public async Task UnsolicitedAssertion() {
var opStore = new MemoryCryptoKeyAndNonceStore();
Handle(RPUri).By(
async req => {
var rp = new OpenIdRelyingParty(new MemoryCryptoKeyAndNonceStore(), this.HostFactories);
IAuthenticationResponse response = await rp.GetResponseAsync(req);
Assert.That(response, Is.Not.Null);
Assert.AreEqual(AuthenticationStatus.Authenticated, response.Status);
return new HttpResponseMessage();
});
Handle(OPUri).By(
async (req, ct) => {
var op = new OpenIdProvider(opStore, this.HostFactories);
return await this.AutoProviderActionAsync(op, req, ct);
});
this.RegisterMockRPDiscovery(ssl: false);
{
var op = new OpenIdProvider(opStore, this.HostFactories);
Identifier id = GetMockIdentifier(ProtocolVersion.V20);
var assertion = await op.PrepareUnsolicitedAssertionAsync(OPUri, RPRealmUri, id, OPLocalIdentifiers[0]);
using (var httpClient = this.HostFactories.CreateHttpClient()) {
using (var response = await httpClient.GetAsync(assertion.Headers.Location)) {
response.EnsureSuccessStatusCode();
}
}
}
}
public async Task AssertionWithEndpointFilter() {
var opStore = new MemoryCryptoKeyAndNonceStore();
Handle(RPUri).By(
async req => {
var rp = new OpenIdRelyingParty(new MemoryCryptoKeyAndNonceStore(), this.HostFactories);
// Rig it to always deny the incoming OP
rp.EndpointFilter = op => false;
// Receive the unsolicited assertion
var response = await rp.GetResponseAsync(req);
Assert.That(response, Is.Not.Null);
Assert.AreEqual(AuthenticationStatus.Failed, response.Status);
return new HttpResponseMessage();
});
this.RegisterAutoProvider();
{
var op = new OpenIdProvider(opStore, this.HostFactories);
Identifier id = GetMockIdentifier(ProtocolVersion.V20);
var assertion = await op.PrepareUnsolicitedAssertionAsync(OPUri, GetMockRealm(false), id, id);
using (var httpClient = this.HostFactories.CreateHttpClient()) {
using (var response = await httpClient.GetAsync(assertion.Headers.Location)) {
response.EnsureSuccessStatusCode();
}
}
}
}
public async Task ExtensionsAreIdentifiedAsSignedOrUnsigned() {
Protocol protocol = Protocol.Default;
var opStore = new MemoryCryptoKeyAndNonceStore();
int rpStep = 0;
Handle(RPUri).By(
async req => {
var rp = new OpenIdRelyingParty(new MemoryCryptoKeyAndNonceStore(), this.HostFactories);
RegisterMockExtension(rp.Channel);
switch (++rpStep) {
case 1:
var response = await rp.Channel.ReadFromRequestAsync<IndirectSignedResponse>(req, CancellationToken.None);
Assert.AreEqual(1, response.SignedExtensions.Count(), "Signed extension should have been received.");
Assert.AreEqual(0, response.UnsignedExtensions.Count(), "No unsigned extension should be present.");
break;
case 2:
response = await rp.Channel.ReadFromRequestAsync<IndirectSignedResponse>(req, CancellationToken.None);
Assert.AreEqual(0, response.SignedExtensions.Count(), "No signed extension should have been received.");
Assert.AreEqual(1, response.UnsignedExtensions.Count(), "Unsigned extension should have been received.");
break;
default:
throw Assumes.NotReachable();
}
return new HttpResponseMessage();
});
Handle(OPUri).By(
async req => {
var op = new OpenIdProvider(opStore, this.HostFactories);
return await AutoProviderActionAsync(op, req, CancellationToken.None);
});
{
var op = new OpenIdProvider(opStore, this.HostFactories);
RegisterMockExtension(op.Channel);
var redirectingResponse = await op.Channel.PrepareResponseAsync(this.CreateResponseWithExtensions(protocol));
using (var httpClient = this.HostFactories.CreateHttpClient()) {
using (var response = await httpClient.GetAsync(redirectingResponse.Headers.Location)) {
response.EnsureSuccessStatusCode();
}
}
op.SecuritySettings.SignOutgoingExtensions = false;
redirectingResponse = await op.Channel.PrepareResponseAsync(this.CreateResponseWithExtensions(protocol));
using (var httpClient = this.HostFactories.CreateHttpClient()) {
using (var response = await httpClient.GetAsync(redirectingResponse.Headers.Location)) {
response.EnsureSuccessStatusCode();
}
}
}
}
/// <summary>
/// Gets the standard state storage mechanism that uses ASP.NET's
/// HttpApplication state dictionary to store associations and nonces.
/// </summary>
/// <param name="context">The context.</param>
/// <returns>The application store.</returns>
public static ICryptoKeyAndNonceStore GetHttpApplicationStore(HttpContextBase context = null) {
if (context == null) {
ErrorUtilities.VerifyOperation(HttpContext.Current != null, Strings.StoreRequiredWhenNoHttpContextAvailable, typeof(ICryptoKeyAndNonceStore).Name);
context = new HttpContextWrapper(HttpContext.Current);
}
var store = (ICryptoKeyAndNonceStore)context.Application[ApplicationStoreKey];
if (store == null) {
context.Application.Lock();
try {
if ((store = (ICryptoKeyAndNonceStore)context.Application[ApplicationStoreKey]) == null) {
context.Application[ApplicationStoreKey] = store = new MemoryCryptoKeyAndNonceStore();
}
} finally {
context.Application.UnLock();
}
}
return store;
}