public void Should_be_able_to_load_an_object_previously_saved_to_session() { var response = new Response(); var session = new Session(new Dictionary<string, object>()); var payload = new DefaultSessionObjectFormatterFixture.Payload(27, true, "Test string"); var store = new CookieBasedSessions(new DefaultEncryptionProvider(), "the passphrase", "the salt", new DefaultSessionObjectFormatter()); session["testObject"] = payload; store.Save(session, response); var request = new Request("GET", "/", "http"); request.Cookies.Add(Helpers.HttpUtility.UrlEncode(response.Cookies.First().Name), Helpers.HttpUtility.UrlEncode(response.Cookies.First().Value)); var result = store.Load(request); result["testObject"].ShouldEqual(payload); }
public void Should_load_valid_test_data() { var inputValue = ValidHmac + ValidData; inputValue = HttpUtility.UrlEncode(inputValue); var store = new CookieBasedSessions(this.aesEncryptionProvider, this.defaultHmacProvider, this.defaultObjectSerializer); var request = new Request("GET", "/", "http"); request.Cookies.Add(store.CookieName, inputValue); var result = store.Load(request); result.Count.ShouldEqual(1); result.First().Value.ShouldBeOfType(typeof(DefaultSessionObjectFormatterFixture.Payload)); }
public void Should_return_blank_session_if_encrypted_data_are_invalid_but_contain_semicolon_when_decrypted() { var bogusEncrypted = this.aesEncryptionProvider.Encrypt("foo;bar"); var inputValue = ValidHmac + bogusEncrypted; inputValue = HttpUtility.UrlEncode(inputValue); var store = new CookieBasedSessions(this.aesEncryptionProvider, this.defaultHmacProvider, this.defaultObjectSerializer); var request = new Request("GET", "/", "http"); request.Cookies.Add(store.CookieName, inputValue); var result = store.Load(request); result.Count.ShouldEqual(0); }
protected override void InitialiseInternal(TinyIoC.TinyIoCContainer container) { base.InitialiseInternal(container); CookieBasedSessions.Enable(this, "MyPassPhrase", "MySaltIsReallyGood", "MyHmacPassphrase"); this.AfterRequest += (ctx) => { var username = ctx.Request.Query.pirate; if (username.HasValue) { ctx.Response = new HereBeAResponseYouScurvyDog(ctx.Response); } }; }
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines) { base.ApplicationStartup(container, pipelines); // Enable cookie sessions CookieBasedSessions.Enable(pipelines); // Enable authentication StatelessAuthentication.Enable(pipelines, new StatelessAuthenticationConfiguration(ctx => { // Take API from query string var apiKey = (string)ctx.Request.Query.apiKey.Value; // get user identity return(ApiClientAuthenticationService.ResolveClientIdentity(apiKey)); })); }
public void Should_load_an_empty_session_if_session_cookie_is_invalid() { //given var inputValue = ValidHmac.Substring(0, 5); //invalid Hmac inputValue = HttpUtility.UrlEncode(inputValue); var store = new CookieBasedSessions(this.aesEncryptionProvider, this.defaultHmacProvider, this.defaultObjectSerializer); var request = new Request("GET", "/", "http"); request.Cookies.Add(store.CookieName, inputValue); //when var result = store.Load(request); //then result.Count.ShouldEqual(0); }
public void Should_be_able_to_load_an_object_previously_saved_to_session() { var response = new Response(); var session = new Session(new Dictionary <string, object>()); var payload = new DefaultSessionObjectFormatterFixture.Payload(27, true, "Test string"); var store = new CookieBasedSessions(this.rijndaelEncryptionProvider, this.defaultHmacProvider, this.defaultObjectSerializer); session["testObject"] = payload; store.Save(session, response); var request = new Request("GET", "/", "http"); request.Cookies.Add(Helpers.HttpUtility.UrlEncode(response.Cookies.First().Name), Helpers.HttpUtility.UrlEncode(response.Cookies.First().Value)); var result = store.Load(request); result["testObject"].ShouldEqual(payload); }
