public void ApiKeyHandler_HandleRequestWithHttpBasic()
        {
            var context = new Microsoft.AspNetCore.Http.DefaultHttpContext();
            var handler = CreateHandler(context);
            var gen     = new Csg.ApiKeyGenerator.TimeBasedTokenGenerator();
            var value   = Convert.ToBase64String(System.Text.UTF8Encoding.UTF8.GetBytes($"TestName:TestKey"));

            context.Request.Headers.Add("Authorization", $"Basic {value}");

            var authResult = handler.AuthenticateAsync().ConfigureAwait(false).GetAwaiter().GetResult();

            Assert.AreEqual(true, authResult.Succeeded);
            Assert.AreEqual(true, authResult.Principal.Identity.IsAuthenticated);
            Assert.AreEqual("TestName", authResult.Principal.Identity.Name);
        }
        public void ApiKeyHandler_HandleRequestWithOutOfRangeTimeBasedToken()
        {
            var context = new Microsoft.AspNetCore.Http.DefaultHttpContext();
            var handler = CreateHandler(context);
            var gen     = new Csg.ApiKeyGenerator.TimeBasedTokenGenerator();

            string token = Microsoft.AspNetCore.WebUtilities.Base64UrlTextEncoder.Encode(gen.ComputeToken("TestName", "TestKey", Clock.UtcNow.AddSeconds(120)));

            context.Request.Headers.Add("Authorization", $"TAPIKEY TestName:{token}");

            var authResult = handler.AuthenticateAsync().ConfigureAwait(false).GetAwaiter().GetResult();

            Assert.AreEqual(false, authResult.Succeeded);
            Assert.IsNull(authResult.Principal);
        }
        public void ApiKeyHandler_HandleRequestWithValidTimeBasedTokenAlternateCase()
        {
            var context = new Microsoft.AspNetCore.Http.DefaultHttpContext();
            var handler = CreateHandler(context);
            var gen     = new Csg.ApiKeyGenerator.TimeBasedTokenGenerator();

            string token = Microsoft.AspNetCore.WebUtilities.Base64UrlTextEncoder.Encode(gen.ComputeToken("testNAME", "TestKey", Clock.UtcNow));

            context.Request.Headers.Add("Authorization", $"TAPIKEY testNAME:{token}");

            var authResult = handler.AuthenticateAsync().ConfigureAwait(false).GetAwaiter().GetResult();

            Assert.AreEqual(true, authResult.Succeeded);
            Assert.AreEqual(true, authResult.Principal.Identity.IsAuthenticated);
            Assert.AreEqual("TestName", authResult.Principal.Identity.Name);
        }
示例#4
0
 public TimeBasedApiKeyValidator(Microsoft.AspNetCore.Authentication.ISystemClock clock, Csg.ApiKeyGenerator.TimeBasedTokenGenerator generator)
 {
     _generator = generator;
     _clock     = clock;
 }