private async Task <IUser> GetCurrentUserAsync(WopiRequest wopiRequest, CancellationToken cancellationToken) { var tokenValue = wopiRequest.AccessTokenValue; var contentId = wopiRequest is FilesRequest fileRequest?int.Parse(fileRequest.FileId) : 0; var token = await AccessTokenVault.GetTokenAsync(tokenValue, contentId, AccessTokenFeatureName, cancellationToken) .ConfigureAwait(false); if (token == null) { throw new UnauthorizedAccessException(); // 404 } using (new SystemAccount()) { if (await Node.LoadNodeAsync(token.UserId, cancellationToken).ConfigureAwait(false) is IUser user) { // TODO: This method only sets the User.Current property in sensenet, not the // main context User in Asp.Net. Check if it would be better if we changed // or modified the context user earlier in the pipeline. return(user); } } return(null); }
public async Task AccessToken_Get_ForUser() { await NoRepoIntegrationTestAsync(async() => { await AccessTokenVault.DeleteAllAccessTokensAsync(CancellationToken.None); var userId = 42; var timeout = TimeSpan.FromMinutes(10); var savedToken = await AccessTokenVault.CreateTokenAsync(userId, timeout, CancellationToken.None); // ACTION var token = await AccessTokenVault.GetTokenAsync(savedToken.Value, CancellationToken.None); // ASSERT AssertTokensAreEqual(savedToken, token); }); }
public async Task AccessToken_Get_Expired() { await NoRepoIntegrationTestAsync(async() => { await AccessTokenVault.DeleteAllAccessTokensAsync(CancellationToken.None); var userId = 42; var timeout = TimeSpan.FromMilliseconds(1); var savedToken = await AccessTokenVault.CreateTokenAsync(userId, timeout, CancellationToken.None); // ACTION Thread.Sleep(10); var token = await AccessTokenVault.GetTokenAsync(savedToken.Value, CancellationToken.None); // ASSERT Assert.IsNull(token); }); }
public async Task AccessToken_Update() { await NoRepoIntegrationTestAsync(async() => { await AccessTokenVault.DeleteAllAccessTokensAsync(CancellationToken.None); var userId = 42; var timeout = TimeSpan.FromMinutes(10.0d); var savedToken = await AccessTokenVault.CreateTokenAsync(userId, timeout, CancellationToken.None); Assert.IsTrue(savedToken.ExpirationDate < DateTime.UtcNow.AddMinutes(20.0d)); // ACTION await AccessTokenVault.UpdateTokenAsync(savedToken.Value, DateTime.UtcNow.AddMinutes(30.0d), CancellationToken.None); // ASSERT var loadedToken = await AccessTokenVault.GetTokenAsync(savedToken.Value, CancellationToken.None); Assert.IsNotNull(loadedToken); Assert.IsTrue(loadedToken.ExpirationDate > DateTime.UtcNow.AddMinutes(20.0d)); }); }
public async Task AccessToken_Get_ForUserContentAndFeature() { await NoRepoIntegrationTestAsync(async() => { await AccessTokenVault.DeleteAllAccessTokensAsync(CancellationToken.None); var userId = 42; var contentId = 142; var feature = "Feature1"; var timeout = TimeSpan.FromMinutes(10); var savedToken = await AccessTokenVault.CreateTokenAsync(userId, timeout, contentId, feature, CancellationToken.None); // ACTION var token = await AccessTokenVault.GetTokenAsync(savedToken.Value, contentId, feature, CancellationToken.None); // ASSERT AssertTokensAreEqual(savedToken, token); Assert.IsNull(await AccessTokenVault.GetTokenAsync(savedToken.Value, CancellationToken.None)); Assert.IsNull(await AccessTokenVault.GetTokenAsync(savedToken.Value, 0, feature, CancellationToken.None)); Assert.IsNull(await AccessTokenVault.GetTokenAsync(savedToken.Value, contentId, CancellationToken.None)); }); }