public void Relative_paths_with_leading_slash_are_fully_qualified() { var qualifier = new UriQualifier(this.fakeBaseUrl); var uri = qualifier.EnsureFullyQualified("/path/to/resource"); uri.ShouldBe($"{this.fakeBaseUrl}/path/to/resource"); }
public void Idempotent_on_already_fully_qualified_paths() { var qualifier = new UriQualifier(this.fakeBaseUrl); var alreadyQualified = qualifier.EnsureFullyQualified("http://api.foo.bar/foo/bar"); alreadyQualified.ShouldBe("http://api.foo.bar/foo/bar"); }
public void Adds_Host_header() { var apiKey = new DefaultClientApiKey("foo", "bar"); var uriQualifier = new UriQualifier("http://api.foo.bar"); var request = new DefaultHttpRequest(HttpMethod.Get, new CanonicalUri(uriQualifier.EnsureFullyQualified("/stuff"))); this.authenticator.AuthenticateCore(request, apiKey, this.fakeNow, this.fakeNonce); // Host: [hostname] request.Headers.Host.ShouldBe("api.foo.bar"); }
public void Adds_XStormpathDate_header() { var apiKey = new DefaultClientApiKey("foo", "bar"); var uriQualifier = new UriQualifier("http://api.foo.bar"); var request = new DefaultHttpRequest(HttpMethod.Get, new CanonicalUri(uriQualifier.EnsureFullyQualified("/stuff"))); this.authenticator.AuthenticateCore(request, apiKey, this.fakeNow, this.fakeNonce); // X-Stormpath-Date -> current time in UTC var stormpathDateHeader = Iso8601.Parse(request.Headers.GetFirst<string>("X-Stormpath-Date")); stormpathDateHeader.ShouldBe(this.fakeNow); }
public BasicRequestAuthenticator_tests() { this.uriQualifier = new UriQualifier(this.fakeBaseHref); this.authenticator = new BasicRequestAuthenticator(); this.apiKey = new DefaultClientApiKey(this.fakeApiKeyId, this.fakeApiKeySecret); }
public void Adds_SAuthc1_authorization_header() { IClientApiKey apiKey = new DefaultClientApiKey("myAppId", "super-secret"); var uriQualifier = new UriQualifier("http://api.stormpath.com/v1"); var request = new DefaultHttpRequest(HttpMethod.Get, new CanonicalUri(uriQualifier.EnsureFullyQualified("/accounts"))); this.authenticator.AuthenticateCore(request, apiKey, this.fakeNow, this.fakeNonce); // Authorization: "SAuthc1 [signed hash]" var authenticationHeader = request.Headers.Authorization; authenticationHeader.Scheme.ShouldBe("SAuthc1"); authenticationHeader.Parameter.ShouldNotBe(null); // Format "sauthc1Id=[id string], sauthc1SignedHeaders=[host;x-stormpath-date;...], sauthc1Signature=[signature in hex]" var parts = authenticationHeader.Parameter.Split(' '); var sauthc1Id = parts[0].TrimEnd(',').SplitToKeyValuePair('='); var sauthc1SignedHeaders = parts[1].TrimEnd(',').SplitToKeyValuePair('='); var sauthc1Signature = parts[2].SplitToKeyValuePair('='); var dateString = this.fakeNow.ToString("yyyyMMdd", CultureInfo.InvariantCulture); sauthc1Id.Key.ShouldBe("sauthc1Id"); sauthc1Id.Value.ShouldBe($"{apiKey.GetId()}/{dateString}/{this.fakeNonce}/sauthc1_request"); sauthc1SignedHeaders.Key.ShouldBe("sauthc1SignedHeaders"); sauthc1SignedHeaders.Value.ShouldBe("host;x-stormpath-date"); sauthc1Signature.Key.ShouldBe("sauthc1Signature"); sauthc1Signature.Value.ShouldNotBe(null); }
