public void AuthServicesController_SignOut()
        {
            using (ShimsContext.Create())
            {
                var substituteSessionAuthModule = Substitute.For <SessionAuthenticationModule>();

                System.IdentityModel.Services.Fakes.ShimFederatedAuthentication.SessionAuthenticationModuleGet =
                    () => substituteSessionAuthModule;

                var substituteRequestContext = Substitute.For <RequestContext>();
                substituteRequestContext.HttpContext = Substitute.For <HttpContextBase>();
                substituteRequestContext.HttpContext.Request.Returns(Substitute.For <HttpRequestBase>());
                substituteRequestContext.HttpContext.Request.ApplicationPath.Returns("/path");

                var subject = new AuthServicesController()
                {
                    Url = new UrlHelper(substituteRequestContext)
                }.SignOut();

                subject.Should().BeOfType <RedirectResult>().And
                .Subject.As <RedirectResult>().Url.Should().Be("/path/");

                substituteSessionAuthModule.Received().SignOut();
            }
        }
        public void AuthServicesController_SignIn_Returns_SignIn()
        {
            var subject = new AuthServicesController().SignIn();

            subject.Should().BeOfType <RedirectResult>().And
            .Subject.As <RedirectResult>().Url
            .Should().Contain("?SAMLRequest");
        }
        public void AuthServicesController_Acs_Works()
        {
            var request = Substitute.For <HttpRequestBase>();

            request.HttpMethod.Returns("POST");

            var response =
                @"<saml2p:Response xmlns:saml2p=""urn:oasis:names:tc:SAML:2.0:protocol""
                xmlns:saml2=""urn:oasis:names:tc:SAML:2.0:assertion""
                ID = ""AuthServicesController_Acs_Should_SetIdentity"" Version=""2.0"" IssueInstant=""2013-01-01T00:00:00Z"">
                <saml2:Issuer>
                    https://idp.example.com
                </saml2:Issuer>
                <saml2p:Status>
                    <saml2p:StatusCode Value=""urn:oasis:names:tc:SAML:2.0:status:Success"" />
                </saml2p:Status>
                <saml2:Assertion
                Version=""2.0"" ID=""AuthServicesController_Acs_Should_SetIdentity_Assertion1""
                IssueInstant=""2013-09-25T00:00:00Z"">
                    <saml2:Issuer>https://idp.example.com</saml2:Issuer>
                    <saml2:Subject>
                        <saml2:NameID>SomeUser</saml2:NameID>
                        <saml2:SubjectConfirmation Method=""urn:oasis:names:tc:SAML:2.0:cm:bearer"" />
                    </saml2:Subject>
                    <saml2:Conditions NotOnOrAfter=""2100-01-01T00:00:00Z"" />
                </saml2:Assertion>
            </saml2p:Response>";

            var formValue = Convert.ToBase64String(Encoding.UTF8.GetBytes(
                                                       SignedXmlHelper.SignXml(response)));

            request.Form.Returns(new NameValueCollection()
            {
                { "SAMLResponse", formValue }
            });

            var httpContext = Substitute.For <HttpContextBase>();

            httpContext.Request.Returns(request);

            var ids = new ClaimsIdentity[]
            { new ClaimsIdentity("Federation"), new ClaimsIdentity("ClaimsAuthenticationManager") };

            ids[0].AddClaim(new Claim(ClaimTypes.NameIdentifier, "SomeUser", null, "https://idp.example.com"));
            ids[1].AddClaim(new Claim(ClaimTypes.Role, "RoleFromClaimsAuthManager", null, "ClaimsAuthenticationManagerMock"));

            var controller = new AuthServicesController();

            controller.ControllerContext = new ControllerContext(httpContext, new RouteData(), controller);

            var expected = new { Permanent = false, Url = "http://localhost/LoggedIn" };

            controller.Acs().As <RedirectResult>().ShouldBeEquivalentTo(expected);
        }
Exemplo n.º 4
0
        public void AuthServicesController_Acs_Throws_On_CommandResultHandled()
        {
            var request = Substitute.For <HttpRequestBase>();

            request.HttpMethod.Returns("POST");

            var response =
                @"<saml2p:Response xmlns:saml2p=""urn:oasis:names:tc:SAML:2.0:protocol""
                xmlns:saml2=""urn:oasis:names:tc:SAML:2.0:assertion""
                ID = """ + MethodBase.GetCurrentMethod().Name + @""" Version=""2.0"" IssueInstant=""2013-01-01T00:00:00Z"">
                <saml2:Issuer>
                    https://idp.example.com
                </saml2:Issuer>
                <saml2p:Status>
                    <saml2p:StatusCode Value=""urn:oasis:names:tc:SAML:2.0:status:Success"" />
                </saml2p:Status>
                <saml2:Assertion
                Version=""2.0"" ID=""" + MethodBase.GetCurrentMethod().Name + @"_Assertion1""
                IssueInstant=""2013-09-25T00:00:00Z"">
                    <saml2:Issuer>https://idp.example.com</saml2:Issuer>
                    <saml2:Subject>
                        <saml2:NameID>SomeUser</saml2:NameID>
                        <saml2:SubjectConfirmation Method=""urn:oasis:names:tc:SAML:2.0:cm:bearer"" />
                    </saml2:Subject>
                    <saml2:Conditions NotOnOrAfter=""2100-01-01T00:00:00Z"" />
                </saml2:Assertion>
            </saml2p:Response>";

            var formValue = Convert.ToBase64String(Encoding.UTF8.GetBytes(
                                                       SignedXmlHelper.SignXml(response)));

            request.Form.Returns(new NameValueCollection()
            {
                { "SAMLResponse", formValue }
            });
            request.Url.Returns(new Uri("http://url.example.com/url"));

            var httpContext = Substitute.For <HttpContextBase>();

            httpContext.Request.Returns(request);

            var subject = new AuthServicesController();

            subject.ControllerContext = new ControllerContext(httpContext, new RouteData(), subject);

