public void AuthenticationTimeUtcConvertsToUtc() {
PolicyResponse resp = new PolicyResponse();
resp.AuthenticationTimeUtc = someLocalTime;
Assert.IsNotNull(resp.AuthenticationTimeUtc);
Assert.AreEqual(DateTimeKind.Utc, resp.AuthenticationTimeUtc.Value.Kind);
Assert.AreEqual(someLocalTime.ToUniversalTime(), resp.AuthenticationTimeUtc.Value);
}
public void Ctor() {
PolicyResponse resp = new PolicyResponse();
Assert.IsNotNull(resp.ActualPolicies);
Assert.AreEqual(0, resp.ActualPolicies.Count);
Assert.IsNull(resp.AuthenticationTimeUtc);
Assert.IsNull(resp.NistAssuranceLevel);
}
public void AddPolicies() {
PolicyResponse resp = new PolicyResponse();
resp.ActualPolicies.Add(AuthenticationPolicies.MultiFactor);
resp.ActualPolicies.Add(AuthenticationPolicies.PhishingResistant);
Assert.AreEqual(2, resp.ActualPolicies.Count);
Assert.AreEqual(AuthenticationPolicies.MultiFactor, resp.ActualPolicies[0]);
Assert.AreEqual(AuthenticationPolicies.PhishingResistant, resp.ActualPolicies[1]);
}
public void NistAssuranceLevelSetVarious() {
PolicyResponse resp = new PolicyResponse();
resp.NistAssuranceLevel = NistAssuranceLevel.Level1;
Assert.AreEqual(NistAssuranceLevel.Level1, resp.NistAssuranceLevel);
resp.NistAssuranceLevel = null;
Assert.IsNull(resp.NistAssuranceLevel);
resp.NistAssuranceLevel = NistAssuranceLevel.InsufficientForLevel1;
Assert.AreEqual(NistAssuranceLevel.InsufficientForLevel1, resp.NistAssuranceLevel);
}
public void AuthenticationTimeUtcSetNull() {
PolicyResponse resp = new PolicyResponse();
resp.AuthenticationTimeUtc = null;
Assert.IsNull(resp.AuthenticationTimeUtc);
resp.AuthenticationTimeUtc = someUtcTime;
Assert.IsNotNull(resp.AuthenticationTimeUtc);
resp.AuthenticationTimeUtc = null;
Assert.IsNull(resp.AuthenticationTimeUtc);
}
public void AddPolicyMultipleTimes() {
// Although this isn't really the desired behavior (we'd prefer to see an
// exception thrown), since we're using a List<string> internally we can't
// expect anything better (for now). But if this is ever fixed, by all means
// change this test to expect an exception or something else.
PolicyResponse resp = new PolicyResponse();
resp.ActualPolicies.Add(AuthenticationPolicies.MultiFactor);
resp.ActualPolicies.Add(AuthenticationPolicies.MultiFactor);
Assert.AreEqual(2, resp.ActualPolicies.Count);
}
protected void Yes_Click(Object sender, EventArgs e) {
var sregRequest = ProviderEndpoint.PendingAuthenticationRequest.GetExtension<ClaimsRequest>();
ClaimsResponse sregResponse = null;
if (sregRequest != null) {
sregResponse = profileFields.GetOpenIdProfileFields(sregRequest);
ProviderEndpoint.PendingAuthenticationRequest.AddResponseExtension(sregResponse);
}
var papeRequest = ProviderEndpoint.PendingAuthenticationRequest.GetExtension<PolicyRequest>();
PolicyResponse papeResponse = null;
if (papeRequest != null) {
papeResponse = new PolicyResponse();
papeResponse.NistAssuranceLevel = NistAssuranceLevel.InsufficientForLevel1;
ProviderEndpoint.PendingAuthenticationRequest.AddResponseExtension(papeResponse);
}
ProviderEndpoint.PendingAuthenticationRequest.IsAuthenticated = true;
Debug.Assert(ProviderEndpoint.PendingAuthenticationRequest.IsResponseReady);
ProviderEndpoint.PendingAuthenticationRequest.Response.Send();
ProviderEndpoint.PendingAuthenticationRequest = null;
}
/// <summary>
/// Tests equality between two <see cref="PolicyResponse"/> instances.
