueueId.ToString(); cookie.Values["OriginalUrl"] = expectedOriginalUrl.AbsoluteUri; cookie.Values["PlaceInQueue"] = Hashing.EncryptPlaceInQueue(expectedPlaceInQueue - 10); cookie.Values["RedirectType"] = expectedRedirectType.ToString(); cookie.Values["TimeStamp"] = expectedSecondsSince1970.ToString(); cookie.Values["Hash"] = expectedHash; this._request.Cookies.Add(cookie); KnownUserFactory.Configure(secretKey); CookieValidateResultRepository repository = new CookieValidateResultRepository(); AcceptedConfirmedResult actualResult = repository.GetValidationResult(this._queue) as AcceptedConfirmedResult; Assert.IsNull(actualResult); }
public void CookieValidateResultRepository_GetValidationResult_IdleQueue_NoRenewCookie_Test() { string secretKey = "acb"; string expectedCustomerId = "CustomerId"; string expectedEventId = "EventId"; Guid expectedQueueId = Guid.Empty; Uri expectedOriginalUrl = new Uri("http://original.url/"); int expectedPlaceInQueue = 0; RedirectType expectedRedirectType = RedirectType.Idle; long expectedSecondsSince1970 = 0; string cookieName = "QueueITAccepted-SDFrts345E-" + expectedCustomerId.ToLower() + "-" + expectedEventId.ToLower(); string expectedHash = "17-77-3F-7D-2E-10-B1-F0-9B-41-5A-DD-37-BB-8E-3A-F7-0B-F2-9F-E3-3B-2B-F5-83-CE-88-C5-8C-15-26-B4"; this._queue.Stub(queue => queue.CustomerId).Return(expectedCustomerId); this._queue.Stub(queue => queue.EventId).Return(expectedEventId); HttpCookie cookie = new HttpCookie(cookieName); cookie.Values["QueueId"] = expectedQueueId.ToString(); cookie.Values["OriginalUrl"] = expectedOriginalUrl.AbsoluteUri; cookie.Values["PlaceInQueue"] = Hashing.EncryptPlaceInQueue(expectedPlaceInQueue); cookie.Values["RedirectType"] = expectedRedirectType.ToString(); cookie.Values["TimeStamp"] = expectedSecondsSince1970.ToString(); cookie.Values["Hash"] = expectedHash; this._request.Cookies.Add(cookie); KnownUserFactory.Configure(secretKey); CookieValidateResultRepository repository = new CookieValidateResultRepository(); repository.GetValidationResult(this._queue); Assert.AreEqual(0, this._response.Cookies.Count); }
private string GenerateHash( string queueId, string originalUrl, string placeInQueue, RedirectType redirectType, string timestamp, DateTime expires) { using (SHA256 sha2 = SHA256.Create()) { string valueToHash = string.Concat( queueId, originalUrl, placeInQueue, redirectType.ToString(), timestamp, expires.ToString("o"), KnownUserFactory.SecretKey); byte[] hash = sha2.ComputeHash(Encoding.UTF8.GetBytes(valueToHash)); return BitConverter.ToString(hash); } }
private static void SetCookie( IQueue queue, string queueId, string originalUrl, int placeInQueue, RedirectType redirectType, string timeStamp, string hash, DateTime expirationTime) { var key = GenerateKey(queue.CustomerId, queue.EventId); HttpCookie validationCookie = new HttpCookie(key); validationCookie.Values["QueueId"] = queueId; validationCookie.Values["OriginalUrl"] = HttpUtility.UrlEncode(originalUrl); validationCookie.Values["PlaceInQueue"] = Hashing.EncryptPlaceInQueue(placeInQueue); validationCookie.Values["RedirectType"] = redirectType.ToString(); validationCookie.Values["TimeStamp"] = timeStamp; validationCookie.Values["Hash"] = hash; validationCookie.HttpOnly = true; validationCookie.Domain = CookieDomain; validationCookie.Expires = expirationTime; validationCookie.Values["Expires"] = expirationTime.ToString("o"); if (HttpContext.Current.Response.Cookies.AllKeys.Any(cookieKey => cookieKey == key)) HttpContext.Current.Response.Cookies.Remove(key); HttpContext.Current.Response.Cookies.Add(validationCookie); }
public override string ToString() { return(String.Format("Redirect based on '{0}' to '{1}'.", RedirectType.ToString().ToLower(), RedirectTarget)); }