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines) { base.ApplicationStartup(container, pipelines); // Connect to database ServerContext.ConnectDatabase(); // TODO (Disabled): Load plugins // Enable cookie sessions CookieBasedSessions.Enable(pipelines); // Enable authentication StatelessAuthentication.Enable(pipelines, new StatelessAuthenticationConfiguration(ctx => { // Take API from query string var apiKey = (string)ctx.Request.Query.apikey.Value; // get user identity var authenticator = new StatelessAuthenticationService <NAAccessKey, NAApiAccessScope>(ServerContext); return(authenticator.ResolveClientIdentity(apiKey)); })); // Enable CORS pipelines.AfterRequest.AddItemToEndOfPipeline((ctx) => { foreach (var origin in ServerContext.Parameters.CorsOrigins) { ctx.Response.WithHeader("Access-Control-Allow-Origin", origin); } ctx.Response .WithHeader("Access-Control-Allow-Methods", "GET,POST,PUT,DELETE") .WithHeader("Access-Control-Allow-Headers", "Accept, Origin, Content-type"); }); // Initialize object data mapper Mapper.Initialize(cfg => { // Create maps cfg.CreateMap <LogRequest, HitRequest>(); cfg.CreateMap <HitRequest, FetchScriptRequest>(); cfg.CreateMap <LogRequest, RedirectRequest>(); cfg.CreateMap <LogRequest, TagRequest>(); }); }
public void Should_be_able_to_save_a_complex_object_to_session() { var response = new Response(); var session = new Session(new Dictionary <string, object>()); var payload = new DefaultSessionObjectFormatterFixture.Payload(27, true, "Test string"); var store = new CookieBasedSessions(new DefaultEncryptionProvider(), new DefaultHmacProvider(), "the passphrase", "the salt", "hmac passphrase", new DefaultSessionObjectFormatter()); session["testObject"] = payload; store.Save(session, response); response.Cookies.Count.ShouldEqual(1); var cookie = response.Cookies.First(); cookie.Name.ShouldEqual(Nancy.Session.CookieBasedSessions.GetCookieName()); cookie.Value.ShouldNotBeNull(); cookie.Value.ShouldNotBeEmpty(); }
public void Should_be_able_to_save_a_complex_object_to_session() { var response = new Response(); var session = new Session(new Dictionary <string, object>()); var payload = new DefaultSessionObjectFormatterFixture.Payload(27, true, "Test string"); var store = new CookieBasedSessions(this.rijndaelEncryptionProvider, this.defaultHmacProvider, this.defaultObjectSerializer); session["testObject"] = payload; store.Save(session, response); response.Cookies.Count.ShouldEqual(1); var cookie = response.Cookies.First(); cookie.Name.ShouldEqual(store.CookieName); cookie.Value.ShouldNotBeNull(); cookie.Value.ShouldNotBeEmpty(); }
private Request CreateRequest(string sessionValue, bool load = true) { var headers = new Dictionary <string, IEnumerable <string> >(1); if (!string.IsNullOrEmpty(sessionValue)) { headers.Add("cookie", new[] { CookieBasedSessions.GetCookieName() + "=" + HttpUtility.UrlEncode(sessionValue) }); } var request = new Request("GET", "http://goku.power:9001/", headers, CreateRequestStream(), "http"); if (load) { cookieStore.Load(request); } return(request); }
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines) { base.ApplicationStartup(container, pipelines); // Connect to database ServerContext.ConnectDatabase(); // TODO (Disabled): Load plugins // Enable cookie sessions CookieBasedSessions.Enable(pipelines); // Enable authentication StatelessAuthentication.Enable(pipelines, new StatelessAuthenticationConfiguration(ctx => { // Take API from query string var apiKey = (string)ctx.Request.Query.apikey.Value; // get user identity var authenticator = new StatelessAuthenticationService <HUAccessKey, HUApiAccessScope>(ServerContext); var identity = authenticator.ResolveClientIdentity(apiKey); if (identity == null) { // Use user identity var userAuthValidator = new UserApiLoginValidator(ServerContext); identity = userAuthValidator.ResolveClientIdentity(apiKey); } return(identity); })); // Enable CORS pipelines.AfterRequest.AddItemToEndOfPipeline((ctx) => { foreach (var origin in ServerContext.Parameters.CorsOrigins) { ctx.Response.WithHeader("Access-Control-Allow-Origin", origin); } ctx.Response .WithHeader("Access-Control-Allow-Methods", "GET,POST,PUT,DELETE") .WithHeader("Access-Control-Allow-Headers", "Accept, Origin, Content-type"); }); }
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines) { base.ApplicationStartup(container, pipelines); Csrf.Enable(pipelines); this.Conventions.StaticContentsConventions.Add(StaticContentConventionBuilder.AddDirectory("moo", "Content")); CookieBasedSessions.Enable(pipelines); pipelines.AfterRequest += (ctx) => { var username = ctx.Request.Query.pirate; if (username.HasValue) { ctx.Response = new HereBeAResponseYouScurvyDog(ctx.Response); } }; }
