[ExpectedException(typeof(EncryptionException))] // THEN public void TestInterceptRequest_ShouldThrowEncryptionException_WhenEncryptionFails() { // GIVEN var config = TestUtils.GetTestFieldLevelEncryptionConfigBuilder() .WithEncryptionPath("$.foo", "$.encryptedFoo") .WithEncryptionCertificate(TestUtils.GetTestInvalidEncryptionCertificate()) // Invalid certificate .Build(); var request = new RestRequest { Method = Method.POST, Resource = "/service", Parameters = { new Parameter { Type = RequestBody, Encoding = Encoding.UTF8, Value = "{\"foo\":\"bar\"}" } } }; try { // WHEN var instanceUnderTest = new RestSharpFieldLevelEncryptionInterceptor(config); instanceUnderTest.InterceptRequest(request); } catch (Exception e) { // THEN Assert.AreEqual("Failed to wrap secret key!", e.Message); throw; } }
[ExpectedException(typeof(EncryptionException))] // THEN public void TestInterceptRequest_ShouldThrowEncryptionException_WhenEncryptionFails() { // GIVEN var config = TestUtils.GetTestFieldLevelEncryptionConfigBuilder() .WithEncryptionPath("$.foo", "$.encryptedFoo") .WithEncryptionCertificate(TestUtils.GetTestInvalidEncryptionCertificate()) // Invalid certificate .Build(); var request = new RestRequest { Method = Method.POST, Resource = "/service" }; request.AddParameter("param1", "{\"foo\":\"bar\"}", ParameterType.RequestBody); try { // WHEN var instanceUnderTest = new RestSharpFieldLevelEncryptionInterceptor(config); instanceUnderTest.InterceptRequest(request); } catch (Exception e) { // THEN Assert.AreEqual("Payload encryption failed!", e.Message); throw; } }
public void TestInterceptRequest_ShouldEncryptRequestPayloadAndUpdateContentLengthHeader() { // GIVEN var config = TestUtils.GetTestFieldLevelEncryptionConfigBuilder() .WithEncryptionPath("$.foo", "$.encryptedFoo") .Build(); var request = new RestRequest { Method = Method.POST, Resource = "/service" }; request.AddParameter("param1", "{\"foo\":\"bar\"}", ParameterType.RequestBody); // WHEN var instanceUnderTest = new RestSharpFieldLevelEncryptionInterceptor(config); instanceUnderTest.InterceptRequest(request); // THEN var encryptedPayloadParam = request.Parameters.FirstOrDefault(param => param.Type == ParameterType.RequestBody); Assert.IsNotNull(encryptedPayloadParam); var encryptedPayload = encryptedPayloadParam.Value?.ToString(); Assert.IsNotNull(encryptedPayload); Assert.IsFalse(encryptedPayload.Contains("foo")); Assert.IsTrue(encryptedPayload.Contains("encryptedFoo")); var contentLengthHeaderParam = request.Parameters.FirstOrDefault(param => param.Type == ParameterType.HttpHeader); Assert.IsNotNull(contentLengthHeaderParam); Assert.AreEqual(encryptedPayload.Length.ToString(), contentLengthHeaderParam.Value); }
public void TestInterceptRequest_ShouldDoNothing_WhenNoPayload() { // GIVEN var config = TestUtils.GetTestFieldLevelEncryptionConfigBuilder() .WithEncryptionPath("$.foo", "$.encryptedFoo") .Build(); var request = new RestRequest { Method = Method.GET, Resource = "/service" }; // WHEN var instanceUnderTest = new RestSharpFieldLevelEncryptionInterceptor(config); instanceUnderTest.InterceptRequest(request); }
public void TestInterceptRequest_ShouldEncryptRequestPayloadAndAddEncryptionHttpHeaders_WhenRequestedInConfig() { // GIVEN var config = TestUtils.GetTestFieldLevelEncryptionConfigBuilder() .WithEncryptionPath("$.foo", "$.encryptedFoo") .WithIvHeaderName("x-iv") .WithEncryptedKeyHeaderName("x-encrypted-key") .WithOaepPaddingDigestAlgorithmHeaderName("x-oaep-padding-digest-algorithm") .WithEncryptionCertificateFingerprintHeaderName("x-encryption-certificate-fingerprint") .WithEncryptionKeyFingerprintHeaderName("x-encryption-key-fingerprint") .Build(); var request = new RestRequest { Method = Method.POST, Resource = "/service", Parameters = { new Parameter { Type = RequestBody, Encoding = Encoding.UTF8, Value = "{\"foo\":\"bar\"}" } } }; // WHEN var instanceUnderTest = new RestSharpFieldLevelEncryptionInterceptor(config); instanceUnderTest.InterceptRequest(request); // THEN var encryptedPayloadParam = request.Parameters.FirstOrDefault(param => param.Type == RequestBody); Assert.IsNotNull(encryptedPayloadParam); var encryptedPayload = encryptedPayloadParam.Value.ToString(); Assert.IsNotNull(encryptedPayload); Assert.IsFalse(encryptedPayload.Contains("foo")); Assert.IsTrue(encryptedPayload.Contains("encryptedFoo")); Assert.AreEqual(encryptedPayload.Length, request.Parameters.Find(HttpHeader, "Content-Length").First().Value); Assert.IsNotNull(request.Parameters.Find(HttpHeader, "x-iv").First()); Assert.IsNotNull(request.Parameters.Find(HttpHeader, "x-encrypted-key").First()); Assert.AreEqual("SHA256", request.Parameters.Find(HttpHeader, "x-oaep-padding-digest-algorithm").First().Value); Assert.AreEqual("80810fc13a8319fcf0e2ec322c82a4c304b782cc3ce671176343cfe8160c2279", request.Parameters.Find(HttpHeader, "x-encryption-certificate-fingerprint").First().Value); Assert.AreEqual("761b003c1eade3a5490e5000d37887baa5e6ec0e226c07706e599451fc032a79", request.Parameters.Find(HttpHeader, "x-encryption-key-fingerprint").First().Value); }