public void AddsUserClaims() { const string ClaimType = "TestClaim"; const string ClaimValue = "TestClaimValue"; var users = new List <StuntmanUser> { new StuntmanUser("user-1", "Test Name 1") .AddClaim(ClaimType, ClaimValue), new StuntmanUser("user-2", "Test Name 2") }; var json = JsonConvert.SerializeObject(users); var options = new StuntmanOptions( stuntmanOptionsRetriever: new TestStuntmanOptionsRetriever(localFileStringToReturn: json)) .AddUsersFromJson("C:\\test.json"); var user1 = options.Users.SingleOrDefault(x => x.Claims.Any()); Assert.NotNull(user1); var testClaim = user1.Claims.Single(); Assert.Equal(ClaimType, testClaim.Type); Assert.Equal(ClaimValue, testClaim.Value); }
public void DoesNotThrowForUnexpectedResponse() { var options = new StuntmanOptions(stuntmanOptionsRetriever: new TestStuntmanOptionsRetriever( webClientStringToReturn: "some_error")); options.TryAddConfigurationFromServer("https://example.com"); }
public async Task AllowsOptionalConfigurationOfUsers() { const string TestClaim = "test-claim"; const string TestClaimValue = "test-claim-value"; var json = string.Empty; var stuntmanOptions = new StuntmanOptions() .AddUser(new StuntmanUser("user-1", "Test Name 1")) .AddUser(new StuntmanUser("user-2", "Test Name 2")); using (var server = TestServer.Create(app => { stuntmanOptions.EnableServer(); app.UseStuntman(stuntmanOptions); })) { var response = await server.HttpClient.GetAsync(stuntmanOptions.ServerUri); json = await response.Content.ReadAsStringAsync(); } var options = new StuntmanOptions( stuntmanOptionsRetriever: new TestStuntmanOptionsRetriever(localFileStringToReturn: json)) .AddUsersFromJson( "C:\\test.json", user => user.Claims.Add(new Claim(TestClaim, TestClaimValue))); Assert.True(options.Users.Any()); Assert.True(options.Users.All( x => x.Claims.Count(y => y.Type == TestClaim && y.Value == TestClaimValue) == 1)); }
public async Task DoesNotRedirectChallenge_WhenCookieAuthenticationIsDiabled() { var options = new StuntmanOptions(); options.AllowCookieAuthentication = false; using (var server = TestServer.Create(app => { app.UseStuntman(options); app.Map("/test", root => { root.Run(context => { /** * Issuing a challenge for a non-existent authentication type * will result in a 401. * * Normal behavior results in a 302 to redirect to the login UI. */ context.Authentication.Challenge(Constants.StuntmanAuthenticationType); return(Task.FromResult(true)); }); }); })) { var response = await server.HttpClient.GetAsync("test"); Assert.Equal(401, (int)response.StatusCode); } }
public async Task AuthorizationBearerToken_ThrowsIfNoMatchingUser() { var options = new StuntmanOptions(); using (var server = TestServer.Create(app => { app.UseStuntman(options); app.Map("", root => { root.Run(context => { return(Task.FromResult(true)); }); }); })) { var request = server.CreateRequest(""); request.AddHeader("Authorization", "Bearer 123"); var response = await request.GetAsync(); Assert.Equal(403, (int)response.StatusCode); } }
public void ReturnsLogout() { var options = new StuntmanOptions(); var html = new UserPicker(options).GetHtml(new TestPrincipal(), "https://return-url"); Assert.Contains("Logout", html); }
public void ThrowsForNullReturnUrl() { var options = new StuntmanOptions(); Assert.Throws <ArgumentNullException>( () => new UserPicker(options) .GetHtml(new TestPrincipal(), null)); }
public void ThrowsForNullCurrentPrincipal() { var options = new StuntmanOptions(); Assert.Throws <ArgumentNullException>( () => new UserPicker(options) .GetHtml(null, "https://return-uri/")); }
public void ThrowsForUnexpectedResponse() { var options = new StuntmanOptions(stuntmanOptionsRetriever: new TestStuntmanOptionsRetriever( webClientStringToReturn: "some_error")); Assert.Throws <JsonReaderException>( () => options.AddConfigurationFromServer("https://example.com")); }
