public static IAppBuilder UseAppServiceAuthentication(this IAppBuilder appBuilder, HttpConfiguration config, AppServiceAuthenticationMode appServiceAuthMode, MobileAppAuthenticationOptions options, IMobileAppTokenHandler tokenHandler)
{
if (appBuilder == null)
{
throw new ArgumentNullException("appBuilder");
}
if (options == null)
{
throw new ArgumentNullException("options");
}
MobileAppSettingsDictionary settings = config.GetMobileAppSettingsProvider().GetMobileAppSettings();
bool runningInAzure = !string.IsNullOrEmpty(settings.HostName);
if ((appServiceAuthMode == AppServiceAuthenticationMode.LocalOnly && !runningInAzure)
|| appServiceAuthMode == AppServiceAuthenticationMode.Always)
{
appBuilder.Use(typeof(MobileAppAuthenticationMiddleware), new object[]
{
appBuilder,
options,
tokenHandler
});
}
return appBuilder;
}
public ServiceUserTests()
{
this.facebookCredentials = new FacebookCredentials() { UserId = "Facebook:FBUserId", AccessToken = "ABCDEF" };
HttpConfiguration config = new HttpConfiguration();
this.tokenHandlerMock = new Mock<MobileAppTokenHandler>(config) { CallBase = true };
this.tokenHandler = this.tokenHandlerMock.Object;
}
public static void SetMobileAppTokenHandler(this HttpConfiguration config, IMobileAppTokenHandler handler)
{
if (config == null)
{
throw new ArgumentNullException("config");
}
config.Properties[ServiceTokenHandlerKey] = handler;
}
public static void SetMobileAppTokenHandler(this HttpConfiguration config, IMobileAppTokenHandler handler)
{
if (config == null)
{
throw new ArgumentNullException("config");
}
config.Properties[ServiceTokenHandlerKey] = handler;
}
/// <summary>
/// Initializes a new instance of the <see cref="MobileAppAuthenticationHandler"/> class with the given <paramref name="logger"/>.
/// </summary>
/// <param name="logger">The <see cref="ILogger"/> to use for logging.</param>
/// <param name="tokenHandler">The <see cref="IMobileAppTokenHandler"/> to use.</param>
public MobileAppAuthenticationHandler(ILogger logger, IMobileAppTokenHandler tokenHandler)
{
if (logger == null)
{
throw new ArgumentNullException("logger");
}
if (tokenHandler == null)
{
throw new ArgumentNullException("tokenHandler");
}
this.logger = logger;
this.tokenUtility = tokenHandler;
}
public ServiceUserTests()
{
this.facebookCredentials = new FacebookCredentials()
{
UserId = "Facebook:FBUserId", AccessToken = "ABCDEF"
};
HttpConfiguration config = new HttpConfiguration();
this.tokenHandlerMock = new Mock <MobileAppTokenHandler>(config)
{
CallBase = true
};
this.tokenHandler = this.tokenHandlerMock.Object;
}
/// <summary>
/// Initializes a new instance of the <see cref="MobileAppAuthenticationMiddleware"/> class.
/// </summary>
/// <param name="next">The next <see cref="OwinMiddleware"/>.</param>
/// <param name="appBuilder">The <see cref="IAppBuilder"/> to configure.</param>
/// <param name="options">The options for this middleware.</param>
/// <param name="tokenHandler">The <see cref="IMobileAppTokenHandler"/> to use for processing tokens.</param>
public MobileAppAuthenticationMiddleware(OwinMiddleware next, IAppBuilder appBuilder, MobileAppAuthenticationOptions options, IMobileAppTokenHandler tokenHandler)
: base(next, options)
{
if (appBuilder == null)
{
throw new ArgumentNullException("appBuilder");
}
if (tokenHandler == null)
{
throw new ArgumentNullException("tokenHandler");
}
this.logger = appBuilder.CreateLogger <MobileAppAuthenticationMiddleware>();
this.tokenHandler = tokenHandler;
}
public static IAppBuilder UseMobileAppAuthentication(this IAppBuilder appBuilder, HttpConfiguration config, AuthenticationMode mode = AuthenticationMode.Active)
{
if (appBuilder == null)
{
throw new ArgumentNullException("appBuilder");
}
if (config == null)
{
throw new ArgumentNullException("config");
}
// Add the service authentication middleware
MobileAppAuthenticationOptions serviceOptions = GetMobileAppAuthenticationOptions(config, mode);
IMobileAppTokenHandler tokenHandler = config.GetMobileAppTokenHandler();
appBuilder.UseMobileAppAuthentication(serviceOptions, tokenHandler);
return(appBuilder);
}
/// <summary>
/// Adds authentication using the built-in <see cref="MobileAppAuthenticationMiddleware"/> authentication model.
/// </summary>
/// <param name="appBuilder">The <see cref="IAppBuilder"/> passed to the configuration method.</param>
/// <param name="options">Middleware configuration options.</param>
/// <param name="tokenHandler">An <see cref="MobileAppTokenHandler"/> instance.</param>
/// <returns>The updated <see cref="IAppBuilder"/>.</returns>
public static IAppBuilder UseMobileAppAuthentication(this IAppBuilder appBuilder, MobileAppAuthenticationOptions options, IMobileAppTokenHandler tokenHandler)
{
if (appBuilder == null)
{
throw new ArgumentNullException("appBuilder");
}
if (options == null)
{
throw new ArgumentNullException("options");
}
appBuilder.Use(typeof(MobileAppAuthenticationMiddleware), new object[]
{
appBuilder,
options,
tokenHandler
});
return appBuilder;
}
public MobileAppAuthenticationHandlerMock(ILogger logger, IMobileAppTokenHandler tokenHandler)
: base(logger, tokenHandler)
{
}
/// <summary>
/// Adds authentication using the built-in <see cref="MobileAppAuthenticationMiddleware"/> authentication model.