protected override void ApplicationStartup(Nancy.TinyIoc.TinyIoCContainer container, Nancy.Bootstrapper.IPipelines pipelines) { //跨域 pipelines.AfterRequest.AddItemToEndOfPipeline((ctx) => { ctx.Response.WithHeader("Access-Control-Allow-Origin", "*") .WithHeader("Access-Control-Allow-Methods", "POST,GET,OPTIONS") .WithHeader("Access-Control-Allow-Headers", "Accept, Origin, Content-type"); }); //全局错误日志 //pipelines.OnError += (ctx, ex) => //{ // Console.WriteLine(ex.Message); // return new Response(); //}; CookieBasedSessions.Enable(pipelines); base.ApplicationStartup(container, pipelines); }
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines) { base.ApplicationStartup(container, pipelines); SwaggerMetadataProvider.SetInfo("IDP Job APIs", "v0.1", "Our job service", new Contact() { EmailAddress = "*****@*****.**" }); pipelines.AfterRequest.AddItemToEndOfPipeline(x => x.Response.Headers.Add("Access-Control-Allow-Origin", "*")); CookieBasedSessions.Enable(pipelines); pipelines.EnableBasicAuthentication(new BasicAuthenticationConfiguration( container.Resolve <IUserValidator>(), "IDPJobManager")); ResourceViewLocationProvider.RootNamespaces.Add(Assembly.GetExecutingAssembly(), "IDPJobManager.Web.Views"); ResourceViewLocationProvider.Ignore.Add(typeof(Nancy.ViewEngines.Razor.RazorViewEngine).Assembly); }
protected override void InitialiseInternal(TinyIoC.TinyIoCContainer container) { base.InitialiseInternal(container); StaticConfiguration.DisableErrorTraces = false; this.Conventions.StaticContentsConventions.Add(StaticContentConventionBuilder.AddDirectory("moo", "Content")); CookieBasedSessions.Enable(this); this.AfterRequest += (ctx) => { var username = ctx.Request.Query.pirate; if (username.HasValue) { ctx.Response = new HereBeAResponseYouScurvyDog(ctx.Response); } }; }
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines) { PerformanceData.Run(); var host = TinyIoCContainer.Current.Resolve <IHost>(); pipelines.EnableBasicAuthentication(new BasicAuthenticationConfiguration(container.Resolve <IUserValidator>(), "Servant")); CookieBasedSessions.Enable(pipelines); var sw = new Stopwatch(); pipelines.BeforeRequest.InsertBefore("DebuggingStart", nancyContext => { sw.Reset(); sw.Start(); return(nancyContext.Response); }); // Irriterede mig at den ikke returnerede UTF8 pipelines.AfterRequest.InsertAfter("EncodingFix", nancyContext => { if (nancyContext.Response.ContentType == "text/html") { nancyContext.Response.ContentType = "text/html; charset=utf8"; } }); pipelines.AfterRequest.InsertAfter("DebuggingEnd", ctx => { sw.Stop(); if (host.Debug) { Console.ForegroundColor = ConsoleColor.DarkGray; Console.WriteLine(DateTime.Now.ToLongTimeString() + ": " + ctx.Request.Method + " " + ctx.Request.Url + "(" + sw.ElapsedMilliseconds + "ms)"); Console.ResetColor(); } }); base.ApplicationStartup(container, pipelines); }
protected override void ApplicationStartup(Nancy.TinyIoc.TinyIoCContainer container, Nancy.Bootstrapper.IPipelines pipelines) { // Cache the settings from the config file in memory SettingsRequest.RetrieveSettings(); // Cache the brandings from the config file in memory BrandingsRequest.RetrieveBrandings(); // Enable cookie based sessions CookieBasedSessions.Enable(pipelines); base.ApplicationStartup(container, pipelines); var authenticationConfiguration = new FormsAuthenticationConfiguration { RedirectUrl = "~/login", UserMapper = container.Resolve <IUserMapper>(), }; FormsAuthentication.Enable(pipelines, authenticationConfiguration); }
public void Should_save_the_session_cookie() { var response = new Response(); var session = new Session(new Dictionary <string, object> { { "key1", "val1" }, }); session["key2"] = "val2"; A.CallTo(() => this.fakeEncryptionProvider.Encrypt("key1=val1;key2=val2;")).Returns("encrypted=key1=val1;key2=val2;"); cookieStore.Save(session, response); response.Cookies.Count.ShouldEqual(1); var cookie = response.Cookies.First(); cookie.Name.ShouldEqual(CookieBasedSessions.GetCookieName()); cookie.Value.ShouldEqual("encrypted=key1=val1;key2=val2;"); cookie.Expires.ShouldBeNull(); cookie.Path.ShouldBeNull(); cookie.Domain.ShouldBeNull(); }
