public ImpersonationService(IHttpContextAccessor httpContextAccessor, IDataProtectionProvider protectionProvider) { _httpContext = httpContextAccessor.HttpContext; _cookie = protectionProvider != null //If protectionProvider is null then impersonation is turned off ? new ImpersonationCookie(_httpContext, protectionProvider) : null; }
public void ReadNonExistentCookie() { //SETUP var mocks = new MockHttpContextCookies(); var eProvider = new EphemeralDataProtectionProvider(); var cookie = new ImpersonationCookie(mocks.MockContext, eProvider); //ATTEMPT var data = cookie.GetCookieInValue(); //VERIFY data.ShouldBeNull(); }
public void ReadEncryptedCookie() { //SETUP var mocks = new MockHttpContextCookies(); var eProvider = new EphemeralDataProtectionProvider(); var cookie = new ImpersonationCookie(mocks.MockContext, eProvider); //ATTEMPT mocks.RequestCookies["UserImpersonation"] = eProvider.CreateProtector(cookie.EncryptPurpose).Protect("Hello world"); var data = cookie.GetCookieInValue(); //VERIFY data.ShouldEqual("Hello world"); }
public void TestCookieDelete() { //SETUP var mocks = new MockHttpContextCookies(); var cookie = new ImpersonationCookie(mocks.MockContext, null); mocks.ResponseCookies["Set-Cookie"] = "Some data"; //ATTEMPT cookie.Delete(); //VERIFY mocks.ResponseCookies["Set-Cookie"][1].ShouldEndWith("expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; samesite=lax; httponly"); }
public void TestCookieDelete() { //SETUP var httpContext = new DefaultHttpContext(); var cookie = new ImpersonationCookie(httpContext, null); httpContext.Response.Headers["Set-Cookie"] = "Some data"; //ATTEMPT cookie.Delete(); //VERIFY httpContext.Response.Headers["Set-Cookie"][1].ShouldEndWith("expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; httponly"); }
public void TestCookieExists() { //SETUP var mocks = new MockHttpContextCookies(); var eProvider = new EphemeralDataProtectionProvider(); var cookie = new ImpersonationCookie(mocks.MockContext, eProvider); cookie.AddUpdateCookie("Hello world"); mocks.RequestCookies["UserImpersonation"] = "???"; //ATTEMPT //VERIFY cookie.Exists(mocks.MockContext.Request.Cookies).ShouldBeTrue(); }
public void AddEncryptedCookie() { //SETUP var mocks = new MockHttpContextCookies(); var eProvider = new EphemeralDataProtectionProvider(); //ATTEMPT var cookie = new ImpersonationCookie(mocks.MockContext, eProvider); cookie.AddUpdateCookie("Hello world"); //VERIFY mocks.ResponseCookies.Count.ShouldEqual(1); mocks.ResponseCookies["Set-Cookie"].ShouldNotBeNull(); mocks.ResponseCookies["Set-Cookie"][0].ShouldStartWith("UserImpersonation="); }
public void ReadEncryptedCookie() { //SETUP var httpContext = new DefaultHttpContext(); var eProvider = new EphemeralDataProtectionProvider(); var cookie = new ImpersonationCookie(httpContext, eProvider); var codedData = eProvider.CreateProtector(cookie.EncryptPurpose).Protect("Hello world"); //ATTEMPT httpContext.AddRequestCookie("UserImpersonation", codedData); var data = cookie.GetCookieInValue(); //VERIFY data.ShouldEqual("Hello world"); }
public void AddEncryptedCookie() { //SETUP var httpContext = new DefaultHttpContext(); var eProvider = new EphemeralDataProtectionProvider(); //ATTEMPT var cookie = new ImpersonationCookie(httpContext, eProvider); cookie.AddUpdateCookie("Hello world"); //VERIFY httpContext.Response.Headers.Keys.Count.ShouldEqual(1); httpContext.Response.Headers["Set-Cookie"].ShouldNotBeNull(); httpContext.Response.Headers["Set-Cookie"][0].ShouldStartWith("UserImpersonation="); }
public void TestCookieExists() { //SETUP var httpContext = new DefaultHttpContext(); var eProvider = new EphemeralDataProtectionProvider(); var cookie = new ImpersonationCookie(httpContext, eProvider); cookie.AddUpdateCookie("Hello world"); httpContext.AddRequestCookie("UserImpersonation", "???"); //ATTEMPT //VERIFY cookie.Exists(httpContext.Request.Cookies).ShouldBeTrue(); }
public void ReadEncryptedCookieBadDeletesCookie() { //SETUP var mocks = new MockHttpContextCookies(); var eProvider = new EphemeralDataProtectionProvider(); var cookie = new ImpersonationCookie(mocks.MockContext, eProvider); //ATTEMPT mocks.RequestCookies["UserImpersonation"] = "???"; var ex = Assert.Throws <CryptographicException>(() => cookie.GetCookieInValue()); //VERIFY ex.Message.ShouldStartWith("An error occurred during a cryptographic operation."); mocks.ResponseCookies["Set-Cookie"].ShouldNotBeNull(); mocks.ResponseCookies["Set-Cookie"][0].ShouldEndWith("expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; samesite=lax; httponly"); }
public void ReadEncryptedCookieBadDeletesCookie() { //SETUP var httpContext = new DefaultHttpContext(); var eProvider = new EphemeralDataProtectionProvider(); var cookie = new ImpersonationCookie(httpContext, eProvider); //ATTEMPT httpContext.AddRequestCookie("UserImpersonation", "???"); var ex = Assert.Throws <CryptographicException>(() => cookie.GetCookieInValue()); //VERIFY ex.Message.ShouldStartWith("An error occurred during a cryptographic operation."); httpContext.Response.Headers["Set-Cookie"].ShouldNotBeNull(); httpContext.Response.Headers["Set-Cookie"][0].ShouldEndWith("expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; httponly"); }