diff options
Diffstat (limited to 'src/DotNetOpenAuth.Test/OpenId')
3 files changed, 501 insertions, 0 deletions
diff --git a/src/DotNetOpenAuth.Test/OpenId/Extensions/ProviderAuthenticationPolicy/PapeTests.cs b/src/DotNetOpenAuth.Test/OpenId/Extensions/ProviderAuthenticationPolicy/PapeTests.cs new file mode 100644 index 0000000..d151ed5 --- /dev/null +++ b/src/DotNetOpenAuth.Test/OpenId/Extensions/ProviderAuthenticationPolicy/PapeTests.cs @@ -0,0 +1,39 @@ +//----------------------------------------------------------------------- +// <copyright file="PapeTests.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OpenId.Test.Extensions.ProviderAuthenticationPolicy { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + using Microsoft.VisualStudio.TestTools.UnitTesting; + using DotNetOpenAuth.OpenId.Extensions.ProviderAuthenticationPolicy; + + [TestClass] + public class PapeTests : ExtensionTestBase { + [TestMethod] + public void None() { + var response = ParameterizedTest<PolicyResponse>( + TestSupport.Scenarios.ExtensionFullCooperation, Version, null); + Assert.IsNull(response); + } + + [TestMethod] + public void Full() { + var request = new PolicyRequest(); + request.MaximumAuthenticationAge = TimeSpan.FromMinutes(10); + request.PreferredAuthLevelTypes.Add(Constants.AuthenticationLevels.NistTypeUri); + var response = ParameterizedTest<PolicyResponse>( + TestSupport.Scenarios.ExtensionFullCooperation, Version, request); + Assert.IsNotNull(response); + Assert.IsNotNull(response.AuthenticationTimeUtc); + Assert.IsTrue(response.AuthenticationTimeUtc.Value > DateTime.UtcNow - request.MaximumAuthenticationAge); + Assert.IsTrue(response.AssuranceLevels.ContainsKey(Constants.AuthenticationLevels.NistTypeUri)); + Assert.AreEqual("1", response.AssuranceLevels[Constants.AuthenticationLevels.NistTypeUri]); + Assert.AreEqual(NistAssuranceLevel.Level1, response.NistAssuranceLevel); + } + } +} diff --git a/src/DotNetOpenAuth.Test/OpenId/Extensions/ProviderAuthenticationPolicy/PolicyRequestTests.cs b/src/DotNetOpenAuth.Test/OpenId/Extensions/ProviderAuthenticationPolicy/PolicyRequestTests.cs new file mode 100644 index 0000000..2d85b4e --- /dev/null +++ b/src/DotNetOpenAuth.Test/OpenId/Extensions/ProviderAuthenticationPolicy/PolicyRequestTests.cs @@ -0,0 +1,199 @@ +//----------------------------------------------------------------------- +// <copyright file="PolicyRequestTests.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OpenId.Test.Extensions.ProviderAuthenticationPolicy { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + using System.Globalization; + using Microsoft.VisualStudio.TestTools.UnitTesting; + using DotNetOpenAuth.OpenId.Extensions.ProviderAuthenticationPolicy; + + [TestClass] + public class PolicyRequestTests { + [TestMethod] + public void Ctor() { + PolicyRequest req = new PolicyRequest(); + Assert.IsNull(req.MaximumAuthenticationAge); + Assert.IsNotNull(req.PreferredPolicies); + Assert.AreEqual(0, req.PreferredPolicies.Count); + } + + [TestMethod] + public void MaximumAuthenticationAgeTest() { + PolicyRequest req = new PolicyRequest(); + req.MaximumAuthenticationAge = TimeSpan.FromHours(1); + Assert.IsNotNull(req.MaximumAuthenticationAge); + Assert.AreEqual(TimeSpan.FromHours(1), req.MaximumAuthenticationAge); + req.MaximumAuthenticationAge = null; + Assert.IsNull(req.MaximumAuthenticationAge); + } + + [TestMethod] + public void AddPolicies() { + PolicyRequest resp = new