public void IsValidRequestTest()
{
MemoryCachingService cachingService = new MemoryCachingService(TimeSpan.FromMinutes(5));
IsValidRequestOverride service = GetService((l, a, c) => new IsValidRequestOverride(l, a, c), cachingService);
const string badAppId = "badappId";
const string resource = "/test";
const string method = "GET";
const string content = "some content";
Tuple <bool, HmacIsValidRequestResult> result = service.CheckValidRequest(null, null, null, null, null, null, null);
Assert.False(result.Item1);
Assert.Equal(HmacIsValidRequestResult.NoValidResouce, result.Item2);
result = service.CheckValidRequest(null, resource, null, badAppId, null, null, null);
Assert.False(result.Item1);
Assert.Equal(HmacIsValidRequestResult.UnableToFindAppId, result.Item2);
result = service.CheckValidRequest(null, resource, null, _appId, null, null, null);
Assert.False(result.Item1);
Assert.Equal(HmacIsValidRequestResult.ReplayRequest, result.Item2);
result = service.CheckValidRequest(null, resource, null, _appId, null, "a nonce", null);
Assert.False(result.Item1);
Assert.Equal(HmacIsValidRequestResult.ReplayRequest, result.Item2);
ulong badCurrentTime = DateTime.UtcNow.AddMinutes(-30).UnixTimeStamp();
result = service.CheckValidRequest(null, resource, null, _appId, null, "a nonce", badCurrentTime.ToString());
Assert.False(result.Item1);
Assert.Equal(HmacIsValidRequestResult.ReplayRequest, result.Item2);
ulong goodCurrentTime = DateTime.UtcNow.UnixTimeStamp();
cachingService.Cache("a nonce", "a nonce");
result = service.CheckValidRequest(null, resource, null, _appId, null, "a nonce", goodCurrentTime.ToString());
Assert.False(result.Item1);
Assert.Equal(HmacIsValidRequestResult.ReplayRequest, result.Item2);
HmacSignatureGenerator signatureGenerator = new HmacSignatureGenerator(CustomHeaderScheme);
string fullSignature = signatureGenerator.GenerateFullHmacSignature(resource, method, _appId, _secretKey, content);
string[] signatureParts = service.GetHeaderValues(fullSignature.Split(" ")[1]);
result = service.CheckValidRequest(content.ToStream(), resource, method, signatureParts[0], signatureParts[1], signatureParts[2], signatureParts[3]);
Assert.True(result.Item1);
Assert.Equal(HmacIsValidRequestResult.NoError, result.Item2);
fullSignature = signatureGenerator.GenerateFullHmacSignature(resource, method, _appId, _secretKey, content);
signatureParts = service.GetHeaderValues(fullSignature.Split(" ")[1]);
result = service.CheckValidRequest(content.ToStream(), resource, method, signatureParts[0], _secretKey, signatureParts[2], signatureParts[3]);
Assert.False(result.Item1);
Assert.Equal(HmacIsValidRequestResult.SignaturesMismatch, result.Item2);
}
public void ContentlessHeaderTest()
{
string requestedResource = "/stuff?param=4&fun=2";
string method = "PoSt";
string appId = "dfjksdfsdfjlsdfkjldfsej";
string secretKey = "GVsVLyUq3U2+7bOdkdCTBemtSM8So98G+5EzunOJEcw=";
string customNameSpace = "sds";
string base64Content = null;
string encodedRequestUri = "%2fstuff%3fparam%3d4%26fun%3d2";
string nonce = Guid.NewGuid().ToString("N");
DateTime requestTime = DateTime.UtcNow;
HmacSignatureGenerator generator = new HmacSignatureGenerator(customNameSpace);
string fullHeader = GenerateFullHmacSignature(nonce, customNameSpace, requestTime, base64Content, encodedRequestUri, method, appId, secretKey);
Assert.NotEmpty(fullHeader);
