Пример #1
0
        public async Task ShouldReturnMethodNotAllowed()
        {
            var responseGenerator = new SignInResponseGenerator(new NullLogger <SignInResponseGenerator>(),
                                                                _relyingPartyStore,
                                                                _profileManager,
                                                                _keyManager,
                                                                _options
                                                                );

            var middleware = new Saml20Middleware(
                next: (innerHttpContext) =>
            {
                return(Task.CompletedTask);
            },
                _logger,
                _relyingPartyStore,
                responseGenerator,
                new SamlResponseSerializer(),
                _options
                );

            var context = new DefaultHttpContext();

            context.Request.Path   = "/saml20/";
            context.Request.Method = "PUT";
            context.Response.Body  = new MemoryStream();

            await middleware.Invoke(context);

            Assert.Equal(405, context.Response.StatusCode);
        }
Пример #2
0
        public async Task ShouldReturnBadRequestWhenInvalidSAMLRequestInPOST()
        {
            var responseGenerator = new SignInResponseGenerator(new NullLogger <SignInResponseGenerator>(),
                                                                _relyingPartyStore,
                                                                _profileManager,
                                                                _keyManager,
                                                                _options
                                                                );

            var middleware = new Saml20Middleware(
                next: (innerHttpContext) =>
            {
                return(Task.CompletedTask);
            },
                _logger,
                _relyingPartyStore,
                responseGenerator,
                new SamlResponseSerializer(),
                _options
                );

            var context = new DefaultHttpContext();

            context.Request.Path   = "/saml20/";
            context.Request.Method = "POST";
            context.Request.Form   = new FormCollection(new Dictionary <string, StringValues>());
            context.Response.Body  = new MemoryStream();

            await middleware.Invoke(context);

            Assert.Equal(400, context.Response.StatusCode);
        }
Пример #3
0
        public async Task ShouldGenerateSAMLResponseFromPOST()
        {
            var responseGenerator = new SignInResponseGenerator(new NullLogger <SignInResponseGenerator>(),
                                                                _relyingPartyStore,
                                                                _profileManager,
                                                                _keyManager,
                                                                _options
                                                                );

            var middleware = new Saml20Middleware(
                next: (innerHttpContext) =>
            {
                return(Task.CompletedTask);
            },
                _logger,
                _relyingPartyStore,
                responseGenerator,
                new SamlResponseSerializer(),
                _options
                );

            var context = new DefaultHttpContext();

            var requestBody = new Dictionary <string, StringValues>();

            requestBody.Add("SAMLRequest", new StringValues("PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4NCjxzYW1scDpBdXRoblJlcXVlc3QgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgSUQ9ImlnZmtsb2xsa2Jvb2psYmhpZWluaGtuZm1nY2xkbWlhcGZnY2draGMiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDIwLTA0LTA5VDEzOjU1OjMyWiIgUHJvdG9jb2xCaW5kaW5nPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YmluZGluZ3M6SFRUUC1QT1NUIiBQcm92aWRlck5hbWU9Imdvb2dsZS5jb20iIElzUGFzc2l2ZT0iZmFsc2UiIEFzc2VydGlvbkNvbnN1bWVyU2VydmljZVVSTD0iaHR0cHM6Ly9sb2NhbGhvc3QvdGVzdCI + PHNhbWw6SXNzdWVyIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPnVybjp0ZXN0PC9zYW1sOklzc3Vlcj48c2FtbHA6TmFtZUlEUG9saWN5IEFsbG93Q3JlYXRlPSJ0cnVlIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OnVuc3BlY2lmaWVkIiAvPjwvc2FtbHA6QXV0aG5SZXF1ZXN0Pg0K"));

            context.Request.Form        = new FormCollection(requestBody);
            context.Request.ContentType = "application/x-www-form-urlencoded";
            context.Request.Path        = "/saml20/";
            context.Request.Method      = "POST";

            context.Response.Body = new MemoryStream();

            context.User = new ClaimsPrincipal(new List <ClaimsIdentity>
            {
                new ClaimsIdentity(new List <Claim>
                {
                    new Claim(ClaimTypes.NameIdentifier, "john foo")
                }, "federated")
            });

            await middleware.Invoke(context);

            var body = ((MemoryStream)context.Response.Body).ToArray();

            Assert.Equal(200, context.Response.StatusCode);
            Assert.True(body.Length > 0);
        }
Пример #4
0
        public async Task ShouldGenerateSAMLResponseFromGet()
        {
            var responseGenerator = new SignInResponseGenerator(new NullLogger <SignInResponseGenerator>(),
                                                                _relyingPartyStore,
                                                                _profileManager,
                                                                _keyManager,
                                                                _options
                                                                );

            var middleware = new Saml20Middleware(
                next: (innerHttpContext) =>
            {
                return(Task.CompletedTask);
            },
                _logger,
                _relyingPartyStore,
                responseGenerator,
                new SamlResponseSerializer(),
                _options
                );

            var context = new DefaultHttpContext();

