public void DuplicatePrefixToBypassLookup() { string prefixToBypassLookup = "test:"; // Set a duplicate PrefixToBypassLookup on 2 items already existing in the list should throw exception InvalidOperationException Config.ClaimTypes.Where(x => !String.IsNullOrEmpty(x.ClaimType)).Take(2).Select(x => x.PrefixToBypassLookup = prefixToBypassLookup).ToList(); Assert.Throws <InvalidOperationException>(() => Config.Update(), $"Set a duplicate PrefixToBypassLookup on 2 items already existing in the list should throw exception InvalidOperationException with this message: \"{ConfigUpdateErrorMessage}\""); // Set a PrefixToBypassLookup on an existing item and add a new item with the same PrefixToBypassLookup should throw exception InvalidOperationException var firstCTConfig = Config.ClaimTypes.FirstOrDefault(x => !String.IsNullOrEmpty(x.ClaimType)); firstCTConfig.PrefixToBypassLookup = prefixToBypassLookup; ClaimTypeConfig ctConfig = new ClaimTypeConfig() { ClaimType = UnitTestsHelper.RandomClaimType, PrefixToBypassLookup = prefixToBypassLookup, DirectoryObjectProperty = UnitTestsHelper.RandomObjectProperty }; Assert.Throws <InvalidOperationException>(() => Config.Update(), $"Set a duplicate PrefixToBypassLookup on an existing item and add a new item with the same PrefixToBypassLookup should throw exception InvalidOperationException with this message: \"{ConfigUpdateErrorMessage}\""); }
public void AddClaimTypeConfig() { ClaimTypeConfig ctConfig = new ClaimTypeConfig(); // Add a ClaimTypeConfig with a claim type already set should throw exception InvalidOperationException ctConfig.ClaimType = UnitTestsHelper.SPTrust.IdentityClaimTypeInformation.MappedClaimType; ctConfig.DirectoryObjectProperty = UnitTestsHelper.RandomObjectProperty; Assert.Throws <InvalidOperationException>(() => Config.ClaimTypes.Add(ctConfig), $"Add a ClaimTypeConfig with a claim type already set should throw exception InvalidOperationException with this message: \"Claim type '{UnitTestsHelper.SPTrust.IdentityClaimTypeInformation.MappedClaimType}' already exists in the collection\""); // Add a ClaimTypeConfig with UseMainClaimTypeOfDirectoryObject = false (default value) and DirectoryObjectProperty not set should throw exception InvalidOperationException ctConfig.ClaimType = UnitTestsHelper.RandomClaimType; ctConfig.DirectoryObjectProperty = AzureADObjectProperty.NotSet; Assert.Throws <InvalidOperationException>(() => Config.ClaimTypes.Add(ctConfig), $"Add a ClaimTypeConfig with UseMainClaimTypeOfDirectoryObject = false (default value) and DirectoryObjectProperty not set should throw exception InvalidOperationException with this message: \"Property DirectoryObjectProperty is required\""); // Add a ClaimTypeConfig with UseMainClaimTypeOfDirectoryObject = true and ClaimType set should throw exception InvalidOperationException ctConfig.ClaimType = UnitTestsHelper.RandomClaimType; ctConfig.DirectoryObjectProperty = UnitTestsHelper.RandomObjectProperty; ctConfig.UseMainClaimTypeOfDirectoryObject = true; Assert.Throws <InvalidOperationException>(() => Config.ClaimTypes.Add(ctConfig), $"Add a ClaimTypeConfig with UseMainClaimTypeOfDirectoryObject = true and ClaimType set should throw exception InvalidOperationException with this message: \"No claim type should be set if UseMainClaimTypeOfDirectoryObject is set to true\""); // Add a ClaimTypeConfig with EntityType 'Group' should throw exception InvalidOperationException