Added unsolicited assertion tests.

7 files changed, 82 insertions, 18 deletions

diff --git a/src/DotNetOpenId.Test/Provider/OpenIdProviderTest.cs b/src/DotNetOpenId.Test/Provider/OpenIdProviderTest.cs
index 05b951b..2ba3e8c 100644
--- a/src/DotNetOpenId.Test/Provider/OpenIdProviderTest.cs
+++ b/src/DotNetOpenId.Test/Provider/OpenIdProviderTest.cs
@@ -1,13 +1,9 @@
 using System;

-using System.Collections.Generic;

-using System.Text;

-using NUnit.Framework;

-using System.IO;

-using System.Diagnostics;

-using DotNetOpenId.Test.Hosting;

-using System.Text.RegularExpressions;

-using DotNetOpenId.Provider;

 using System.Collections.Specialized;

+using DotNetOpenId.Provider;

+using DotNetOpenId.RelyingParty;

+using DotNetOpenId.Test.Mocks;

+using NUnit.Framework;

 using ProviderMemoryStore = DotNetOpenId.AssociationMemoryStore<DotNetOpenId.AssociationRelyingPartyType>;

 

 namespace DotNetOpenId.Test.Provider {

@@ -16,6 +12,17 @@ namespace DotNetOpenId.Test.Provider {
 		readonly Uri providerEndpoint = new Uri("http://someendpoint");

 		readonly Uri emptyRequestUrl = new Uri("http://someendpoint/request");

 

+		[SetUp]

+		public void Setup() {

+			if (!UntrustedWebRequest.WhitelistHosts.Contains("localhost"))

+				UntrustedWebRequest.WhitelistHosts.Add("localhost");

+		}

+

+		[TearDown]

+		public void TearDown() {

+			MockHttpRequest.Reset();

+		}

+

 		/// <summary>

 		/// Verifies that without an ASP.NET context, the default constructor fails.

 		/// </summary>

@@ -61,9 +68,32 @@ namespace DotNetOpenId.Test.Provider {
 			Assert.IsNull(op.Request);

 		}

 

-		//[Test, Ignore("Not implemented")]

-		public void PrepareUnsolicitedAssertion() {

-			// TODO: code here

+		[Test]

+		public void BasicUnsolicitedAssertion() {

+			Mocks.MockHttpRequest.RegisterMockRPDiscovery();

+			TestSupport.Scenarios scenario = TestSupport.Scenarios.AutoApproval;

+			Identifier claimedId = TestSupport.GetMockIdentifier(scenario, ProtocolVersion.V20);

+			Identifier localId = TestSupport.GetDelegateUrl(scenario);

+

+			OpenIdProvider op = TestSupport.CreateProvider(null);

+			IResponse assertion = op.PrepareUnsolicitedAssertion(TestSupport.Realm, claimedId, localId);

+			var rpResponse = TestSupport.CreateRelyingPartyResponse(TestSupport.RelyingPartyStore, assertion);

+			Assert.AreEqual(AuthenticationStatus.Authenticated, rpResponse.Status);

+			Assert.AreEqual(claimedId, rpResponse.ClaimedIdentifier);

+		}

+

+		[Test]

+		public void UnsolicitedAssertionWithBadCapitalization() {

+			Mocks.MockHttpRequest.RegisterMockRPDiscovery();

+			TestSupport.Scenarios scenario = TestSupport.Scenarios.AutoApproval;

+			Identifier claimedId = TestSupport.GetMockIdentifier(scenario, ProtocolVersion.V20);

+			claimedId = claimedId.ToString().ToUpper(); // make all caps, which is not right

+			Identifier localId = TestSupport.GetDelegateUrl(scenario);

+

+			OpenIdProvider op = TestSupport.CreateProvider(null);

+			IResponse assertion = op.PrepareUnsolicitedAssertion(TestSupport.Realm, claimedId, localId);

