diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2008-09-13 07:07:36 -0700 |
|---|---|---|
| committer | Andrew <andrewarnott@gmail.com> | 2008-09-13 07:07:36 -0700 |
| commit | 9b189b9a943f18c17c7b468dd9e60c65f7edc7dc (patch) | |
| tree | a58300f624663948b3053045167cadd06c293c2d /src/DotNetOAuth.Test/Messaging/MessageSerializerTests.cs | |
| parent | 6c4936e194080e6a7d2194870cf57814d6432eff (diff) | |
| download | DotNetOpenAuth-9b189b9a943f18c17c7b468dd9e60c65f7edc7dc.zip DotNetOpenAuth-9b189b9a943f18c17c7b468dd9e60c65f7edc7dc.tar.gz DotNetOpenAuth-9b189b9a943f18c17c7b468dd9e60c65f7edc7dc.tar.bz2 | |
Fixed xml spoofing bug for using DataContractSerializer to deserialize messages.
Added tests to verify correct behavior.
Diffstat (limited to 'src/DotNetOAuth.Test/Messaging/MessageSerializerTests.cs')
| -rw-r--r-- | src/DotNetOAuth.Test/Messaging/MessageSerializerTests.cs | 37 |
1 files changed, 33 insertions, 4 deletions
diff --git a/src/DotNetOAuth.Test/Messaging/MessageSerializerTests.cs b/src/DotNetOAuth.Test/Messaging/MessageSerializerTests.cs index 5cb5375..f7409aa 100644 --- a/src/DotNetOAuth.Test/Messaging/MessageSerializerTests.cs +++ b/src/DotNetOAuth.Test/Messaging/MessageSerializerTests.cs @@ -94,20 +94,49 @@ namespace DotNetOAuth.Test.Messaging { serializer.Deserialize(null);
}
- [TestMethod()]
+ [TestMethod]
public void DeserializeSimple() {
var serializer = MessageSerializer.Get(typeof(Mocks.TestMessage));
Dictionary<string, string> fields = new Dictionary<string, string>(StringComparer.Ordinal);
- // We deliberately do this OUT of alphabetical order (caps would go first),
- // since DataContractSerializer demands things to be IN alphabetical order.
- fields["age"] = "15";
fields["Name"] = "Andrew";
+ fields["age"] = "15";
var actual = (Mocks.TestMessage)serializer.Deserialize(fields);
Assert.AreEqual(15, actual.Age);
Assert.AreEqual("Andrew", actual.Name);
Assert.IsNull(actual.EmptyMember);
}
+ /// <summary>
+ /// This tests deserialization of a message that is comprised of [DataMember]'s
+ /// that are defined in multiple places in the inheritance tree.
+ /// </summary>
+ /// <remarks>
+ /// The element sorting rules are first inheritance order, then alphabetical order.
+ /// This test validates correct behavior on both.
+ /// </remarks>
+ [TestMethod]
+ public void DeserializeVerifyElementOrdering() {
+ var serializer = MessageSerializer.Get(typeof(Mocks.TestDerivedMessage));
+ Dictionary<string, string> fields = new Dictionary<string, string>(StringComparer.Ordinal);
+ // We deliberately do this OUT of order,
+ // since DataContractSerializer demands elements to be in
+ // 1) inheritance then 2) alphabetical order.
+ // Proper xml element order would be: Name, age, Second..., TheFirst...
+ fields["TheFirstDerivedElement"] = "first";
+ fields["age"] = "15";
+ fields["Name"] = "Andrew";
+ fields["SecondDerivedElement"] = "second";
+ fields["explicit"] = "explicitValue";
+ fields["private"] = "privateValue";
+ var actual = (Mocks.TestDerivedMessage)serializer.Deserialize(fields);
+ Assert.AreEqual(15, actual.Age);
+ Assert.AreEqual("Andrew", actual.Name);
+ Assert.AreEqual("first", actual.TheFirstDerivedElement);
+ Assert.AreEqual("second", actual.SecondDerivedElement);
+ Assert.AreEqual("explicitValue", ((Mocks.IBaseMessageExplicitMembers)actual).ExplicitProperty);
+ Assert.AreEqual("privateValue", actual.PrivatePropertyAccessor);
+ }
+
[TestMethod]
public void DeserializeWithExtraFields() {
var serializer = MessageSerializer.Get(typeof(Mocks.TestMessage));
|