since 1 already exists by default and AzureCP allows only 1 claim type for EntityType 'Group' ctConfig.ClaimType = UnitTestsHelper.RandomClaimType; ctConfig.DirectoryObjectProperty = UnitTestsHelper.RandomObjectProperty; ctConfig.EntityType = DirectoryObjectType.Group; ctConfig.UseMainClaimTypeOfDirectoryObject = false; Assert.Throws <InvalidOperationException>(() => Config.ClaimTypes.Add(ctConfig), $"Add a ClaimTypeConfig with EntityType 'Group' should throw exception InvalidOperationException with this message: \"A claim type for EntityType 'Group' already exists in the collection\""); // Add a valid ClaimTypeConfig should succeed ctConfig.ClaimType = UnitTestsHelper.RandomClaimType; ctConfig.DirectoryObjectProperty = UnitTestsHelper.RandomObjectProperty; ctConfig.EntityType = DirectoryObjectType.User; ctConfig.UseMainClaimTypeOfDirectoryObject = false; Assert.DoesNotThrow(() => Config.ClaimTypes.Add(ctConfig), $"Add a valid ClaimTypeConfig should succeed"); // Add a ClaimTypeConfig twice should throw exception InvalidOperationException Assert.Throws <InvalidOperationException>(() => Config.ClaimTypes.Add(ctConfig), $"Add a ClaimTypeConfig with a claim type already set should throw exception InvalidOperationException with this message: \"Claim type '{UnitTestsHelper.RandomClaimType}' already exists in the collection\""); // Delete the ClaimTypeConfig by calling method ClaimTypeConfigCollection.Remove(ClaimTypeConfig) should succeed Assert.IsTrue(Config.ClaimTypes.Remove(ctConfig), $"Delete the ClaimTypeConfig by calling method ClaimTypeConfigCollection.Remove(ClaimTypeConfig) should succeed"); }
public void DuplicateDirectoryObjectProperty() { ClaimTypeConfig existingCTConfig = Config.ClaimTypes.FirstOrDefault(x => !String.IsNullOrEmpty(x.ClaimType) && x.EntityType == DirectoryObjectType.User); // Create a new ClaimTypeConfig with a DirectoryObjectProperty already set should throw exception InvalidOperationException ClaimTypeConfig ctConfig = new ClaimTypeConfig() { ClaimType = UnitTestsHelper.RandomClaimType, EntityType = DirectoryObjectType.User, DirectoryObjectProperty = existingCTConfig.DirectoryObjectProperty }; Assert.Throws <InvalidOperationException>(() => Config.ClaimTypes.Add(ctConfig), $"Create a new ClaimTypeConfig with a DirectoryObjectProperty already set should throw exception InvalidOperationException with this message: \"An item with property '{existingCTConfig.DirectoryObjectProperty.ToString()}' already exists for the object type 'User'\""); // Add a valid ClaimTypeConfig should succeed (done for next test) ctConfig.DirectoryObjectProperty = UnitTestsHelper.RandomObjectProperty; Assert.DoesNotThrow(() => Config.ClaimTypes.Add(ctConfig), $"Add a valid ClaimTypeConfig should succeed"); // Update an existing ClaimTypeConfig with a DirectoryObjectProperty already set should throw exception InvalidOperationException ctConfig.DirectoryObjectProperty = existingCTConfig.DirectoryObjectProperty; Assert.Throws <InvalidOperationException>(() => Config.Update(), $"Update an existing ClaimTypeConfig with a DirectoryObjectProperty already set should throw exception InvalidOperationException with this message: \"{ConfigUpdateErrorMessage}\""); // Delete the ClaimTypeConfig should succeed Assert.IsTrue(Config.ClaimTypes.Remove(ctConfig), "Delete the ClaimTypeConfig should succeed"); }