PolicyRequest(); + resp.PreferredPolicies.Add(AuthenticationPolicies.MultiFactor); + resp.PreferredPolicies.Add(AuthenticationPolicies.PhishingResistant); + Assert.AreEqual(2, resp.PreferredPolicies.Count); + Assert.AreEqual(AuthenticationPolicies.MultiFactor, resp.PreferredPolicies[0]); + Assert.AreEqual(AuthenticationPolicies.PhishingResistant, resp.PreferredPolicies[1]); + } + + [TestMethod] + public void AddPolicyMultipleTimes() { + // Although this isn't really the desired behavior (we'd prefer to see an + // exception thrown), since we're using a List<string> internally we can't + // expect anything better (for now). But if this is ever fixed, by all means + // change this test to expect an exception or something else. + PolicyRequest resp = new PolicyRequest(); + resp.PreferredPolicies.Add(AuthenticationPolicies.MultiFactor); + resp.PreferredPolicies.Add(AuthenticationPolicies.MultiFactor); + Assert.AreEqual(2, resp.PreferredPolicies.Count); + } + + [TestMethod] + public void AddAuthLevelTypes() { + PolicyRequest req = new PolicyRequest(); + req.PreferredAuthLevelTypes.Add(Constants.AuthenticationLevels.NistTypeUri); + Assert.AreEqual(1, req.PreferredAuthLevelTypes.Count); + Assert.IsTrue(req.PreferredAuthLevelTypes.Contains(Constants.AuthenticationLevels.NistTypeUri)); + } + + [TestMethod] + public void EqualsTest() { + PolicyRequest req = new PolicyRequest(); + PolicyRequest req2 = new PolicyRequest(); + Assert.AreEqual(req, req2); + Assert.AreNotEqual(req, null); + Assert.AreNotEqual(null, req); + + // Test PreferredPolicies list comparison + req.PreferredPolicies.Add(AuthenticationPolicies.PhishingResistant); + Assert.AreNotEqual(req, req2); + req2.PreferredPolicies.Add(AuthenticationPolicies.MultiFactor); + Assert.AreNotEqual(req, req2); + req2.PreferredPolicies.Clear(); + req2.PreferredPolicies.Add(AuthenticationPolicies.PhishingResistant); + Assert.AreEqual(req, req2); + + // Test PreferredPolicies list comparison when that list is not in the same order. + req.PreferredPolicies.Add(AuthenticationPolicies.MultiFactor); + Assert.AreNotEqual(req, req2); + req2.PreferredPolicies.Insert(0, AuthenticationPolicies.MultiFactor); + Assert.AreEqual(req, req2); + + // Test MaximumAuthenticationAge comparison. + req.MaximumAuthenticationAge = TimeSpan.FromHours(1); + Assert.AreNotEqual(req, req2); + req2.MaximumAuthenticationAge = req.MaximumAuthenticationAge; + Assert.AreEqual(req, req2); + + // Test PreferredAuthLevelTypes comparison. + req.PreferredAuthLevelTypes.Add("authlevel1"); + Assert.AreNotEqual(req, req2); + req2.PreferredAuthLevelTypes.Add("authlevel2"); + Assert.AreNotEqual(req, req2); + req.PreferredAuthLevelTypes.Add("authlevel2"); + req2.PreferredAuthLevelTypes.Add("authlevel1"); + Assert.AreEqual(req, req2); + } + + [TestMethod] + public void DeserializeNull() { + PolicyRequest req = new PolicyRequest(); + Assert.IsFalse(((IExtensionRequest)req).Deserialize(null, null, Constants.TypeUri)); + } + + [TestMethod] + public void DeserializeEmpty() { + PolicyRequest req = new PolicyRequest(); + Assert.IsFalse(((IExtensionRequest)req).Deserialize(new Dictionary<string, string>(), null, Constants.TypeUri)); + } + + [TestMethod] + public void SerializeRoundTrip() { + // This test relies on the PolicyRequest.Equals method. If this and that test + // are failing, work on EqualsTest first. + + // Most basic test + PolicyRequest req = new PolicyRequest(), req2 = new PolicyRequest(); + var fields = ((IExtensionRequest)req).Serialize(null); + Assert.IsTrue(((IExtensionRequest)req2).Deserialize(fields, null, Constants.TypeUri)); + Assert.AreEqual(req, req2); + + // Test with all fields set + req2 = new PolicyRequest(); + req.PreferredPolicies.Add(AuthenticationPolicies.MultiFactor); + req.PreferredAuthLevelTypes.Add(Constants.AuthenticationLevels.NistTypeUri); + req.MaximumAuthenticationAge = TimeSpan.FromHours(1); + fields = ((IExtensionRequest)req).Serialize(null); + Assert.IsTrue(((IExtensionRequest)req2).Deserialize(fields, null, Constants.TypeUri)); + Assert.AreEqual(req, req2); + + // Test with an extra policy and auth level + req2 = new PolicyRequest(); + req.PreferredPolicies.Add(AuthenticationPolicies.PhishingResistant); + req.PreferredAuthLevelTypes.Add("customAuthLevel"); + fields = ((IExtensionRequest)req).Serialize(null); + Assert.IsTrue(((IExtensionRequest)req2).Deserialize(fields, null, Constants.TypeUri)); + Assert.AreEqual(req, req2); + + // Test with a policy added twice. We should see it intelligently leave one of + // the doubled policies out. + req2 = new PolicyRequest(); + req.PreferredPolicies.Add(AuthenticationPolicies.PhishingResistant); + req.PreferredAuthLevelTypes.Add(Constants.AuthenticationLevels.NistTypeUri); + fields = ((IExtensionRequest)req).Serialize(null); + Assert.IsTrue(((IExtensionRequest)req2).Deserialize(fields, null, Constants.TypeUri)); + Assert.AreNotEqual(req, req2); + // Now go ahead and add the doubled one so we can do our equality test. + req2.PreferredPolicies.Add(AuthenticationPolicies.PhishingResistant); + req2.PreferredAuthLevelTypes.Add(Constants.AuthenticationLevels.NistTypeUri); + Assert.AreEqual(req, req2); + } + + [TestMethod] + public void Serialize() { + PolicyRequest req = new PolicyRequest(); + var fields = ((IExtensionRequest)req).Serialize(null); + Assert.AreEqual(1, fields.Count); + Assert.IsTrue(fields.ContainsKey("preferred_auth_policies")); + Assert.IsEmpty(fields["preferred_auth_policies"]); + + req.MaximumAuthenticationAge = TimeSpan.FromHours(1); + fields = ((IExtensionRequest)req).Serialize(null); + Assert.AreEqual(2, fields.Count); + Assert.IsTrue(fields.ContainsKey("max_auth_age")); + Assert.AreEqual(TimeSpan.FromHours(1).TotalSeconds.ToString(CultureInfo.InvariantCulture), fields["max_auth_age"]); + + req.PreferredPolicies.Add("http://pol1/"); + fields = ((IExtensionRequest)req).Serialize(null); + Assert.AreEqual("http://pol1/", fields["preferred_auth_policies"]); + + req.PreferredPolicies.Add("http://pol2/"); + fields = ((IExtensionRequest)req).Serialize(null); + Assert.AreEqual("http://pol1/ http://pol2/", fields["preferred_auth_policies"]); + + req.PreferredAuthLevelTypes.Add("http://authtype1/"); + fields = ((IExtensionRequest)req).Serialize(null); + Assert.AreEqual(4, fields.Count); + Assert.IsTrue(fields.ContainsKey("auth_level.ns.alias1")); + Assert.AreEqual("http://authtype1/", fields["auth_level.ns.alias1"]); + Assert.IsTrue(fields.ContainsKey("preferred_auth_level_types")); + Assert.AreEqual("alias1", fields["preferred_auth_level_types"]); + + req.PreferredAuthLevelTypes.Add(Constants.AuthenticationLevels.NistTypeUri); + fields = ((IExtensionRequest)req).Serialize(null); + Assert.AreEqual(5, fields.Count); + Assert.IsTrue(fields.ContainsKey("auth_level.ns.alias2")); + Assert.AreEqual("http://authtype1/", fields["auth_level.ns.alias2"]); + Assert.IsTrue(fields.ContainsKey("auth_level.ns.nist")); + Assert.AreEqual(Constants.AuthenticationLevels.NistTypeUri, fields["auth_level.ns.nist"]); + Assert.AreEqual("alias2 nist", fields["preferred_auth_level_types"]); + } + } +} diff --git a/src/DotNetOpenAuth.Test/OpenId/Extensions/ProviderAuthenticationPolicy/PolicyResponseTests.cs b/src/DotNetOpenAuth.Test/OpenId/Extensions/ProviderAuthenticationPolicy/PolicyResponseTests.cs new file mode 100644 index 0000000..1e0ad76 --- /dev/null +++ b/src/DotNetOpenAuth.Test/OpenId/Extensions/ProviderAuthenticationPolicy/PolicyResponseTests.cs @@ -0,0 +1,263 @@ +//----------------------------------------------------------------------- +// <copyright file="PolicyResponseTests.