/// </summary>
public override bool Equals(object obj)
{
PolicyResponse other = obj as PolicyResponse;
if (other == null)
{
return(false);
}
if (AuthenticationTimeUtc != other.AuthenticationTimeUtc)
{
return(false);
}
if (AssuranceLevels.Count != other.AssuranceLevels.Count)
{
return(false);
}
foreach (var pair in AssuranceLevels)
{
if (!other.AssuranceLevels.Contains(pair))
{
return(false);
}
}
if (ActualPolicies.Count != other.ActualPolicies.Count)
{
return(false);
}
foreach (string policy in ActualPolicies)
{
if (!other.ActualPolicies.Contains(policy))
{
return(false);
}
}
return(true);
}
public void DeserializeEmpty()
{
PolicyResponse resp = new PolicyResponse();
Assert.IsFalse(((IExtensionResponse)resp).Deserialize(new Dictionary<string, string>(), null, Constants.TypeUri));
}
public void AuthenticationTimeUtcSetUtc()
{
PolicyResponse resp = new PolicyResponse();
resp.AuthenticationTimeUtc = someUtcTime;
Assert.AreEqual(someUtcTime, resp.AuthenticationTimeUtc);
}
public void AuthenticationTimeUtcSetUnspecified()
{
PolicyResponse resp = new PolicyResponse();
resp.AuthenticationTimeUtc = someUnspecifiedTime;
}
public void SerializeRoundTrip()
{
// This test relies on the PolicyResponse.Equals method. If this and that test
// are failing, work on EqualsTest first.
// Most basic test
PolicyResponse resp = new PolicyResponse(), resp2 = new PolicyResponse();
var fields = ((IExtensionResponse)resp).Serialize(null);
Assert.IsTrue(((IExtensionResponse)resp2).Deserialize(fields, null, Constants.TypeUri));
Assert.AreEqual(resp, resp2);
// Test with all fields set
resp2 = new PolicyResponse();
resp.ActualPolicies.Add(AuthenticationPolicies.MultiFactor);
resp.AuthenticationTimeUtc = someUtcTime;
resp.NistAssuranceLevel = NistAssuranceLevel.Level2;
fields = ((IExtensionResponse)resp).Serialize(null);
Assert.IsTrue(((IExtensionResponse)resp2).Deserialize(fields, null, Constants.TypeUri));
Assert.AreEqual(resp, resp2);
// Test with an extra policy
resp2 = new PolicyResponse();
resp.ActualPolicies.Add(AuthenticationPolicies.PhishingResistant);
fields = ((IExtensionResponse)resp).Serialize(null);
Assert.IsTrue(((IExtensionResponse)resp2).Deserialize(fields, null, Constants.TypeUri));
Assert.AreEqual(resp, resp2);
// Test with a policy added twice. We should see it intelligently leave one of
// the doubled policies out.
resp2 = new PolicyResponse();
resp.ActualPolicies.Add(AuthenticationPolicies.PhishingResistant);
fields = ((IExtensionResponse)resp).Serialize(null);
Assert.IsTrue(((IExtensionResponse)resp2).Deserialize(fields, null, Constants.TypeUri));
Assert.AreNotEqual(resp, resp2);
// Now go ahead and add the doubled one so we can do our equality test.
resp2.ActualPolicies.Add(AuthenticationPolicies.PhishingResistant);
Assert.AreEqual(resp, resp2);
}
public void EqualsTest()
{
PolicyResponse resp = new PolicyResponse();
PolicyResponse resp2 = new PolicyResponse();
Assert.AreEqual(resp, resp2);
Assert.AreNotEqual(resp, null);
Assert.AreNotEqual(null, resp);
// Test ActualPolicies list comparison
resp.ActualPolicies.Add(AuthenticationPolicies.PhishingResistant);
Assert.AreNotEqual(resp, resp2);
resp2.ActualPolicies.Add(AuthenticationPolicies.MultiFactor);
Assert.AreNotEqual(resp, resp2);
resp2.ActualPolicies.Clear();
resp2.ActualPolicies.Add(AuthenticationPolicies.PhishingResistant);
Assert.AreEqual(resp, resp2);
// Test ActualPolicies list comparison when that list is not in the same order.
resp.ActualPolicies.Add(AuthenticationPolicies.MultiFactor);
Assert.AreNotEqual(resp, resp2);
resp2.ActualPolicies.Insert(0, AuthenticationPolicies.MultiFactor);
Assert.AreEqual(resp, resp2);
// Test AuthenticationTimeUtc comparison.
