private void AddCookieToHttpContext(MockHttpContextCookies mock, IDataProtectionProvider eProvider, bool keepOwnPermissions = false)
{
var data = new ImpersonationData("differentUserId", "*****@*****.**", keepOwnPermissions);
mock.RequestCookies["UserImpersonation"] =
eProvider.CreateProtector(_cookieEncryptPurpose).Protect(data.GetPackImpersonationData());
}
public void ReadNonExistentCookie()
{
//SETUP
var mocks = new MockHttpContextCookies();
var eProvider = new EphemeralDataProtectionProvider();
var cookie = new ImpersonationCookie(mocks.MockContext, eProvider);
//ATTEMPT
var data = cookie.GetCookieInValue();
//VERIFY
data.ShouldBeNull();
}
public void ReadEncryptedCookie()
{
//SETUP
var mocks = new MockHttpContextCookies();
var eProvider = new EphemeralDataProtectionProvider();
var cookie = new ImpersonationCookie(mocks.MockContext, eProvider);
//ATTEMPT
mocks.RequestCookies["UserImpersonation"] = eProvider.CreateProtector(cookie.EncryptPurpose).Protect("Hello world");
var data = cookie.GetCookieInValue();
//VERIFY
data.ShouldEqual("Hello world");
}
public void TestCookieDelete()
{
//SETUP
var mocks = new MockHttpContextCookies();
var cookie = new ImpersonationCookie(mocks.MockContext, null);
mocks.ResponseCookies["Set-Cookie"] = "Some data";
//ATTEMPT
cookie.Delete();
//VERIFY
mocks.ResponseCookies["Set-Cookie"][1].ShouldEndWith("expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; samesite=lax; httponly");
}
public void TestCookieExists()
{
//SETUP
var mocks = new MockHttpContextCookies();
var eProvider = new EphemeralDataProtectionProvider();
var cookie = new ImpersonationCookie(mocks.MockContext, eProvider);
cookie.AddUpdateCookie("Hello world");
mocks.RequestCookies["UserImpersonation"] = "???";
//ATTEMPT
//VERIFY
cookie.Exists(mocks.MockContext.Request.Cookies).ShouldBeTrue();
}
public void AddEncryptedCookie()
{
//SETUP
var mocks = new MockHttpContextCookies();
var eProvider = new EphemeralDataProtectionProvider();
//ATTEMPT
var cookie = new ImpersonationCookie(mocks.MockContext, eProvider);
cookie.AddUpdateCookie("Hello world");
//VERIFY
mocks.ResponseCookies.Count.ShouldEqual(1);
mocks.ResponseCookies["Set-Cookie"].ShouldNotBeNull();
mocks.ResponseCookies["Set-Cookie"][0].ShouldStartWith("UserImpersonation=");
}
public void ReadEncryptedCookieBadDeletesCookie()
{
//SETUP
var mocks = new MockHttpContextCookies();
var eProvider = new EphemeralDataProtectionProvider();
var cookie = new ImpersonationCookie(mocks.MockContext, eProvider);
//ATTEMPT
mocks.RequestCookies["UserImpersonation"] = "???";
var ex = Assert.Throws <CryptographicException>(() =>
cookie.GetCookieInValue());
//VERIFY
ex.Message.ShouldStartWith("An error occurred during a cryptographic operation.");
mocks.ResponseCookies["Set-Cookie"].ShouldNotBeNull();
mocks.ResponseCookies["Set-Cookie"][0].ShouldEndWith("expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; samesite=lax; httponly");
}
public void TestHandlerNoCookieNoClaim()
{
//SETUP
var mocks = new MockHttpContextCookies();
var eProvider = new EphemeralDataProtectionProvider();
var claims = new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, "userid")
};
//ATTEMPT
var handler = new ImpersonationHandler(mocks.MockContext, eProvider, claims);
//VERIFY
handler.ImpersonationChange.ShouldBeFalse();
handler.GetUserIdForWorkingOutPermissions().ShouldEqual("userid");
handler.GetUserIdForWorkingDataKey().ShouldEqual("userid");
handler.AddOrRemoveImpersonationClaim(claims);
claims.Count.ShouldEqual(1);
}
public void TestHandlerStartingKeepOwnPermissions()
{
//SETUP
var mocks = new MockHttpContextCookies();
var eProvider = new EphemeralDataProtectionProvider();
AddCookieToHttpContext(mocks, eProvider, true);
var claims = new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, "userid")
};
//ATTEMPT
var handler = new ImpersonationHandler(mocks.MockContext, eProvider, claims);
//VERIFY
handler.ImpersonationChange.ShouldBeTrue();
handler.GetUserIdForWorkingOutPermissions().ShouldEqual("userid");
handler.GetUserIdForWorkingDataKey().ShouldEqual("differentUserId");
handler.AddOrRemoveImpersonationClaim(claims);
claims.SingleOrDefault(x => x.Type == ImpersonationHandler.ImpersonationClaimType)?.Value.ShouldEqual("*****@*****.**");
}
public TestImpersonationHandler()
{
var mocks = new MockHttpContextCookies();
_cookieEncryptPurpose = new ImpersonationCookie(mocks.MockContext, null).EncryptPurpose;
}