+			var rpResponse = TestSupport.CreateRelyingPartyResponse(TestSupport.RelyingPartyStore, assertion);

+			Assert.AreEqual(AuthenticationStatus.Failed, rpResponse.Status);

 		}

 	}

 }

diff --git a/src/DotNetOpenId.Test/TestSupport.cs b/src/DotNetOpenId.Test/TestSupport.cs
index 33c8b39..665bb4f 100644
--- a/src/DotNetOpenId.Test/TestSupport.cs
+++ b/src/DotNetOpenId.Test/TestSupport.cs
@@ -188,6 +188,7 @@ public class TestSupport {
 		// the consumer, and tries the same query to the consumer in an

 		// attempt to spoof the identity of the authenticating user.

 		try {

+			Logger.Info("Attempting replay attack...");

 			var replayRP = CreateRelyingParty(store, opAuthResponse.RedirectUrl,

 				opAuthResponse.EncodedFields.ToNameValueCollection());

 			Assert.AreNotEqual(AuthenticationStatus.Authenticated, replayRP.Response.Status, "Replay attack succeeded!");

@@ -203,9 +204,9 @@ public class TestSupport {
 	/// store in <see cref="ProviderStore"/>.

 	/// </summary>

 	internal static OpenIdProvider CreateProvider(NameValueCollection fields) {

-		Protocol protocol = Protocol.Detect(fields.ToDictionary());

+		Protocol protocol = fields != null ? Protocol.Detect(fields.ToDictionary()) : Protocol.v20;

 		Uri opEndpoint = GetFullUrl(ProviderPage);

-		var provider = new OpenIdProvider(ProviderStore, opEndpoint, opEndpoint, fields);

+		var provider = new OpenIdProvider(ProviderStore, opEndpoint, opEndpoint, fields ?? new NameValueCollection());

 		return provider;

 	}

 	internal static OpenIdProvider CreateProviderForRequest(DotNetOpenId.RelyingParty.IAuthenticationRequest request) {

@@ -338,6 +339,7 @@ static class TestExtensions {
 		return nvc;

 	}

 	public static IDictionary<string, string> ToDictionary(this NameValueCollection nvc) {

+		if (nvc == null) return null;

 		Dictionary<string, string> dict = new Dictionary<string, string>(nvc.Count);

 		foreach (string key in nvc) {

 			dict[key] = nvc[key];

diff --git a/src/DotNetOpenId/RelyingParty/AuthenticationResponse.cs b/src/DotNetOpenId/RelyingParty/AuthenticationResponse.cs
index 935d917..28cbc39 100644
--- a/src/DotNetOpenId/RelyingParty/AuthenticationResponse.cs
+++ b/src/DotNetOpenId/RelyingParty/AuthenticationResponse.cs
@@ -294,12 +294,16 @@ namespace DotNetOpenId.RelyingParty {
 					List<ServiceEndpoint> discoveredEndpoints = new List<ServiceEndpoint>(claimedIdentifier.Discover());

 					// Make sure the response endpoint matches one of the discovered endpoints.

 					if (!discoveredEndpoints.Contains(responseEndpoint)) {

-						throw new OpenIdException(Strings.IssuedAssertionFailsIdentifierDiscovery);

+						throw new OpenIdException(string.Format(CultureInfo.CurrentCulture,

+							Strings.IssuedAssertionFailsIdentifierDiscovery,

+							responseEndpoint, Util.ToString(discoveredEndpoints)));

 					}

 				} else {

 					// Check that the assertion matches the service endpoint we know about.

 					if (responseEndpoint != tokenEndpoint)

-						throw new OpenIdException(Strings.IssuedAssertionFailsIdentifierDiscovery);

+						throw new OpenIdException(string.Format(CultureInfo.CurrentCulture,

+						Strings.IssuedAssertionFailsIdentifierDiscovery,

+						responseEndpoint, tokenEndpoint));

