Exemplo n.º 1
0
        public async Task AspNetCoreWithLargeInteropCookieContainsIdentity()
        {
            var identity = new ClaimsIdentity("Cookies");

            identity.AddClaim(new Claim(ClaimTypes.Name, new string('a', 1024 * 5)));

            var dataProtection = DataProtectionProvider.Create(new DirectoryInfo("..\\..\\artifacts"));
            var dataProtector  = dataProtection.CreateProtector(
                "Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware", // full name of the ASP.NET Core type
                CookieAuthenticationDefaults.AuthenticationType, "v2");

            var interopServer = TestServer.Create(app =>
            {
                app.Properties["host.AppName"] = "Microsoft.Owin.Security.Tests";

                app.UseCookieAuthentication(new Cookies.CookieAuthenticationOptions
                {
                    TicketDataFormat = new AspNetTicketDataFormat(new DataProtectorShim(dataProtector)),
                    CookieName       = AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.CookiePrefix
                                       + AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.AuthenticationScheme,
                    CookieManager = new ChunkingCookieManager(),
                });

                app.Run(context =>
                {
                    context.Authentication.SignIn(identity);
                    return(Task.FromResult(0));
                });
            });

            var transaction = await SendAsync(interopServer, "http://example.com");

            var builder = new WebHostBuilder()
                          .Configure(app =>
            {
                app.UseCookieAuthentication(new AspNetCore.Builder.CookieAuthenticationOptions
                {
                    DataProtectionProvider = dataProtection
                });
                app.Run(async context =>
                {
                    var result = await context.Authentication.AuthenticateAsync("Cookies");
                    await context.Response.WriteAsync(result.Identity.Name);
                });
            })
                          .ConfigureServices(services => services.AddAuthentication());
            var newServer = new AspNetCore.TestHost.TestServer(builder);

            var request = new HttpRequestMessage(HttpMethod.Get, "http://example.com/login");

            foreach (var cookie in SetCookieHeaderValue.ParseList(transaction.SetCookie))
            {
                request.Headers.Add("Cookie", cookie.Name + "=" + cookie.Value);
            }
            var response = await newServer.CreateClient().SendAsync(request);

            Assert.Equal(1024 * 5, (await response.Content.ReadAsStringAsync()).Length);
        }
Exemplo n.º 2
0
        public async Task AspNetCoreWithInteropCookieContainsIdentity()
        {
            var identity = new ClaimsIdentity("Cookies");
            identity.AddClaim(new Claim(ClaimTypes.Name, "Alice"));

            var dataProtection = DataProtectionProvider.Create(new DirectoryInfo("..\\..\\artifacts"));
            var dataProtector = dataProtection.CreateProtector(
                "Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware", // full name of the ASP.NET Core type
                CookieAuthenticationDefaults.AuthenticationType, "v2");

            var interopServer = TestServer.Create(app =>
            {
                app.Properties["host.AppName"] = "Microsoft.Owin.Security.Tests";

                app.UseCookieAuthentication(new Cookies.CookieAuthenticationOptions
                {
                    TicketDataFormat = new AspNetTicketDataFormat(new DataProtectorShim(dataProtector)),
                    CookieName = AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.CookiePrefix
                        + AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.AuthenticationScheme,
                });

                app.Run(context =>
                {
                    context.Authentication.SignIn(identity);
                    return Task.FromResult(0);
                });
            });

            var transaction = await SendAsync(interopServer, "http://example.com");

            var builder = new WebHostBuilder()
                .Configure(app =>
                {
                    app.UseCookieAuthentication(new AspNetCore.Builder.CookieAuthenticationOptions
                    {
                        DataProtectionProvider = dataProtection
                    });
                    app.Run(async context => 
                    {
                        var result = await context.Authentication.AuthenticateAsync("Cookies");
                        await context.Response.WriteAsync(result.Identity.Name);
                    });
                })
                .ConfigureServices(services => services.AddAuthentication());
            var newServer = new AspNetCore.TestHost.TestServer(builder);

            var request = new HttpRequestMessage(HttpMethod.Get, "http://example.com/login");
            foreach (var cookie in SetCookieHeaderValue.ParseList(transaction.SetCookie))
            {
                request.Headers.Add("Cookie", cookie.Name + "=" + cookie.Value);
            }
            var response = await newServer.CreateClient().SendAsync(request);

            Assert.Equal("Alice", await response.Content.ReadAsStringAsync());
        }
Exemplo n.º 3
0
        private static async Task <string> SendAndGetCookie(AspNetCore.TestHost.TestServer server, string uri)
        {
            var request  = new HttpRequestMessage(HttpMethod.Get, uri);
            var response = await server.CreateClient().SendAsync(request);

            if (response.Headers.Contains("Set-Cookie"))
            {
                return(response.Headers.GetValues("Set-Cookie").ToList().First());
            }
            return(null);
        }
Exemplo n.º 4
0
        private static async Task <IList <string> > SendAndGetCookies(AspNetCore.TestHost.TestServer server, string uri)
        {
            var request  = new HttpRequestMessage(HttpMethod.Get, uri);
            var response = await server.CreateClient().SendAsync(request);

            if (response.Headers.Contains("Set-Cookie"))
            {
                IList <string> cookieHeaders = new List <string>();
                foreach (var cookie in SetCookieHeaderValue.ParseList(response.Headers.GetValues("Set-Cookie").ToList()))
                {
                    cookieHeaders.Add(cookie.Name + "=" + cookie.Value);
                }
                return(cookieHeaders);
            }
            return(null);
        }