public void TestEmptyVerifier()
{
byte[] seed = { 0, 0, 0, 0 };
RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(seed);
Console.WriteLine("preparing the authority block");
KeyPair root = new KeyPair(rng);
Biscuit.Token.Builder.BiscuitBuilder builder = Biscuit.Token.Biscuit.Builder(rng, root);
builder.AddRight("/folder1/file1", "read");
builder.AddRight("/folder1/file1", "write");
builder.AddRight("/folder1/file2", "read");
builder.AddRight("/folder1/file2", "write");
builder.AddRight("/folder2/file3", "read");
Console.WriteLine(builder.Build());
Biscuit.Token.Biscuit b = builder.Build().Right;
Console.WriteLine(b.Print());
BlockBuilder block2 = b.CreateBlock();
block2.ResourcePrefix("/folder1/");
block2.CheckRight("read");
KeyPair keypair2 = new KeyPair(rng);
Biscuit.Token.Biscuit b2 = b.Attenuate(rng, keypair2, block2.Build()).Right;
Verifier v1 = new Verifier();
v1.Allow();
Either <Error, long> res = v1.Verify();
Assert.IsTrue(res.IsRight);
v1.AddToken(b2, Option.Some(root.ToPublicKey())).Get();
v1.AddResource("/folder2/file1");
v1.AddOperation("write");
res = v1.Verify();
Assert.IsTrue(res.IsLeft);
}
public void TestReset()
{
byte[] seed = { 0, 0, 0, 0 };
RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(seed);
Console.WriteLine("preparing the authority block");
KeyPair root = new KeyPair(rng);
Biscuit.Token.Builder.BiscuitBuilder builder = Biscuit.Token.Biscuit.Builder(rng, root);
builder.AddRight("/folder1/file1", "read");
builder.AddRight("/folder1/file1", "write");
builder.AddRight("/folder1/file2", "read");
builder.AddRight("/folder1/file2", "write");
builder.AddRight("/folder2/file3", "read");
Console.WriteLine(builder.Build());
Biscuit.Token.Biscuit b = builder.Build().Right;
Console.WriteLine(b.Print());
var block2 = b.CreateBlock();
block2.ResourcePrefix("/folder1/");
block2.CheckRight("read");
KeyPair keypair2 = new KeyPair(rng);
Biscuit.Token.Biscuit b2 = b.Attenuate(rng, keypair2, block2.Build()).Right;
Verifier v1 = b2.Verify(root.ToPublicKey()).Right;
v1.Allow();
Verifier v2 = v1.Clone();
v2.AddResource("/folder1/file1");
v2.AddOperation("read");
Either <Error, long> res = v2.Verify();
Assert.IsTrue(res.IsRight);
Verifier v3 = v1.Clone();
v3.AddResource("/folder2/file3");
v3.AddOperation("read");
res = v3.Verify();
Console.WriteLine(v3.PrintWorld());
Assert.IsTrue(res.IsLeft);
Verifier v4 = v1.Clone();
v4.AddResource("/folder2/file1");
v4.AddOperation("write");
res = v4.Verify();
Error e = res.Left;
Assert.IsTrue(res.IsLeft);
Console.WriteLine(v4.PrintWorld());
foreach (FailedCheck f in e.FailedCheck().Get())
{
Console.WriteLine(f.ToString());
}
Assert.AreEqual(
new FailedLogic(new LogicError.FailedChecks(Arrays.AsList <FailedCheck>(
new FailedCheck.FailedBlock(1, 0, "check if resource(#ambient, $resource), $resource.starts_with(\"/folder1/\")"),
new FailedCheck.FailedBlock(1, 1, "check if resource(#ambient, $resource), operation(#ambient, #read), right(#authority, $resource, #read)")
))),
e);
}