/// <summary> /// Add Form Authentication to Bootstrap /// </summary> /// <param name="container"></param> /// <param name="pipelines"></param> protected override void ApplicationStartup(Nancy.TinyIoc.TinyIoCContainer container, Nancy.Bootstrapper.IPipelines pipelines) { base.ApplicationStartup(container, pipelines); // Enable Cookie Based Session CookieBasedSessions.Enable(pipelines); // Set Cryptography Configuration var cryptographyConfiguration = new CryptographyConfiguration( new RijndaelEncryptionProvider(new PassphraseKeyGenerator(DOLNancyWebInit.WEB_SERVER_COOKIE_CRYPT_SECRET, new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })), new DefaultHmacProvider(new PassphraseKeyGenerator(DOLNancyWebInit.WEB_SERVER_COOKIE_CRYPT_HASH_SECRET, new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }))); // Set Form Authentication Configuration var formsAuthConfiguration = new FormsAuthenticationConfiguration { CryptographyConfiguration = cryptographyConfiguration, RedirectUrl = "~/login", UserMapper = container.Resolve <IUserMapper>(), }; FormsAuthentication.Enable(pipelines, formsAuthConfiguration); }
public void Should_set_formatter_when_using_formatter_selector() { var beforePipeline = new BeforePipeline(); var afterPipeline = new AfterPipeline(); var hooks = A.Fake <IPipelines>(); A.CallTo(() => hooks.BeforeRequest).Returns(beforePipeline); A.CallTo(() => hooks.AfterRequest).Returns(afterPipeline); var fakeFormatter = A.Fake <IObjectSerializer>(); A.CallTo(() => this.fakeEncryptionProvider.Decrypt("encryptedkey1=value1")).Returns("key1=value1;"); CookieBasedSessions.Enable(hooks, new CryptographyConfiguration(this.fakeEncryptionProvider, this.fakeHmacProvider)).WithSerializer(fakeFormatter); var request = CreateRequest("encryptedkey1=value1"); var nancyContext = new NancyContext() { Request = request }; beforePipeline.Invoke(nancyContext, new CancellationToken()); A.CallTo(() => fakeFormatter.Deserialize(A <string> .Ignored)).MustHaveHappened(Repeated.Exactly.Once); }
public void Should_set_formatter_when_using_formatter_selector() { var beforePipeline = new BeforePipeline(); var afterPipeline = new AfterPipeline(); var hooks = A.Fake <IApplicationPipelines>(); A.CallTo(() => hooks.BeforeRequest).Returns(beforePipeline); A.CallTo(() => hooks.AfterRequest).Returns(afterPipeline); var fakeFormatter = A.Fake <ISessionObjectFormatter>(); A.CallTo(() => this.encryptionProvider.Decrypt("encryptedkey1=value1", A <string> .Ignored, A <byte[]> .Ignored)).Returns("key1=value1;"); CookieBasedSessions.Enable(hooks, encryptionProvider, hmacProvider, "this passphrase", "this is a salt", "hmac passphrase").WithFormatter(fakeFormatter); var request = CreateRequest("encryptedkey1=value1"); var nancyContext = new NancyContext() { Request = request }; beforePipeline.Invoke(nancyContext); A.CallTo(() => fakeFormatter.Deserialize(A <string> .Ignored)).MustHaveHappened(Repeated.Exactly.Once); }
public void Should_use_CookieName_when_config_provides_cookiename_value() { //Given var cryptoConfig = new CryptographyConfiguration(this.fakeEncryptionProvider, this.fakeHmacProvider); var storeConfig = new CookieBasedSessionsConfiguration(cryptoConfig) { CookieName = "NamedCookie", Serializer = this.fakeObjectSerializer }; var store = new CookieBasedSessions(storeConfig); //When var response = new Response(); var session = new Session(new Dictionary <string, object> { { "key1", "val1" }, }); session["key2"] = "val2"; store.Save(session, response); //Then response.Cookies.ShouldHave(c => c.Name == storeConfig.CookieName); }
