public void SaveAdminPasswordReturnsFalseIfGettingStreamThrowsUnauthorizedAccessException()
{
// Act
bool passwordSaved = AdminSecurity.SaveTemporaryPassword("password", () => { throw new UnauthorizedAccessException(); });
// Assert
Assert.False(passwordSaved);
}
public RoleInitService(
UserManager <AppUser> userManager,
RoleManager <AppRole> roleManager,
IOptions <AdminSecurity> adminOptions)
{
this.userManager = userManager;
this.roleManager = roleManager;
this.adminSecurity = adminOptions.Value;
}
private static void AssertSecure(
string requestUrl,
bool passwordExists,
bool temporaryPasswordExists,
string expectedUrl
)
{
// Arrange
var vpp = new Mock <VirtualPathProvider>();
if (temporaryPasswordExists)
{
vpp.Setup(m => m.FileExists("~/App_Data/Admin/_Password.config")).Returns(true);
}
if (passwordExists)
{
vpp.Setup(m => m.FileExists("~/App_Data/Admin/Password.config")).Returns(true);
}
string redirectUrl = null;
var response = new Mock <HttpResponseBase>();
response
.Setup(m => m.Redirect(It.IsAny <string>()))
.Callback <string>(url => redirectUrl = url);
var request = new Mock <HttpRequestBase>();
request.Setup(m => m.QueryString).Returns(new NameValueCollection());
request.Setup(m => m.RawUrl).Returns(requestUrl);
var cookies = new HttpCookieCollection();
request.Setup(m => m.Cookies).Returns(cookies);
var context = new Mock <HttpContextBase>();
context.Setup(m => m.Request).Returns(request.Object);
context.Setup(m => m.Response).Returns(response.Object);
var startPage = new Mock <StartPage>()
{
CallBase = true
};
var page = new Mock <WebPageRenderingBase>();
page.Setup(m => m.VirtualPath).Returns(requestUrl);
startPage.Object.ChildPage = page.Object;
page.Setup(m => m.Context).Returns(context.Object);
// Act
AdminSecurity.Authorize(startPage.Object, vpp.Object, MakeAppRelative);
// Assert
Assert.Equal(expectedUrl, redirectUrl);
}
public void HasTemporaryPasswordReturnsFalseIfAdminPasswordFileDoesNotExists()
{
// Arrange
Mock <VirtualPathProvider> mockVpp = new Mock <VirtualPathProvider>();
mockVpp.Setup(m => m.FileExists("~/App_Data/Admin/_Password.config")).Returns(false);
// Act
bool hasPassword = AdminSecurity.HasTemporaryPassword(mockVpp.Object);
// Assert
Assert.False(hasPassword);
}
public void HasAdminPasswordReturnsTrueIfAdminPasswordFileExists()
{
// Arrange
Mock <VirtualPathProvider> mockVpp = new Mock <VirtualPathProvider>();
mockVpp.Setup(m => m.FileExists("~/App_Data/Admin/Password.config")).Returns(true);
// Act
bool hasPassword = AdminSecurity.HasAdminPassword(mockVpp.Object);
// Assert
Assert.True(hasPassword);
}
public void IsAuthenticatedReturnsFalseIfAuthCookieNotInCollection()
{
// Arrange
var mockRequest = new Mock <HttpRequestBase>();
var cookies = new HttpCookieCollection();
mockRequest.Setup(m => m.Cookies).Returns(cookies);
// Act
bool authorized = AdminSecurity.IsAuthenticated(mockRequest.Object);
// Assert
Assert.False(authorized);
}
public void GetAuthAdminCookieCreatesAnAuthTicketWithUserDataSetToAdmin()
{
// Arrange
var cookie = AdminSecurity.GetAuthCookie();
// Act
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(cookie.Value);
// Assert
Assert.Equal(".ASPXADMINAUTH", cookie.Name);
Assert.True(cookie.HttpOnly);
Assert.Equal(2, ticket.Version);
Assert.Equal("ADMIN", ticket.UserData);
}
public void SetAuthCookieAddsAuthCookieToResponseCollection()
{
// Arrange
var mockResponse = new Mock <HttpResponseBase>();
var cookies = new HttpCookieCollection();
mockResponse.Setup(m => m.Cookies).Returns(cookies);
// Act
AdminSecurity.SetAuthCookie(mockResponse.Object);
// Assert
Assert.NotNull(cookies[".ASPXADMINAUTH"]);
}
public void IsAuthenticatedReturnsFalseIfAuthCookieInCollectionAndIsNotAValidAdminAuthCookie()
{
// Arrange
var mockRequest = new Mock <HttpRequestBase>();
var cookies = new HttpCookieCollection();
mockRequest.Setup(m => m.Cookies).Returns(cookies);
cookies.Add(new HttpCookie(".ASPXADMINAUTH", "test"));
// Act
bool authorized = AdminSecurity.IsAuthenticated(mockRequest.Object);
// Assert
Assert.False(authorized);
}
public void IsAuthenticatedReturnsTrueIfAuthCookieIsValid()
{
// Arrange
var mockRequest = new Mock <HttpRequestBase>();
var cookies = new HttpCookieCollection();
mockRequest.Setup(m => m.Cookies).Returns(cookies);
cookies.Add(AdminSecurity.GetAuthCookie());
// Act
bool authorized = AdminSecurity.IsAuthenticated(mockRequest.Object);
// Assert
Assert.True(authorized);
}
public override void Execute()
{
WriteLiteral("\r\n\r\n");
WriteLiteral("\r\n");
#line 5 "..\..\EnableInstructions.cshtml"
Page.Title = AdminResources.SecurityTitle;
if (AdminSecurity.HasAdminPassword())
{
SiteAdmin.RedirectToHome(Response);
return;
}
string url = SiteAdmin.GetRedirectUrl(SiteAdmin.AdminVirtualPath);
#line default
#line hidden
WriteLiteral("\r\n");
#line 16 "..\..\EnableInstructions.cshtml"
Write(Html.Raw(AdminResources.EnableInstructions));
#line default
#line hidden
WriteLiteral("\r\n<br />\r\n<p>\r\n ");
#line 19 "..\..\EnableInstructions.cshtml"
Write(Html.Raw(String.Format(CultureInfo.CurrentCulture, AdminResources.ContinueAfterEnableText, Html.Encode(Href(url)))));
#line default
#line hidden
WriteLiteral("\r\n</p>\r\n\r\n");
}
public void CheckPasswordReturnsTrueIfPasswordIsValid()
{
// Arrange
var ms = new MemoryStream();
var writer = new StreamWriter(ms);
writer.WriteLine(Crypto.HashPassword("password"));
writer.Flush();
ms.Seek(0, SeekOrigin.Begin);
// Act
bool passwordIsValid = AdminSecurity.CheckPassword("password", () => ms);
// Assert
Assert.True(passwordIsValid);
writer.Close();
}
public void SaveAdminPasswordUsesCryptoToWritePasswordAndSalt()
{
// Arrange
var password = "******";
MemoryStream ms = new MemoryStream();
// Act
bool passwordSaved = AdminSecurity.SaveTemporaryPassword(password, () => ms);
// Assert
Assert.True(passwordSaved);
string savedPassword = Encoding.Default.GetString(ms.ToArray());
// Trim everything after the new line. Cannot use the properties from the stream since it is already closed by the writer.
savedPassword = savedPassword.Substring(0, savedPassword.IndexOf(Environment.NewLine));
Assert.True(Crypto.VerifyHashedPassword(savedPassword, password));
}