/// <summary> /// Add a new claim type configuration /// </summary> /// <param name="sender"></param> /// <param name="e"></param> protected void BtnCreateNewItem_Click(object sender, EventArgs e) { string newClaimType = TxtNewClaimType.Text.Trim(); string newLdapAttribute = TxtNewAttrName.Text.Trim(); string newLdapClass = TxtNewObjectClass.Text.Trim(); DirectoryObjectType newDirectoryObjectType; Enum.TryParse <DirectoryObjectType>(DdlNewDirectoryObjectType.SelectedValue, out newDirectoryObjectType); string newEntityMetadata = DdlNewEntityMetadata.SelectedValue; bool useMainClaimTypeOfDirectoryObject = false; if (RdbNewItemClassicClaimType.Checked) { if (String.IsNullOrEmpty(newClaimType)) { this.LabelErrorMessage.Text = TextErrorFieldsMissing; ShowNewItemForm = true; BuildAttributesListTable(false); return; } } else if (RdbNewItemPermissionMetadata.Checked) { if (String.IsNullOrEmpty(newEntityMetadata)) { this.LabelErrorMessage.Text = TextErrorFieldsMissing; ShowNewItemForm = true; BuildAttributesListTable(false); return; } newClaimType = String.Empty; } else { useMainClaimTypeOfDirectoryObject = true; newClaimType = String.Empty; } ClaimTypeConfig newCTConfig = new ClaimTypeConfig(); newCTConfig.ClaimType = newClaimType; newCTConfig.EntityType = newDirectoryObjectType; newCTConfig.LDAPClass = newLdapClass; newCTConfig.LDAPAttribute = newLdapAttribute; newCTConfig.UseMainClaimTypeOfDirectoryObject = useMainClaimTypeOfDirectoryObject; newCTConfig.EntityDataKey = newEntityMetadata; try { // ClaimTypeConfigCollection.Add() may thrown an exception if new ClaimTypeConfig is not valid for any reason PersistedObject.ClaimTypes.Add(newCTConfig); } catch (Exception ex) { this.LabelErrorMessage.Text = ex.Message; ShowNewItemForm = true; BuildAttributesListTable(false); return; } // Update configuration and rebuild table with new configuration CommitChanges(); BuildAttributesListTable(false); }
/// <summary> /// Add a new claim type configuration /// </summary> /// <param name="sender"></param> /// <param name="e"></param> protected void BtnCreateNewItem_Click(object sender, EventArgs e) { string newClaimType = TxtNewClaimType.Text.Trim(); AzureADObjectProperty newDirectoryObjectProp; Enum.TryParse <AzureADObjectProperty>(DdlNewGraphProperty.SelectedValue, out newDirectoryObjectProp); DirectoryObjectType newDirectoryObjectType; Enum.TryParse <DirectoryObjectType>(DdlNewDirectoryObjectType.SelectedValue, out newDirectoryObjectType); bool useMainClaimTypeOfDirectoryObject = false; if (RdbNewItemClassicClaimType.Checked) { if (String.IsNullOrEmpty(TxtNewClaimType.Text)) { this.LabelErrorMessage.Text = TextErrorFieldsMissing; ShowNewItemForm = true; BuildAttributesListTable(false); return; } } else if (RdbNewItemPermissionMetadata.Checked) { if (String.IsNullOrEmpty(DdlNewEntityMetadata.SelectedValue)) { this.LabelErrorMessage.Text = TextErrorFieldsMissing; ShowNewItemForm = true; BuildAttributesListTable(false); return; } newClaimType = String.Empty; } else { useMainClaimTypeOfDirectoryObject = true; newClaimType = String.Empty; } ClaimTypeConfig newCTConfig = new ClaimTypeConfig(); newCTConfig.ClaimType = newClaimType; newCTConfig.DirectoryObjectProperty = newDirectoryObjectProp; newCTConfig.EntityType = newDirectoryObjectType; newCTConfig.UseMainClaimTypeOfDirectoryObject = useMainClaimTypeOfDirectoryObject; newCTConfig.EntityDataKey = DdlNewEntityMetadata.SelectedValue; bool convertSuccess = Enum.TryParse <AzureADObjectProperty>(DdlNewGraphPropertyToDisplay.SelectedValue, out