public void Should_GetUserAuth()
{
// Arrange
var createdUserAuth = Sut.CreateUserAuth(NewUserAuth, Password);
CreateUserAuthDetails(createdUserAuth, "google");
var authSession = new AuthUserSession();
var tokens = new AuthTokens
{
UserId = createdUserAuth.Id.ToString(),
Provider = "google"
};
// Act
var result = Sut.GetUserAuth(authSession, tokens);
// Assert
result.Should().BeEquivalentTo(NewUserAuth, options => options
.Excluding(m => m.Id)
.Excluding(m => m.PasswordHash)
.Excluding(m => m.DigestHa1Hash)
.Excluding(m => m.CreatedDate)
.Excluding(m => m.ModifiedDate));
}
protected IAuthTokens Init(IServiceBase authService, ref IAuthSession session, Authenticate request)
{
Logger.Debug("SamlAuthProvider::Init:ENTER");
if (this.CallbackUrl.IsNullOrEmpty())
{
this.CallbackUrl = authService.Request.AbsoluteUri;
Logger.Debug("CallbackUrl was null, setting to: {0}".Fmt(this.CallbackUrl));
}
if (session.ReferrerUrl.IsNullOrEmpty() && authService.Request != null && authService.Request.Verb == "POST")
{
session.ReferrerUrl = this.IdpInitiatedRedirect;
}
else {
session.ReferrerUrl = GetReferrerUrl(authService, session, request);
}
Logger.Debug("Session ReferrerUrl Set to: {0}".Fmt(session.ReferrerUrl));
var tokens = session.ProviderOAuthAccess.FirstOrDefault(x => x.Provider == this.Provider);
if (tokens == null)
{
Logger.Debug("Tokens were null, initializing");
session.ProviderOAuthAccess.Add(tokens = new AuthTokens { Provider = this.Provider });
}
Logger.Debug("Tokens contains");
Logger.Debug(tokens.ToJson());
Logger.Debug("SamlAuthProvider::Init:RETURN");
return tokens;
}
static MockAuthHttpGateway()
{
Tokens = new AuthTokens {
UserId = "623501766",
DisplayName = "Demis Bellot",
FirstName = "Demis",
LastName = "Bellot",
Email = "*****@*****.**",
};
}
public void LoadUserAuth_By_Name()
{
// Arrange
var userAuth = Sut.CreateUserAuth(NewUserAuth, Password);
var authSession = new AuthUserSession
{
UserAuthName = userAuth.UserName
};
var tokens = new AuthTokens();
// Act
Sut.LoadUserAuth(authSession, tokens);
// Assert
authSession.UserName.Should().Be(userAuth.UserName);
}
public void LoadUserAuth_By_Token()
{
// Arrange
var userAuth = Sut.CreateUserAuth(NewUserAuth, Password);
CreateUserAuthDetails(userAuth, "google");
var authSession = new AuthUserSession();
var tokens = new AuthTokens
{
UserId = userAuth.Id.ToString(),
Provider = "google"
};
// Act
Sut.LoadUserAuth(authSession, tokens);
// Assert
authSession.UserName.Should().Be(userAuth.UserName);
}
public void CreateOrMergeAuthSession_Update()
{
// Arrange
var userAuth = Sut.CreateUserAuth(NewUserAuth, Password);
var userAuthDetails = CreateUserAuthDetails(userAuth, "google");
var authSession = new AuthUserSession();
var tokens = new AuthTokens
{
UserId = userAuth.Id.ToString(),
Provider = "google",
City = userAuthDetails.City
};
// Act
var result = Sut.CreateOrMergeAuthSession(authSession, tokens);
// Assert
result.Id.Should().BeGreaterThan(0);
result.Id.Should().Be(result.UserAuthId);
result.ModifiedDate.Should().BeAfter(userAuth.ModifiedDate);
result.City.Should().Be(userAuthDetails.City);
}
/// <summary>
/// Sets the CallbackUrl and session.ReferrerUrl if not set and initializes the session tokens for this AuthProvider
/// </summary>
/// <param name="authService"></param>
/// <param name="session"></param>
/// <param name="request"> </param>
/// <returns></returns>
protected IAuthTokens Init(IServiceBase authService, ref IAuthSession session, Authenticate request)
{
if (request != null && !LoginMatchesSession(session, request.UserName))
{
//authService.RemoveSession();
//session = authService.GetSession();
}
var requestUri = authService.Request.AbsoluteUri;
if (this.CallbackUrl.IsNullOrEmpty())
this.CallbackUrl = requestUri;
if (session.ReferrerUrl.IsNullOrEmpty())
session.ReferrerUrl = (request != null ? request.Continue : null)
?? authService.Request.GetHeader("Referer");
if (session.ReferrerUrl.IsNullOrEmpty()
|| session.ReferrerUrl.IndexOf("/auth", StringComparison.OrdinalIgnoreCase) >= 0)
session.ReferrerUrl = this.RedirectUrl
?? HttpHandlerFactory.GetBaseUrl()
?? requestUri.Substring(0, requestUri.IndexOf("/", "https://".Length + 1, StringComparison.Ordinal));
var tokens = session.ProviderOAuthAccess.FirstOrDefault(x => x.Provider == Provider);
if (tokens == null)
session.ProviderOAuthAccess.Add(tokens = new AuthTokens { Provider = Provider });
return tokens;
}
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)
{
var user = authService.Request.GetUser();
var userName = user.GetUserName();
if (!LoginMatchesSession(session, userName))
{
authService.RemoveSession();
session = authService.GetSession();
}
if (IsAuthorized(user))
{
session.IsAuthenticated = true;
if (session.UserAuthName == null)
{
session.UserAuthName = userName;
}
var aspReq = (HttpRequestBase)authService.Request.OriginalRequest;
var loginUser = aspReq.ServerVariables["LOGON_USER"].ToNullIfEmpty();
