public async Task AcceptsGoodTokenDeniesBadToken()
{
(_, var metadataStore, var usernameParser, var credFactory, var sysIdProvider) = SetupAcceptEverything();
var authenticator = SetupAcceptGoodToken("good_token");
using (var sut = new AuthAgentProtocolHead(authenticator, metadataStore, usernameParser, credFactory, sysIdProvider, config))
{
await sut.StartAsync();
dynamic content = new ExpandoObject();
content.version = "2020-04-20";
content.username = "******";
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Synthetic password used in tests")]
content.password = "******";
dynamic response = await PostAsync(content, this.url);
Assert.Equal(403, (int)response.result);
content.password = "******";
response = await PostAsync(content, this.url);
Assert.Equal(200, (int)response.result);
}
}
public async Task AcceptsGoodThumbprintDeniesBadThumbprint()
{
(_, var metadataStore, var usernameParser, var credFactory, var sysIdProvider) = SetupAcceptEverything();
var authenticator = SetupAcceptGoodThumbprint(ThumbprintTestCertThumbprint2);
using (var sut = new AuthAgentProtocolHead(authenticator, metadataStore, usernameParser, credFactory, sysIdProvider, config))
{
await sut.StartAsync();
dynamic content = new ExpandoObject();
content.version = "2020-04-20";
content.username = "******";
content.certificate = ThumbprintTestCert;
dynamic response = await PostAsync(content, this.url);
Assert.Equal(403, (int)response.result);
content.certificate = ThumbprintTestCert2;
response = await PostAsync(content, this.url);
Assert.Equal(200, (int)response.result);
}
}
public async Task StoresMetadataCorrectly()
{
(var authenticator, _, var usernameParser, var credFactory, var sysIdProvider) = SetupAcceptEverything();
var storeProvider = new StoreProvider(new InMemoryDbStoreProvider());
IEntityStore <string, string> store = storeProvider.GetEntityStore <string, string>("productInfo");
var metadataStore = new MetadataStore(store, "productInfo");
string modelIdString = "dtmi:test:modelId;1";
using (var sut = new AuthAgentProtocolHead(authenticator, metadataStore, usernameParser, credFactory, sysIdProvider, config))
{
await sut.StartAsync();
dynamic content = new ExpandoObject();
content.version = "2020-04-20";
content.username = $"testhub/device/api-version=2018-06-30&model-id={modelIdString}";
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Synthetic password used in tests")]
content.password = "******";
dynamic response = await PostAsync(content, this.url);
Assert.Equal(200, (int)response.result);
var modelId = (await metadataStore.GetMetadata("device")).ModelId;
Assert.True(modelId.HasValue);
Assert.Equal(modelIdString, modelId.GetOrElse("impossibleValue"));
}
}
public async Task AcceptsGoodTokenDeniesBadToken()
{
(_, var metadataStore, var usernameParser, var credFactory, var sysIdProvider) = SetupAcceptEverything();
var authenticator = SetupAcceptGoodToken("good_token");
using (var sut = new AuthAgentProtocolHead(authenticator, metadataStore, usernameParser, credFactory, sysIdProvider, config))
{
await sut.StartAsync();
dynamic content = new ExpandoObject();
content.version = "2020-04-20";
content.username = "******";
content.password = "******";
dynamic response = await PostAsync(content, URL);
Assert.Equal(403, (int)response.result);
content.password = "******";
response = await PostAsync(content, URL);
Assert.Equal(200, (int)response.result);
}
}
public async Task CannotStartTwice()
{
(var authenticator, var metadataStore, var usernameParser, var credFactory, var sysIdProvider) = SetupAcceptEverything();
using (var sut = new AuthAgentProtocolHead(authenticator, metadataStore, usernameParser, credFactory, sysIdProvider, config))
{
await sut.StartAsync();
await Assert.ThrowsAsync <InvalidOperationException>(async() => await sut.StartAsync());
}
}
public async Task DeniesMalformedJsonRequest()
{
(var authenticator, var metadataStore, var usernameParser, var credFactory, var sysIdProvider) = SetupAcceptEverything();
using (var sut = new AuthAgentProtocolHead(authenticator, metadataStore, usernameParser, credFactory, sysIdProvider, config))
{
await sut.StartAsync();
var result = await SendDirectRequest(NonJSONRequestBody);
Assert.StartsWith(@"{""result"":403,", result);
}
}
public async Task DeniesBadContentLengthLongBody()
{
(var authenticator, var metadataStore, var usernameParser, var credFactory, var sysIdProvider) = SetupAcceptEverything();
using (var sut = new AuthAgentProtocolHead(authenticator, metadataStore, usernameParser, credFactory, sysIdProvider, config))
{
await sut.StartAsync();
var result = await SendDirectRequest(RequestBody, contentLengthOverride : RequestBody.Length - 10);
Assert.StartsWith(@"{""result"":403,", result);
}
}
public async Task AcceptsRequestWithNoContentLength()
{
(var authenticator, var metadataStore, var usernameParser, var credFactory, var sysIdProvider) = SetupAcceptEverything();
using (var sut = new AuthAgentProtocolHead(authenticator, metadataStore, usernameParser, credFactory, sysIdProvider, config))
{
await sut.StartAsync();
var result = await SendDirectRequest(RequestBody, withContentLength : false);
Assert.StartsWith(@"{""result"":200,", result);
}
}
public async Task DeniesNoVersion()
{
(var authenticator, var metadataStore, var usernameParser, var credFactory, var sysIdProvider) = SetupAcceptEverything();
using (var sut = new AuthAgentProtocolHead(authenticator, metadataStore, usernameParser, credFactory, sysIdProvider, config))
{
await sut.StartAsync();
