public void Should_load_an_empty_session_if_no_session_cookie_exists()
{
var request = CreateRequest(null);
var result = cookieStore.Load(request);
result.Count.ShouldEqual(0);
}
public void Should_load_valid_test_data()
{
// Given
var payload = new DefaultSessionObjectFormatterFixture.Payload
{
BoolValue = true
};
var cookieData = GenerateCookieData(new Dictionary <string, object>
{
{ "key1", payload }
});
var store =
new CookieBasedSessions(this.aesEncryptionProvider, this.defaultHmacProvider, this.defaultObjectSerializer);
var request =
new Request("GET", "/", "http");
request.Cookies.Add(store.CookieName, cookieData.ToString());
// When
var result = store.Load(request);
// Then
result.Count.ShouldEqual(1);
result.First().Value.ShouldBeOfType(typeof(DefaultSessionObjectFormatterFixture.Payload));
}
public void Should_call_formatter_on_load()
{
var fakeFormatter = A.Fake <IObjectSerializer>();
A.CallTo(() => this.fakeEncryptionProvider.Decrypt("encryptedkey1=value1")).Returns("key1=value1;");
var store = new CookieBasedSessions(this.fakeEncryptionProvider, this.fakeHmacProvider, fakeFormatter);
var request = CreateRequest("encryptedkey1=value1", false);
store.Load(request);
A.CallTo(() => fakeFormatter.Deserialize("value1")).MustHaveHappened(Repeated.Exactly.Once);
}
public void Should_return_blank_session_if_encrypted_data_modified()
{
var inputValue = ValidHmac + ValidData.Substring(0, ValidData.Length - 1) + "Z";
inputValue = HttpUtility.UrlEncode(inputValue);
var store = new CookieBasedSessions(this.rijndaelEncryptionProvider, this.defaultHmacProvider, this.defaultObjectSerializer);
var request = new Request("GET", "/", "http");
request.Cookies.Add(store.CookieName, inputValue);
var result = store.Load(request);
result.Count.ShouldEqual(0);
}
public void Should_return_blank_session_if_hmac_missing()
{
var inputValue = ValidData;
inputValue = HttpUtility.UrlEncode(inputValue);
var store = new CookieBasedSessions(this.aesEncryptionProvider, this.defaultHmacProvider, this.defaultObjectSerializer);
var request = new Request("GET", "/", "http");
request.Cookies.Add(store.CookieName, inputValue);
var result = store.Load(request);
result.Count.ShouldEqual(0);
}
public void Should_return_blank_session_if_encrypted_data_modified()
{
var inputValue = ValidHmac + ValidData.Substring(0, ValidData.Length - 1) + "Z";
inputValue = HttpUtility.UrlEncode(inputValue);
var store = new CookieBasedSessions(new DefaultEncryptionProvider(), new DefaultHmacProvider(), ValidDataPass, ValidDataSalt, ValidDataHmacPassphrase, new DefaultSessionObjectFormatter());
var request = new Request("GET", "/", "http");
request.Cookies.Add(CookieBasedSessions.GetCookieName(), inputValue);
var result = store.Load(request);
result.Count.ShouldEqual(0);
}
public void Should_return_blank_session_if_hmac_changed()
{
var inputValue = "b" + ValidHmac.Substring(1) + ValidData;
inputValue = HttpUtility.UrlEncode(inputValue);
var store = new CookieBasedSessions(this.rijndaelEncryptionProvider, this.defaultHmacProvider, new DefaultObjectSerializer());
var request = new Request("GET", "/", "http");
request.Cookies.Add(CookieBasedSessions.GetCookieName(), inputValue);
var result = store.Load(request);
result.Count.ShouldEqual(0);
}
public void Should_load_valid_test_data()
{
var inputValue = ValidHmac + ValidData;
inputValue = HttpUtility.UrlEncode(inputValue);
var store = new CookieBasedSessions(this.rijndaelEncryptionProvider, this.defaultHmacProvider, this.defaultObjectSerializer);
var request = new Request("GET", "/", "http");
request.Cookies.Add(store.CookieName, inputValue);
var result = store.Load(request);
result.Count.ShouldEqual(1);
result.First().Value.ShouldBeOfType(typeof(DefaultSessionObjectFormatterFixture.Payload));
}
public void Should_return_blank_session_if_encrypted_data_are_invalid_but_contain_semicolon_when_decrypted()
{
var bogusEncrypted = this.aesEncryptionProvider.Encrypt("foo;bar");
var inputValue = ValidHmac + bogusEncrypted;