/// </summary>
/// <param name="appBuilder">The <see cref="IAppBuilder"/> passed to the configuration method.</param>
/// <param name="options">Middleware configuration options.</param>
/// <param name="tokenHandler">An <see cref="MobileAppTokenHandler"/> instance.</param>
/// <returns>The updated <see cref="IAppBuilder"/>.</returns>
public static IAppBuilder UseMobileAppAuthentication(this IAppBuilder appBuilder, MobileAppAuthenticationOptions options, IMobileAppTokenHandler tokenHandler)
{
if (appBuilder == null)
{
throw new ArgumentNullException("appBuilder");
}
if (options == null)
{
throw new ArgumentNullException("options");
}
appBuilder.Use(typeof(MobileAppAuthenticationMiddleware), new object[]
{
appBuilder,
options,
tokenHandler
});
return(appBuilder);
}
public MobileAppAuthenticationHandlerMock(ILogger logger, IMobileAppTokenHandler tokenHandler)
: base(logger, tokenHandler)
{
}
public async Task MobileAppAuth_Succeeds_AsPassiveAndActive(AuthenticationMode mode, bool isMiddlewareRegistered, bool isAuthenticated)
{
NotificationInstallation notification = new NotificationInstallation();
notification.InstallationId = Guid.NewGuid().ToString();
notification.PushChannel = Guid.NewGuid().ToString();
notification.Platform = "wns";
using (var testServer = TestServer.Create(app =>
{
// Arrange
HttpConfiguration config = new HttpConfiguration();
config.MapHttpAttributeRoutes();
config.EnableSystemDiagnosticsTracing();
new MobileAppConfiguration()
.UseDefaultConfiguration()
.ApplyTo(config);
tokenHandler = config.GetMobileAppTokenHandler();
settings = config.GetMobileAppSettingsProvider().GetMobileAppSettings();
var pushClientMock = new Mock <PushClient>(config);
pushClientMock.Setup(p => p.CreateOrUpdateInstallationAsync(It.IsAny <Installation>()))
.Returns(Task.FromResult(0));
pushClientMock.Setup(p => p.GetRegistrationsByTagAsync(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <int>()))
.Returns(Task.FromResult(this.CreateCollectionQueryResult <RegistrationDescription>()));
config.SetPushClient(pushClientMock.Object);
if (isMiddlewareRegistered)
{
if (mode == AuthenticationMode.Passive)
{
config.SuppressDefaultHostAuthentication();
config.Filters.Add(new HostAuthenticationFilter(MobileAppAuthenticationOptions.AuthenticationName));
}
app.UseMobileAppAuthentication(config, mode);
}
app.UseWebApi(config);
}))
{
HttpClient client = new HttpClient(new AddMobileAppAuthHeaderHttpHandler(testServer.Handler, isAuthenticated));
client.BaseAddress = new Uri("http://localhost");
// Act
var notificationsPut = await client.PutAsJsonAsync("push/installations/" + notification.InstallationId, notification);
var apiNotificationsPut = await client.PutAsJsonAsync("api/notificationinstallations/" + notification.InstallationId, notification);
var tableGet = await client.GetAsync("tables/testtable");
var tableGetApplication = await client.GetAsync("tables/testtable/someId");
var tableGetApiRoute = await client.GetAsync("api/testtable");
var apiGetAnonymous = await client.GetAsync("api/secured/anonymous");
var apiGetAuthorize = await client.GetAsync("api/secured/authorize");
// Assert
Assert.Equal(notificationsPut.StatusCode, HttpStatusCode.OK);
ValidateHeaders(notificationsPut, true);
Assert.Equal(apiNotificationsPut.StatusCode, HttpStatusCode.NotFound);
ValidateHeaders(apiNotificationsPut, true);
// Succeeds: Api action with no AuthorizeLevel attribute
Assert.Equal(tableGet.StatusCode, HttpStatusCode.OK);
ValidateHeaders(tableGet, true);
// Authorize attribute will deny any unauthenticated requests.
Assert.Equal(tableGetApplication.StatusCode, isAuthenticated ? HttpStatusCode.OK : HttpStatusCode.Unauthorized);
ValidateHeaders(tableGetApplication, true);
// Succeeds: TableControllers will show up in the api route as well.
Assert.Equal(tableGetApiRoute.StatusCode, HttpStatusCode.OK);
ValidateHeaders(tableGetApiRoute, true);
// Succeeds: Auth is not set up so no ServiceUser is created. But
// the AuthorizeAttribute lets these through.
Assert.Equal(apiGetAnonymous.StatusCode, HttpStatusCode.OK);
ValidateHeaders(apiGetAnonymous, false);
// Succeeds: Api action with no AuthorizeLevel attribute
Assert.Equal(apiGetAuthorize.StatusCode, isAuthenticated ? HttpStatusCode.OK : HttpStatusCode.Unauthorized);
ValidateHeaders(apiGetAuthorize, false);
if (isAuthenticated)
{
string requestAuthToken = apiGetAuthorize.RequestMessage.Headers.Single(h => h.Key == "x-zumo-auth").Value.Single();
JToken responseAuthToken = await apiGetAuthorize.Content.ReadAsAsync <JToken>();
Assert.Equal(requestAuthToken, responseAuthToken.ToString());
}
}
}
protected override void Initialize(HttpControllerContext controllerContext)
{
base.Initialize(controllerContext);
this.handler = controllerContext.Configuration.GetMobileAppTokenHandler();
}
