Added a private Provider association test (dumb mode).

Although it passes, we're still cheating on actually validating the signature of the message at the Provider.

9 files changed, 158 insertions, 55 deletions

diff --git a/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj b/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj
index 7fe78d6..6c6a42e 100644
--- a/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj
+++ b/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj
@@ -120,6 +120,7 @@
     <Compile Include="OpenId\Messages\DirectErrorResponseTests.cs" />
     <Compile Include="OpenId\Messages\IndirectErrorResponseTests.cs" />
     <Compile Include="OpenId\Messages\PositiveAssertionResponseTests.cs" />
+    <Compile Include="OpenId\Messages\SignedResponseRequestTests.cs" />
     <Compile Include="OpenId\OpenIdCoordinator.cs" />
     <Compile Include="OpenId\AssociationHandshakeTests.cs" />
     <Compile Include="OpenId\OpenIdTestBase.cs" />
diff --git a/src/DotNetOpenAuth.Test/Mocks/CoordinatingChannel.cs b/src/DotNetOpenAuth.Test/Mocks/CoordinatingChannel.cs
index e96b813..0bb2195 100644
--- a/src/DotNetOpenAuth.Test/Mocks/CoordinatingChannel.cs
+++ b/src/DotNetOpenAuth.Test/Mocks/CoordinatingChannel.cs
@@ -107,6 +107,8 @@ namespace DotNetOpenAuth.Test.Mocks {
 				throw new InvalidOperationException("Totally expected a message to implement one of the two derived interface types.");
 			}
 
+			ErrorUtilities.VerifyInternal(clonedMessage != null, "Message factory did not generate a message instance for " + message.GetType().Name);
+
 			// Fill the cloned message with data.
 			serializer.Deserialize(fields, clonedMessage);
 
diff --git a/src/DotNetOpenAuth.Test/Mocks/MockReplayProtectionBindingElement.cs b/src/DotNetOpenAuth.Test/Mocks/MockReplayProtectionBindingElement.cs
index 5e65a59..d550514 100644
--- a/src/DotNetOpenAuth.Test/Mocks/MockReplayProtectionBindingElement.cs
+++ b/src/DotNetOpenAuth.Test/Mocks/MockReplayProtectionBindingElement.cs
@@ -17,6 +17,11 @@ namespace DotNetOpenAuth.Test.Mocks {
 		MessageProtections IChannelBindingElement.Protection {
 			get { return MessageProtections.ReplayProtection; }
 		}
+		
+		/// <summary>
+		/// Gets or sets the channel that this binding element belongs to.
+		/// </summary>
+		public Channel Channel { get; set; }
 
 		bool IChannelBindingElement.PrepareMessageForSending(IProtocolMessage message) {
 			var replayMessage = message as IReplayProtectedProtocolMessage;
diff --git a/src/DotNetOpenAuth.Test/Mocks/MockSigningBindingElement.cs b/src/DotNetOpenAuth.Test/Mocks/MockSigningBindingElement.cs
index eab9a39..7056d2c 100644
--- a/src/DotNetOpenAuth.Test/Mocks/MockSigningBindingElement.cs
+++ b/src/DotNetOpenAuth.Test/Mocks/MockSigningBindingElement.cs
@@ -21,6 +21,11 @@ namespace DotNetOpenAuth.Test.Mocks {
 			get { return MessageProtections.TamperProtection; }
 		}
 
+		/// <summary>
+		/// Gets or sets the channel that this binding element belongs to.
+		/// </summary>
+		public Channel Channel { get; set; }
+
 		bool IChannelBindingElement.PrepareMessageForSending(IProtocolMessage message) {
 			ITamperResistantProtocolMessage signedMessage = message as ITamperResistantProtocolMessage;
 			if (signedMessage != null) {
diff --git a/src/DotNetOpenAuth.Test/Mocks/MockTransformationBindingElement.cs b/src/DotNetOpenAuth.Test/Mocks/MockTransformationBindingElement.cs
index 7c5a240..7a69a2d 100644
--- a/src/DotNetOpenAuth.Test/Mocks/MockTransformationBindingElement.cs
+++ b/src/DotNetOpenAuth.Test/Mocks/MockTransformationBindingElement.cs
@@ -29,6 +29,11 @@ namespace DotNetOpenAuth.Test.Mocks {
 			get { return MessageProtections.None; }
 		}
 
