public LevelConfigurationFunctions()
{
var issuerToken = Environment.GetEnvironmentVariable("IssuerToken");
var audience = Environment.GetEnvironmentVariable("Audience");
var issuer = Environment.GetEnvironmentVariable("Issuer");
_tokenCreator = new AccessTokenCreator(issuerToken, audience, issuer);
_tokenProvider = new AccessTokenProvider(issuerToken, audience, issuer);
}
public void CreateTokenTest()
{
// poco mock object
var userId = 1;
var userIdSalt = new byte[24];
var tokenSalt = new byte[24];
var guid = new Guid("892821c7-ea89-40b7-abe0-2c8c4a521349");
var encryptedGuid = "encrypted-guid";
var encryptedUserId = "dummy-encrypted-user-id";
var accessToken = new AccessToken();
var issuedAt = new DateTime(2014, 11, 21, 14, 55, 33);
var hashedToken = new PasswordHash.HashInfo
{
Hash = encryptedGuid,
Iterations = 1000,
Method = "sha1",
Salt = Convert.ToBase64String(tokenSalt)
};
// declare mocks
var mockContainer = MockRepository.GenerateStub <IContainer>();
var mockPasswordHash = MockRepository.GenerateStub <IPasswordHash>();
var mockTokenStorage = MockRepository.GenerateStub <ITokenStorage>();
var mockDateHelper = MockRepository.GenerateStub <IDateHelper>();
var mockOpenGuid = MockRepository.GenerateStub <IOpenGuid>();
var mockEcrypter = MockRepository.GenerateStub <IEncrypter>();
// stub all mock calls
mockContainer.Stub(x => x.GetInstance <IAccessToken>()).Return(accessToken);
mockContainer.Stub(x => x.GetInstance <IPasswordHash>()).Return(mockPasswordHash);
mockOpenGuid.Stub(x => x.New()).Return(guid);
mockPasswordHash.Stub(x => x.CreateHash(guid.ToString())).Return(hashedToken);
mockEcrypter.Stub(x => x.GetSalt()).Return(userIdSalt);
mockEcrypter.Stub(x => x.Encrypt("1", userIdSalt)).Return(encryptedUserId);
mockTokenStorage.Stub(x => x.StoreToken(userId, hashedToken, encryptedUserId, userIdSalt, issuedAt)).Return(true);
mockDateHelper.Stub(x => x.Now).Return(issuedAt);
// create test object and call test method
var accessTokenCreator = new AccessTokenCreator(mockContainer, mockTokenStorage, mockEcrypter, mockDateHelper, mockOpenGuid);
var accessTokenResult = accessTokenCreator.Create(1);
// verify stub methods are called
mockContainer.AssertWasCalled(x => x.GetInstance <IAccessToken>());
mockContainer.AssertWasCalled(x => x.GetInstance <IPasswordHash>());
mockOpenGuid.AssertWasCalled(x => x.New());
mockPasswordHash.AssertWasCalled(x => x.CreateHash(guid.ToString()));
mockEcrypter.AssertWasCalled(x => x.GetSalt());
mockEcrypter.AssertWasCalled(x => x.Encrypt("1", userIdSalt));
mockTokenStorage.AssertWasCalled(x => x.StoreToken(userId, hashedToken, encryptedUserId, userIdSalt, issuedAt));
// asserts
Assert.AreEqual(encryptedGuid, accessTokenResult.Token);
Assert.AreEqual(issuedAt, accessTokenResult.IssuedAt);
}
public OrganisationInviteFunctions()
{
//var issuerToken = Environment.GetEnvironmentVariable("IssuerToken");
//var audience = Environment.GetEnvironmentVariable("Audience");
//var issuer = Environment.GetEnvironmentVariable("Issuer");
var issuerToken = TemporaryEnvironmentVariables.GetIssuerToken();
var audience = TemporaryEnvironmentVariables.GetAudience();
var issuer = TemporaryEnvironmentVariables.GetIssuer();
_tokenCreator = new AccessTokenCreator(issuerToken, audience, issuer);
_tokenProvider = new AccessTokenProvider(issuerToken, audience, issuer);
}
public void CreateTokenUnknownExceptionTest()
{
// poco mock object
var userIdSalt = new byte[24];
var tokenSalt = new byte[24];
var guid = new Guid("892821c7-ea89-40b7-abe0-2c8c4a521349");
var encryptedGuid = "encrypted-guid";
var encryptedUserId = "dummy-encrypted-user-id";
var accessToken = new AccessToken();
var hashedToken = new PasswordHash.HashInfo
{
Hash = encryptedGuid,
Iterations = 1000,
Method = "sha1",
Salt = Convert.ToBase64String(tokenSalt)
};
// declare mocks