public void ThrowsForNullReturnUrl() { var options = new StuntmanOptions(); Assert.Throws<ArgumentNullException>( () => new UserPicker(options) .GetHtml(new TestPrincipal(), null)); }
public void ThrowsForNullCurrentPrincipal() { var options = new StuntmanOptions(); Assert.Throws<ArgumentNullException>( () => new UserPicker(options) .GetHtml(null, "https://return-uri/")); }
public void SetsUserPickerAlignment(StuntmanAlignment alignment) { var sut = new StuntmanOptions(); sut.SetUserPickerAlignment(alignment); Assert.Equal(alignment, sut.UserPickerAlignment); }
public void ReturnsExpectedNumberOfTotalItems() { var options = new StuntmanOptions() .AddUser(new StuntmanUser("user-1", "User 1")); var html = new UserPicker(options).GetHtml(new TestPrincipal(), "https://return-url"); Assert.Equal(2, Regex.Matches(html, "<li.*?>", RegexOptions.Multiline).Count); }
public void ReturnsExpectedNumberOfTotalItems() { var options = new StuntmanOptions() .AddUser(new StuntmanUser("user-1", "User 1")); var html = new UserPicker(options).GetHtml(new TestPrincipal(), "https://return-url"); Assert.Equal(2, Regex.Matches(html, "<li.*>", RegexOptions.Multiline).Count); }
public void SetsSourceToLocalSource() { var sut = new StuntmanOptions(); sut.AddUser(new StuntmanUser("user-1", "User 1")); var user = sut.Users.Single(); Assert.Equal(Constants.StuntmanOptions.LocalSource, user.Source); }
public async Task DoesNotImmediatelyIssue403_WhenBearerTokenPassthroughIsEnabled() { var options = new StuntmanOptions() .AddUser( new StuntmanUser("user-1", "User 1") .SetAccessToken("123")); options.AllowBearerTokenPassthrough = true; options.AllowCookieAuthentication = false; using (var server = TestServer.Create(app => { app.UseStuntman(options); app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions() { Challenge = "Bearer StuntmanTest", AuthenticationMode = AuthenticationMode.Active, AuthenticationType = Constants.StuntmanAuthenticationType }); app.Use((context, next) => { if (context.Authentication.User != null && context.Authentication.User.Identity != null && context.Authentication.User.Identity.IsAuthenticated) { return(next()); } else { context.Authentication.Challenge(Constants.StuntmanAuthenticationType); return(Task.FromResult(false)); } }); app.Map("/test", root => { root.Run(context => { return(Task.FromResult(true)); }); }); })) { var request = server.CreateRequest("test"); request.AddHeader("Authorization", "Bearer 1234"); var response = await request.GetAsync(); Assert.Equal(401, (int)response.StatusCode); Assert.Contains("StuntmanTest", response.Headers.WwwAuthenticate.Select(x => x.Parameter)); } }
public void AddsUser() { var sut = new StuntmanOptions(); sut.AddUser(new StuntmanUser("user-1", "User 1")); var user = sut.Users.Single(); Assert.Equal("user-1", user.Id); Assert.Equal("User 1", user.Name); }
public void AddsUsers() { var sut = new StuntmanOptions(); var users = Enumerable.Range(1, 10) .Select(i => new StuntmanUser(i.ToString(), $"user-{i}")) .ToList(); var options = sut.AddUsers(users); Assert.Equal(10, options.Users.Count); }
public void Configuration(IAppBuilder app) { var options = new StuntmanOptions() .AddUser(new StuntmanUser("user-1", "User 1") .AddClaim("given_name", "John") .AddClaim("family_name", "Doe")); if (System.Web.HttpContext.Current.IsDebuggingEnabled) { app.UseStuntman(options); } }
public static StuntmanOptions AddUser(this StuntmanOptions options, string name, string surname) { var user = new StuntmanUser($"{name}.{surname}", $"{name} {surname}", ClaimTypes.Name, ClaimTypes.Role) .SetAccessToken(Guid.NewGuid().ToString()) .AddClaim("given_name", name) .AddClaim("family_name", surname) .AddClaim("role", "MDA") .AddClaim("role", "MPIR"); options.AddUser(user); return(options); }