+		/// <summary>
+		/// Gets or sets the channel that this binding element belongs to.
+		/// </summary>
+		public Channel Channel { get; set; }
+
 		bool IChannelBindingElement.PrepareMessageForSending(IProtocolMessage message) {
 			var testMessage = message as TestMessage;
 			if (testMessage != null) {
diff --git a/src/DotNetOpenAuth.Test/OpenId/AuthenticationTests.cs b/src/DotNetOpenAuth.Test/OpenId/AuthenticationTests.cs
index 15a277d..fa769ec 100644
--- a/src/DotNetOpenAuth.Test/OpenId/AuthenticationTests.cs
+++ b/src/DotNetOpenAuth.Test/OpenId/AuthenticationTests.cs
@@ -22,7 +22,7 @@ namespace DotNetOpenAuth.Test.OpenId {
 		}
 
 		[TestMethod]
-		public void Simple() {
+		public void SharedAssociationPositive() {
 			Protocol protocol = Protocol.Default;
 			Association association = HmacShaAssociation.Create(protocol, protocol.Args.SignatureAlgorithm.HMAC_SHA256, AssociationRelyingPartyType.Smart);
 			var coordinator = new OpenIdCoordinator(
@@ -50,5 +50,64 @@ namespace DotNetOpenAuth.Test.OpenId {
 				});
 			coordinator.Run();
 		}
+
+		[TestMethod]
+		public void SharedAssociationNegative() {
+			Protocol protocol = Protocol.V11;
+			Uri userSetupUrl = new Uri("http://usersetupurl");
+			Association association = HmacShaAssociation.Create(protocol, protocol.Args.SignatureAlgorithm.HMAC_SHA1, AssociationRelyingPartyType.Smart);
+			var coordinator = new OpenIdCoordinator(
+				rp => {
+					rp.AssociationStore.StoreAssociation(ProviderUri, association);
+
+					var request = new CheckIdRequest(protocol.Version, ProviderUri, true);
+					request.AssociationHandle = association.Handle;
+					request.ClaimedIdentifier = "http://claimedid";
+					request.LocalIdentifier = "http://localid";
+					request.ReturnTo = RPUri;
+					rp.Channel.Send(request);
+					var response = rp.Channel.ReadFromRequest<NegativeAssertionResponse>();
+					Assert.IsNotNull(response);
+					Assert.AreEqual(userSetupUrl, response.UserSetupUrl);
+				},
+				op => {
+					op.AssociationStore.StoreAssociation(AssociationRelyingPartyType.Smart, association);
+					var request = op.Channel.ReadFromRequest<CheckIdRequest>();
+					Assert.IsNotNull(request);
+					var response = new NegativeAssertionResponse(request);
+					response.UserSetupUrl = userSetupUrl;
+					op.Channel.Send(response);
+				});
+			coordinator.Run();
+		}
+
+		[TestMethod]
+		public void PrivateAssociationPositive() {
+			Protocol protocol = Protocol.Default;
+			var coordinator = new OpenIdCoordinator(
+				rp => {
+					var request = new CheckIdRequest(protocol.Version, ProviderUri, false);
+					request.ClaimedIdentifier = "http://claimedid";
+					request.LocalIdentifier = "http://localid";
+					request.ReturnTo = RPUri;
+					rp.Channel.Send(request);
+					var response = rp.Channel.ReadFromRequest<PositiveAssertionResponse>();
+					Assert.IsNotNull(response);
+					Assert.AreEqual(request.ClaimedIdentifier, response.ClaimedIdentifier);
+					Assert.AreEqual(request.LocalIdentifier, response.LocalIdentifier);
+					Assert.AreEqual(request.ReturnTo, response.ReturnTo);
+				},
+				op => {
+					var request = op.Channel.ReadFromRequest<CheckIdRequest>();
+					Assert.IsNotNull(request);
+					var response = new PositiveAssertionResponse(request);
+					op.Channel.Send(response);
+					var checkauth = op.Channel.ReadFromRequest<CheckAuthenticationRequest>();
+					var checkauthResponse = new CheckAuthenticationResponse(checkauth);
+					checkauthResponse.IsValid = true; // TODO: how do we establish that the signature is good?
+					op.Channel.Send(checkauthResponse);
+				});
+			coordinator.Run();
+		}
 	}
 }
diff --git a/src/DotNetOpenAuth.Test/OpenId/Messages/CheckIdRequestTests.cs b/src/DotNetOpenAuth.Test/OpenId/Messages/CheckIdRequestTests.cs
index 8824390..2c9ea12 100644
--- a/src/DotNetOpenAuth.Test/OpenId/Messages/CheckIdRequestTests.cs
+++ b/src/DotNetOpenAuth.Test/OpenId/Messages/CheckIdRequestTests.cs
@@ -16,63 +16,9 @@ namespace DotNetOpenAuth.Test.OpenId.Messages {
 
