public void Test_ReturnsSuccessIfValidCookieEsists() { var serializer = new TicketSerializer(); var ticket = new AuthenticationTicket( new ClaimsPrincipal( new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, "Foo User"), }, AuthConstants.SPNEGO_DEFAULT_SCHEME)), AuthConstants.SPNEGO_DEFAULT_SCHEME); var serializedTicket = serializer.Serialize(ticket); var protectedTicket = dataProtector.Protect(serializedTicket); var encodedTicket = Convert.ToBase64String(protectedTicket); var cookie = new HttpCookie(AuthConstants.AUTH_COOKIE_NM) { Expires = DateTime.Now.AddDays(CookieAuthenticator.COOKIE_TIMEOUT_IN_MINUTES), Value = encodedTicket }; cookies.Set(cookie); browser.SetupGet(b => b.Cookies).Returns(true); var authenticator = new CookieAuthenticator(dataProtector, logger.Object); var result = authenticator.Authenticate(context.Object); Assert.True(result.Succeeded); Assert.Equal("Foo User", result.Principal.Identity.Name); }
public void Test_ReturnsFailureIf_InValidCookieEsistsOrIfCookieIsDamaged() { var serializer = new TicketSerializer(); var ticket = new AuthenticationTicket( new ClaimsPrincipal( new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, "Foo User"), }, AuthConstants.SPNEGO_DEFAULT_SCHEME)), AuthConstants.SPNEGO_DEFAULT_SCHEME); var serializedTicket = serializer.Serialize(ticket); var protectedTicket = dataProtector.Protect(serializedTicket); var encodedTicket = Convert.ToBase64String(protectedTicket); var cookie = new HttpCookie(AuthConstants.AUTH_COOKIE_NM) { Expires = DateTime.Now.AddDays(CookieAuthenticator.COOKIE_TIMEOUT_IN_MINUTES), Value = encodedTicket + "Corrupt" }; cookies.Set(cookie); browser.SetupGet(b => b.Cookies).Returns(true); var authenticator = new CookieAuthenticator(dataProtector, logger.Object); var result = authenticator.Authenticate(context.Object); Assert.False(result.Succeeded); Assert.Equal($"Unable to extract cookie '{AuthConstants.AUTH_COOKIE_NM}', cookie might be damaged/modified", result.Failure.Message); }
public void Test_SignIn_AddsCookie_IfAuthResultIsSuccess() { var serializer = new TicketSerializer(); var ticket = new AuthenticationTicket( new ClaimsPrincipal( new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, "Foo User"), }, AuthConstants.SPNEGO_DEFAULT_SCHEME)), AuthConstants.SPNEGO_DEFAULT_SCHEME); var serializedTicket = serializer.Serialize(ticket); var protectedTicket = dataProtector.Protect(serializedTicket); var encodedTicket = Convert.ToBase64String(protectedTicket); var cookie = new HttpCookie(AuthConstants.AUTH_COOKIE_NM) { Expires = DateTime.Now.AddDays(CookieAuthenticator.COOKIE_TIMEOUT_IN_MINUTES), Value = encodedTicket }; var authenticator = new CookieAuthenticator(dataProtector, logger.Object); authenticator.SignIn(AuthenticateResult.Success(ticket), context.Object); response.Verify(r => r.AppendCookie(It.Is <HttpCookie>(c => Convert.ToBase64String(dataProtector.UnProtect(Convert.FromBase64String(c.Value))) == Convert.ToBase64String(dataProtector.UnProtect(Convert.FromBase64String(encodedTicket))) && c.Expires.Date.Minute == DateTime.Now.AddMinutes(CookieAuthenticator.COOKIE_TIMEOUT_IN_MINUTES).Date.Minute)), Times.Once); }
public ActionResult Logout() { IAuthenticator authenticator = new CookieAuthenticator(); authenticator.SignOut(); return(Redirect("/")); }
public void Test_ReturnsNoResultIfBrowserDoesNotSupportCookies() { browser.SetupGet(b => b.Cookies).Returns(false); var authenticator = new CookieAuthenticator(dataProtector, logger.Object); Assert.False(authenticator.Authenticate(context.Object).Succeeded); }