resp.AuthenticationTimeUtc = DateTime.Now;
Assert.AreNotEqual(resp, resp2);
resp2.AuthenticationTimeUtc = resp.AuthenticationTimeUtc;
Assert.AreEqual(resp, resp2);
resp2.AuthenticationTimeUtc += TimeSpan.FromSeconds(1);
Assert.AreNotEqual(resp, resp2);
resp2.AuthenticationTimeUtc = resp.AuthenticationTimeUtc;
Assert.AreEqual(resp, resp2);
// Test NistAssuranceLevel comparison.
resp.NistAssuranceLevel = NistAssuranceLevel.InsufficientForLevel1;
Assert.AreNotEqual(resp, resp2);
resp2.NistAssuranceLevel = NistAssuranceLevel.InsufficientForLevel1;
Assert.AreEqual(resp, resp2);
resp.NistAssuranceLevel = NistAssuranceLevel.Level2;
Assert.AreNotEqual(resp, resp2);
resp2.NistAssuranceLevel = NistAssuranceLevel.Level2;
Assert.AreEqual(resp, resp2);
}
public void DeserializeNull()
{
PolicyResponse resp = new PolicyResponse();
Assert.IsFalse(((IExtensionResponse)resp).Deserialize(null, null, Constants.TypeUri));
}
public void AssuranceLevels() {
PolicyResponse resp = new PolicyResponse();
Assert.AreEqual(0, resp.AssuranceLevels.Count);
resp.NistAssuranceLevel = NistAssuranceLevel.Level2;
Assert.AreEqual(1, resp.AssuranceLevels.Count);
Assert.AreEqual("2", resp.AssuranceLevels[Constants.AuthenticationLevels.NistTypeUri]);
resp.AssuranceLevels[Constants.AuthenticationLevels.NistTypeUri] = "3";
Assert.AreEqual(NistAssuranceLevel.Level3, resp.NistAssuranceLevel);
resp.AssuranceLevels.Clear();
Assert.IsNull(resp.NistAssuranceLevel);
}
public void Serialize() {
PolicyResponse resp = new PolicyResponse(), resp2 = new PolicyResponse();
var fields = ((IExtensionResponse)resp).Serialize(null);
Assert.AreEqual(1, fields.Count);
Assert.IsTrue(fields.ContainsKey("auth_policies"));
Assert.AreEqual(AuthenticationPolicies.None, fields["auth_policies"]);
resp.ActualPolicies.Add(AuthenticationPolicies.PhishingResistant);
fields = ((IExtensionResponse)resp).Serialize(null);
Assert.AreEqual(1, fields.Count);
Assert.AreEqual(AuthenticationPolicies.PhishingResistant, fields["auth_policies"]);
resp.ActualPolicies.Add(AuthenticationPolicies.PhysicalMultiFactor);
fields = ((IExtensionResponse)resp).Serialize(null);
Assert.AreEqual(1, fields.Count);
Assert.AreEqual(
AuthenticationPolicies.PhishingResistant + " " + AuthenticationPolicies.PhysicalMultiFactor,
fields["auth_policies"]);
resp.AuthenticationTimeUtc = DateTime.UtcNow;
fields = ((IExtensionResponse)resp).Serialize(null);
Assert.AreEqual(2, fields.Count);
Assert.IsTrue(fields.ContainsKey("auth_time"));
resp.NistAssuranceLevel = NistAssuranceLevel.Level3;
fields = ((IExtensionResponse)resp).Serialize(null);
Assert.AreEqual(4, fields.Count);
Assert.IsTrue(fields.ContainsKey("auth_level.ns.nist"));
Assert.AreEqual(Constants.AuthenticationLevels.NistTypeUri, fields["auth_level.ns.nist"]);
Assert.IsTrue(fields.ContainsKey("auth_level.nist"));
Assert.AreEqual("3", fields["auth_level.nist"]);
resp.AssuranceLevels.Add("custom", "CU");
fields = ((IExtensionResponse)resp).Serialize(null);
Assert.AreEqual(6, fields.Count);
Assert.IsTrue(fields.ContainsKey("auth_level.ns.alias2"));
Assert.AreEqual("custom", fields["auth_level.ns.alias2"]);
Assert.IsTrue(fields.ContainsKey("auth_level.alias2"));
Assert.AreEqual("CU", fields["auth_level.alias2"]);
// and make sure the NIST is still there.
Assert.IsTrue(fields.ContainsKey("auth_level.ns.nist"));
Assert.AreEqual(Constants.AuthenticationLevels.NistTypeUri, fields["auth_level.ns.nist"]);
Assert.IsTrue(fields.ContainsKey("auth_level.nist"));
Assert.AreEqual("3", fields["auth_level.nist"]);
}