 	[TestClass]
 	public class CheckIdRequestTests : OpenIdTestBase {
-		private Uri providerEndpoint;
-		private CheckIdRequest immediatev1;
-		private CheckIdRequest setupv1;
-		private CheckIdRequest immediatev2;
-		private CheckIdRequest setupv2;
-
 		[TestInitialize]
 		public override void SetUp() {
 			base.SetUp();
-
-			this.providerEndpoint = new Uri("http://host");
-
-			this.immediatev1 = new CheckIdRequest(Protocol.V11.Version, this.providerEndpoint, true);
-			this.setupv1 = new CheckIdRequest(Protocol.V11.Version, this.providerEndpoint, false);
-
-			this.immediatev2 = new CheckIdRequest(Protocol.V20.Version, this.providerEndpoint, true);
-			this.setupv2 = new CheckIdRequest(Protocol.V20.Version, this.providerEndpoint, false);
-
-			// Prepare all message versions so that they SHOULD be valid by default.
-			// In particular, V1 messages require ReturnTo.
-			this.immediatev1.ReturnTo = new Uri("http://returnto/");
-			this.setupv1.ReturnTo = new Uri("http://returnto/");
-
-			try {
-				this.immediatev1.EnsureValidMessage();
-				this.setupv1.EnsureValidMessage();
-				this.immediatev2.EnsureValidMessage();
-				this.setupv2.EnsureValidMessage();
-			} catch (ProtocolException ex) {
-				Assert.Inconclusive("All messages ought to be valid before tests run, but got: {0}", ex.Message);
-			}
-		}
-
-		/// <summary>
-		/// Verifies that the validation check throws if the return_to and the realm
-		/// values are not compatible.
-		/// </summary>
-		/// <remarks>
-		/// This test does not test all the realm-return_to matching rules as that is done in the Realm tests.
-		/// This test merely checks that the compatibility match occurs at all.
-		/// </remarks>
-		[TestMethod, ExpectedException(typeof(ProtocolException))]
-		public void RealmReturnToMismatchV2() {
-			this.setupv2.Realm = "http://somehost/";
-			this.setupv2.ReturnTo = new Uri("http://someotherhost/");
-			this.setupv2.EnsureValidMessage();
-		}
-
-		/// <summary>
-		/// Verifies that the validation check throws if the return_to and the realm
-		/// values are not compatible.
-		/// </summary>
-		[TestMethod, ExpectedException(typeof(ProtocolException))]
-		public void RealmReturnToMismatchV1() {
-			this.setupv1.Realm = "http://somehost/";
-			this.setupv1.ReturnTo = new Uri("http://someotherhost/");
-			this.setupv1.EnsureValidMessage();
 		}
 	}
 }
diff --git a/src/DotNetOpenAuth.Test/OpenId/Messages/NegativeAssertionResponseTests.cs b/src/DotNetOpenAuth.Test/OpenId/Messages/NegativeAssertionResponseTests.cs
index a7f04e1..3c54671 100644
--- a/src/DotNetOpenAuth.Test/OpenId/Messages/NegativeAssertionResponseTests.cs
+++ b/src/DotNetOpenAuth.Test/OpenId/Messages/NegativeAssertionResponseTests.cs
@@ -37,6 +37,11 @@ namespace DotNetOpenAuth.Test.OpenId.Messages {
 			Assert.AreEqual("cancel", new NegativeAssertionResponse(setupRequestV1).Mode);
 			Assert.AreEqual("setup_needed", new NegativeAssertionResponse(immediateRequestV2).Mode);
 			Assert.AreEqual("cancel", new NegativeAssertionResponse(setupRequestV2).Mode);
+
+			Assert.IsTrue(new NegativeAssertionResponse(immediateRequestV1).Immediate);
+			Assert.IsFalse(new NegativeAssertionResponse(setupRequestV1).Immediate);
+			Assert.IsTrue(new NegativeAssertionResponse(immediateRequestV2).Immediate);
+			Assert.IsFalse(new NegativeAssertionResponse(setupRequestV2).Immediate);
 		}
 
