public void Setup() { var httpContextMock = new Mock<HttpContextBase>(); httpContextMock.Setup(c => c.Items).Returns(new ListDictionary()); _httpContext = httpContextMock.Object; _configEnabled = new SessionSecurityConfigurationSection { SessionIDAuthentication = { Enabled = true } }; _sessionIDHelper = new Mock<IAuthenticatedSessionIDHelper>().Object; }
public void GetKeyFromConfig_UseMachineKeyTrue_ReturnsMachineKey() { var sessionSecurityConfig = new SessionSecurityConfigurationSection(); sessionSecurityConfig.SessionIDAuthentication.UseMachineKey = true; var helper = new SessionIDAuthenticationConfigurationHelper(sessionSecurityConfig, _machineKeyHelper, _appsettingHelper); var key = helper.GetKeyFromConfig(); Assert.AreEqual(_expectedMachineKey, key); }
public void Validate_DisabledInConfigUserAuthenticated_ReturnsTrueOnValidAspnetSessionID() { var mock = Mock.Get(_httpContext); mock.Setup(c => c.User.Identity.IsAuthenticated).Returns(true); mock.Setup(c => c.User.Identity.Name).Returns("klings"); var config = new SessionSecurityConfigurationSection {SessionIDAuthentication = {Enabled = false}}; var sessionIdManager = new AuthenticatedSessionIDManager(_httpContext, config, _sessionIDHelper); Mock.Get(_sessionIDHelper).Setup(s => s.Validate(It.IsAny<String>(), It.IsAny<String>())).Returns(false); Assert.True(sessionIdManager.Validate("abcdefghijklmnopqrstuvwx")); }
public void CreateSessionID_DisabledInConfigUserAuthenticated_ReturnsAspNetSessionID() { var mock = Mock.Get(_httpContext); mock.Setup(c => c.User.Identity.IsAuthenticated).Returns(true); mock.Setup(c => c.User.Identity.Name).Returns("klings"); var config = new SessionSecurityConfigurationSection {SessionIDAuthentication = {Enabled = false}}; var sessionIdManager = new AuthenticatedSessionIDManager(_httpContext, config, _sessionIDHelper); Mock.Get(_sessionIDHelper).Setup(s => s.Create("klings")).Returns("secureid"); Assert.True(sessionIdManager.CreateSessionID(null).Length == 24, "Generated session id was not length 24, and propably not an ASP.NET session ID."); }
public void GetKeyFromConfig_UseMachineKeyFalseNoAuthenticationKeyAppsettingConfigured_ReturnsKeyFromAppsetting() { var sessionSecurityConfig = new SessionSecurityConfigurationSection(); sessionSecurityConfig.SessionIDAuthentication.UseMachineKey = false; sessionSecurityConfig.SessionIDAuthentication.AuthenticationKeyAppsetting = "AuthKey"; var helper = new SessionIDAuthenticationConfigurationHelper(sessionSecurityConfig, _machineKeyHelper, _appsettingHelper); var key = helper.GetKeyFromConfig(); Assert.AreEqual(_expectedAppsettingKey, key); }
public void Setup() { _rng = new PredictableNumberGenerator(0x05); _hmac = new Mock<IHmacHelper>().Object; Mock.Get(_hmac).Setup(h => h.CalculateMac(It.IsAny<byte[]>(), It.IsAny<byte[]>())).Returns(GetMockMac); var config = new SessionSecurityConfigurationSection(); config.SessionIDAuthentication.Enabled = true; config.SessionIDAuthentication.AuthenticationKey = "0101010101010101010101010101010101010101010101010101010101010101"; _helper = new AuthenticatedSessionIDHelper(_rng, new byte[32], _hmac); }
internal SessionIDAuthenticationConfigurationHelper(SessionSecurityConfigurationSection config, IMachineKeyConfigurationHelper machineKeyHelper, IAppsettingKeyHelper appsettingHelper) { _sessionSecurityConfig = config; _machineKeyHelper = machineKeyHelper; _appsettingHelper = appsettingHelper; }
internal SessionIDAuthenticationConfigurationHelper() { _sessionSecurityConfig = SessionSecurityConfiguration.Configuration; _machineKeyHelper = new MachineKeyConfigurationHelper(); _appsettingHelper = new AppsettingKeyHelper(); }
internal AuthenticatedSessionIDManager(HttpContextBase context, SessionSecurityConfigurationSection config, IAuthenticatedSessionIDHelper helper) { _mockContext = context; _authenticatedSessionsEnabled = config.SessionIDAuthentication.Enabled; _sessionIdHelper = helper; }