public async Task AuthenticateAsync_WhenAccessTokenExpired_ThenAccessTokenRefreshed()
        {
            // Arrange
            string authMeResponse = "[{'access_token': '', 'user_id': '*****@*****.**', 'user_claims': [{'typ': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname', 'val': 'Fred' }]}]";
            string graphResponse  = "{'@odata.context': 'https://graph.microsoft.com/v1.0/$metadata#groups(id,displayName,securityEnabled)','value': [{'id': 'e73a963b-059e-45e4-acb1-f3fe748f93a4','displayName': 'TestGroup','securityEnabled': true}]}";

            MockHttpMessageHandler authMessageHandler = new MockHttpMessageHandler();

            authMessageHandler
            .Expect(HttpMethod.Get, "https://test.com/.auth/refresh")
            .Respond(HttpStatusCode.OK);

            authMessageHandler
            .Expect(HttpMethod.Get, "https://test.com/.auth/me")
            .Respond("application/json", authMeResponse);

            MockHttpMessageHandler graphMessageHandler = CreateStandardGraphMessageHandler(graphResponse);

            AzureAuthenticationHandler handler = await CreateAzureAuthenticationHandler(authMessageHandler, graphMessageHandler, DateTime.Now.AddMinutes(-5));

            // Act
            AuthenticateResult result = await handler.AuthenticateAsync();

            // Assert
            result.Succeeded.Should().BeTrue();
            authMessageHandler.VerifyNoOutstandingExpectation();
        }
        public async Task AuthenticateAsync_WhenUserKnown_ThenSuccessfulAuthentication()
        {
            // Arrange
            string authMeResponse = "[{'access_token': '', 'user_id': '*****@*****.**', 'user_claims': [{'typ': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname', 'val': 'Fred' }]}]";
            string graphResponse  = "{'@odata.context': 'https://graph.microsoft.com/v1.0/$metadata#groups(id,displayName,securityEnabled)','value': [{'id': 'e73a963b-059e-45e4-acb1-f3fe748f93a4','displayName': 'TestGroup','securityEnabled': true}]}";
            AzureAuthenticationHandler handler = await CreateAzureAuthenticationHandler(authMeResponse, graphResponse, DateTime.Now.AddMinutes(30));

            // Act
            AuthenticateResult result = await handler.AuthenticateAsync();

            // Assert
            result.Succeeded.Should().BeTrue();
            result.Ticket.Principal.Identity.Name.Should().Be("*****@*****.**");
            result.Ticket.Principal.HasClaim(c => c.Type == ClaimTypes.GivenName && c.Value == "Fred");
            result.Ticket.Principal.HasClaim(c => c.Type == Constants.GroupsClaimType && c.Value == "e73a963b-059e-45e4-acb1-f3fe748f93a4");
        }
        public async Task AuthenticateAsync_WhenAuthMeJsonInvalid_ThenAuthenticationFails()
        {
            // Arrange
            string authMeResponse = "[{'access_token': '',";
            MockHttpMessageHandler authMessageHandler = CreateStandardAuthMessageHandler(authMeResponse);

            MockHttpMessageHandler graphMessageHandler = CreateStandardGraphMessageHandler("");

            AzureAuthenticationHandler handler = await CreateAzureAuthenticationHandler(authMessageHandler, graphMessageHandler, DateTime.Now.AddMinutes(5));

            // Act
            AuthenticateResult result = await handler.AuthenticateAsync();

            // Assert
            result.Succeeded.Should().BeFalse();
        }
        public async Task AuthenticateAsync_WhenGraphCallReturnsInvalidJson_ThenAuthenticationFails()
        {
            // Arrange
            string authMeResponse = "[{'access_token': '', 'user_id': '*****@*****.**', 'user_claims': [{'typ': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname', 'val': 'Fred' }]}]";
            MockHttpMessageHandler authMessageHandler = CreateStandardAuthMessageHandler(authMeResponse);

            string graphResponse = "{'@odata.context': ";
            MockHttpMessageHandler graphMessageHandler = CreateStandardGraphMessageHandler(graphResponse);

            AzureAuthenticationHandler handler = await CreateAzureAuthenticationHandler(authMessageHandler, graphMessageHandler, DateTime.Now.AddMinutes(5));

            // Act
            AuthenticateResult result = await handler.AuthenticateAsync();