 				}

 			}

 		}

diff --git a/src/DotNetOpenId/RelyingParty/ServiceEndpoint.cs b/src/DotNetOpenId/RelyingParty/ServiceEndpoint.cs
index f6946bf..6c808c1 100644
--- a/src/DotNetOpenId/RelyingParty/ServiceEndpoint.cs
+++ b/src/DotNetOpenId/RelyingParty/ServiceEndpoint.cs
@@ -265,7 +265,12 @@ namespace DotNetOpenId.RelyingParty {
 			return ClaimedIdentifier.GetHashCode();

 		}

 		public override string ToString() {

-			return ProviderEndpoint.AbsoluteUri;

+			StringBuilder builder = new StringBuilder();

+			builder.AppendLine("ClaimedIdentifier: " + ClaimedIdentifier);

+			builder.AppendLine("ProviderLocalIdentifier: " + ProviderLocalIdentifier);

+			builder.AppendLine("ProviderEndpoint: " + ProviderEndpoint.AbsoluteUri);

+			builder.Append("OpenID version: " + Protocol.Version);

+			return builder.ToString();

 		}

 

 		#region IXrdsProviderEndpoint Members

diff --git a/src/DotNetOpenId/Strings.Designer.cs b/src/DotNetOpenId/Strings.Designer.cs
index b442988..c77a563 100644
--- a/src/DotNetOpenId/Strings.Designer.cs
+++ b/src/DotNetOpenId/Strings.Designer.cs
@@ -322,7 +322,11 @@ namespace DotNetOpenId {
         }

         

         /// <summary>

-        ///   Looks up a localized string similar to The OpenId Provider issued an assertion for an Identifier whose discovery information did not match..

+        ///   Looks up a localized string similar to The OpenId Provider issued an assertion for an Identifier whose discovery information did not match.  

+        ///Assertion endpoint info: 

+        ///{0}

+        ///Discovered endpoint info:

+        ///{1}.

         /// </summary>

         internal static string IssuedAssertionFailsIdentifierDiscovery {

             get {

diff --git a/src/DotNetOpenId/Strings.resx b/src/DotNetOpenId/Strings.resx
index 0f50095..8f757b3 100644
--- a/src/DotNetOpenId/Strings.resx
+++ b/src/DotNetOpenId/Strings.resx
@@ -205,7 +205,11 @@
     <value>Not a recognized XRI format: '{0}'.</value>

   </data>

   <data name="IssuedAssertionFailsIdentifierDiscovery" xml:space="preserve">

-    <value>The OpenId Provider issued an assertion for an Identifier whose discovery information did not match.</value>

+    <value>The OpenId Provider issued an assertion for an Identifier whose discovery information did not match.  

+Assertion endpoint info: 

+{0}

+Discovered endpoint info:

+{1}</value>

   </data>

   <data name="KeyAlreadyExists" xml:space="preserve">

     <value>The given key '{0}' already exists.</value>

diff --git a/src/DotNetOpenId/Util.cs b/src/DotNetOpenId/Util.cs
index f7b3225..ff2a3e2 100644
--- a/src/DotNetOpenId/Util.cs
+++ b/src/DotNetOpenId/Util.cs
@@ -283,6 +283,21 @@ namespace DotNetOpenId {
 				return sb.ToString();

 			});

 		}

+		internal static object ToString<T>(IEnumerable<T> list) {

+			return new DelayedToString<IEnumerable<T>>(list, l => {

+				StringBuilder sb = new StringBuilder();

+				sb.Append("{");

+				foreach (T obj in l) {

+					sb.Append(obj);

+					sb.AppendLine(",");

+				}

+				if (sb.Length > 1) {

+					sb.Length -= 1;

+				}

+				sb.Append("}");

+				return sb.ToString();

+			});

+		}

 

 		private class DelayedToString<T> {

 			public DelayedToString(T obj, Func<T, string> toString) {