dynamic content = new ExpandoObject();
content.username = "******";
content.password = "******";
dynamic response = await PostAsync(content, URL);
Assert.Equal(403, (int)response.result);
}
}
public async Task DeniesNoVersion()
{
(var authenticator, var usernameParser, var credFactory, var sysIdProvider) = SetupAcceptEverything();
using (var sut = new AuthAgentProtocolHead(authenticator, usernameParser, credFactory, sysIdProvider, config))
{
await sut.StartAsync();
dynamic content = new ExpandoObject();
content.username = "******";
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Synthetic password used in tests")]
content.password = "******";
dynamic response = await PostAsync(content, URL);
Assert.Equal(403, (int)response.result);
}
}
public async Task DeniesNoPasswordNorCertificate()
{
(var authenticator, var metadataStore, var usernameParser, var credFactory, var sysIdProvider) = SetupAcceptEverything();
await using (var sut = new AuthAgentProtocolHead(authenticator, metadataStore, usernameParser, credFactory, sysIdProvider, config))
{
await sut.StartAsync();
dynamic content = new ExpandoObject();
content.version = "2020-04-20";
content.username = "******";
dynamic response = await PostAsync(content, this.url);
Assert.Equal(403, (int)response.result);
await sut.CloseAsync(CancellationToken.None);
}
}
public async Task DeniesBadCertificateFormat()
{
(var authenticator, var metadataStore, var usernameParser, var credFactory, var sysIdProvider) = SetupAcceptEverything();
using (var sut = new AuthAgentProtocolHead(authenticator, metadataStore, usernameParser, credFactory, sysIdProvider, config))
{
await sut.StartAsync();
dynamic content = new ExpandoObject();
content.version = "2020-04-20";
content.username = "******";
content.certificate = new byte[] { 0x30, 0x23, 0x44 };
dynamic response = await PostAsync(content, this.url);
Assert.Equal(403, (int)response.result);
}
}
public async Task DeniesBothPasswordAndCertificate()
{
(var authenticator, var usernameParser, var credFactory, var sysIdProvider) = SetupAcceptEverything();
using (var sut = new AuthAgentProtocolHead(authenticator, usernameParser, credFactory, sysIdProvider, config))
{
await sut.StartAsync();
dynamic content = new ExpandoObject();
content.version = "2020-04-20";
content.username = "******";
content.password = "******";
content.certificate = ThumbprintTestCert;
dynamic response = await PostAsync(content, URL);
Assert.Equal(403, (int)response.result);
}
}
public async Task ReturnsModuleIdentity()
{
(var authenticator, var metadataStore, var usernameParser, var credFactory, var sysIdProvider) = SetupAcceptEverything();
using (var sut = new AuthAgentProtocolHead(authenticator, metadataStore, usernameParser, credFactory, sysIdProvider, config))
{
await sut.StartAsync();
dynamic content = new ExpandoObject();
content.version = "2020-04-20";
content.username = "******";
content.password = "******";
var response = await PostAsync(content, URL);
Assert.Equal(200, (int)response.result);
Assert.Equal("device/module", (string)response.identity);
}
}
public async Task ReturnsModuleIdentity()
{
(var authenticator, var metadataStore, var usernameParser, var credFactory, var sysIdProvider) = SetupAcceptEverything();
using (var sut = new AuthAgentProtocolHead(authenticator, metadataStore, usernameParser, credFactory, sysIdProvider, config))
{
await sut.StartAsync();
dynamic content = new ExpandoObject();
content.version = "2020-04-20";
content.username = "******";
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Synthetic password used in tests")]
content.password = "******";
var response = await PostAsync(content, this.url);
Assert.Equal(200, (int)response.result);
Assert.Equal("testhub/device/module", (string)response.identity);
}
}
public async Task DeniesBothPasswordAndCertificate()
{
(var authenticator, var metadataStore, var usernameParser, var credFactory, var sysIdProvider) = SetupAcceptEverything();
await using (var sut = new AuthAgentProtocolHead(authenticator, metadataStore, usernameParser, credFactory, sysIdProvider, config))
{
await sut.StartAsync();
dynamic content = new ExpandoObject();
content.version = "2020-04-20";
content.username = "******";
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Synthetic password used in tests")]
content.password = "******";
content.certificate = ThumbprintTestCert;
dynamic response = await PostAsync(content, this.url);
Assert.Equal(403, (int)response.result);
await sut.CloseAsync(CancellationToken.None);
}
}
public async Task AcceptsGoodCaDeniesBadCa()
{
(_, var metadataStore, var usernameParser, var credFactory, var sysIdProvider) = SetupAcceptEverything();
var goodCa = new X509Certificate2(Encoding.ASCII.GetBytes(CaTestRoot2));
var authenticator = SetupAcceptGoodCa(goodCa);
await using (var sut = new AuthAgentProtocolHead(authenticator, metadataStore, usernameParser, credFactory, sysIdProvider, config))
{
await sut.StartAsync();
dynamic content = new ExpandoObject();
content.version = "2020-04-20";
content.username = "******";
content.certificate = CaTestDevice;
content.certificateChain = new List <string>()
{
CaTestRoot
};
dynamic response = await PostAsync(content, this.url);
Assert.Equal(403, (int)response.result);
content.certificate = CaTestDevice2;
content.certificateChain = new List <string>()
{
CaTestRoot2
};
response = await PostAsync(content, this.url);
Assert.Equal(200, (int)response.result);
await sut.CloseAsync(CancellationToken.None);
}
}