var mockContainer = MockRepository.GenerateStub <IContainer>();
var mockPasswordHash = MockRepository.GenerateStub <IPasswordHash>();
var mockTokenStorage = MockRepository.GenerateStub <ITokenStorage>();
var mockDateHelper = MockRepository.GenerateStub <IDateHelper>();
var mockOpenGuid = MockRepository.GenerateStub <IOpenGuid>();
var mockEcrypter = MockRepository.GenerateStub <IEncrypter>();
// stub all mock calls
mockContainer.Stub(x => x.GetInstance <IAccessToken>()).Return(accessToken);
mockContainer.Stub(x => x.GetInstance <IPasswordHash>()).Return(mockPasswordHash);
mockOpenGuid.Stub(x => x.New()).Return(guid);
mockPasswordHash.Stub(x => x.CreateHash(guid.ToString())).Throw(new Exception("Unknown exception"));
// create test object and call test method
var accessTokenCreator = new AccessTokenCreator(mockContainer, mockTokenStorage, mockEcrypter, mockDateHelper, mockOpenGuid);
Assert.Throws <Exception>(() => accessTokenCreator.Create(1));
// verify stub methods are called
// verify stub methods are called
mockContainer.AssertWasCalled(x => x.GetInstance <IAccessToken>());
mockContainer.AssertWasCalled(x => x.GetInstance <IPasswordHash>());
mockOpenGuid.AssertWasCalled(x => x.New());
mockPasswordHash.AssertWasCalled(x => x.CreateHash(guid.ToString()));
}
public void TestTokenFailedValidation()
{
// Arrange
var key = "0844AB5B0222F2E5D497BAC5FAF6CCD573E1C8BF1DF267F5B507F8EC985578D8";
var audience = "https://localhost:7071";
var issuer = "MyAudience";
var tokenCreator = new AccessTokenCreator(key, audience, issuer);
var newToken = tokenCreator.CreateToken(Guid.NewGuid());
key = "0844AB5B0222F2E5D497BAC5FAF6CCD573E1C8BF1DF267F5B507F8EC985578D7";
// Act
bool validated = false;
try
{
// Create the parameters
var tokenParams = new TokenValidationParameters()
{
RequireSignedTokens = true,
ValidAudience = audience,
ValidateAudience = true,
ValidIssuer = issuer,
ValidateIssuer = true,
ValidateIssuerSigningKey = true,
ValidateLifetime = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(key))
};
// Validate the token
var handler = new JwtSecurityTokenHandler();
var result = handler.ValidateToken(newToken, tokenParams, out var securityToken);
validated = true;
}
catch (Exception ex)
{
validated = false;
}
//Assert
Assert.False(validated);
}
public void ReAuthenticateFailsTest()
{
// poco mock object
var userId = 1;
var userIdSalt = new byte[24];
var tokenSalt = new byte[24];
var guid = new Guid("892821c7-ea89-40b7-abe0-2c8c4a521349");
var guid2 = new Guid("792821c7-ea89-40b7-abe0-2c8c4a521349");
var encryptedGuid = "encrypted-guid";
var encryptedGuid2 = "encrypted-guid2";
var encryptedUserId = "dummy-encrypted-user-id";
var encryptedUserId2 = "dummy-encrypted-user-id2";
var accessToken = new AccessToken();
var accessToken2 = new AccessToken();
var issuedAt = new DateTime(2014, 11, 21, 13, 55, 33);
var now = new DateTime(2014, 11, 21, 14, 55, 33);
var hashedToken = new PasswordHash.HashInfo
{
Hash = encryptedGuid,
Iterations = 1000,
Method = "sha1",
Salt = Convert.ToBase64String(tokenSalt)
};
var hashedToken2 = new PasswordHash.HashInfo
{
Hash = encryptedGuid2,
Iterations = 1000,
Method = "sha1",
Salt = Convert.ToBase64String(tokenSalt)
};
// declare mocks
var mockContainer = MockRepository.GenerateStub <IContainer>();
var mockPasswordHash = MockRepository.GenerateStub <IPasswordHash>();
var mockTokenStorage = MockRepository.GenerateStub <ITokenStorage>();
var mockDateHelper = MockRepository.GenerateStub <IDateHelper>();
var mockOpenGuid = MockRepository.GenerateStub <IOpenGuid>();
var mockEcrypter = MockRepository.GenerateStub <IEncrypter>();
string tokenIdOut;
var issuedAtOutRef = new DateTime(2014, 11, 21, 13, 55, 33);
var refreshedOutRef = new DateTime(2014, 11, 21, 13, 55, 33);
DateTime issuedAtOut, refreshedOut;
// stub all mock calls
