public void AddMyCoolWebsiteRelyingParty()
{
var acsNamespace = new AcsNamespace(this.namespaceDesc);
acsNamespace.AddRelyingParty(
rp => rp
.Name("MyCoolWebsite")
.RealmAddress("http://mycoolwebsite.com/")
.ReplyAddress("http://mycoolwebsite.com/")
.AllowGoogleIdentityProvider()
.AllowWindowsLiveIdentityProvider());
acsNamespace.SaveChanges();
Assert.IsTrue(AcsHelper.CheckRelyingPartyExists(this.namespaceDesc, "MyCoolWebsite"));
}
public void AddMyCoolWebsiteRelyingPartyWithSwtTokenDetails()
{
var acsNamespace = new AcsNamespace(this.namespaceDesc);
acsNamespace.AddRelyingParty(
rp => rp
.Name("MyCoolWebsite")
.RealmAddress("http://mycoolwebsite.com/")
.ReplyAddress("http://mycoolwebsite.com/")
.AllowGoogleIdentityProvider()
.AllowWindowsLiveIdentityProvider()
.SwtToken()
.TokenLifetime(120)
.SymmetricKey(Convert.FromBase64String("yMryA5VQVmMwrtuiJBfyjMnAJwoT7//fCuM6NwaHjQ1=")));
acsNamespace.SaveChanges();
Assert.IsTrue(AcsHelper.CheckRelyingPartyExists(this.namespaceDesc, "MyCoolWebsite"));
Assert.IsTrue(AcsHelper.CheckRelyingPartyHasKeys(this.namespaceDesc, "MyCoolWebsite", 1));
}
public void AddMyCoolWebsiteRelyingPartyWithSamlTokenDetailsWithX509CertificateFromFile()
{
var encryptionCert = new X509Certificate(Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "testCert.cer"));
var acsNamespace = new AcsNamespace(this.namespaceDesc);
acsNamespace.AddRelyingParty(
rp => rp
.Name("MyCoolWebsite with X509")
.RealmAddress("http://mycoolwebsitewithx509.com/")
.ReplyAddress("http://mycoolwebsitewithx509.com/")
.AllowGoogleIdentityProvider()
.EncryptionCertificate(encryptionCert));
acsNamespace.SaveChanges();
Assert.IsTrue(AcsHelper.CheckRelyingPartyExists(this.namespaceDesc, "MyCoolWebsite with X509"));
Assert.IsTrue(AcsHelper.CheckRelyingPartyHasKeys(this.namespaceDesc, "MyCoolWebsite with X509", 1));
}
public void AddMyCoolWebsiteRelyingPartyWithSamlTokenDetailsWithX509CertificateFromCertificateStore()
{
var acsNamespace = new AcsNamespace(this.namespaceDesc);
acsNamespace.AddRelyingParty(
rp => rp
.Name("MyCoolWebsite with X509")
.RealmAddress("http://mycoolwebsitewithx509.com/")
.ReplyAddress("http://mycoolwebsitewithx509.com/")
.AllowGoogleIdentityProvider()
.EncryptionCertificateIdentifiedBy(thumbprint: "66e0bc68570e30fba6207b1050ac72dc5b48cf47"));
acsNamespace.SaveChanges();
Assert.IsTrue(AcsHelper.CheckRelyingPartyExists(this.namespaceDesc, "MyCoolWebsite with X509"));
Assert.IsTrue(AcsHelper.CheckRelyingPartyHasKeys(this.namespaceDesc, "MyCoolWebsite with X509", 1));
}
public void AddMyCoolWebsiteRelyingPartyWithSamlTokenDetails()
{
var encryptionCert = new X509Certificate(Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "testCert.cer"));
var signingCertBytes = this.ReadBytesFromPfxFile(Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "testCert_xyz.pfx"));
var temp = new X509Certificate2(Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "testCert_xyz.pfx"), "xyz");
var startDate = temp.NotBefore.ToUniversalTime();
var endDate = temp.NotAfter.ToUniversalTime();
var acsNamespace = new AcsNamespace(this.namespaceDesc);
acsNamespace.AddRelyingParty(
rp => rp
.Name("MyCoolWebsite")
.RealmAddress("http://mycoolwebsite.com/")