inputValue = HttpUtility.UrlEncode(inputValue);
var store = new CookieBasedSessions(this.aesEncryptionProvider, this.defaultHmacProvider, this.defaultObjectSerializer);
var request = new Request("GET", "/", "http");
request.Cookies.Add(store.CookieName, inputValue);
var result = store.Load(request);
result.Count.ShouldEqual(0);
}
public void Should_load_valid_test_data()
{
var inputValue = ValidHmac + ValidData;
inputValue = HttpUtility.UrlEncode(inputValue);
var store = new CookieBasedSessions(new DefaultEncryptionProvider(), new DefaultHmacProvider(), ValidDataPass, ValidDataSalt, ValidDataHmacPassphrase, new DefaultSessionObjectFormatter());
var request = new Request("GET", "/", "http");
request.Cookies.Add(CookieBasedSessions.GetCookieName(), inputValue);
var result = store.Load(request);
result.Count.ShouldEqual(1);
result.First().Value.ShouldBeOfType(typeof(DefaultSessionObjectFormatterFixture.Payload));
}
public void Should_be_able_to_load_an_object_previously_saved_to_session()
{
var response = new Response();
var session = new Session(new Dictionary <string, object>());
var payload = new DefaultSessionObjectFormatterFixture.Payload(27, true, "Test string");
var store = new CookieBasedSessions(this.rijndaelEncryptionProvider, this.defaultHmacProvider, this.defaultObjectSerializer);
session["testObject"] = payload;
store.Save(session, response);
var request = new Request("GET", "/", "http");
request.Cookies.Add(Helpers.HttpUtility.UrlEncode(response.Cookies.First().Name), Helpers.HttpUtility.UrlEncode(response.Cookies.First().Value));
var result = store.Load(request);
result["testObject"].ShouldEqual(payload);
}
public void Should_load_an_empty_session_if_session_cookie_is_invalid()
{
//given
var inputValue = ValidHmac.Substring(0, 5); //invalid Hmac
inputValue = HttpUtility.UrlEncode(inputValue);
var store = new CookieBasedSessions(this.aesEncryptionProvider, this.defaultHmacProvider, this.defaultObjectSerializer);
var request = new Request("GET", "/", "http");
request.Cookies.Add(store.CookieName, inputValue);
//when
var result = store.Load(request);
//then
result.Count.ShouldEqual(0);
}
public void Should_be_able_to_load_an_object_previously_saved_to_session()
{
var response = new Response();
var session = new Session(new Dictionary<string, object>());
var payload = new DefaultSessionObjectFormatterFixture.Payload(27, true, "Test string");
var store = new CookieBasedSessions(new DefaultEncryptionProvider(), "the passphrase", "the salt", new DefaultSessionObjectFormatter());
session["testObject"] = payload;
store.Save(session, response);
var request = new Request("GET", "/", "http");
request.Cookies.Add(Helpers.HttpUtility.UrlEncode(response.Cookies.First().Name), Helpers.HttpUtility.UrlEncode(response.Cookies.First().Value));
var result = store.Load(request);
result["testObject"].ShouldEqual(payload);
}
public void Should_return_blank_session_if_hmac_missing()
{
var inputValue = ValidData;
inputValue = HttpUtility.UrlEncode(inputValue);
var store = new CookieBasedSessions(new DefaultEncryptionProvider(), new DefaultHmacProvider(), ValidDataPass, ValidDataSalt, ValidDataHmacPassphrase, new DefaultSessionObjectFormatter());
var request = new Request("GET", "/", "http");
request.Cookies.Add(CookieBasedSessions.GetCookieName(), inputValue);
var result = store.Load(request);
result.Count.ShouldEqual(0);
}
public void Should_load_valid_test_data()
{
var inputValue = ValidHmac + ValidData;
inputValue = HttpUtility.UrlEncode(inputValue);
var store = new CookieBasedSessions(new DefaultEncryptionProvider(), new DefaultHmacProvider(), ValidDataPass, ValidDataSalt, ValidDataHmacPassphrase, new DefaultSessionObjectFormatter());
var request = new Request("GET", "/", "http");
request.Cookies.Add(CookieBasedSessions.GetCookieName(), inputValue);
var result = store.Load(request);
result.Count.ShouldEqual(1);
result.First().Value.ShouldBeOfType(typeof(DefaultSessionObjectFormatterFixture.Payload));
}