mockContainer.Stub(x => x.GetInstance <IAccessToken>()).Return(accessToken).Repeat.Once();
mockContainer.Stub(x => x.GetInstance <IPasswordHash>()).Return(mockPasswordHash).Repeat.Times(2);
mockTokenStorage.Stub(x => x.VerifyTokenExistence(userId, out tokenIdOut, out issuedAtOut, out refreshedOut))
.OutRef(new object[] { encryptedUserId, issuedAtOutRef, refreshedOutRef })
.Return(false).Repeat.Once();
mockOpenGuid.Stub(x => x.New()).Return(guid).Repeat.Once();
mockPasswordHash.Stub(x => x.CreateHash(guid.ToString())).Return(hashedToken).Repeat.Once();
mockEcrypter.Stub(x => x.GetSalt()).Return(userIdSalt).Repeat.Once();
mockEcrypter.Stub(x => x.Encrypt("1", userIdSalt)).Return(encryptedUserId).Repeat.Once();
mockDateHelper.Stub(x => x.Now).Return(issuedAt).Repeat.Once();
mockTokenStorage.Stub(x => x.StoreToken(userId, hashedToken, encryptedUserId, userIdSalt, issuedAt)).Return(true).Repeat.Once();
mockContainer.Stub(x => x.GetInstance <IAccessToken>()).Return(accessToken2).Repeat.Once();
mockTokenStorage.Stub(x => x.VerifyTokenExistence(userId, out tokenIdOut, out issuedAtOut, out refreshedOut))
.OutRef(new object[] { encryptedUserId, issuedAtOutRef, refreshedOutRef })
.Return(true).Repeat.Once();
mockDateHelper.Stub(x => x.IsWithinTimeOutLimit(refreshedOutRef)).Return(false).Repeat.Once();
mockDateHelper.Stub(x => x.Now).Return(now).Repeat.Once();
mockOpenGuid.Stub(x => x.New()).Return(guid2).Repeat.Once();
mockPasswordHash.Stub(x => x.CreateHash(guid2.ToString())).Return(hashedToken2).Repeat.Once();
mockEcrypter.Stub(x => x.GetSalt()).Return(userIdSalt).Repeat.Once();
mockEcrypter.Stub(x => x.Encrypt("1", userIdSalt)).Return(encryptedUserId2).Repeat.Once();
mockDateHelper.Stub(x => x.Now).Return(now).Repeat.Once();
mockTokenStorage.Stub(x => x.StoreToken(userId, hashedToken2, encryptedUserId2, userIdSalt, now)).Return(true).Repeat.Once();
// create test object and call test method
var accessTokenCreator = new AccessTokenCreator(mockContainer, mockTokenStorage, mockEcrypter, mockDateHelper, mockOpenGuid);
var accessTokenResult = accessTokenCreator.Create(1);
// verify stub methods are called
mockContainer.AssertWasCalled(x => x.GetInstance <IAccessToken>());
mockContainer.AssertWasCalled(x => x.GetInstance <IPasswordHash>());
mockTokenStorage.AssertWasCalled(x => x.VerifyTokenExistence(userId, out tokenIdOut, out issuedAtOut, out refreshedOut));
mockOpenGuid.AssertWasCalled(x => x.New());
mockPasswordHash.AssertWasCalled(x => x.CreateHash(guid.ToString()));
mockEcrypter.AssertWasCalled(x => x.GetSalt());
mockEcrypter.AssertWasCalled(x => x.Encrypt("1", userIdSalt));
mockTokenStorage.AssertWasCalled(x => x.StoreToken(userId, hashedToken, encryptedUserId, userIdSalt, issuedAt));
// asserts
Assert.AreEqual(encryptedGuid, accessTokenResult.Token);
Assert.AreEqual(issuedAt, accessTokenResult.IssuedAt);
var accessTokenResult2 = accessTokenCreator.Create(1);
// verify stub methods are called
mockContainer.AssertWasCalled(x => x.GetInstance <IAccessToken>());
mockContainer.AssertWasCalled(x => x.GetInstance <IPasswordHash>());
mockTokenStorage.AssertWasCalled(x => x.VerifyTokenExistence(userId, out tokenIdOut, out issuedAtOut, out refreshedOut));
mockOpenGuid.AssertWasCalled(x => x.New());
mockPasswordHash.AssertWasCalled(x => x.CreateHash(guid2.ToString()));
mockEcrypter.AssertWasCalled(x => x.GetSalt());
mockEcrypter.AssertWasCalled(x => x.Encrypt("1", userIdSalt));
mockTokenStorage.AssertWasCalled(x => x.StoreToken(userId, hashedToken2, encryptedUserId2, userIdSalt, now));
mockOpenGuid.VerifyAllExpectations();
Assert.AreNotEqual(accessTokenResult2.Token, accessTokenResult.Token);
Assert.AreNotEqual(accessTokenResult2.IssuedAt, accessTokenResult.IssuedAt);
Assert.AreEqual(encryptedGuid2, accessTokenResult2.Token);
Assert.AreEqual(now, accessTokenResult2.IssuedAt);
}
