Exemplo n.º 1
0
        public void TestOpenIDExpiredToken()
        {
            if (_storageType != StorageEngineTypes.SQLite)
            {
                return;
            }

            var remoteUri = new Uri($"http://{GetReplicationServer ()}:{GetReplicationPort ()}/openid_db");

            Assert.IsTrue(OpenIDAuthenticator.ForgetIDTokens(remoteUri));

            var callbackInvoked = false;
            var auth            = (OpenIDAuthenticator)AuthenticatorFactory.CreateOpenIDAuthenticator(manager, (login, authBase, cont) =>
            {
                AssertValidOIDCLogin(login, authBase, remoteUri);
                Assert.IsFalse(callbackInvoked);
                callbackInvoked = true;
                cont(null, null);
            });

            // Set bogus ID and refresh tokens, so first the session check will fail, then the attempt
            // to refresh the ID token will fail.  Finally the callback above will be called.
            auth.IDToken      = "BOGUS_ID";
            auth.RefreshToken = "BOGUS_REFRESH";

            var pullError = PullWithOIDCAuth(remoteUri, auth);

            Assert.IsTrue(callbackInvoked);
            Assert.IsNotNull(pullError);
            Assert.IsInstanceOf(typeof(OperationCanceledException), pullError);
        }
Exemplo n.º 2
0
        protected override void OnNewIntent(Intent intent)
        {
            // Called when the activity receives the URL from the custom tabs
            base.OnNewIntent(intent);

            var callback = OpenIDAuthenticator.GetLoginContinuation(Continuation);
            var url      = new Uri(intent.Data.ToString());

            callback(url, null);
            OpenIDAuthenticator.UnregisterLoginContinuation(Continuation);
        }
Exemplo n.º 3
0
        public void TestOpenIDConnect()
        {
            if (_storageType != StorageEngineTypes.SQLite)
            {
                return;
            }

            var remoteUri = new Uri($"http://{GetReplicationServer()}:{GetReplicationPort()}/openid_db");

            Assert.IsTrue(OpenIDAuthenticator.ForgetIDTokens(remoteUri));

            var auth = (OpenIDAuthenticator)AuthenticatorFactory.CreateOpenIDAuthenticator(manager, (login, authBase, cont) =>
            {
                AssertValidOIDCLogin(login, authBase, remoteUri);
                // Fake a form submission to the OIDC test provider, to get an auth URL redirect:
                var authURL = LoginToOIDCTestProvider(remoteUri);
                Trace.WriteLine("**** Callback handing control back to authenticator...");
                cont(authURL, null);
            });

            var authError = PullWithOIDCAuth(remoteUri, auth);

            Assert.IsNull(authError);

            // The username I gave is "pupshaw," but SG namespaces it by prefixing it with the provider's
            // registered issuer (as given in the SG config file.)
            Assert.IsTrue(auth.Username.EndsWith("_pupshaw", StringComparison.InvariantCulture));

            // Now try again; this should use the ID token from storage and/or a session cookie:
            Trace.WriteLine("**** Second replication...");
            bool callbackInvoked = false;

            auth = (OpenIDAuthenticator)AuthenticatorFactory.CreateOpenIDAuthenticator(manager, (login, authBase, cont) =>
            {
                AssertValidOIDCLogin(login, authBase, remoteUri);
                Assert.IsFalse(callbackInvoked);
                callbackInvoked = true;
                cont(null, null); // cancel
            });

            authError = PullWithOIDCAuth(remoteUri, auth);
            Assert.IsNull(authError);
            Assert.IsFalse(callbackInvoked);
        }
Exemplo n.º 4
0
        public void TestOpenIDConnect()
        {
            if (_storageType != StorageEngineTypes.SQLite)
            {
                return;
            }

            var remoteUri = new Uri($"http://{GetReplicationServer()}:{GetReplicationPort()}/openid_db");
            var auth      = (OpenIDAuthenticator)AuthenticatorFactory.CreateOpenIDAuthenticator(manager, (login, authBase, cont) =>
            {
                AssertValidOIDCLogin(login, authBase, remoteUri);
                // Fake a form submission to the OIDC test provider, to get an auth URL redirect:
                var authURL = LoginToOIDCTestProvider(remoteUri);
                Trace.WriteLine("**** Callback handing control back to authenticator...");
                cont(authURL, null);
            });

            OpenIDAuthenticator.ForgetIDTokens(remoteUri);
            var authError = PullWithOIDCAuth(remoteUri, auth, "pupshaw");

            Assert.IsNull(authError);

            // Now try again; this should use the ID token from storage and/or a session cookie:
            Trace.WriteLine("**** Second replication...");
            bool callbackInvoked = false;

            auth = (OpenIDAuthenticator)AuthenticatorFactory.CreateOpenIDAuthenticator(manager, (login, authBase, cont) =>
            {
                AssertValidOIDCLogin(login, authBase, remoteUri);
                Assert.IsFalse(callbackInvoked);
                callbackInvoked = true;
                cont(null, null); // cancel
            });

            authError = PullWithOIDCAuth(remoteUri, auth, "pupshaw");
            Assert.IsNull(authError);
            Assert.IsFalse(callbackInvoked);
            Assert.IsTrue(auth.RemoveStoredCredentials());
        }