var remoteUser = aspReq.ServerVariables["REMOTE_USER"].ToNullIfEmpty();
var identityName = aspReq.LogonUserIdentity != null ? aspReq.LogonUserIdentity.Name : null;
session.DisplayName = loginUser
?? remoteUser
?? identityName;
var tokens = new AuthTokens {
Provider = Name,
UserName = userName,
DisplayName = session.DisplayName,
Items = new Dictionary<string, string> {
{"LOGON_USER", loginUser},
{"REMOTE_USER", remoteUser},
{"LogonUserIdentityName", identityName},
}
};
session.ReferrerUrl = GetReferrerUrl(authService, session, request);
var response = OnAuthenticated(authService, session, tokens, new Dictionary<string, string>());
if (session.Roles == null)
session.Roles = new List<string>();
foreach (var role in AllRoles.Safe())
{
if (user.IsInRole(role))
session.Roles.AddIfNotExists(role);
}
this.SaveSession(authService, session, SessionExpiry);
if (response != null)
return response;
return new AuthenticateResponse
{
UserName = userName,
SessionId = session.Id,
DisplayName = session.DisplayName,
ReferrerUrl = request.Continue
};
}
throw HttpError.Unauthorized(ErrorMessages.WindowsAuthFailed);
}
protected IAuthTokens Init(IServiceBase authService, ref IAuthSession session, Authenticate request)
{
var requestUri = authService.Request.AbsoluteUri;
if (this.CallbackUrl.IsNullOrEmpty())
{
this.CallbackUrl = requestUri;
}
if (session.ReferrerUrl.IsNullOrEmpty())
{
session.ReferrerUrl = (request != null ? request.Continue : null) ?? authService.Request.GetHeader("Referer");
}
if (session.ReferrerUrl.IsNullOrEmpty() || session.ReferrerUrl.IndexOf("/auth", StringComparison.OrdinalIgnoreCase) >= 0)
{
session.ReferrerUrl = this.RedirectUrl
?? HttpHandlerFactory.GetBaseUrl()
?? requestUri.Substring(0, requestUri.IndexOf("/", "https://".Length + 1, StringComparison.Ordinal));
}
var tokens = session.GetAuthTokens(this.Provider);
if (tokens == null)
{
session.AddAuthToken(tokens = new AuthTokens { Provider = this.Provider });
}
return tokens;
}
/// <summary>
/// Sets the CallbackUrl and session.ReferrerUrl if not set and initializes the session tokens for this AuthProvider
/// </summary>
/// <param name="authService"></param>
/// <param name="session"></param>
/// <param name="request"> </param>
/// <returns></returns>
protected IAuthTokens Init(IServiceBase authService, ref IAuthSession session, Authenticate request)
{
if (this.CallbackUrl.IsNullOrEmpty())
this.CallbackUrl = authService.Request.AbsoluteUri;
session.ReferrerUrl = GetReferrerUrl(authService, session, request);
var tokens = session.ProviderOAuthAccess.FirstOrDefault(x => x.Provider == Provider);
if (tokens == null)
session.ProviderOAuthAccess.Add(tokens = new AuthTokens { Provider = Provider });
return tokens;
}
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)
{
var user = authService.Request.GetUser();
var userName = user.GetUserName();
if (!LoginMatchesSession(session, userName))
{
authService.RemoveSession();
session = authService.GetSession();
}
if (IsAuthorized(user))
{
session.IsAuthenticated = true;
if (session.UserAuthName == null)
{
session.UserAuthName = userName;
}
var aspReq = (HttpRequestBase)authService.Request.OriginalRequest;
var loginUser = aspReq.ServerVariables["LOGON_USER"].ToNullIfEmpty();
var remoteUser = aspReq.ServerVariables["REMOTE_USER"].ToNullIfEmpty();
var identityName = aspReq.LogonUserIdentity != null ? aspReq.LogonUserIdentity.Name : null;
session.DisplayName = loginUser
?? remoteUser
?? identityName;
var tokens = new AuthTokens {
Provider = Name,
UserName = userName,
DisplayName = session.DisplayName,
Items = new Dictionary <string, string> {
{ "LOGON_USER", loginUser },
{ "REMOTE_USER", remoteUser },
{ "LogonUserIdentityName", identityName },
}
};
session.ReferrerUrl = GetReferrerUrl(authService, session, request);
var response = OnAuthenticated(authService, session, tokens, new Dictionary <string, string>());
if (session.Roles == null)
{
session.Roles = new List <string>();
}
foreach (var role in AllRoles.Safe())
{
if (user.IsInRole(role))
{
session.Roles.AddIfNotExists(role);
}
}
this.SaveSession(authService, session, SessionExpiry);
if (response != null)
{
return(response);
}
return(new AuthenticateResponse
{
UserName = userName,
SessionId = session.Id,
DisplayName = session.DisplayName,
ReferrerUrl = request.Continue
});
}
throw HttpError.Unauthorized(ErrorMessages.WindowsAuthFailed);
}
public void ShouldUseLoginHintWhenUserNameKnown()
{
using (TestAppHost())
{
Subject.ClientId = "c1";
Subject.DomainHint = "domain.hint";
var tokens = new AuthTokens
{
Provider = "aad",
UserName = "******"
};
var session = new AuthUserSession();
session.ProviderOAuthAccess.Add(tokens);
var response = Subject.Authenticate(MockAuthService().Object, session, new Authenticate());
var result = (IHttpResult)response;
var codeRequest = new Uri(result.Headers["Location"]);
var query = PclExportClient.Instance.ParseQueryString(codeRequest.Query);
query["login_hint"].Should().Be(tokens.UserName);
}
}