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OpenId.Test.Extensions.ProviderAuthenticationPolicy { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + using Microsoft.VisualStudio.TestTools.UnitTesting; + using DotNetOpenAuth.OpenId.Extensions.ProviderAuthenticationPolicy; + + [TestClass] + public class PolicyResponseTests { + DateTime someLocalTime = new DateTime(2008, 1, 1, 1, 1, 1, 0, DateTimeKind.Local); + DateTime someUtcTime = new DateTime(2008, 1, 1, 1, 1, 1, 0, DateTimeKind.Utc); + DateTime someUnspecifiedTime = new DateTime(2008, 1, 1, 1, 1, 1, 0, DateTimeKind.Unspecified); + [TestMethod] + public void Ctor() { + PolicyResponse resp = new PolicyResponse(); + Assert.IsNotNull(resp.ActualPolicies); + Assert.AreEqual(0, resp.ActualPolicies.Count); + Assert.IsNull(resp.AuthenticationTimeUtc); + Assert.IsNull(resp.NistAssuranceLevel); + } + + [TestMethod] + public void AddPolicies() { + PolicyResponse resp = new PolicyResponse(); + resp.ActualPolicies.Add(AuthenticationPolicies.MultiFactor); + resp.ActualPolicies.Add(AuthenticationPolicies.PhishingResistant); + Assert.AreEqual(2, resp.ActualPolicies.Count); + Assert.AreEqual(AuthenticationPolicies.MultiFactor, resp.ActualPolicies[0]); + Assert.AreEqual(AuthenticationPolicies.PhishingResistant, resp.ActualPolicies[1]); + } + + [TestMethod] + public void AddPolicyMultipleTimes() { + // Although this isn't really the desired behavior (we'd prefer to see an + // exception thrown), since we're using a List<string> internally we can't + // expect anything better (for now). But if this is ever fixed, by all means + // change this test to expect an exception or something else. + PolicyResponse resp = new PolicyResponse(); + resp.ActualPolicies.Add(AuthenticationPolicies.MultiFactor); + resp.ActualPolicies.Add(AuthenticationPolicies.MultiFactor); + Assert.AreEqual(2, resp.ActualPolicies.Count); + } + + [TestMethod] + public void AuthenticationTimeUtcConvertsToUtc() { + PolicyResponse resp = new PolicyResponse(); + resp.AuthenticationTimeUtc = someLocalTime; + Assert.IsNotNull(resp.AuthenticationTimeUtc); + Assert.AreEqual(DateTimeKind.Utc, resp.AuthenticationTimeUtc.Value.Kind); + Assert.AreEqual(someLocalTime.ToUniversalTime(), resp.AuthenticationTimeUtc.Value); + } + + [TestMethod] + public void AuthenticationTimeUtcSetUtc() { + PolicyResponse resp = new PolicyResponse(); + resp.AuthenticationTimeUtc = someUtcTime; + Assert.AreEqual(someUtcTime, resp.AuthenticationTimeUtc); + } + + [TestMethod, ExpectedException(typeof(ArgumentException))] + public void AuthenticationTimeUtcSetUnspecified() { + PolicyResponse resp = new PolicyResponse(); + resp.AuthenticationTimeUtc = someUnspecifiedTime; + } + + [TestMethod] + public void AuthenticationTimeUtcSetNull() { + PolicyResponse resp = new PolicyResponse(); + resp.AuthenticationTimeUtc = null; + Assert.IsNull(resp.AuthenticationTimeUtc); + resp.AuthenticationTimeUtc = someUtcTime; + Assert.IsNotNull(resp.AuthenticationTimeUtc); + resp.AuthenticationTimeUtc = null; + Assert.IsNull(resp.AuthenticationTimeUtc); + } + + [TestMethod] + public void NistAssuranceLevelSetVarious() { + PolicyResponse resp = new PolicyResponse(); + resp.NistAssuranceLevel = NistAssuranceLevel.Level1; + Assert.AreEqual(NistAssuranceLevel.Level1, resp.NistAssuranceLevel); + resp.NistAssuranceLevel = null; + Assert.IsNull(resp.NistAssuranceLevel); + resp.NistAssuranceLevel = NistAssuranceLevel.InsufficientForLevel1; + Assert.AreEqual(NistAssuranceLevel.InsufficientForLevel1, resp.NistAssuranceLevel); + } + + [TestMethod] + public void AssuranceLevels() { + PolicyResponse resp = new PolicyResponse(); + Assert.AreEqual(0, resp.AssuranceLevels.Count); + resp.NistAssuranceLevel = NistAssuranceLevel.Level2; + Assert.AreEqual(1, resp.AssuranceLevels.Count); + Assert.AreEqual("2", resp.AssuranceLevels[Constants.AuthenticationLevels.NistTypeUri]); + resp.AssuranceLevels[Constants.AuthenticationLevels.NistTypeUri] = "3"; + Assert.AreEqual(NistAssuranceLevel.Level3, resp.NistAssuranceLevel); + resp.AssuranceLevels.Clear(); + Assert.IsNull(resp.NistAssuranceLevel); + } + + [TestMethod] + public void EqualsTest() { + PolicyResponse resp = new PolicyResponse(); + PolicyResponse resp2 = new PolicyResponse(); + Assert.AreEqual(resp, resp2); + Assert.AreNotEqual(resp, null); + Assert.AreNotEqual(null, resp); + + // Test ActualPolicies list comparison + resp.ActualPolicies.Add(AuthenticationPolicies.PhishingResistant); + Assert.AreNotEqual(resp, resp2); + resp2.ActualPolicies.Add(AuthenticationPolicies.MultiFactor); + Assert.AreNotEqual(resp, resp2); + resp2.ActualPolicies.Clear(); + resp2.ActualPolicies.Add(AuthenticationPolicies.PhishingResistant); + Assert.AreEqual(resp, resp2); + + // Test ActualPolicies list comparison when that list is not in the same order. + resp.ActualPolicies.Add(AuthenticationPolicies.MultiFactor); + Assert.AreNotEqual(resp, resp2); + resp2.ActualPolicies.Insert(0, AuthenticationPolicies.MultiFactor); + Assert.AreEqual(resp, resp2); + + // Test AuthenticationTimeUtc comparison. + resp.AuthenticationTimeUtc = DateTime.Now; + Assert.AreNotEqual(resp, resp2); + resp2.AuthenticationTimeUtc = resp.AuthenticationTimeUtc; + Assert.AreEqual(resp, resp2); + resp2.AuthenticationTimeUtc += TimeSpan.FromSeconds(1); + Assert.AreNotEqual(resp, resp2); + resp2.AuthenticationTimeUtc = resp.AuthenticationTimeUtc; + Assert.AreEqual(resp, resp2); + + // Test NistAssuranceLevel comparison. + resp.NistAssuranceLevel = NistAssuranceLevel.InsufficientForLevel1; + Assert.AreNotEqual(resp, resp2); + resp2.NistAssuranceLevel = NistAssuranceLevel.InsufficientForLevel1; + Assert.AreEqual(resp, resp2); + resp.NistAssuranceLevel = NistAssuranceLevel.Level2; + Assert.AreNotEqual(resp, resp2); + resp2.NistAssuranceLevel = NistAssuranceLevel.Level2; + Assert.AreEqual(resp, resp2); + + // Test AssuranceLevels comparison. + resp.AssuranceLevels.Add("custom", "b"); + Assert.AreNotEqual(resp, resp2); + resp2.AssuranceLevels.Add("custom", "2"); + Assert.AreNotEqual(resp, resp2); + resp2.AssuranceLevels["custom"] = "b"; + Assert.AreEqual(resp, resp2); + resp.AssuranceLevels[Constants.AuthenticationLevels.NistTypeUri] = "1"; + Assert.AreNotEqual(resp, resp2); + resp2.AssuranceLevels[Constants.AuthenticationLevels.NistTypeUri] = "1"; + Assert.AreEqual(resp, resp2); + } + + [TestMethod] + public void DeserializeNull() { + PolicyResponse resp = new PolicyResponse(); + Assert.IsFalse(((IExtensionResponse)resp).Deserialize(null, null, Constants.TypeUri)); + } + + [TestMethod] + public void DeserializeEmpty() { + PolicyResponse resp = new PolicyResponse(); + Assert.IsFalse(((IExtensionResponse)resp).Deserialize(new Dictionary<string, string>(), null, Constants.TypeUri)); + } + + [TestMethod] + public void SerializeRoundTrip() { + // This test relies on the PolicyResponse.Equals method. If this and that test + // are failing, work on EqualsTest first. + + // Most basic test + PolicyResponse resp = new PolicyResponse(), resp2 = new PolicyResponse(); + var fields = ((IExtensionResponse)resp).Serialize(null); + Assert.IsTrue(((IExtensionResponse)resp2).Deserialize(fields, null, Constants.TypeUri)); + Assert.AreEqual(resp, resp2); + + // Test with all fields set + resp2 = new PolicyResponse(); + resp.ActualPolicies.Add(AuthenticationPolicies.MultiFactor); + resp.AuthenticationTimeUtc = someUtcTime; + resp.NistAssuranceLevel = NistAssuranceLevel.Level2; + fields = ((IExtensionResponse)resp).Serialize(null); + Assert.IsTrue(((IExtensionResponse)resp2).Deserialize(fields, null, Constants.TypeUri)); + Assert.AreEqual(resp, resp2); + + // Test with an extra policy + resp2 = new PolicyResponse(); + resp.ActualPolicies.Add(AuthenticationPolicies.PhishingResistant); + resp.AssuranceLevels.Add("customlevel", "ABC"); + fields = ((IExtensionResponse)resp).Serialize(null); + Assert.IsTrue(((IExtensionResponse)resp2).Deserialize(fields, null, Constants.TypeUri)); + Assert.AreEqual(resp, resp2); + + // Test with a policy added twice. We should see it intelligently leave one of + // the doubled policies out. + resp2 = new PolicyResponse(); + resp.ActualPolicies.Add(AuthenticationPolicies.PhishingResistant); + fields = ((IExtensionResponse)resp).Serialize(null); + Assert.IsTrue(((IExtensionResponse)resp2).Deserialize(fields, null, Constants.TypeUri)); + Assert.AreNotEqual(resp, resp2); + // Now go ahead and add the doubled one so we can do our equality test. + resp2.ActualPolicies.Add(AuthenticationPolicies.PhishingResistant); + Assert.AreEqual(resp, resp2); + } + + [TestMethod] + public void Serialize() { + PolicyResponse resp = new PolicyResponse(), resp2 = new PolicyResponse(); + var fields = ((IExtensionResponse)resp).Serialize(null); + Assert.AreEqual(1, fields.Count); + Assert.IsTrue(fields.ContainsKey("auth_policies")); + Assert.AreEqual(AuthenticationPolicies.None, fields["auth_policies"]); + + resp.ActualPolicies.Add(AuthenticationPolicies.PhishingResistant); + fields = ((IExtensionResponse)resp).Serialize(null); + Assert.AreEqual(1, fields.Count); + Assert.AreEqual(AuthenticationPolicies.PhishingResistant, fields["auth_policies"]); + + resp.ActualPolicies.Add(AuthenticationPolicies.PhysicalMultiFactor); + fields = ((IExtensionResponse)resp).Serialize(null); + Assert.AreEqual(1, fields.Count); + Assert.AreEqual( + AuthenticationPolicies.PhishingResistant + " " + AuthenticationPolicies.PhysicalMultiFactor, + fields["auth_policies"]); + + resp.AuthenticationTimeUtc = DateTime.UtcNow; + fields = ((IExtensionResponse)resp).Serialize(null); + Assert.AreEqual(2, fields.Count); + Assert.IsTrue(fields.ContainsKey("auth_time")); + + resp.NistAssuranceLevel = NistAssuranceLevel.Level3; + fields = ((IExtensionResponse)resp).Serialize(null); + Assert.AreEqual(4, fields.Count); + Assert.IsTrue(fields.ContainsKey("auth_level.ns.nist")); + Assert.AreEqual(Constants.AuthenticationLevels.NistTypeUri, fields["auth_level.ns.nist"]); + Assert.IsTrue(fields.ContainsKey("auth_level.nist")); + Assert.AreEqual("3", fields["auth_level.nist"]); + + resp.AssuranceLevels.Add("custom", "CU"); + fields = ((IExtensionResponse)resp).Serialize(null); + Assert.AreEqual(6, fields.Count); + Assert.IsTrue(fields.ContainsKey("auth_level.ns.alias2")); + Assert.AreEqual("custom", fields["auth_level.ns.alias2"]); + Assert.IsTrue(fields.ContainsKey("auth_level.alias2")); + Assert.AreEqual("CU", fields["auth_level.alias2"]); + // and make sure the NIST is still there. + Assert.IsTrue(fields.ContainsKey("auth_level.ns.nist")); + Assert.AreEqual(Constants.AuthenticationLevels.NistTypeUri, fields["auth_level.ns.nist"]); + Assert.IsTrue(fields.ContainsKey("auth_level.nist")); + Assert.AreEqual("3", fields["auth_level.nist"]); + } + } +} |