public void ReturnsExpectedItemFormat() { var options = new StuntmanOptions() .AddUser(new StuntmanUser("user-1", "User 1")); var returnUrl = "https://return-url"; var html = new UserPicker(options).GetHtml(new TestPrincipal(), returnUrl); Assert.Contains( $"/stuntman/{Constants.StuntmanOptions.SignInEndpoint}?{Constants.StuntmanOptions.OverrideQueryStringKey}=user-1&{Constants.StuntmanOptions.ReturnUrlQueryStringKey}={WebUtility.UrlEncode(returnUrl)}", html); }
public async Task SignInUri_Returns200Ok() { var options = new StuntmanOptions(); using (var server = TestServer.Create(app => { app.UseStuntman(options); })) { var response = await server.HttpClient.GetAsync(options.SignInUri); Assert.Equal(HttpStatusCode.OK, response.StatusCode); } }
public void ThrowsForDuplicateId() { var sut = new StuntmanOptions(); var user = new StuntmanUser("user-1", "User 1"); sut.AddUser(user); var exception = Assert.Throws <Exception>(() => { sut.AddUser(user); }); Assert.Equal("user must have unique Id.", exception.Message); }
public void ReturnsUsers() { var options = new StuntmanOptions() .AddUser(new StuntmanUser("user-1", "User 1")) .AddUser(new StuntmanUser("user-2", "User 2")); var html = new UserPicker(options).GetHtml(new TestPrincipal(), "https://return-url"); Assert.Contains("user-1", html); Assert.Contains("User 1", html); Assert.Contains("user-2", html); Assert.Contains("User 2", html); }
public void ThrowsForDuplicateId() { var sut = new StuntmanOptions(); var user = new StuntmanUser("user-1", "User 1"); sut.AddUser(user); var exception = Assert.Throws<ApplicationException>(() => { sut.AddUser(user); }); Assert.Equal("user must have unique Id.", exception.Message); }
public async Task SignOutUri_Returns302Redirect() { var options = new StuntmanOptions(); using (var server = TestServer.Create(app => { app.UseStuntman(options); })) { var response = await server.HttpClient.GetAsync(options.SignOutUri); Assert.Equal(HttpStatusCode.Redirect, response.StatusCode); } }
public void ReturnsExpectedReturnUrls() { var options = new StuntmanOptions() .AddUser(new StuntmanUser("user-1", "User 1")) .AddUser(new StuntmanUser("user-2", "User 2")); var returnUrl = "https://return-url/test"; var html = new UserPicker(options).GetHtml(new TestPrincipal(), returnUrl); var matches = Regex.Matches(html, WebUtility.UrlEncode(Regex.Escape(returnUrl))); // 2 Stuntman users + 1 logout = 3 total Assert.Equal(3, matches.Count); }
public async Task SignInUri_OverrideSpecified_ThrowsIfNoMatchingUser() { var options = new StuntmanOptions(); using (var server = TestServer.Create(app => { app.UseStuntman(options); })) { var response = await server.HttpClient.GetAsync( $"{options.SignInUri}?{Constants.StuntmanOptions.OverrideQueryStringKey}=user-1"); Assert.False(response.IsSuccessStatusCode); } }
public async Task SignOutUri_Returns302Redirect() { var options = new StuntmanOptions(); using (var server = TestServer.Create(app => { app.UseStuntman(options); })) { var response = await server.HttpClient.GetAsync( $"{options.SignOutUri}?{Constants.StuntmanOptions.ReturnUrlQueryStringKey}=https://app"); Assert.Equal(HttpStatusCode.Redirect, response.StatusCode); } }
public async Task SignInUri_Returns200Ok() { var options = new StuntmanOptions(); using (var server = TestServer.Create(app => { app.UseStuntman(options); })) { var response = await server.HttpClient.GetAsync( $"{options.SignInUri}?{Constants.StuntmanOptions.ReturnUrlQueryStringKey}=https://app"); Assert.Equal(HttpStatusCode.OK, response.StatusCode); } }
public void InvokesonExceptionWhenExceptionThrown() { var options = new StuntmanOptions(stuntmanOptionsRetriever: new TestStuntmanOptionsRetriever( webClientStringToReturn: "error")); Exception actualException = null; options.TryAddConfigurationFromServer( "https://example.com", (ex) => { actualException = ex; }); Assert.NotNull(actualException); Assert.Equal( "Unexpected character encountered while parsing value: " + "e. Path '', line 0, position 0.", actualException.Message); }