Assert.Equal(fullHeader, generator.GenerateFullHmacSignature(requestedResource, method, appId, secretKey, null, nonce, requestTime));
}
public void DoAuthorizationTest()
{
MemoryCachingService cachingService = new MemoryCachingService(TimeSpan.FromMinutes(5));
AuthenticationService service = GetService((l, a, c) => new AuthenticationService(l, a, c), cachingService);
const string resource = "/test";
const string method = "GET";
const string content = "some content";
HmacSignatureGenerator signatureGenerator = new HmacSignatureGenerator(CustomHeaderScheme);
string fullSignature = signatureGenerator.GenerateFullHmacSignature(resource, method, _appId, _secretKey, content);
string hmacAuthenticationValue = CustomHeaderScheme + " " + null;
Tuple <bool, IEnumerable <HmacIsValidRequestResult>, GenericPrincipal> result = service.DoAuthorization(null, null, null, null, true);
Assert.Null(result);
result = service.DoAuthorization(null, null, null, null, true);
Assert.Null(result);
result = service.DoAuthorization(null, null, null, null, false);
Assert.NotNull(result);
Assert.False(result.Item1);
Assert.Equal(3, result.Item2.Count());
Assert.Contains(HmacIsValidRequestResult.NoHmacHeader, result.Item2);
Assert.Contains(HmacIsValidRequestResult.NotEnoughHeaderParts, result.Item2);
Assert.Contains(HmacIsValidRequestResult.BadNamespace, result.Item2);
Assert.Null(result.Item3);
hmacAuthenticationValue = "qqq 1:2:3:4";
result = service.DoAuthorization(hmacAuthenticationValue, null, null, null, false);
Assert.NotNull(result);
Assert.False(result.Item1);
Assert.Single(result.Item2);
Assert.Equal(HmacIsValidRequestResult.BadNamespace, result.Item2.Single());
Assert.Null(result.Item3);
hmacAuthenticationValue = "sds";
result = service.DoAuthorization(hmacAuthenticationValue, null, null, null, false);
Assert.NotNull(result);
Assert.False(result.Item1);
Assert.Single(result.Item2);
Assert.Equal(HmacIsValidRequestResult.NotEnoughHeaderParts, result.Item2.Single());
Assert.Null(result.Item3);
hmacAuthenticationValue = "1:2:3:4";
result = service.DoAuthorization(hmacAuthenticationValue, null, null, null, false);
Assert.NotNull(result);
Assert.False(result.Item1);
Assert.Equal(2, result.Item2.Count());
Assert.Contains(HmacIsValidRequestResult.BadNamespace, result.Item2);
Assert.Contains(HmacIsValidRequestResult.NotEnoughHeaderParts, result.Item2);
Assert.Null(result.Item3);
hmacAuthenticationValue = "sds 1:2:3";
result = service.DoAuthorization(hmacAuthenticationValue, null, null, null, false);
Assert.NotNull(result);
Assert.False(result.Item1);
Assert.Single(result.Item2);
Assert.Equal(HmacIsValidRequestResult.NotEnoughHeaderValueItems, result.Item2.Single());
Assert.Null(result.Item3);
hmacAuthenticationValue = "sds 1:2:3:4";
result = service.DoAuthorization(hmacAuthenticationValue, null, null, null, false);
Assert.NotNull(result);
Assert.False(result.Item1);
Assert.Single(result.Item2);
Assert.Equal(HmacIsValidRequestResult.NoValidResouce, result.Item2.Single());
Assert.Null(result.Item3);
hmacAuthenticationValue = fullSignature;
result = service.DoAuthorization(hmacAuthenticationValue, content.ToStream(), resource, method, false);
Assert.NotNull(result);
Assert.True(result.Item1);
Assert.Single(result.Item2);
Assert.Equal(HmacIsValidRequestResult.NoError, result.Item2.Single());
Assert.NotNull(result.Item3);
Assert.Equal(_appId, result.Item3.Identity.Name);
}
