public void OnAuthorization_RedirectsToAuthorizationRedirectPath_OnlyWhenUserDeniedGrantingPermissions(string requestUrl, string expectedRedirectUrl) { FacebookClient client = MockHelpers.CreateFacebookClient(); IFacebookPermissionService permissionService = MockHelpers.CreatePermissionService(new[] { "" }); FacebookConfiguration config = MockHelpers.CreateConfiguration(client, permissionService); config.AuthorizationRedirectPath = "~/home/permissions"; FacebookAuthorizeFilter authorizeFilter = new FacebookAuthorizeFilter(config); AuthorizationContext context = new AuthorizationContext( MockHelpers.CreateControllerContext(new NameValueCollection { { "signed_request", "exampleSignedRequest" } }, null, new Uri(requestUrl)), MockHelpers.CreateActionDescriptor(new[] { new FacebookAuthorizeAttribute("email") })); authorizeFilter.OnAuthorization(context); ContentResult result = Assert.IsAssignableFrom <JavaScriptRedirectResult>(context.Result); Assert.Equal("text/html", result.ContentType); Assert.Equal( String.Format("<script>window.top.location = '{0}';</script>", expectedRedirectUrl), result.Content); }
public void BindModel_ReturnsExpectedFacebookRedirectContext() { FacebookConfiguration config = new FacebookConfiguration(); config.AppId = "123456"; config.ClientProvider = new DefaultFacebookClientProvider(config); FacebookRedirectContextModelBinder redirectContextBinder = new FacebookRedirectContextModelBinder(config); ControllerContext controllerContext = MockHelpers.CreateControllerContext( null, new NameValueCollection { { "originUrl", "https://apps.facebook.com/123456/home/index" }, { "permissions", "email,user_likes" } } ); ModelBindingContext modelBindingContext = new ModelBindingContext(); FacebookRedirectContext context = Assert.IsType <FacebookRedirectContext>( redirectContextBinder.BindModel(controllerContext, modelBindingContext) ); Assert.Equal("https://apps.facebook.com/123456/home/index", context.OriginUrl); // Redirect URL should not have any permissions on it. That's handled by the authorization filter. Assert.Equal( "https://www.facebook.com/dialog/oauth?redirect_uri=https%3A%2F%2Fapps.facebook.com%2F123456%2Fhome%2Findex&client_id=123456", context.RedirectUrl ); Assert.Equal(2, context.RequiredPermissions.Length); Assert.Equal("email", context.RequiredPermissions[0]); Assert.Equal("user_likes", context.RequiredPermissions[1]); Assert.Same(config, context.Configuration); }
public void BindModel_ReturnsExpectedFacebookContext_WhenSignedRequestComesFromQuery() { FacebookConfiguration config = new FacebookConfiguration(); config.AppSecret = "3e29b24f825e737d97aed5eb62df5076"; config.ClientProvider = new DefaultFacebookClientProvider(config); FacebookContextModelBinder contextBinder = new FacebookContextModelBinder(config); ControllerContext controllerContext = MockHelpers.CreateControllerContext( null, new NameValueCollection { { "signed_request", "x1yDEgacN3N5iu23Ji8NLYp9LGO1-cUXKHTJQrMqzVQ.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImV4cGlyZXMiOjEzNTM5MTMyMDAsImlzc3VlZF9hdCI6MTM1MzkwNzQ5Miwib2F1dGhfdG9rZW4iOiJBQUFGUlJPcWtwZ01CQURBSjNQZk5vNldXMlJ5WkFSQ1hjU0daQlhpNTBLTG9wRzFwYmFwc2M2aThKY3h6WkFQN1pDSnlpcXVHYlc3WXlCam1aQjh0UWpyelZ2VTNrYm44b3N3WXR5czkzTWdaRFpEIiwidXNlciI6eyJjb3VudHJ5IjoidXMiLCJsb2NhbGUiOiJlbl9VUyIsImFnZSI6eyJtaW4iOjIxfX0sInVzZXJfaWQiOiIxNzgyNTkwMSJ9" } } ); FacebookContext context = Assert.IsType <FacebookContext>( contextBinder.BindModel(controllerContext, new ModelBindingContext()) ); Assert.NotNull((object)context.SignedRequest); Assert.NotNull(context.AccessToken); Assert.Equal("17825901", context.UserId); }
