public void Test() { var uri = new Uri("http://[email protected]/dir/index.html"); var headerValue = @"Digest username=""Mufasa"", realm=""*****@*****.**"", nonce=""dcd98b7102dd2f0e8b11d0f600bfb0c093"", uri=""/dir/index.html"", qop=auth, nc=00000001, cnonce=""0a4f113b"", response=""6629fae49393a05397450978507c4ef1"", opaque=""5ccc069c403ebaf9f0171e9517f40e41"; var mock = Substitute.For <IAccountStorage>(); mock.Lookup("Mufasa", uri).Returns(new AuthenticationUserStub { Username = "******", Password = "******" }); var realmRepos = Substitute.For <IRealmRepository>(); realmRepos.GetRealm(Arg.Any <IRequest>()).Returns("*****@*****.**"); var auth = new DigestAuthenticator(realmRepos, mock); var request = Substitute.For <IRequest>(); request.Headers["Authorization"].Returns(new HeaderItemStub { Name = "Authorization", Value = headerValue }); request.Uri.Returns(uri); request.Method.Returns("GET"); var user = auth.Authenticate(request); Assert.NotNull(user); }
private void SecretPage(IRequest request, IResponse response) { var repos = new SingleRealmRepository("MyRealm"); var storage = new DummyUserStorage(); var authenticator = new DigestAuthenticator(repos, storage); if (request.Headers["Authorization"] == null) { authenticator.CreateChallenge(request, response); Send(response); return; } var user = authenticator.Authenticate(request); if (user == null) { response.StatusCode = 403; Send(response); return; } response.Body = new MemoryStream(); response.ContentType = "text/plain"; var buffer = Encoding.UTF8.GetBytes(@"Welcome to my secret place"); response.Body.Write(buffer, 0, buffer.Length); response.Body.Position = 0; Send(response); }
public void Authenticate_TrueOnValidMembership() { string ipAddress = "127.0.0.1"; var configuration = CreateNewConfig(); var inspector = new DigestAuthenticator(configuration); //the result of MD5 hashing some well known values (either specified in the header below or similar) string response = "dc950f2d7c24037a6c775bcc9198b6f8"; //939e7578ed9e3c518a452acee763bce9:NjM0Mzc3MjI2OTIwMDA6Yjg3ZWZlODM0Mjc1NThjZGVlZWVkYjRjNTI1MzFjMzM=:00000001:0a4f113b:auth:39aff3a2bab6126f332b942af96d3366 NonceManager.Now = () => DateTime.Parse("4/6/2011 9:38:12 PM", CultureInfo.CurrentCulture); string nonce = NonceManager.Generate(ipAddress, privateHashEncoder); //this should generate very specific nonce "NjM0Mzc3MjI2OTIwMDA6Yjg3ZWZlODM0Mjc1NThjZGVlZWVkYjRjNTI1MzFjMzM=" var headers = new NameValueCollection() { { "Authorization", string.Format(CultureInfo.InvariantCulture, @"Digest username=""Mufasa"",realm=""{0}"", nonce=""{1}"", uri=""/dir/index.html"",qop=auth,nc=00000001,cnonce=""0a4f113b"", response=""{2}"", opaque=""{3}""", configuration.Realm, nonce, response, Opaque.Current()) } }; var result = inspector.Authenticate(CreateNewFakeContext(headers, ipAddress)); NonceManager.Now = () => { return(DateTime.UtcNow); }; Assert.True(result.Success); Assert.Equal(result.Principal.Identity.Name, "Mufasa"); }
public void GetResponse_TestArguments_NonEmptyResult(string qop) { var digestAuthenticator = new DigestAuthenticator(new NetworkCredential("1", "2"), "testRealm", "1234", qop); string response = digestAuthenticator.GetResponse(1, "http://127.0.0.1", "GET", Array.Empty <byte>()); Assert.IsNotNull(response); Assert.IsTrue(response.Length != 0); }
public void AttemptsDigestAuth(bool isAuthenticated, int expected) { //Arrange var controller = new DnnControllerHelper(); var mockAuthenticator = new Mock <AuthenticatorBase>(); DigestAuthenticator.SetTestableInstance(mockAuthenticator.Object); BasicAuthenticator.SetTestableInstance(new Mock <AuthenticatorBase>().Object); _mockHttpContext.Setup(x => x.Request.IsAuthenticated).Returns(isAuthenticated); //Act controller.PublicAuthenticate(_httpContext, 0); //Assert mockAuthenticator.Verify(x => x.TryToAuthenticate(_httpContext, 0), Times.Exactly(expected)); }
public void Authenticate_FalseOnMismatchedRealm() { string ipAddress = "127.0.0.1"; string nonce = NonceManager.Generate(ipAddress, privateHashEncoder); var inspector = new DigestAuthenticator(CreateNewConfig()); var headers = new NameValueCollection() { { "Authorization", string.Format(CultureInfo.InvariantCulture, @"Digest username=""Mufasa"",realm=""*****@*****.**"", nonce=""{0}"", uri=""/dir/index.html"",qop=auth,nc=00000001,cnonce=""0a4f113b"", response=""6629fae49393a05397450978507c4ef1"", opaque=""5ccc069c403ebaf9f0171e9517f40e41""", nonce) } }; var result = inspector.Authenticate(CreateNewFakeContext(headers, ipAddress)); //TODO: validate that we have a GenericPrincipal / GenericIdentity Assert.False(result.Success); }
public void Authenticate_ThrowsOnNullContext() { var inspector = new DigestAuthenticator(CreateNewConfig()); Assert.Throws <ArgumentNullException>(() => inspector.Authenticate(null)); }