public async Task SignInUri_IfOverrideNotSpecified_ShowsLoginUI() { var options = new StuntmanOptions(); using (var server = TestServer.Create(app => { app.UseStuntman(options); })) { var response = await server.HttpClient.GetAsync(options.SignInUri); Assert.Contains( "Please select a user to continue authentication.", await response.Content.ReadAsStringAsync()); } }
public async Task DoesNotMapSignInUri_WhenCookieAuthenticationIsDiabled() { var options = new StuntmanOptions(); options.AllowCookieAuthentication = false; using (var server = TestServer.Create(app => { app.UseStuntman(options); })) { var response = await server.HttpClient.GetAsync(options.SignInUri); Assert.Equal(404, (int)response.StatusCode); } }
public async Task ServerEndpoint_Returns404_WhenNotEnabled() { var options = new StuntmanOptions(); Assert.False(options.ServerEnabled); using (var server = TestServer.Create(app => { app.UseStuntman(options); })) { var response = await server.HttpClient.GetAsync( options.ServerUri); Assert.Equal(HttpStatusCode.NotFound, response.StatusCode); } }
public async Task SignOutUri_ReturnsExpectedLocationHeader_WhenQueryStringUsed() { const string RedirectUri = "https://redirect-uri/"; var options = new StuntmanOptions(); using (var server = TestServer.Create(app => { app.UseStuntman(options); })) { var response = await server.HttpClient.GetAsync( $"{options.SignOutUri}?{Constants.StuntmanOptions.ReturnUrlQueryStringKey}={RedirectUri}"); Assert.Equal(RedirectUri, response.Headers.Location.AbsoluteUri); } }
public async Task SignInUri_OverrideSpecified_ThrowsIfNoMatchingUser() { var options = new StuntmanOptions(); using (var server = TestServer.Create(app => { app.UseStuntman(options); })) { var url = string.Format("{0}?{1}={2}", options.SignInUri, StuntmanOptions.OverrideQueryStringKey, "user-1"); var response = await server.HttpClient.GetAsync(url); Assert.False(response.IsSuccessStatusCode); } }
public async Task SignOutUri_RemovesExpectedCookieName() { var options = new StuntmanOptions(); using (var server = TestServer.Create(app => { app.UseStuntman(options); })) { var response = await server.HttpClient.GetAsync( $"{options.SignOutUri}?{Constants.StuntmanOptions.ReturnUrlQueryStringKey}=https://app"); var setCookie = response.Headers.GetValues("Set-Cookie").SingleOrDefault(); Assert.Equal( $".AspNet.{Constants.StuntmanAuthenticationType}=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT", setCookie); } }
public async Task SignInUri_OverrideSpecified_SetsExpectedCookieName() { var options = new StuntmanOptions() .AddUser(new StuntmanUser("user-1", "User 1")); using (var server = TestServer.Create(app => { app.UseStuntman(options); })) { var response = await server.HttpClient.GetAsync( $"{options.SignInUri}?{Constants.StuntmanOptions.OverrideQueryStringKey}=user-1&{Constants.StuntmanOptions.ReturnUrlQueryStringKey}=https://app"); var setCookie = response.Headers.GetValues("Set-Cookie").SingleOrDefault(); Assert.StartsWith( $".AspNet.{Constants.StuntmanAuthenticationType}=", setCookie); } }
public async Task SignInUri_OverrideSpecified_SetsExpectedCookieName() { var options = new StuntmanOptions() .AddUser(new StuntmanUser("user-1", "User 1")); using (var server = TestServer.Create(app => { app.UseStuntman(options); })) { var url = string.Format("{0}?{1}={2}", options.SignInUri, StuntmanOptions.OverrideQueryStringKey, "user-1"); var response = await server.HttpClient.GetAsync(url); var setCookie = response.Headers.GetValues("Set-Cookie").SingleOrDefault(); Assert.StartsWith( string.Format(".AspNet.{0}=", IAppBuilderExtensions.StuntmanAuthenticationType), setCookie); } }
public void BeginsWithSpecifiedRootPath() { var sut = new StuntmanOptions("custom/root/path"); Assert.StartsWith("custom/root/path", sut.SignOutUri); }