public void Should_authenticate_request_with_multiple_query_params() { IClientApiKey apiKey = new DefaultClientApiKey("MyId", "Shush!"); var uriQualifier = new UriQualifier("http://api.stormpath.com/v1"); var request = new DefaultHttpRequest(HttpMethod.Get, new CanonicalUri(uriQualifier.EnsureFullyQualified("/applications/77JnfFiREjdfQH0SObMfjI/groups?q=group&limit=25&offset=25"))); var now = new DateTimeOffset(2013, 7, 1, 0, 0, 0, TimeSpan.Zero); var nonce = "a43a9d25-ab06-421e-8605-33fd1e760825"; this.authenticator.AuthenticateCore(request, apiKey, now, nonce); var sauthc1Id = request.Headers.Authorization.Parameter.Split(' ')[0]; var sauthc1SignedHeaders = request.Headers.Authorization.Parameter.Split(' ')[1]; var sauthc1Signature = request.Headers.Authorization.Parameter.Split(' ')[2]; request.Headers.Authorization.Scheme.ShouldBe("SAuthc1"); sauthc1Id.ShouldBe("sauthc1Id=MyId/20130701/a43a9d25-ab06-421e-8605-33fd1e760825/sauthc1_request,"); sauthc1SignedHeaders.ShouldBe("sauthc1SignedHeaders=host;x-stormpath-date,"); sauthc1Signature.ShouldBe("sauthc1Signature=e30a62c0d03ca6cb422e66039786865f3eb6269400941ede6226760553a832d3"); }
public void Should_authenticate_request_with_query_params() { IClientApiKey apiKey = new DefaultClientApiKey("MyId", "Shush!"); var uriQualifier = new UriQualifier("http://api.stormpath.com/v1"); var request = new DefaultHttpRequest(HttpMethod.Get, new CanonicalUri(uriQualifier.EnsureFullyQualified("/directories?orderBy=name+asc"))); var now = new DateTimeOffset(2013, 7, 1, 0, 0, 0, TimeSpan.Zero); var nonce = "a43a9d25-ab06-421e-8605-33fd1e760825"; this.authenticator.AuthenticateCore(request, apiKey, now, nonce); var sauthc1Id = request.Headers.Authorization.Parameter.Split(' ')[0]; var sauthc1SignedHeaders = request.Headers.Authorization.Parameter.Split(' ')[1]; var sauthc1Signature = request.Headers.Authorization.Parameter.Split(' ')[2]; request.Headers.Authorization.Scheme.ShouldBe("SAuthc1"); sauthc1Id.ShouldBe("sauthc1Id=MyId/20130701/a43a9d25-ab06-421e-8605-33fd1e760825/sauthc1_request,"); sauthc1SignedHeaders.ShouldBe("sauthc1SignedHeaders=host;x-stormpath-date,"); sauthc1Signature.ShouldBe("sauthc1Signature=fc04c5187cc017bbdf9c0bb743a52a9487ccb91c0996267988ceae3f10314176"); }
public void Should_authenticate_request_without_query_params() { IClientApiKey apiKey = new DefaultClientApiKey("MyId", "Shush!"); var uriQualifier = new UriQualifier("http://api.stormpath.com/v1"); var request = new DefaultHttpRequest(HttpMethod.Get, new CanonicalUri(uriQualifier.EnsureFullyQualified("/"))); var now = new DateTimeOffset(2013, 7, 1, 0, 0, 0, TimeSpan.Zero); var nonce = "a43a9d25-ab06-421e-8605-33fd1e760825"; this.authenticator.AuthenticateCore(request, apiKey, now, nonce); var sauthc1Id = request.Headers.Authorization.Parameter.Split(' ')[0]; var sauthc1SignedHeaders = request.Headers.Authorization.Parameter.Split(' ')[1]; var sauthc1Signature = request.Headers.Authorization.Parameter.Split(' ')[2]; request.Headers.Authorization.Scheme.ShouldBe("SAuthc1"); sauthc1Id.ShouldBe("sauthc1Id=MyId/20130701/a43a9d25-ab06-421e-8605-33fd1e760825/sauthc1_request,"); sauthc1SignedHeaders.ShouldBe("sauthc1SignedHeaders=host;x-stormpath-date,"); sauthc1Signature.ShouldBe("sauthc1Signature=990a95aabbcbeb53e48fb721f73b75bd3ae025a2e86ad359d08558e1bbb9411c"); }