summaryrefslogtreecommitdiffstats
path: root/src/DotNetOpenAuth.Test/OpenId/AuthenticationTests.cs
diff options
context:
space:
mode:
Diffstat (limited to 'src/DotNetOpenAuth.Test/OpenId/AuthenticationTests.cs')
-rw-r--r--src/DotNetOpenAuth.Test/OpenId/AuthenticationTests.cs58
1 files changed, 48 insertions, 10 deletions
diff --git a/src/DotNetOpenAuth.Test/OpenId/AuthenticationTests.cs b/src/DotNetOpenAuth.Test/OpenId/AuthenticationTests.cs
index 807beae..4ebdf74 100644
--- a/src/DotNetOpenAuth.Test/OpenId/AuthenticationTests.cs
+++ b/src/DotNetOpenAuth.Test/OpenId/AuthenticationTests.cs
@@ -58,24 +58,62 @@ namespace DotNetOpenAuth.Test.OpenId {
this.ParameterizedAuthenticationTest(false, false, false);
}
- /// <summary>
- /// Verifies that unsolicited assertions can be sent and received.
- /// </summary>
[TestMethod]
public void UnsolicitedAssertion() {
- var coordinator = new OpenIdCoordinator(
+ this.MockResponder.RegisterMockRPDiscovery();
+ OpenIdCoordinator coordinator = new OpenIdCoordinator(
rp => {
- // register with RP so that id discovery passes
rp.Channel.WebRequestHandler = this.MockResponder.MockWebRequestHandler;
-
- // Receive the unsolicited assertion
- var response = rp.GetResponse();
+ IAuthenticationResponse response = rp.GetResponse();
Assert.AreEqual(AuthenticationStatus.Authenticated, response.Status);
},
op => {
+ op.Channel.WebRequestHandler = this.MockResponder.MockWebRequestHandler;
Identifier id = GetMockIdentifier(ProtocolVersion.V20);
- op.SendUnsolicitedAssertion(OPUri, GetMockRealm(false), id, id);
- AutoProvider(op);
+ op.SendUnsolicitedAssertion(OPUri, RPRealmUri, id, OPLocalIdentifiers[0]);
+ AutoProvider(op); // handle check_auth
+ });
+ coordinator.Run();
+ }
+
+ [TestMethod]
+ public void UnsolicitedAssertionRejected() {
+ this.MockResponder.RegisterMockRPDiscovery();
+ OpenIdCoordinator coordinator = new OpenIdCoordinator(
+ rp => {
+ rp.Channel.WebRequestHandler = this.MockResponder.MockWebRequestHandler;
+ rp.SecuritySettings.RejectUnsolicitedAssertions = true;
+ IAuthenticationResponse response = rp.GetResponse();
+ Assert.AreEqual(AuthenticationStatus.Failed, response.Status);
+ },
+ op => {
+ op.Channel.WebRequestHandler = this.MockResponder.MockWebRequestHandler;
+ Identifier id = GetMockIdentifier(ProtocolVersion.V20);
+ op.SendUnsolicitedAssertion(OPUri, RPRealmUri, id, OPLocalIdentifiers[0]);
+ AutoProvider(op); // handle check_auth
+ });
+ coordinator.Run();
+ }
+
+ /// <summary>
+ /// Verifies that delegating identifiers are rejected in unsolicited assertions
+ /// when the appropriate security setting is set.
+ /// </summary>
+ [TestMethod]
+ public void UnsolicitedDelegatingIdentifierRejection() {
+ this.MockResponder.RegisterMockRPDiscovery();
+ OpenIdCoordinator coordinator = new OpenIdCoordinator(
+ rp => {
+ rp.Channel.WebRequestHandler = this.MockResponder.MockWebRequestHandler;
+ rp.SecuritySettings.RejectDelegatingIdentifiers = true;
+ IAuthenticationResponse response = rp.GetResponse();
+ Assert.AreEqual(AuthenticationStatus.Failed, response.Status);
+ },
+ op => {
+ op.Channel.WebRequestHandler = this.MockResponder.MockWebRequestHandler;
+ Identifier id = GetMockIdentifier(ProtocolVersion.V20, false, true);
+ op.SendUnsolicitedAssertion(OPUri, RPRealmUri, id, OPLocalIdentifiers[0]);
+ AutoProvider(op); // handle check_auth
});
coordinator.Run();
}
generated by cgit v1.1 at 2025-05-17 21:01:02 +0000