public void SignRequestVerifyExcludeBodyHeaders(string httpMethod) { // Set up HttpRequestMessage. var method = new HttpMethod(httpMethod); var uriBuilder = new UriBuilder("http://test.com/test/path") { Query = "query1=1&query2=2" }; var message = new HttpRequestMessage(method, uriBuilder.Uri) { Content = new StringContent("Dummy Content") }; var excludeBodyRequestSigner = new DefaultRequestSigner( authProviderMock.Object, SigningStrategy.STANDARD, signerMock.Object); excludeBodyRequestSigner.SignRequest(message); // Validations Assert.True(message.Headers.Contains(Constants.AUTHORIZATION_HEADER)); var headers = GetHeadersList(message.Headers.GetValues(Constants.AUTHORIZATION_HEADER).FirstOrDefault()); logger.Info($"Headers size: {headers.Length}"); AssertEqualHeaders(Constants.REQUIRED_EXCLUDE_BODY_SIGNING_HEADERS, httpMethod.ToLowerInvariant(), headers); }
public void SignRequestVerifyRequiredAndOptionalHeaders(string httpMethod) { // Set up HttpRequestMessage. var method = new HttpMethod(httpMethod); var uriBuilder = new UriBuilder("http://test.com/test/path") { Query = "query1=1&query2=2" }; var message = new HttpRequestMessage(method, uriBuilder.Uri); if (httpMethod.Equals("PUT") || httpMethod.Equals("POST") || httpMethod.Equals("PATCH")) { message.Content = new StringContent("Dummy Content"); } message.Headers.Add("opc-request-id", "2F9BA4A30BB3452397A5BC1BFE447C5D"); message.Headers.Add("accept", Constants.JSON_CONTENT_TYPE); var defaultRequestSigner = new DefaultRequestSigner(authProviderMock.Object, signerMock.Object); defaultRequestSigner.SignRequest(message); // Validations Assert.True(message.Headers.Contains(Constants.AUTHORIZATION_HEADER)); var headers = GetHeadersList(message.Headers.GetValues(Constants.AUTHORIZATION_HEADER).FirstOrDefault()); logger.Info($"Headers size: {headers.Length}"); AssertEqualHeaders(Constants.REQUIRED_SIGNING_HEADERS, httpMethod.ToLowerInvariant(), headers); //verify Constants.OPC_OBO_TOKEN is not included in headers for a non IUserDelegationprovider Assert.False(message.Headers.Contains(Constants.OPC_OBO_TOKEN)); // Add optional headers message.Headers.Add("opc-obo-token", "dummy-obo-token"); message.Headers.Add("x-subscription", "dummy-subscription"); message.Headers.Add("x-cross-tenancy-request", "true"); // remove previously signed AuthHeader message.Headers.Remove(Constants.AUTHORIZATION_HEADER); defaultRequestSigner.SignRequest(message); // Validations Assert.True(message.Headers.Contains(Constants.AUTHORIZATION_HEADER)); headers = GetHeadersList(message.Headers.GetValues(Constants.AUTHORIZATION_HEADER).FirstOrDefault()); AssertEqualHeaders(Constants.OPTIONAL_SIGNING_HEADERS, httpMethod.ToLowerInvariant(), headers); }
public void VerifyOBOHeaderAdditionForDelegationProviders(string httpMethod, int expectedOBOHeaderCount) { // Set up HttpRequestMessage. var method = new HttpMethod(httpMethod); var uriBuilder = new UriBuilder("http://test.com/test/path") { Query = "query1=1&query2=2" }; var message = new HttpRequestMessage(method, uriBuilder.Uri); if (httpMethod.Equals("PUT") || httpMethod.Equals("POST") || httpMethod.Equals("PATCH")) { message.Content = new StringContent("Dummy Content"); } message.Headers.Add("opc-request-id", "2F9BA4A30BB3452397A5BC1BFE447C5D"); message.Headers.Add("accept", Constants.JSON_CONTENT_TYPE); var defaultRequestSigner = new DefaultRequestSigner(GetDelegationProviderMockObject().Object, signerMock.Object); defaultRequestSigner.SignRequest(message); // Validations Assert.True(message.Headers.Contains(Constants.AUTHORIZATION_HEADER)); var headers = GetHeadersList(message.Headers.GetValues(Constants.AUTHORIZATION_HEADER).FirstOrDefault()); logger.Info($"Headers size: {headers.Length}"); AssertEqualHeaders(Constants.REQUIRED_SIGNING_HEADERS, httpMethod.ToLowerInvariant(), headers); // Validations Assert.True(message.Headers.Contains(Constants.AUTHORIZATION_HEADER)); headers = GetHeadersList(message.Headers.GetValues(Constants.AUTHORIZATION_HEADER).FirstOrDefault()); //verifies if obo token is signed Assert.Contains(Constants.OPC_OBO_TOKEN, headers); //verifies only one Constants.OPC_OBO_TOKEN is included in the header Assert.Equal(message.Headers.GetValues(Constants.OPC_OBO_TOKEN).Count(), expectedOBOHeaderCount); //verify value of Constants.OPC_OBO_TOKEN is injected into http headers when provider implements IUserDelegationDetailsProvider. Assert.Equal(OBO_TOKEN, message.Headers.GetValues(Constants.OPC_OBO_TOKEN).First()); }
public static HttpClientHandler FromAuthProvider(IBasicAuthenticationDetailsProvider provider, SigningStrategy signingStrategy) { var requestSigner = new DefaultRequestSigner(provider, signingStrategy); return(FromRequestSigner(requestSigner)); }