newDirectoryObjectProp); newCTConfig.DirectoryObjectPropertyToShowAsDisplayText = convertSuccess ? newDirectoryObjectProp : AzureADObjectProperty.NotSet; try { // ClaimTypeConfigCollection.Add() may thrown an exception if new ClaimTypeConfig is not valid for any reason PersistedObject.ClaimTypes.Add(newCTConfig); } catch (Exception ex) { this.LabelErrorMessage.Text = ex.Message; ShowNewItemForm = true; BuildAttributesListTable(false); return; } // Update configuration and rebuild table with new configuration CommitChanges(); BuildAttributesListTable(false); }
/// <summary> /// Ensures configuration is valid to proceed /// </summary> /// <returns></returns> public virtual ConfigStatus ValidatePrerequisite() { if (!this.IsPostBack) { // DataBind() must be called to bind attributes that are set as "<%# #>"in .aspx // But only during initial page load, otherwise it would reset bindings in other controls like SPGridView DataBind(); ViewState.Add("ClaimsProviderName", ClaimsProviderName); ViewState.Add("PersistedObjectName", PersistedObjectName); ViewState.Add("PersistedObjectID", PersistedObjectID); } else { ClaimsProviderName = ViewState["ClaimsProviderName"].ToString(); PersistedObjectName = ViewState["PersistedObjectName"].ToString(); PersistedObjectID = ViewState["PersistedObjectID"].ToString(); } Status = ConfigStatus.AllGood; if (String.IsNullOrEmpty(ClaimsProviderName)) { Status |= ConfigStatus.ClaimsProviderNamePropNotSet; } if (String.IsNullOrEmpty(PersistedObjectName)) { Status |= ConfigStatus.PersistedObjectNamePropNotSet; } if (String.IsNullOrEmpty(PersistedObjectID)) { Status |= ConfigStatus.PersistedObjectIDPropNotSet; } if (Status != ConfigStatus.AllGood) { ClaimsProviderLogging.Log($"[{ClaimsProviderName}] {MostImportantError}", TraceSeverity.Unexpected, EventSeverity.Error, TraceCategory.Configuration); // Should not go further if those requirements are not met return(Status); } if (CurrentTrustedLoginProvider == null) { CurrentTrustedLoginProvider = LDAPCP.GetSPTrustAssociatedWithCP(this.ClaimsProviderName); if (CurrentTrustedLoginProvider == null) { Status |= ConfigStatus.NoSPTrustAssociation; return(Status); } } if (PersistedObject == null) { Status |= ConfigStatus.PersistedObjectNotFound; } if (Status != ConfigStatus.AllGood) { ClaimsProviderLogging.Log($"[{ClaimsProviderName}] {MostImportantError}", TraceSeverity.Unexpected, EventSeverity.Error, TraceCategory.Configuration); // Should not go further if those requirements are not met return(Status); } PersistedObject.CheckAndCleanConfiguration(CurrentTrustedLoginProvider.Name); PersistedObject.ClaimTypes.SPTrust = CurrentTrustedLoginProvider; if (IdentityCTConfig == null && Status == ConfigStatus.AllGood) { IdentityCTConfig = this.IdentityCTConfig = PersistedObject.ClaimTypes.FirstOrDefault(x => String.Equals(CurrentTrustedLoginProvider.IdentityClaimTypeInformation.MappedClaimType, x.ClaimType, StringComparison.InvariantCultureIgnoreCase) && !x.UseMainClaimTypeOfDirectoryObject); if (IdentityCTConfig == null) { Status |= ConfigStatus.NoIdentityClaimType; } } if (PersistedObjectVersion != PersistedObject.Version) { Status |= ConfigStatus.PersistedObjectStale; } if (Status != ConfigStatus.AllGood) { ClaimsProviderLogging.Log($"[{ClaimsProviderName}] {MostImportantError}", TraceSeverity.Unexpected, EventSeverity.Error, TraceCategory.Configuration); } return(Status); }