 		[TestMethod, ExpectedException(typeof(ProtocolException))]
diff --git a/src/DotNetOpenAuth.Test/OpenId/Messages/SignedResponseRequestTests.cs b/src/DotNetOpenAuth.Test/OpenId/Messages/SignedResponseRequestTests.cs
new file mode 100644
index 0000000..674cae3
--- /dev/null
+++ b/src/DotNetOpenAuth.Test/OpenId/Messages/SignedResponseRequestTests.cs
@@ -0,0 +1,75 @@
+//-----------------------------------------------------------------------
+// <copyright file="SignedResponseRequestTests.cs" company="Andrew Arnott">
+//     Copyright (c) Andrew Arnott. All rights reserved.
+// </copyright>
+//-----------------------------------------------------------------------
+
+namespace DotNetOpenAuth.Test.OpenId.Messages {
+	using System;
+	using DotNetOpenAuth.Messaging;
+	using DotNetOpenAuth.OpenId;
+	using DotNetOpenAuth.OpenId.Messages;
+	using Microsoft.VisualStudio.TestTools.UnitTesting;
+
+	[TestClass]
+	public class SignedResponseRequestTests : OpenIdTestBase {
+		private Uri providerEndpoint;
+		private SignedResponseRequest immediatev1;
+		private SignedResponseRequest setupv1;
+		private SignedResponseRequest immediatev2;
+		private SignedResponseRequest setupv2;
+
+		[TestInitialize]
+		public override void SetUp() {
+			base.SetUp();
+
+			this.providerEndpoint = new Uri("http://host");
+
+			this.immediatev1 = new SignedResponseRequest(Protocol.V11.Version, this.providerEndpoint, true);
+			this.setupv1 = new SignedResponseRequest(Protocol.V11.Version, this.providerEndpoint, false);
+
+			this.immediatev2 = new SignedResponseRequest(Protocol.V20.Version, this.providerEndpoint, true);
+			this.setupv2 = new SignedResponseRequest(Protocol.V20.Version, this.providerEndpoint, false);
+
+			// Prepare all message versions so that they SHOULD be valid by default.
+			// In particular, V1 messages require ReturnTo.
+			this.immediatev1.ReturnTo = new Uri("http://returnto/");
+			this.setupv1.ReturnTo = new Uri("http://returnto/");
+
+			try {
+				this.immediatev1.EnsureValidMessage();
+				this.setupv1.EnsureValidMessage();
+				this.immediatev2.EnsureValidMessage();
+				this.setupv2.EnsureValidMessage();
+			} catch (ProtocolException ex) {
+				Assert.Inconclusive("All messages ought to be valid before tests run, but got: {0}", ex.Message);
+			}
+		}
+
+		/// <summary>
+		/// Verifies that the validation check throws if the return_to and the realm
+		/// values are not compatible.
+		/// </summary>
+		/// <remarks>
+		/// This test does not test all the realm-return_to matching rules as that is done in the Realm tests.
+		/// This test merely checks that the compatibility match occurs at all.
+		/// </remarks>
+		[TestMethod, ExpectedException(typeof(ProtocolException))]
+		public void RealmReturnToMismatchV2() {
+			this.setupv2.Realm = "http://somehost/";
+			this.setupv2.ReturnTo = new Uri("http://someotherhost/");
+			this.setupv2.EnsureValidMessage();
+		}
+
+		/// <summary>
+		/// Verifies that the validation check throws if the return_to and the realm
+		/// values are not compatible.
+		/// </summary>
+		[TestMethod, ExpectedException(typeof(ProtocolException))]
+		public void RealmReturnToMismatchV1() {
+			this.setupv1.Realm = "http://somehost/";
+			this.setupv1.ReturnTo = new Uri("http://someotherhost/");
+			this.setupv1.EnsureValidMessage();
+		}
+	}
+}