public void OnAuthorization_RedirectsToOAuthDialog_ForMissingPermissions() { FacebookClient client = MockHelpers.CreateFacebookClient(); IFacebookPermissionService permissionService = MockHelpers.CreatePermissionService( new[] { "" } ); FacebookConfiguration config = MockHelpers.CreateConfiguration( client, permissionService ); FacebookAuthorizeFilter authorizeFilter = new FacebookAuthorizeFilter(config); AuthorizationContext context = new AuthorizationContext( MockHelpers.CreateControllerContext( new NameValueCollection { { "signed_request", "exampleSignedRequest" } } ), MockHelpers.CreateActionDescriptor( new[] { new FacebookAuthorizeAttribute("email", "user_likes") } ) ); authorizeFilter.OnAuthorization(context); ContentResult result = Assert.IsType <ShowPromptResult>(context.Result); Assert.Equal("text/html", result.ContentType); Assert.Equal( "<script>window.top.location = 'https://www.facebook.com/dialog/oauth?redirect_uri=example.com';</script>", result.Content ); }
private AuthorizationContext BuildSignedAuthorizationContext( string requestUrl, string permission, HttpCookieCollection requestCookies = null ) { var permissions = permission == null ? new string[0] : new string[] { permission }; var requestUri = new Uri(requestUrl); var context = new AuthorizationContext( MockHelpers.CreateControllerContext( new NameValueCollection { { "signed_request", "exampleSignedRequest" } }, HttpUtility.ParseQueryString(requestUri.Query), requestUri, requestCookies ), MockHelpers.CreateActionDescriptor( new[] { new FacebookAuthorizeAttribute(permissions) } ) ); return(context); }
public void BindModel_ReturnsInvalidModelState_WhenSignedRequestIsNull() { FacebookConfiguration config = new FacebookConfiguration(); config.AppSecret = "abcdef"; config.ClientProvider = new DefaultFacebookClientProvider(config); FacebookContextModelBinder contextBinder = new FacebookContextModelBinder(config); ControllerContext controllerContext = MockHelpers.CreateControllerContext(); ModelBindingContext modelBindingContext = new ModelBindingContext(); object context = contextBinder.BindModel(controllerContext, modelBindingContext); Assert.Null(context); Assert.False(modelBindingContext.ModelState.IsValid); }
public void OnAuthorization_RedirectsToOAuthDialog_WhenSignedRequestIsNull() { FacebookConfiguration config = MockHelpers.CreateConfiguration(); FacebookAuthorizeFilter authorizeFilter = new FacebookAuthorizeFilter(config); AuthorizationContext context = new AuthorizationContext( MockHelpers.CreateControllerContext(), MockHelpers.CreateActionDescriptor(new[] { new FacebookAuthorizeAttribute("email") })); authorizeFilter.OnAuthorization(context); ContentResult result = Assert.IsType <JavaScriptRedirectResult>(context.Result); Assert.Equal("text/html", result.ContentType); Assert.Equal( "<script>window.top.location = 'https://www.facebook.com/dialog/oauth?redirect_uri=https%3A%2F%2Fapps.facebook.com%2FDefaultAppId%2F\\u0026client_id=DefaultAppId';</script>", result.Content); }
public void BindModel_ReturnsInvalidModelState_WhenOriginUrlIsNull() { FacebookConfiguration config = new FacebookConfiguration(); config.AppId = "123456"; config.ClientProvider = new DefaultFacebookClientProvider(config); FacebookRedirectContextModelBinder redirectContextBinder = new FacebookRedirectContextModelBinder(config); ControllerContext controllerContext = MockHelpers.CreateControllerContext( null, new NameValueCollection { { "permissions", "email,user_likes" } }); ModelBindingContext modelBindingContext = new ModelBindingContext(); FacebookRedirectContext context = Assert.IsType <FacebookRedirectContext>(redirectContextBinder.BindModel(controllerContext, modelBindingContext)); Assert.False(modelBindingContext.ModelState.IsValid); }