public void CommandResultExtensions_DoesNotApplyCookieWhenNoNameSet() { var cr = new CommandResult() { RequestState = new StoredRequestState( new EntityId("http://idp.example.com"), new Uri("http://sp.example.com/loggedout"), new Saml2Id("id123"), null), SetCookieName = null }; var context = OwinTestHelpers.CreateOwinContext(); var dataProtector = new StubDataProtector(); cr.Apply(context, dataProtector); var setCookieHeader = context.Response.Headers["Set-Cookie"]; var protectedData = HttpRequestData.ConvertBinaryData( StubDataProtector.Protect(cr.GetSerializedRequestState())); setCookieHeader.Should().Be(null); }
public async Task OwinContextExtensionsTests_ToHttpRequestData_ReadsRelayStateCookie() { var ctx = OwinTestHelpers.CreateOwinContext(); ctx.Request.QueryString = new QueryString("RelayState", "SomeState"); var cookieData = "???>>>Some_Cookie_Data"; var protectedData = StubDataProtector.Protect(cookieData); ctx.Request.Headers["Cookie"] = $"Kentor.SomeState={protectedData}"; var actual = await ctx.ToHttpRequestData(StubDataProtector.Unprotect); actual.CookieData.Should().Be(cookieData); }
public async Task OwinContextExtensionsTests_ToHttpRequestData_ReadsRelayStateCookie() { var ctx = OwinTestHelpers.CreateOwinContext(); ctx.Request.QueryString = new QueryString("RelayState", "SomeState"); var storedRequestState = new StoredRequestState( null, new Uri("http://sp.example.com"), null, null); var cookieData = HttpRequestData.ConvertBinaryData( StubDataProtector.Protect(storedRequestState.Serialize())); ctx.Request.Headers["Cookie"] = $"Kentor.SomeState={cookieData}"; var actual = await ctx.ToHttpRequestData(StubDataProtector.Unprotect); actual.StoredRequestState.ShouldBeEquivalentTo(storedRequestState); }
public void CommandResultExtensions_Apply_Cookie() { var cr = new CommandResult() { SetCookieData = "???>>>SomeData", SetCookieName = "CookieName" }; var context = OwinTestHelpers.CreateOwinContext(); var dataProtector = new StubDataProtector(); cr.Apply(context, dataProtector); var setCookieHeader = context.Response.Headers["Set-Cookie"]; var protectedData = StubDataProtector.Protect(cr.SetCookieData); var expected = $"CookieName={protectedData}; path=/; HttpOnly"; setCookieHeader.Should().Be(expected); }