public void GetState_OldCookie_InValid_ExpiredCookie_NonExtendable() { var eventId = "event1"; var secretKey = "4e1db821-a825-49da-acd0-5d376f2068db"; var queueId = "f8757c2d-34c2-4639-bef2-1736cdd30bbb"; var cookieKey = UserInQueueStateCookieRepository.GetCookieKey(eventId); var issueTime = DateTimeHelper.GetUnixTimeStampFromDate(DateTime.UtcNow.AddMinutes(-4)); var hash = QueueITTokenGenerator.GetSHA256Hash(eventId.ToLower() + queueId + "3" + "idle" + issueTime.ToString(), secretKey); var cookieValue = HttpUtility.UrlEncode($"EventId={eventId}&QueueId={queueId}&{_FixedCookieValidityMinutesKey}=3&RedirectType=idle&IssueTime={issueTime}&Hash={hash}"); KnownUserTest.HttpContextMock fakeContext = new KnownUserTest.HttpContextMock(); var fakeRequest = new KnownUserTest.MockHttpRequest() { CookiesValue = new NameValueCollection() { { cookieKey, cookieValue } } }; fakeContext.HttpRequest = fakeRequest; var fakeResponse = new KnownUserTest.MockHttpResponse() { }; fakeContext.HttpResponse = fakeResponse; var testObject = new UserInQueueStateCookieRepository(fakeContext); var state = testObject.GetState(eventId, 10, secretKey); Assert.True(!state.IsValid); }
public void ValidateRequest_NoCookie_EventIdMismatch_RedirectToErrorPageWithEventIdMissMatchError_DoNotStoreCookie() { var cookieProviderMock = Substitute.For <IUserInQueueStateRepository>(); var config = new QueueEventConfig() { EventId = "e2", QueueDomain = "testDomain.com", CookieValidityMinute = 10, ExtendCookieValidity = false, Version = 10, ActionName = "QueueAction" }; var customerKey = "4e1db821-a825-49da-acd0-5d376f2068db"; var queueId = "iopdb821-a825-49da-acd0-5d376f2068db"; cookieProviderMock.GetState("", 10, "").ReturnsForAnyArgs(new StateInfo(false, false, "", null, "")); string hash = ""; var queueitToken = QueueITTokenGenerator.GenerateToken( DateTime.UtcNow.AddHours(1), "e1", queueId, true, null, customerKey, out hash, "queue" ); var targetUrl = "http://test.test.com?b=h"; var knownUserVersion = UserInQueueService.SDK_VERSION; var expectedMan = Uri.EscapeDataString(config.ActionName); var expectedErrorUrl = $"https://testDomain.com/error/eventid/?c=testCustomer&e=e2" + $"&ver={knownUserVersion}" + "&cver=10" + $"&man=QueueAction" + $"&queueittoken={queueitToken}" + $"&t={Uri.EscapeDataString(targetUrl)}"; UserInQueueService testObject = new UserInQueueService(cookieProviderMock); var result = testObject.ValidateQueueRequest(targetUrl, queueitToken, config, "testCustomer", customerKey); Assert.True(result.DoRedirect); var regex = new Regex("&ts=[^&]*"); var match = regex.Match(result.RedirectUrl); var serverTimestamp = DateTimeHelper.GetDateTimeFromUnixTimeStamp(match.Value.Replace("&ts=", "").Replace("&", "")); Assert.True(DateTime.UtcNow.Subtract(serverTimestamp) < TimeSpan.FromSeconds(10)); var redirectUrl = regex.Replace(result.RedirectUrl, ""); Assert.True(redirectUrl.ToUpper() == expectedErrorUrl.ToUpper()); Assert.True(config.EventId == result.EventId); Assert.Equal(config.ActionName, result.ActionName); cookieProviderMock.DidNotReceiveWithAnyArgs().Store("", "", null, "", false, false, null, ""); cookieProviderMock.DidNotReceiveWithAnyArgs().CancelQueueCookie(config.EventId, config.CookieDomain, config.IsCookieHttpOnly, config.IsCookieSecure); }
public void ValidateRequest_NoCookie_ValidToken_ExtendableCookie_DoNotRedirect_StoreExtendableCookie() { var cookieProviderMock = Substitute.For <IUserInQueueStateRepository>(); var config = new QueueEventConfig() { EventId = "e1", QueueDomain = "testDomain.com", CookieValidityMinute = 10, ExtendCookieValidity = false, ActionName = "QueueAction" }; var customerKey = "4e1db821-a825-49da-acd0-5d376f2068db"; var queueId = "iopdb821-a825-49da-acd0-5d376f2068db"; cookieProviderMock.GetState("", 10, "").ReturnsForAnyArgs(new StateInfo(false, false, "", null, "")); string hash = ""; var queueitToken = QueueITTokenGenerator.GenerateToken( DateTime.UtcNow.AddHours(1), "e1", queueId, true, null, customerKey, out hash, "queue"); var targetUrl = "http://test.test.com?b=h"; UserInQueueService testObject = new UserInQueueService(cookieProviderMock); var result = testObject.ValidateQueueRequest(targetUrl, queueitToken, config, "testCustomer", customerKey); Assert.True(!result.DoRedirect); cookieProviderMock.Received().Store( "e1", queueId, null, config.CookieDomain, config.IsCookieHttpOnly, config.IsCookieSecure, "queue", customerKey); Assert.True(result.QueueId == queueId); Assert.True(result.RedirectType == "queue"); Assert.True(config.EventId == result.EventId); cookieProviderMock.DidNotReceiveWithAnyArgs().CancelQueueCookie(config.EventId, config.CookieDomain, config.IsCookieHttpOnly, config.IsCookieSecure); }
public void ExtendQueueCookie_CookieExist_Test() { var eventId = "event1"; var secretKey = "4e1db821-a825-49da-acd0-5d376f2068db"; var queueId = "f8757c2d-34c2-4639-bef2-1736cdd30bbb"; var cookieKey = UserInQueueStateCookieRepository.GetCookieKey(eventId); var issueTime = DateTimeHelper.GetUnixTimeStampFromDate(DateTime.UtcNow.AddMinutes(-1)); var hash = QueueITTokenGenerator.GetSHA256Hash(eventId.ToLower() + queueId + "3" + "idle" + issueTime, secretKey); var cookieValue = $"EventId={eventId}&QueueId={queueId}&{_FixedCookieValidityMinutesKey}=3&RedirectType=idle&IssueTime={issueTime}&Hash={hash}"; var isCookieHttpOnly = true; var isCookieSecure = true; KnownUserTest.HttpContextMock fakeContext = new KnownUserTest.HttpContextMock(); var fakeRequest = new KnownUserTest.MockHttpRequest { CookiesValue = new NameValueCollection { { cookieKey, cookieValue } } }; fakeContext.HttpRequest = fakeRequest; var fakeResponse = new KnownUserTest.MockHttpResponse(); fakeContext.HttpResponse = fakeResponse; var testObject = new UserInQueueStateCookieRepository(fakeContext); testObject.ReissueQueueCookie(eventId, 12, "testdomain", isCookieHttpOnly, isCookieSecure, secretKey); var newIssueTime = DateTimeHelper.GetDateTimeFromUnixTimeStamp(CookieHelper.ToNameValueCollectionFromValue(fakeResponse.CookiesValue[cookieKey]["cookieValue"].ToString())["IssueTime"]); Assert.True(newIssueTime.Subtract(DateTime.UtcNow) < TimeSpan.FromSeconds(2)); Assert.True(fakeResponse.CookiesValue[cookieKey]["domain"].ToString() == "testdomain"); Assert.Equal(isCookieHttpOnly, fakeResponse.CookiesValue[cookieKey]["isHttpOnly"] as bool?); Assert.Equal(isCookieSecure, fakeResponse.CookiesValue[cookieKey]["isSecure"] as bool?); var state = testObject.GetState(eventId, 5, secretKey); Assert.True(state.IsValid); Assert.True(!state.IsStateExtendable); Assert.True(state.QueueId == queueId); Assert.True(state.RedirectType == "idle"); }
public void GetState_ValidCookieFormat_Extendable() { var eventId = "event1"; var secretKey = "4e1db821-a825-49da-acd0-5d376f2068db"; var queueId = "f8757c2d-34c2-4639-bef2-1736cdd30bbb"; var cookieKey = UserInQueueStateCookieRepository.GetCookieKey(eventId); var issueTime = DateTimeHelper.GetUnixTimeStampFromDate(DateTime.UtcNow); var hash = QueueITTokenGenerator.GetSHA256Hash(eventId.ToLower() + queueId + "queue" + issueTime.ToString(), secretKey); var cookieValue = $"EventId={eventId}&QueueId={queueId}&RedirectType=queue&IssueTime={issueTime}&Hash={hash}"; KnownUserTest.HttpContextMock fakeContext = new KnownUserTest.HttpContextMock(); var fakeRequest = new KnownUserTest.MockHttpRequest() { CookiesValue = new NameValueCollection() { { cookieKey, cookieValue } } }; fakeContext.HttpRequest = fakeRequest; var fakeResponse = new KnownUserTest.MockHttpResponse() { }; fakeContext.HttpResponse = fakeResponse; var testObject = new UserInQueueStateCookieRepository(fakeContext); var state = testObject.GetState(eventId, 10, secretKey); Assert.True(state.IsStateExtendable); Assert.True(state.IsValid); Assert.True(state.QueueId == queueId); Assert.True(state.RedirectType == "queue"); }