            context.Request.Path        = "/saml20/";
            context.Request.QueryString = new QueryString("?SAMLRequest=fZJPT8MwDMXvSHyHKPeu3QAJorVogBCT%2BFNthQO3LHXbsDQucTrg25N2IMEBri%2FPfj87np%2B%2Ft4btwJFGm%2FLpJOEMrMJS2zrlj8V1dMrPs8ODOcnWdGLR%2B8au4LUH8ixUWhLjQ8p7ZwVK0iSsbIGEV2K9uLsVs0kiOoceFRrOllcp13W1NWjMdoP4YjaNBm2bra3aWpmy1bKralVvG8XZ0zfWbMBaEvWwtOSl9UFKZkmUHEfJWTE9Eicn4mj2zFn%2BlXSh7X6C%2F7A2exOJm6LIo%2FxhXYwNdroEdx%2FcKa8RawMThe0Qn0sivQtyJQ0BZwsicD4AXqKlvgW3BrfTCh5XtylvvO9IxLFBJU2D5GMfdsazcZFinMX92OD%2FpPI7iWeDbeg0j380yr6%2BZ6BeXuVotPpgC2Pw7dKB9AHZuz4QX6Nrpf87azqZjoouo2q0it5SB0pXGkrO4myf%2BvsOwnV8Ag%3D%3D");
            context.Request.Method      = "GET";
            context.Response.Body       = new MemoryStream();

            context.User = new ClaimsPrincipal(new List <ClaimsIdentity>
            {
                new ClaimsIdentity(new List <Claim>
                {
                    new Claim(ClaimTypes.NameIdentifier, "john foo")
                }, "federated")
            });

            await middleware.Invoke(context);

            var body = ((MemoryStream)context.Response.Body).ToArray();

            Assert.Equal(200, context.Response.StatusCode);
            Assert.True(body.Length > 0);
        }
Пример #5
0
        public async Task ShouldGenerateSAMLResponseFromIDPInitiated()
        {
            var responseGenerator = new SignInResponseGenerator(new NullLogger <SignInResponseGenerator>(),
                                                                _relyingPartyStore,
                                                                _profileManager,
                                                                _keyManager,
                                                                _options
                                                                );

            var middleware = new Saml20Middleware(
                next: (innerHttpContext) =>
            {
                return(Task.CompletedTask);
            },
                _logger,
                _relyingPartyStore,
                responseGenerator,
                new SamlResponseSerializer(),
                _options
                );

            var context = new DefaultHttpContext();

            context.Request.Path        = "/saml20/idpinitiated";
            context.Request.QueryString = new QueryString("?realm=urn:test");
            context.Request.Method      = "GET";
            context.Response.Body       = new MemoryStream();

            context.User = new ClaimsPrincipal(new List <ClaimsIdentity>
            {
                new ClaimsIdentity(new List <Claim>
                {
                    new Claim(ClaimTypes.NameIdentifier, "john foo")
                }, "federated")
            });

            await middleware.Invoke(context);

            var body = ((MemoryStream)context.Response.Body).ToArray();

            Assert.Equal(200, context.Response.StatusCode);
            Assert.True(body.Length > 0);
        }
Пример #6
0
        public async Task ShouldRedirectIfUserNotAuthenticated()
        {
            var serviceProviderMock = new Mock <IServiceProvider>();

            serviceProviderMock
            .Setup(_ => _.GetService(typeof(IAuthenticationService)))
            .Returns(new MyAuthenticationService());

            var responseGenerator = new SignInResponseGenerator(new NullLogger <SignInResponseGenerator>(),
                                                                _relyingPartyStore,
                                                                _profileManager,
                                                                _keyManager,
                                                                _options
                                                                );

            var middleware = new Saml20Middleware(
                next: (innerHttpContext) =>
            {
                return(Task.CompletedTask);
            },
                _logger,
                _relyingPartyStore,
                responseGenerator,
                new SamlResponseSerializer(),
                _options
                );

            var context = new DefaultHttpContext
            {
                RequestServices = serviceProviderMock.Object
            };

            context.Request.Path        = "/saml20/";
            context.Request.QueryString = new QueryString("?SAMLRequest=fZJPT8MwDMXvSHyHKPeu3QAJorVogBCT%2BFNthQO3LHXbsDQucTrg25N2IMEBri%2FPfj87np%2B%2Ft4btwJFGm%2FLpJOEMrMJS2zrlj8V1dMrPs8ODOcnWdGLR%2B8au4LUH8ixUWhLjQ8p7ZwVK0iSsbIGEV2K9uLsVs0kiOoceFRrOllcp13W1NWjMdoP4YjaNBm2bra3aWpmy1bKralVvG8XZ0zfWbMBaEvWwtOSl9UFKZkmUHEfJWTE9Eicn4mj2zFn%2BlXSh7X6C%2F7A2exOJm6LIo%2FxhXYwNdroEdx%2FcKa8RawMThe0Qn0sivQtyJQ0BZwsicD4AXqKlvgW3BrfTCh5XtylvvO9IxLFBJU2D5GMfdsazcZFinMX92OD%2FpPI7iWeDbeg0j380yr6%2BZ6BeXuVotPpgC2Pw7dKB9AHZuz4QX6Nrpf87azqZjoouo2q0it5SB0pXGkrO4myf%2BvsOwnV8Ag%3D%3D");
            context.Request.Method      = "GET";
            context.Response.Body       = new MemoryStream();

            await middleware.Invoke(context);

            Assert.Equal(301, context.Response.StatusCode);
        }