public bool Connect(string url, string userName, out string errorMessage, out bool invalidUserName) { errorMessage = ""; invalidUserName = false; this.userName = userName; if (wsClient == null) { wsClient = WebServiceUtils.CreateServiceClient(url); subscribeChannelEvents(); try { // the API call forces the channel open and also validates the user token string text = "PING!"; if (wsClient.Echo(accessToken(), text) != text) { errorMessage = "Echo test failed. Reflected text did not match original."; return(false); } } catch (Exception ex) { InvalidUserException iuex = TranslateException(ex) as InvalidUserException; if (iuex != null) { // echo failed because of invalid user invalidUserName = true; errorMessage = iuex.Message; return(false); } else { // echo failed for some other reason errorMessage = string.Format("Connect Failed\r\n{0}\r\n{1}", ex.Message, ex.StackTrace); return(false); } } } return(true); }
public static bool TestAccessTokenEnforcement(string serviceURL, string cachePath, string validUserName, string invalidUserName, bool isValidUser, out string errorMessage) { errorMessage = null; CFIClient client = new CFIClient(); client.Initialize(cachePath); // we use the valid user name only for the channel connection bool userNameWasInvalid; if (client.Connect(serviceURL, validUserName, false, out errorMessage, out userNameWasInvalid) == false) { return(false); } client.DebugSetUserName(invalidUserName); MethodInfo[] methods = typeof(JobInspectionClient).GetMethods(BindingFlags.Instance | BindingFlags.Public); foreach (MethodInfo method in methods) { if (method.DeclaringType.Namespace == "CFI.Client.JobInspectionService") { try { List <object> arguments = new List <object>(); int i = 0; foreach (ParameterInfo parameter in method.GetParameters()) { if (i == 0) { if (isValidUser == true) { // the wrapper API would generate a token this way arguments.Add(SecurityUtils.CreateAccessToken(validUserName)); } else { // a rogue user or someone using the app without knowing a proper username would generate an invalid token // (that's the idea anyway...). So we just tokenize a bogus 'guessed' username for this test arguments.Add(SecurityUtils.CreateAccessToken(invalidUserName)); } } else { if (parameter.ParameterType.IsClass) { arguments.Add(null); } else if (isNumericType(parameter.ParameterType) == true) { arguments.Add(0); } else if (parameter.ParameterType.Name == "Boolean") { arguments.Add(false); } else { errorMessage = "Unhandled parameter type in unit test code. Need to add this type to the handler."; return(false); } } i++; } method.Invoke(client.WebServiceAPI.ServiceClient, arguments.ToArray()); } catch (Exception ex) { InvalidUserException iuex = WebServiceAPIWrapper.TranslateException(ex) as InvalidUserException; if (iuex != null) { // we expect this exception sometimes so check to see if this is one of those times if (isValidUser == true) { // we said it was an valid user so this is NOT expected errorMessage = string.Format("unexpected access token exception in test method '{0}.'\r\n{1}", method.Name, iuex.Message); return(false); } else { // we said it was an invalid user so this IS expected return(true); } } else { errorMessage = string.Format("unexpected exception in test method '{0}'\r\n{1}\r\n{2}", method.Name, ex.Message, ex.StackTrace); return(false); } } } } return(true); }