            // Assert
            result.Succeeded.Should().BeFalse();
        }
示例#5
0
        public async Task AuthenticateAsync_WhenUserKnown_ThenSuccessfulAuthentication()
        {
            // Arrange
            string groupId      = Guid.NewGuid().ToString();
            string authprovider = "EasyAuthProvider";
            string principal    = Convert.ToBase64String(Encoding.ASCII.GetBytes($"{{'auth_typ':'{authprovider}','claims':[{{'typ':'{ClaimTypes.Name}','val':'*****@*****.**'}}, {{'typ':'{Constants.GroupsClaimType}','val':'{groupId}'}}, {{'typ':'{ClaimTypes.GivenName}','val':'Fred'}}],'name_typ':'','role_typ':''}}"));
            AzureAuthenticationHandler handler = await CreateAzureAuthenticationHandler(principal, authprovider);

            // Act
            AuthenticateResult result = await handler.AuthenticateAsync();

            // Assert
            result.Succeeded.Should().BeTrue();
            result.Principal.HasClaim(c => c.Type == "AuthenticationProvider" && c.Value == "EasyAuthProvider");
            result.Ticket.Principal.Identity.Name.Should().Be("*****@*****.**");
            result.Ticket.Principal.HasClaim(c => c.Type == ClaimTypes.GivenName && c.Value == "Fred");
            result.Ticket.Principal.HasClaim(c => c.Type == Constants.GroupsClaimType && c.Value == groupId);
        }
        public async Task AuthenticateAsync_WhenGraphCallFails_ThenAuthenticationFails()
        {
            // Arrange
            string authMeResponse = "[{'access_token': '', 'user_id': '*****@*****.**', 'user_claims': [{'typ': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname', 'val': 'Fred' }]}]";
            MockHttpMessageHandler authMessageHandler = CreateStandardAuthMessageHandler(authMeResponse);

            MockHttpMessageHandler graphMessageHandler = new MockHttpMessageHandler();

            graphMessageHandler
            .When("https://graph.microsoft.com/v1.0/me/memberOf/$/microsoft.graph.group?$select=id,displayName,securityEnabled")
            .Respond(HttpStatusCode.BadRequest);

            AzureAuthenticationHandler handler = await CreateAzureAuthenticationHandler(authMessageHandler, graphMessageHandler, DateTime.Now.AddMinutes(5));

            // Act
            AuthenticateResult result = await handler.AuthenticateAsync();

            // Assert
            result.Succeeded.Should().BeFalse();
        }
        public async Task AuthenticateAsync_WhenAuthMeCallFails_ThenAuthenticationFails()
        {
            // Arrange
            MockHttpMessageHandler authMessageHandler = new MockHttpMessageHandler();

            authMessageHandler
            .When(HttpMethod.Get, "https://test.com/.auth/refresh")
            .Respond(HttpStatusCode.OK);

            authMessageHandler
            .When(HttpMethod.Get, "https://test.com/.auth/me")
            .Respond(HttpStatusCode.BadRequest);

            MockHttpMessageHandler graphMessageHandler = CreateStandardGraphMessageHandler("");

            AzureAuthenticationHandler handler = await CreateAzureAuthenticationHandler(authMessageHandler, graphMessageHandler, DateTime.Now.AddMinutes(5));

            // Act
            AuthenticateResult result = await handler.AuthenticateAsync();

            // Assert
            result.Succeeded.Should().BeFalse();
        }
        public async Task AuthenticateAsync_WhenAccessTokenExpired_AndRefreshFails_ThenAuthenticationFails()
        {
            // Arrange
            MockHttpMessageHandler authMessageHandler = new MockHttpMessageHandler();

            authMessageHandler
            .Expect(HttpMethod.Get, "https://test.com/.auth/refresh")
            .Respond(HttpStatusCode.BadRequest);

            var authMeRequest = authMessageHandler
                                .When(HttpMethod.Get, "https://test.com/.auth/me")
                                .Respond(HttpStatusCode.OK);

            MockHttpMessageHandler graphMessageHandler = CreateStandardGraphMessageHandler("");

            AzureAuthenticationHandler handler = await CreateAzureAuthenticationHandler(authMessageHandler, graphMessageHandler, DateTime.Now.AddMinutes(-5));

            // Act
            AuthenticateResult result = await handler.AuthenticateAsync();

            // Assert
            result.Succeeded.Should().BeFalse();
            authMessageHandler.GetMatchCount(authMeRequest).Should().Be(0, "Auth Me call should not be called");
        }