private HttpContext GetHttpContext(IAntiforgeryFeature antiforgeryFeature = null) { var httpContext = new DefaultHttpContext(); antiforgeryFeature = antiforgeryFeature ?? new AntiforgeryFeature(); httpContext.Features.Set(antiforgeryFeature); httpContext.RequestServices = GetServices(); httpContext.User = new ClaimsPrincipal(new ClaimsIdentity("some-auth")); return(httpContext); }
private AntiforgeryMockContext CreateMockContext( AntiforgeryOptions options, bool useOldCookie = false, bool isOldCookieValid = true, IAntiforgeryFeature antiforgeryFeature = null) { // Arrange var httpContext = GetHttpContext(antiforgeryFeature); var testTokenSet = GetTokenSet(); var mockSerializer = GetTokenSerializer(testTokenSet); var mockTokenStore = GetTokenStore(httpContext, testTokenSet, !useOldCookie); var mockGenerator = new Mock <IAntiforgeryTokenGenerator>(MockBehavior.Strict); mockGenerator .Setup(o => o.GenerateRequestToken( httpContext, useOldCookie ? testTokenSet.OldCookieToken : testTokenSet.NewCookieToken)) .Returns(testTokenSet.RequestToken); mockGenerator .Setup(o => o.GenerateCookieToken()) .Returns(useOldCookie ? testTokenSet.OldCookieToken : testTokenSet.NewCookieToken); mockGenerator .Setup(o => o.IsCookieTokenValid(null)) .Returns(false); mockGenerator .Setup(o => o.IsCookieTokenValid(testTokenSet.OldCookieToken)) .Returns(isOldCookieValid); mockGenerator .Setup(o => o.IsCookieTokenValid(testTokenSet.NewCookieToken)) .Returns(!isOldCookieValid); return(new AntiforgeryMockContext() { Options = options, HttpContext = httpContext, TokenGenerator = mockGenerator, TokenSerializer = mockSerializer, TokenStore = mockTokenStore, TestTokenSet = testTokenSet }); }
private AntiforgeryTokenSet Serialize(IAntiforgeryFeature antiforgeryFeature) { // Should only be called after new tokens have been generated. Debug.Assert(antiforgeryFeature.HaveGeneratedNewCookieToken); Debug.Assert(antiforgeryFeature.NewRequestToken != null); if (antiforgeryFeature.NewRequestTokenString == null) { antiforgeryFeature.NewRequestTokenString = _tokenSerializer.Serialize(antiforgeryFeature.NewRequestToken); } if (antiforgeryFeature.NewCookieTokenString == null && antiforgeryFeature.NewCookieToken != null) { antiforgeryFeature.NewCookieTokenString = _tokenSerializer.Serialize(antiforgeryFeature.NewCookieToken); } return(new AntiforgeryTokenSet( antiforgeryFeature.NewRequestTokenString, antiforgeryFeature.NewCookieTokenString !, _options.FormFieldName, _options.HeaderName)); }
private AntiforgeryTokenSet Serialize(IAntiforgeryFeature antiforgeryFeature) { // Should only be called after new tokens have been generated. Debug.Assert(antiforgeryFeature.HaveGeneratedNewCookieToken); Debug.Assert(antiforgeryFeature.NewRequestToken != null); if (antiforgeryFeature.NewRequestTokenString == null) { antiforgeryFeature.NewRequestTokenString = _tokenSerializer.Serialize(antiforgeryFeature.NewRequestToken); } if (antiforgeryFeature.NewCookieTokenString == null && antiforgeryFeature.NewCookieToken != null) { antiforgeryFeature.NewCookieTokenString = _tokenSerializer.Serialize(antiforgeryFeature.NewCookieToken); } return new AntiforgeryTokenSet( antiforgeryFeature.NewRequestTokenString, antiforgeryFeature.NewCookieTokenString, _options.FormFieldName, _options.HeaderName); }