示例#1
0
        public void Authenticating_once_with_CredentialsAuth_does_establish_auth_session()
        {
            var client = GetClient();

            client.Post(new Authenticate {
                provider = "credentials",
                UserName = Username,
                Password = Password,
            });

            var request = new Secured {
                Name = "test"
            };
            var response = client.Send <SecuredResponse>(request);

            Assert.That(response.Result, Is.EqualTo(request.Name));

            var newClient = GetClient();

            newClient.SetSessionId(client.GetSessionId());
            response = newClient.Send <SecuredResponse>(request);
            Assert.That(response.Result, Is.EqualTo(request.Name));
        }
        public void Authenticating_once_with_CredentialsAuth_does_establish_auth_session()
        {
            var client = GetClient();

            try
            {
                client.Send(new Authenticate());
                Assert.Fail("Should throw");
            }
            catch (WebServiceException ex)
            {
                Assert.That(ex.StatusCode, Is.EqualTo((int)HttpStatusCode.Unauthorized));
            }

            client.Post(new Authenticate
            {
                provider = "credentials",
                UserName = Username,
                Password = Password,
            });

            client.Send(new Authenticate());

            var request = new Secured {
                Name = "test"
            };
            var response = client.Send <SecuredResponse>(request);

            Assert.That(response.Result, Is.EqualTo(request.Name));

            var newClient = GetClient();

            newClient.SetSessionId(client.GetSessionId());
            response = newClient.Send <SecuredResponse>(request);
            Assert.That(response.Result, Is.EqualTo(request.Name));
        }
        public void Authenticating_once_with_ApiKeyAuth_BearerToken_does_not_establish_auth_session()
        {
            var client = GetClientWithApiKeyBearerToken();

            var request = new Secured {
                Name = "test"
            };
            var response = client.Send <SecuredResponse>(request);

            Assert.That(response.Result, Is.EqualTo(request.Name));

            var newClient = GetClient();

            newClient.SetSessionId(client.GetSessionId());
            try
            {
                response = newClient.Send <SecuredResponse>(request);
                Assert.Fail("Should throw");
            }
            catch (WebServiceException webEx)
            {
                Assert.That(webEx.StatusCode, Is.EqualTo((int)HttpStatusCode.Unauthorized));
            }
        }
 public object Any(Secured request)
 {
     return(new SecuredResponse {
         Result = request.Name
     });
 }
        public void Doesnt_allow_using_expired_keys()
        {
            var client = new JsonServiceClient(ListeningOn)
            {
                Credentials = new NetworkCredential(ApiKey.Id, ""),
            };

            var authResponse = client.Get(new Authenticate());

            var apiKeys = apiRepo.GetUserApiKeys(authResponse.UserId)
                          .Where(x => x.Environment == "live")
                          .ToList();

            var oldApiKey = apiKeys[0].Id;

            client = new JsonServiceClient(ListeningOn)
            {
                BearerToken = oldApiKey,
            };

            //Key IsValid
            var request = new Secured {
                Name = "test"
            };
            var response = client.Send(request);

            Assert.That(response.Result, Is.EqualTo(request.Name));

            apiKeys[0].ExpiryDate = DateTime.UtcNow.AddMinutes(-1);
            apiRepo.StoreAll(new[] { apiKeys[0] });

            try
            {
                //Key is no longer valid
                client.Get(new GetApiKeys {
                    Environment = "live"
                });
                Assert.Fail("Should throw");
            }
            catch (WebServiceException ex)
            {
                Assert.That(ex.StatusCode, Is.EqualTo((int)HttpStatusCode.Forbidden));
            }

            client = new JsonServiceClient(ListeningOn)
            {
                Credentials = new NetworkCredential(ApiKey.Id, ""),
            };
            var regenResponse = client.Send(new RegenrateApiKeys {
                Environment = "live"
            });

            //Change to new Valid Key
            client.BearerToken = regenResponse.Results[0].Key;
            var apiKeyResponse = client.Get(new GetApiKeys {
                Environment = "live"
            });

            Assert.That(regenResponse.Results.Map(x => x.Key), Is.EquivalentTo(
                            apiKeyResponse.Results.Map(x => x.Key)));
        }