public void Should_only_not_add_response_cookie_if_it_has_not_changed() { var beforePipeline = new BeforePipeline(); var afterPipeline = new AfterPipeline(); var hooks = A.Fake <IPipelines>(); A.CallTo(() => hooks.BeforeRequest).Returns(beforePipeline); A.CallTo(() => hooks.AfterRequest).Returns(afterPipeline); CookieBasedSessions.Enable(hooks, new CryptographyConfiguration(this.fakeEncryptionProvider, this.fakeHmacProvider)).WithSerializer(this.fakeObjectSerializer); var request = CreateRequest("encryptedkey1=value1"); A.CallTo(() => this.fakeEncryptionProvider.Decrypt("encryptedkey1=value1")).Returns("key1=value1;"); var response = A.Fake <Response>(); var nancyContext = new NancyContext() { Request = request, Response = response }; beforePipeline.Invoke(nancyContext, new CancellationToken()); afterPipeline.Invoke(nancyContext, new CancellationToken()); response.Cookies.Count.ShouldEqual(0); }
public void Should_only_not_add_response_cookie_if_it_has_not_changed() { var beforePipeline = new BeforePipeline(); var afterPipeline = new AfterPipeline(); var hooks = A.Fake <IApplicationPipelines>(); A.CallTo(() => hooks.BeforeRequest).Returns(beforePipeline); A.CallTo(() => hooks.AfterRequest).Returns(afterPipeline); CookieBasedSessions.Enable(hooks, encryptionProvider, hmacProvider, "this passphrase", "this is a salt", "hmac passphrase").WithFormatter(new Fakes.FakeSessionObjectFormatter()); var request = CreateRequest("encryptedkey1=value1"); A.CallTo(() => this.encryptionProvider.Decrypt("encryptedkey1=value1", A <string> .Ignored, A <byte[]> .Ignored)).Returns("key1=value1;"); var response = A.Fake <Response>(); var nancyContext = new NancyContext() { Request = request, Response = response }; beforePipeline.Invoke(nancyContext); afterPipeline.Invoke(nancyContext); response.Cookies.Count.ShouldEqual(0); }
protected override void ApplicationStartup(TinyIoc.TinyIoCContainer container, Bootstrapper.IPipelines pipelines) { //启用session CookieBasedSessions.Enable(pipelines); }
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines) { CookieBasedSessions.Enable(pipelines); }
public void Should_load_valid_test_data() { var inputValue = ValidHmac + ValidData; inputValue = HttpUtility.UrlEncode(inputValue); var store = new CookieBasedSessions(new DefaultEncryptionProvider(), new DefaultHmacProvider(), ValidDataPass, ValidDataSalt, ValidDataHmacPassphrase, new DefaultSessionObjectFormatter()); var request = new Request("GET", "/", "http"); request.Cookies.Add(CookieBasedSessions.GetCookieName(), inputValue); var result = store.Load(request); result.Count.ShouldEqual(1); result.First().Value.ShouldBeOfType(typeof(DefaultSessionObjectFormatterFixture.Payload)); }
public void Should_return_blank_session_if_hmac_missing() { var inputValue = ValidData; inputValue = HttpUtility.UrlEncode(inputValue); var store = new CookieBasedSessions(new DefaultEncryptionProvider(), new DefaultHmacProvider(), ValidDataPass, ValidDataSalt, ValidDataHmacPassphrase, new DefaultSessionObjectFormatter()); var request = new Request("GET", "/", "http"); request.Cookies.Add(CookieBasedSessions.GetCookieName(), inputValue); var result = store.Load(request); result.Count.ShouldEqual(0); }
public void Should_be_able_to_save_a_complex_object_to_session() { var response = new Response(); var session = new Session(new Dictionary<string, object>()); var payload = new DefaultSessionObjectFormatterFixture.Payload(27, true, "Test string"); var store = new CookieBasedSessions(new DefaultEncryptionProvider(), "the passphrase", "the salt", new DefaultSessionObjectFormatter()); session["testObject"] = payload; store.Save(session, response); response.Cookies.Count.ShouldEqual(1); var cookie = response.Cookies.First(); cookie.Name.ShouldEqual(Nancy.Session.CookieBasedSessions.GetCookieName()); cookie.Value.ShouldNotBeNull(); cookie.Value.ShouldNotBeEmpty(); }
protected override void InitialiseInternal(TinyIoC.TinyIoCContainer container) { base.InitialiseInternal(container); CookieBasedSessions.Enable(this, "MyPassPhrase", "MySaltIsReallyGood", "MyHmacPassphrase"); }
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines) { //enable the cookie CookieBasedSessions.Enable(pipelines); //Prevent errors on Linux }
protected override void ApplicationStartup(ILifetimeScope container, IPipelines pipelines) { Csrf.Enable(pipelines); FruitOfTheDay.Enable(pipelines); CookieBasedSessions.Enable(pipelines); }
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines) { base.ApplicationStartup(container, pipelines); // Enable Session where data can be stored CookieBasedSessions.Enable(pipelines); }