            AuthServicesController.Options.Notifications.AcsCommandResultCreated = (cr, r) =>
            {
                cr.HandledResult = true;
            };

            subject.Invoking(s => s.Acs())
            .ShouldThrow <NotSupportedException>();
        }
Exemplo n.º 5
0
        public void AuthServicesController_Acs_Works()
        {
            var request = Substitute.For <HttpRequestBase>();

            request.HttpMethod.Returns("POST");

            var response =
                @"<saml2p:Response xmlns:saml2p=""urn:oasis:names:tc:SAML:2.0:protocol""
                xmlns:saml2=""urn:oasis:names:tc:SAML:2.0:assertion""
                ID = """ + MethodBase.GetCurrentMethod().Name + @""" Version=""2.0"" IssueInstant=""2013-01-01T00:00:00Z"">
                <saml2:Issuer>
                    https://idp.example.com
                </saml2:Issuer>
                <saml2p:Status>
                    <saml2p:StatusCode Value=""urn:oasis:names:tc:SAML:2.0:status:Success"" />
                </saml2p:Status>
                <saml2:Assertion
                Version=""2.0"" ID=""" + MethodBase.GetCurrentMethod().Name + @"_Assertion1""
                IssueInstant=""2013-09-25T00:00:00Z"">
                    <saml2:Issuer>https://idp.example.com</saml2:Issuer>
                    <saml2:Subject>
                        <saml2:NameID>SomeUser</saml2:NameID>
                        <saml2:SubjectConfirmation Method=""urn:oasis:names:tc:SAML:2.0:cm:bearer"" />
                    </saml2:Subject>
                    <saml2:Conditions NotOnOrAfter=""2100-01-01T00:00:00Z"" />
                </saml2:Assertion>
            </saml2p:Response>";

            var formValue = Convert.ToBase64String(Encoding.UTF8.GetBytes(
                                                       SignedXmlHelper.SignXml(response)));

            request.Form.Returns(new NameValueCollection()
            {
                { "SAMLResponse", formValue }
            });
            request.Url.Returns(new Uri("http://url.example.com/url"));

            var httpContext = Substitute.For <HttpContextBase>();

            httpContext.Request.Returns(request);

            var controller = new AuthServicesController();

            controller.ControllerContext = new ControllerContext(httpContext, new RouteData(), controller);

            var expected = new { Permanent = false, Url = "http://localhost/LoggedIn" };

            controller.Acs().As <RedirectResult>().ShouldBeEquivalentTo(expected);
        }
Exemplo n.º 6
0
        public void AuthServicesController_Acs_Works()
        {
            var request = Substitute.For <HttpRequestBase>();

            request.HttpMethod.Returns("POST");

            var response =
                @"<saml2p:Response xmlns:saml2p=""urn:oasis:names:tc:SAML:2.0:protocol""
                xmlns:saml2=""urn:oasis:names:tc:SAML:2.0:assertion""
                ID = """ + MethodBase.GetCurrentMethod().Name + @""" Version=""2.0"" IssueInstant=""2013-01-01T00:00:00Z""
                InResponseTo=""InResponseToId"">
                <saml2:Issuer>
                    https://idp.example.com
                </saml2:Issuer>
                <saml2p:Status>
                    <saml2p:StatusCode Value=""urn:oasis:names:tc:SAML:2.0:status:Success"" />
                </saml2p:Status>
                <saml2:Assertion
                Version=""2.0"" ID=""" + MethodBase.GetCurrentMethod().Name + @"_Assertion1""
                IssueInstant=""2013-09-25T00:00:00Z"">
                    <saml2:Issuer>https://idp.example.com</saml2:Issuer>
                    <saml2:Subject>
                        <saml2:NameID>SomeUser</saml2:NameID>
                        <saml2:SubjectConfirmation Method=""urn:oasis:names:tc:SAML:2.0:cm:bearer"" />
                    </saml2:Subject>
                    <saml2:Conditions NotOnOrAfter=""2100-01-01T00:00:00Z"" />
                </saml2:Assertion>
            </saml2p:Response>";

            var formValue = Convert.ToBase64String(Encoding.UTF8.GetBytes(
                                                       SignedXmlHelper.SignXml(response)));

            var relayState = "rs1234";

            request.Form.Returns(new NameValueCollection()
            {
                { "SAMLResponse", formValue },
                { "RelayState", relayState }
            });
            request.Url.Returns(new Uri("http://url.example.com/url"));
            request.Cookies.Returns(new HttpCookieCollection());
            request.Cookies.Add(new HttpCookie("Kentor." + relayState,
                                               HttpRequestData.ConvertBinaryData(
                                                   MachineKey.Protect(
                                                       new StoredRequestState(null, null, new Saml2Id("InResponseToId"), null).Serialize(),
                                                       HttpRequestBaseExtensions.ProtectionPurpose))));

            var httpContext = Substitute.For <HttpContextBase>();

            httpContext.Request.Returns(request);

            var controller = new AuthServicesController();

            controller.ControllerContext = new ControllerContext(httpContext, new RouteData(), controller);

            var expected = new
            {
                Permanent = false,
                Url       = AuthServicesController.Options.SPOptions.ReturnUrl.OriginalString
            };

            controller.Acs().As <RedirectResult>().ShouldBeEquivalentTo(expected);

            controller.Response.Received().SetCookie(
                Arg.Is <HttpCookie>(c => c.Expires.Year == 1970));
        }