public RequestSignatureVerificationResultFailure(
     Client client,
     Signature signature,
     SignatureVerificationFailure failure) : base(client, signature)
 {
     Failure = failure ?? throw new ArgumentNullException(nameof(failure));
 }
예제 #2
0
            public async Task WhenVerificationFails_ReturnsFailureResult()
            {
                var client = new Client(
                    _request.Signature.KeyId,
                    "Unit test app",
                    new HMACSignatureAlgorithm("s3cr3t", HashAlgorithmName.SHA256),
                    TimeSpan.FromMinutes(1),
                    TimeSpan.FromMinutes(1),
                    RequestTargetEscaping.RFC3986);

                A.CallTo(() => _clientStore.Get(_request.Signature.KeyId))
                .Returns(client);

                var verificationResultCreator = A.Fake <IVerificationResultCreator>();

                A.CallTo(() => _verificationResultCreatorFactory.Create(client, _request))
                .Returns(verificationResultCreator);

                var failure = SignatureVerificationFailure.SignatureExpired("Invalid signature.");

                A.CallTo(() => _signatureVerifier.VerifySignature(A <HttpRequestForVerification> ._, A <Client> ._))
                .Returns(failure);

                A.CallTo(() => verificationResultCreator.CreateForFailure(failure))
                .Returns(new RequestSignatureVerificationResultFailure(client, _request, failure));

                var actual = await _sut.VerifySignature(_request);

                actual.Should().BeAssignableTo <RequestSignatureVerificationResultFailure>();
                actual.As <RequestSignatureVerificationResultFailure>().IsSuccess.Should().BeFalse();
                actual.As <RequestSignatureVerificationResultFailure>().Failure.Should().Be(failure);
            }
 public RequestSignatureVerificationResult CreateForFailure(SignatureVerificationFailure failure)
 {
     if (failure == null)
     {
         throw new ArgumentNullException(nameof(failure));
     }
     return(new RequestSignatureVerificationResultFailure(_client, _requestForVerification, failure));
 }
예제 #4
0
        public async Task <RequestSignatureVerificationResult> VerifySignature(HttpRequestForVerification request)
        {
            if (request == null)
            {
                throw new ArgumentNullException(nameof(request));
            }

            if (request.Signature == null)
            {
                var failure = SignatureVerificationFailure.InvalidSignature("The signature is missing from the request.");
                _logger?.LogWarning("Request signature verification failed ({0}): {1}", failure.Code, failure.Message);
                return(new RequestSignatureVerificationResultFailure(client: null, request, failure));
            }

            var firstValidationError = request.Signature.GetValidationErrors().FirstOrDefault();

            if (firstValidationError != default)
            {
                var failure = SignatureVerificationFailure.InvalidSignature($"The signature is invalid: {firstValidationError.Message}");
                _logger?.LogWarning("Request signature verification failed ({0}): {1}", failure.Code, failure.Message);
                return(new RequestSignatureVerificationResultFailure(client: null, request, failure));
            }

            var client = await _clientStore.Get(request.Signature.KeyId).ConfigureAwait(continueOnCapturedContext: false);

            if (client == null)
            {
                var failure = SignatureVerificationFailure.InvalidClient($"No {nameof(Client)}s with id '{request.Signature.KeyId}' are registered in the server store.");
                _logger?.LogWarning("Request signature verification failed ({0}): {1}", failure.Code, failure.Message);
                return(new RequestSignatureVerificationResultFailure(client: null, request, failure));
            }

            var verificationFailure = await _signatureVerifier.VerifySignature(request, client).ConfigureAwait(continueOnCapturedContext: false);

            var verificationResultCreator = _verificationResultCreatorFactory.Create(client, request);
            var result = verificationFailure == null
                ? verificationResultCreator.CreateForSuccess()
                : verificationResultCreator.CreateForFailure(verificationFailure);

            if (result is RequestSignatureVerificationResultSuccess success)
            {
                _logger?.LogDebug($"Request signature verification succeeded for principal {success.Principal?.Identity?.Name ?? "[null]"}.");
            }
            else if (result is RequestSignatureVerificationResultFailure failure)
            {
                _logger?.LogWarning("Request signature verification failed ({0}): {1}", failure.Failure.Code, failure.Failure.Message);
            }

            return(result);
        }
            public async Task WhenAVerificationTaskFails_ReturnsFirstFailure_DoesNotRunSubsequentTasks()
            {
                var firstFailure = SignatureVerificationFailure.HeaderMissing("Invalid");

                A.CallTo(() => _matchingAlgorithmVerificationTask.Verify(_signedRequest, _sanitizedSignature, _client))
                .Returns(firstFailure);

                var secondFailure = SignatureVerificationFailure.SignatureExpired("Invalid");

                A.CallTo(() => _createdHeaderGuardVerificationTask.Verify(_signedRequest, _sanitizedSignature, _client))
                .Returns(secondFailure);

                var actual = await _sut.VerifySignature(_signedRequest, _signature, _client);

                actual.Should().Be(firstFailure);
            }
예제 #6
0
 public RequestSignatureVerificationResultFailureTests()
 {
     _request = new HttpRequestForVerification {
         Method     = HttpMethod.Post,
         RequestUri = "https://unittest.com:9000".ToUri(),
         Signature  = (Signature)TestModels.Signature.Clone()
     };
     _client = new Client(
         _request.Signature.KeyId,
         "Unit test app",
         new HMACSignatureAlgorithm("s3cr3t", HashAlgorithmName.SHA256),
         TimeSpan.FromMinutes(1),
         TimeSpan.FromMinutes(1),
         RequestTargetEscaping.RFC3986);
     _failure = new InvalidSignatureStringSignatureVerificationFailure(
         "The verification failed",
         new InvalidOperationException("Epic fail"));
     _sut = new RequestSignatureVerificationResultFailure(_client, _request, _failure);
 }
예제 #7
0
 public CreateForFailure()
 {
     _failure = SignatureVerificationFailure.HeaderMissing("You didn't say the magic word.");
 }