public ActionResult ConfirmLogout() { var authenticator = new CookieAuthenticator(); authenticator.SignOut(); return(this.RedirectToHome()); }
public void Test_SignIn_DoesNotAddCookie_IfAuthResultIsNotSuccess() { var authenticator = new CookieAuthenticator(dataProtector, logger.Object); authenticator.SignIn(AuthenticateResult.NoResult(), context.Object); var authCookie = context.Object.Response.Cookies.Get(AuthConstants.AUTH_COOKIE_NM); Assert.Null(authCookie); }
public void Test_ReturnsNoResultOrNotSuccessIf_CookieDoesNotEsist() { browser.SetupGet(b => b.Cookies).Returns(true); var authenticator = new CookieAuthenticator(dataProtector, logger.Object); var result = authenticator.Authenticate(context.Object); Assert.False(result.Succeeded); }
public ActionResult VerifySignInWith(AuthenticationProvider provider) { var result = AuthenticationService.FinalizeAuthentication(provider); if (result.IsSuccessful) { if (result.IsRegisteredDeveloper) { var authenticator = new CookieAuthenticator(); authenticator.SetCookie(result.Developer.Username, true); return(this.RedirectToDeveloperHome(result.Developer.Username)); } else { TempData["authenticationResult"] = result; return(RedirectToAction("Create", "Developer")); } } return(new HttpUnauthorizedResult("HAL: Without your space helmet, Dave? You're going to find that rather difficult.")); }
private static void CreateAuthenticationTicket(string Username, bool IsImagemakers) { IAuthenticator authenticator = new CookieAuthenticator(); authenticator.SetCookie(Username, false, (IsImagemakers) ? new string[] { "IM" } : null); }
public ActionResult Login(LoginModel user) { if (ModelState.IsValid) { string password; try { var rsaProvider = new RSACryptoServiceProvider(); rsaProvider.FromXmlString(Session["Encryption"].ToString()); password = Encoding.ASCII.GetString( rsaProvider.Decrypt(Convert.FromBase64String(user.Password), false) ); } catch (Exception ex) { ModelState.AddModelError("Invalid", "Invalid email address and/or password"); GenerateRsaInformation(); return(View()); } int?adminUserID; var response = AttemptLogin(user.Username, password, out adminUserID); if (response == AuthenticationResponse.ImagemakersSuccess || response == AuthenticationResponse.LocalSuccess) { if (response == AuthenticationResponse.ImagemakersSuccess) { IAuthenticator authenticator = new CookieAuthenticator(); var guid = authenticator.SetCookie(user.Username, false, new string[] { "IM", "Admin" }); _sessionRepo.Add(user.Username, UserIP, guid); } if (response == AuthenticationResponse.LocalSuccess) { var dbUser = _repo.FindByEmailAddress(user.Username); IAuthenticator authenticator = new CookieAuthenticator(); var guid = authenticator.SetCookie(user.Username, false, dbUser.Roles.Select(x => x.Name).ToArray()); _sessionRepo.Add(user.Username, UserIP, guid, adminUserID); } _uow.Commit(); if (!String.IsNullOrEmpty(Request.QueryString["ReturnUrl"]) && Url.IsLocalUrl(Request.QueryString["ReturnUrl"])) { return(Redirect(Request.QueryString["ReturnUrl"])); } else { return(Redirect("/")); } } ModelState.AddModelError( "Invalid", response == AuthenticationResponse.LockedOut ? "Looks like you've tried logging in too many times. Try again in a few minutes." : "Invalid username and/or password"); } GenerateRsaInformation(); return(View()); }