Exemplo n.º 1
0
        public void AuthExpiredRequestIdAreClearedFromCache()
        {
            Dictionary <string, string> GenerateAuthParameters()
            {
                return(new Dictionary <string, string>
                {
                    { "awsAccessKeyId", "accessKey" },
                    { "awsSecretKey", "secretKey" },
                    { "requestId", Guid.NewGuid().ToString() },
                    { "issueDate", DateTime.UtcNow.ToString("yyyy-MM-dd'T'HH:mm:ss.fffzzz", DateTimeFormatInfo.InvariantInfo) }
                });
            }

            var request1 = GenerateAuthParameters();

            AwsCredentialsAuthenticationHandler.ValidateAuthParameters(request1);
            Assert.Contains(request1["requestId"], AwsCredentialsAuthenticationHandler.ProcessRequestIds);

            var request2 = GenerateAuthParameters();

            AwsCredentialsAuthenticationHandler.ValidateAuthParameters(request2);
            Assert.Contains(request1["requestId"], AwsCredentialsAuthenticationHandler.ProcessRequestIds);
            Assert.Contains(request2["requestId"], AwsCredentialsAuthenticationHandler.ProcessRequestIds);

            Thread.Sleep(AwsCredentialsAuthenticationHandler.MaxIssueDateDuration.Add(TimeSpan.FromSeconds(3)));

            var request3 = GenerateAuthParameters();

            AwsCredentialsAuthenticationHandler.ValidateAuthParameters(request3);
            Assert.DoesNotContain(request1["requestId"], AwsCredentialsAuthenticationHandler.ProcessRequestIds);
            Assert.DoesNotContain(request2["requestId"], AwsCredentialsAuthenticationHandler.ProcessRequestIds);
            Assert.Contains(request3["requestId"], AwsCredentialsAuthenticationHandler.ProcessRequestIds);
        }
Exemplo n.º 2
0
        public void AuthMissingRequestId()
        {
            var authParameters = new Dictionary <string, string>
            {
                { "awsAccessKeyId", "accessKey" },
                { "awsSecretKey", "secretKey" },
                { "issueDate", DateTime.UtcNow.ToString("yyyy-MM-dd'T'HH:mm:ss.fffzzz", DateTimeFormatInfo.InvariantInfo) }
            };

            var results = AwsCredentialsAuthenticationHandler.ValidateAuthParameters(authParameters);

            Assert.False(results.Succeeded);
            Assert.Equal($"Authorization header missing {AwsCredentialsAuthenticationHandler.ClaimAwsRequestId} property", results.Failure.Message);
        }
Exemplo n.º 3
0
        public void AuthAttemptReplayRequestId()
        {
            var authParameters = new Dictionary <string, string>
            {
                { "awsAccessKeyId", "accessKey" },
                { "awsSecretKey", "secretKey" },
                { "requestId", Guid.NewGuid().ToString() },
                { "issueDate", DateTime.UtcNow.ToString("yyyy-MM-dd'T'HH:mm:ss.fffzzz", DateTimeFormatInfo.InvariantInfo) }
            };

            var results = AwsCredentialsAuthenticationHandler.ValidateAuthParameters(authParameters);

            Assert.Null(results);

            results = AwsCredentialsAuthenticationHandler.ValidateAuthParameters(authParameters);
            Assert.False(results.Succeeded);
            Assert.Equal($"Value for authorization header has already been used", results.Failure.Message);
        }