.ReplyAddress("http://mycoolwebsite.com/")
.AllowGoogleIdentityProvider()
.AllowWindowsLiveIdentityProvider()
.SamlToken()
.TokenLifetime(120)
.SigningCertificate(sc => sc.Bytes(signingCertBytes).Password("xyz").StartDate(startDate).EndDate(endDate))
.EncryptionCertificate(encryptionCert.GetRawCertData()));
acsNamespace.SaveChanges();
Assert.IsTrue(AcsHelper.CheckRelyingPartyExists(this.namespaceDesc, "MyCoolWebsite"));
Assert.IsTrue(AcsHelper.CheckRelyingPartyHasKeys(this.namespaceDesc, "MyCoolWebsite", 2));
}
public void AddMyCoolWebsiteRelyingPartyWithRuleGroupAndRules()
{
var acsNamespace = new AcsNamespace(this.namespaceDesc);
const string MyCoolWebsite = "MyCoolWebsite";
const string RuleGroupForMyCoolWebsiteRelyingParty = "Rule Group for MyCoolWebsite Relying Party";
acsNamespace.AddRelyingParty(
rp => rp
.Name(MyCoolWebsite)
.RealmAddress("http://mycoolwebsite.com/")
.ReplyAddress("http://mycoolwebsite.com/")
.AllowGoogleIdentityProvider()
.AllowYahooIdentityProvider()
.AllowWindowsLiveIdentityProvider()
.RemoveRelatedRuleGroups()
.AddRuleGroup(rg => rg
.Name(RuleGroupForMyCoolWebsiteRelyingParty)
.AddRule(
rule => rule
.Description("Google Passthrough")
.IfInputClaimIssuer().Is("Google")
.AndInputClaimType().IsOfType(ClaimTypes.Email)
.AndInputClaimValue().IsAny()
.ThenOutputClaimType().ShouldBe(ClaimTypes.Name)
.AndOutputClaimValue().ShouldPassthroughFirstInputClaimValue())
.AddRule(
rule => rule
.Description("Yahoo! Passthrough")
.IfInputClaimIssuer().Is("Yahoo!")
.AndInputClaimType().IsAny()
.AndInputClaimValue().IsAny()
.ThenOutputClaimType().ShouldPassthroughFirstInputClaimType()
.AndOutputClaimValue().ShouldPassthroughFirstInputClaimValue())
.AddRule(
rule => rule
.Description("Windows Live ID rule")
.IfInputClaimIssuer().Is("Windows Live ID")
.AndInputClaimType().IsOfType(ClaimTypes.Email)
.AndInputClaimValue().Is("*****@*****.**")
.ThenOutputClaimType().ShouldBe(ClaimTypes.NameIdentifier)
.AndOutputClaimValue().ShouldBe("John Doe"))
.AddRule(
rule => rule
.Description("ACS rule")
.IfInputClaimIssuer().IsAcs()
.AndInputClaimType().IsAny()
.AndInputClaimValue().IsAny()
.ThenOutputClaimType().ShouldPassthroughFirstInputClaimType()
.AndOutputClaimValue().ShouldPassthroughFirstInputClaimValue())));
acsNamespace.SaveChanges();
Assert.IsTrue(AcsHelper.CheckRelyingPartyExists(this.namespaceDesc, MyCoolWebsite));
Assert.IsTrue(AcsHelper.CheckRuleGroupExists(this.namespaceDesc, MyCoolWebsite, RuleGroupForMyCoolWebsiteRelyingParty));
Assert.IsTrue(AcsHelper.CheckRuleGroupHasRules(this.namespaceDesc, MyCoolWebsite, RuleGroupForMyCoolWebsiteRelyingParty, 4));
Assert.IsTrue(AcsHelper.CheckRuleGroupHasRule(this.namespaceDesc, MyCoolWebsite,
RuleGroupForMyCoolWebsiteRelyingParty, "Google Passthrough"));
Assert.IsTrue(AcsHelper.CheckRuleGroupHasRule(this.namespaceDesc, MyCoolWebsite,
RuleGroupForMyCoolWebsiteRelyingParty, "Yahoo! Passthrough"));
Assert.IsTrue(AcsHelper.CheckRuleGroupHasRule(this.namespaceDesc, MyCoolWebsite,
RuleGroupForMyCoolWebsiteRelyingParty, "Windows Live ID rule"));
Assert.IsTrue(AcsHelper.CheckRuleGroupHasRule(this.namespaceDesc, MyCoolWebsite,
RuleGroupForMyCoolWebsiteRelyingParty, "ACS rule"));
}