public async Task ServerEndpoint_ReturnsExpectedResponse_WhenEnabledWithUsers() { const string UserId = "user-1"; var options = new StuntmanOptions() .AddUser(new StuntmanUser(UserId, "User 1")) .EnableServer(); using (var server = TestServer.Create(app => { app.UseStuntman(options); })) { var response = await server.HttpClient.GetAsync( options.ServerUri); response.EnsureSuccessStatusCode(); var stuntmanServerResponse = JsonConvert.DeserializeObject<StuntmanServerResponse>( await response.Content.ReadAsStringAsync()); Assert.Equal(UserId, stuntmanServerResponse.Users.Single().Id); } }
public async Task ServerEndpoint_ReturnsExpectedResponse_WhenEnabled() { var options = new StuntmanOptions() .EnableServer(); using (var server = TestServer.Create(app => { app.UseStuntman(options); })) { var response = await server.HttpClient.GetAsync( options.ServerUri); response.EnsureSuccessStatusCode(); var stuntmanServerResponse = JsonConvert.DeserializeObject<StuntmanServerResponse>( await response.Content.ReadAsStringAsync()); Assert.NotNull(stuntmanServerResponse); } }
public async Task AuthorizationBearerToken_AddsTokenClaim() { var options = new StuntmanOptions() .AddUser( new StuntmanUser("user-1", "User 1") .SetAccessToken("123")); IEnumerable<Claim> claims = null; options.AfterBearerValidateIdentity = (context) => { claims = context .OwinContext .Authentication .AuthenticationResponseGrant .Identity .Claims; }; using (var server = TestServer.Create(app => { app.UseStuntman(options); })) { var request = server.CreateRequest(""); request.AddHeader("Authorization", "Bearer 123"); await request.GetAsync(); Assert.NotNull(claims); var accessToken = claims.FirstOrDefault(x => x.Type == "access_token"); Assert.NotNull(accessToken); Assert.Equal("123", accessToken.Value); } }
public async Task AuthorizationBearerToken_ThrowsIfNoMatchingUser() { var options = new StuntmanOptions(); using (var server = TestServer.Create(app => { app.UseStuntman(options); app.Map("", root => { root.Run(context => { return Task.FromResult(true); }); }); })) { var request = server.CreateRequest(""); request.AddHeader("Authorization", "Bearer 123"); var response = await request.GetAsync(); Assert.Equal(403, (int)response.StatusCode); } }
public void DefaultsToStuntmanAlignmentLeft() { var sut = new StuntmanOptions(); Assert.Equal(StuntmanAlignment.Left, sut.UserPickerAlignment); }
public void EndsWithCorrectSuffix() { var sut = new StuntmanOptions(); Assert.EndsWith(Constants.StuntmanOptions.SignOutEndpoint, sut.SignOutUri); }
public void AddsTrailingSlashToRootPath() { var sut = new StuntmanOptions("custom/root/path"); Assert.StartsWith("custom/root/path/", sut.SignOutUri); }
public void BeginsWithDefaultRootPathWhenNotSpecified() { var sut = new StuntmanOptions(); Assert.StartsWith(Constants.StuntmanOptions.DefaultStuntmanRootPath, sut.SignOutUri); }
public async Task SignInUri_ReturnsExpectedLocationHeader_UsingReferer() { const string RedirectUri = "https://redirect-uri/"; var options = new StuntmanOptions(); using (var server = TestServer.Create(app => { app.UseStuntman(options); })) { var request = new HttpRequestMessage { RequestUri = new Uri(new Uri("https://app"), $"{options.SignInUri}"), Method = HttpMethod.Get }; request.Headers.Referrer = new Uri(RedirectUri); var response = await server.HttpClient.SendAsync(request); Assert.Equal(RedirectUri, response.Headers.Location.AbsoluteUri); } }
public void AddsUserClaims() { const string ClaimType = "TestClaim"; const string ClaimValue = "TestClaimValue"; var users = new List<StuntmanUser> { new StuntmanUser("user-1", "Test Name 1") .AddClaim(ClaimType, ClaimValue), new StuntmanUser("user-2", "Test Name 2") }; var json = JsonConvert.SerializeObject(users); var options = new StuntmanOptions( stuntmanOptionsRetriever: new TestStuntmanOptionsRetriever(localFileStringToReturn: json)) .AddUsersFromJson("C:\\test.json"); var user1 = options.Users.SingleOrDefault(x => x.Claims.Any()); Assert.NotNull(user1); var testClaim = user1.Claims.Single(); Assert.Equal(ClaimType, testClaim.Type); Assert.Equal(ClaimValue, testClaim.Value); }