diff options
Diffstat (limited to 'src/DotNetOpenAuth.Test')
13 files changed, 215 insertions, 20 deletions
diff --git a/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj b/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj index 680a9ef..7e92cb5 100644 --- a/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj +++ b/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj @@ -163,6 +163,7 @@ <Compile Include="Hosting\HostingTests.cs" /> <Compile Include="Hosting\HttpHost.cs" /> <Compile Include="Hosting\TestingWorkerRequest.cs" /> + <Compile Include="LocalizationTests.cs" /> <Compile Include="Messaging\CollectionAssert.cs" /> <Compile Include="Messaging\EnumerableCacheTests.cs" /> <Compile Include="Messaging\ErrorUtilitiesTests.cs" /> @@ -185,6 +186,7 @@ <Compile Include="Mocks\MockHttpRequest.cs" /> <Compile Include="Mocks\MockIdentifier.cs" /> <Compile Include="Mocks\MockOpenIdExtension.cs" /> + <Compile Include="Mocks\MockRealm.cs" /> <Compile Include="Mocks\MockTransformationBindingElement.cs" /> <Compile Include="Mocks\MockReplayProtectionBindingElement.cs" /> <Compile Include="Mocks\TestBaseMessage.cs" /> diff --git a/src/DotNetOpenAuth.Test/Hosting/HostingTests.cs b/src/DotNetOpenAuth.Test/Hosting/HostingTests.cs index ff72c66..d7de7a1 100644 --- a/src/DotNetOpenAuth.Test/Hosting/HostingTests.cs +++ b/src/DotNetOpenAuth.Test/Hosting/HostingTests.cs @@ -18,15 +18,19 @@ namespace DotNetOpenAuth.Test.Hosting { public class HostingTests : TestBase { [TestMethod] public void AspHostBasicTest() { - using (AspNetHost host = AspNetHost.CreateHost(TestWebDirectory)) { - HttpWebRequest request = (HttpWebRequest)WebRequest.Create(host.BaseUri); - using (HttpWebResponse response = (HttpWebResponse)request.GetResponse()) { - Assert.AreEqual(HttpStatusCode.OK, response.StatusCode); - using (StreamReader sr = new StreamReader(response.GetResponseStream())) { - string content = sr.ReadToEnd(); - StringAssert.Contains(content, "Test home page"); + try { + using (AspNetHost host = AspNetHost.CreateHost(TestWebDirectory)) { + HttpWebRequest request = (HttpWebRequest)WebRequest.Create(host.BaseUri); + using (HttpWebResponse response = (HttpWebResponse)request.GetResponse()) { + Assert.AreEqual(HttpStatusCode.OK, response.StatusCode); + using (StreamReader sr = new StreamReader(response.GetResponseStream())) { + string content = sr.ReadToEnd(); + StringAssert.Contains(content, "Test home page"); + } } } + } catch (FileNotFoundException ex) { + Assert.Inconclusive("Unable to execute hosted ASP.NET tests because {0} could not be found. {1}", ex.FileName, ex.FusionLog); } } } diff --git a/src/DotNetOpenAuth.Test/LocalizationTests.cs b/src/DotNetOpenAuth.Test/LocalizationTests.cs new file mode 100644 index 0000000..50e9a34 --- /dev/null +++ b/src/DotNetOpenAuth.Test/LocalizationTests.cs @@ -0,0 +1,28 @@ +//----------------------------------------------------------------------- +// <copyright file="LocalizationTests.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.Test { + using System; + using System.Globalization; + using System.Threading; + using DotNetOpenAuth.Messaging; + using Microsoft.VisualStudio.TestTools.UnitTesting; + + /// <summary> + /// Tests various localized resources work as expected. + /// </summary> + [TestClass] + public class LocalizationTests { + /// <summary> + /// Tests that Serbian localized strings are correctly installed. + /// </summary> + [TestMethod, ExpectedException(typeof(InvalidOperationException), "Ovaj metod zahteva tekući HttpContext. Kao alternativa, koristite preklopljeni metod koji dozvoljava da se prosledi informacija bez HttpContext-a.")] + public void Serbian() { + Thread.CurrentThread.CurrentUICulture = CultureInfo.GetCultureInfo("sr"); + ErrorUtilities.VerifyHttpContext(); + } + } +} diff --git a/src/DotNetOpenAuth.Test/Messaging/HttpRequestInfoTests.cs b/src/DotNetOpenAuth.Test/Messaging/HttpRequestInfoTests.cs index 4cdaa39..05ac306 100644 --- a/src/DotNetOpenAuth.Test/Messaging/HttpRequestInfoTests.cs +++ b/src/DotNetOpenAuth.Test/Messaging/HttpRequestInfoTests.cs @@ -30,6 +30,50 @@ namespace DotNetOpenAuth.Test.Messaging { Assert.AreEqual(request.HttpMethod, info.HttpMethod); } + // All these tests are ineffective because ServerVariables[] cannot be set. + ////[TestMethod] + ////public void CtorRequestWithDifferentPublicHttpHost() { + //// HttpRequest request = new HttpRequest("file", "http://someserver?a=b", "a=b"); + //// request.ServerVariables["HTTP_HOST"] = "publichost"; + //// HttpRequestInfo info = new HttpRequestInfo(request); + //// Assert.AreEqual("publichost", info.UrlBeforeRewriting.Host); + //// Assert.AreEqual(80, info.UrlBeforeRewriting.Port); + //// Assert.AreEqual(request.Url.Query, info.Query); + //// Assert.AreEqual(request.QueryString["a"], info.QueryString["a"]); + ////} + + ////[TestMethod] + ////public void CtorRequestWithDifferentPublicHttpsHost() { + //// HttpRequest request = new HttpRequest("file", "https://someserver?a=b", "a=b"); + //// request.ServerVariables["HTTP_HOST"] = "publichost"; + //// HttpRequestInfo info = new HttpRequestInfo(request); + //// Assert.AreEqual("publichost", info.UrlBeforeRewriting.Host); + //// Assert.AreEqual(443, info.UrlBeforeRewriting.Port); + //// Assert.AreEqual(request.Url.Query, info.Query); + //// Assert.AreEqual(request.QueryString["a"], info.QueryString["a"]); + ////} + + ////[TestMethod] + ////public void CtorRequestWithDifferentPublicHostNonstandardPort() { + //// HttpRequest request = new HttpRequest("file", "http://someserver?a=b", "a=b"); + //// request.ServerVariables["HTTP_HOST"] = "publichost:550"; + //// HttpRequestInfo info = new HttpRequestInfo(request); + //// Assert.AreEqual("publichost", info.UrlBeforeRewriting.Host); + //// Assert.AreEqual(550, info.UrlBeforeRewriting.Port); + //// Assert.AreEqual(request.Url.Query, info.Query); + //// Assert.AreEqual(request.QueryString["a"], info.QueryString["a"]); + ////} + + ////[TestMethod] + ////public void CtorRequestWithDifferentPublicIPv6Host() { + //// HttpRequest request = new HttpRequest("file", "http://[fe80::587e:c6e5:d3aa:657a]:8089/v3.1/", ""); + //// request.ServerVariables["HTTP_HOST"] = "[fe80::587e:c6e5:d3aa:657b]:8089"; + //// HttpRequestInfo info = new HttpRequestInfo(request); + //// Assert.AreEqual("[fe80::587e:c6e5:d3aa:657b]", info.UrlBeforeRewriting.Host); + //// Assert.AreEqual(8089, info.UrlBeforeRewriting.Port); + //// Assert.AreEqual(request.Url.Query, info.Query); + ////} + /// <summary> /// Checks that a property dependent on another null property /// doesn't generate a NullReferenceException. diff --git a/src/DotNetOpenAuth.Test/Messaging/Reflection/MessagePartTests.cs b/src/DotNetOpenAuth.Test/Messaging/Reflection/MessagePartTests.cs index 0215801..19e6a82 100644 --- a/src/DotNetOpenAuth.Test/Messaging/Reflection/MessagePartTests.cs +++ b/src/DotNetOpenAuth.Test/Messaging/Reflection/MessagePartTests.cs @@ -82,7 +82,7 @@ namespace DotNetOpenAuth.Test.Messaging.Reflection { Assert.AreEqual("abc", part.GetValue(message)); } - [TestMethod, ExpectedException(typeof(ArgumentException))] + [TestMethod, ExpectedException(typeof(ProtocolException))] public void ConstantFieldMemberInvalidValues() { var message = new MessageWithConstantField(); MessagePart part = GetMessagePart(message.GetType(), "ConstantField"); diff --git a/src/DotNetOpenAuth.Test/Mocks/InMemoryTokenManager.cs b/src/DotNetOpenAuth.Test/Mocks/InMemoryTokenManager.cs index 48547b7..35672d7 100644 --- a/src/DotNetOpenAuth.Test/Mocks/InMemoryTokenManager.cs +++ b/src/DotNetOpenAuth.Test/Mocks/InMemoryTokenManager.cs @@ -106,6 +106,10 @@ namespace DotNetOpenAuth.Test.Mocks { return this.tokens[token]; } + public void UpdateToken(IServiceProviderRequestToken token) { + // Nothing to do here, since we're using Linq To SQL. + } + #endregion /// <summary> diff --git a/src/DotNetOpenAuth.Test/Mocks/MockIdentifier.cs b/src/DotNetOpenAuth.Test/Mocks/MockIdentifier.cs index 2788435..346dde9 100644 --- a/src/DotNetOpenAuth.Test/Mocks/MockIdentifier.cs +++ b/src/DotNetOpenAuth.Test/Mocks/MockIdentifier.cs @@ -25,7 +25,7 @@ namespace DotNetOpenAuth.Test.Mocks { private Identifier wrappedIdentifier; public MockIdentifier(Identifier wrappedIdentifier, MockHttpRequest mockHttpRequest, IEnumerable<ServiceEndpoint> endpoints) - : base(false) { + : base(wrappedIdentifier.OriginalString, false) { Contract.Requires<ArgumentNullException>(wrappedIdentifier != null); Contract.Requires<ArgumentNullException>(mockHttpRequest != null); Contract.Requires<ArgumentNullException>(endpoints != null); diff --git a/src/DotNetOpenAuth.Test/Mocks/MockRealm.cs b/src/DotNetOpenAuth.Test/Mocks/MockRealm.cs new file mode 100644 index 0000000..4e29bba --- /dev/null +++ b/src/DotNetOpenAuth.Test/Mocks/MockRealm.cs @@ -0,0 +1,42 @@ +//----------------------------------------------------------------------- +// <copyright file="MockRealm.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.Test.Mocks { + using System.Collections.Generic; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OpenId; + + internal class MockRealm : Realm { + private RelyingPartyEndpointDescription[] relyingPartyDescriptions; + + /// <summary> + /// Initializes a new instance of the <see cref="MockRealm"/> class. + /// </summary> + /// <param name="wrappedRealm">The wrapped realm.</param> + /// <param name="relyingPartyDescriptions">The relying party descriptions.</param> + internal MockRealm(Realm wrappedRealm, params RelyingPartyEndpointDescription[] relyingPartyDescriptions) + : base(wrappedRealm) { + ErrorUtilities.VerifyArgumentNotNull(relyingPartyDescriptions, "relyingPartyDescriptions"); + + this.relyingPartyDescriptions = relyingPartyDescriptions; + } + + /// <summary> + /// Searches for an XRDS document at the realm URL, and if found, searches + /// for a description of a relying party endpoints (OpenId login pages). + /// </summary> + /// <param name="requestHandler">The mechanism to use for sending HTTP requests.</param> + /// <param name="allowRedirects">Whether redirects may be followed when discovering the Realm. + /// This may be true when creating an unsolicited assertion, but must be + /// false when performing return URL verification per 2.0 spec section 9.2.1.</param> + /// <returns> + /// The details of the endpoints if found, otherwise null. + /// </returns> + internal override IEnumerable<RelyingPartyEndpointDescription> Discover(IDirectWebRequestHandler requestHandler, bool allowRedirects) { + return this.relyingPartyDescriptions; + } + } +} diff --git a/src/DotNetOpenAuth.Test/OpenId/ChannelElements/SigningBindingElementTests.cs b/src/DotNetOpenAuth.Test/OpenId/ChannelElements/SigningBindingElementTests.cs index 6bd2c00..3ab6559 100644 --- a/src/DotNetOpenAuth.Test/OpenId/ChannelElements/SigningBindingElementTests.cs +++ b/src/DotNetOpenAuth.Test/OpenId/ChannelElements/SigningBindingElementTests.cs @@ -36,7 +36,7 @@ namespace DotNetOpenAuth.Test.OpenId.ChannelElements { signedMessage.UtcCreationDate = DateTime.Parse("1/1/2009"); signedMessage.AssociationHandle = association.Handle; Assert.IsNotNull(signer.ProcessOutgoingMessage(message)); - Assert.AreEqual("0wOdvNgzCZ5I5AzbU58Nq2Tg8EJZ7QoNz4gpx2r7jII=", signedMessage.Signature); + Assert.AreEqual("o9+uN7qTaUS9v0otbHTuNAtbkpBm14+es9QnNo6IHD4=", signedMessage.Signature); } /// <summary> diff --git a/src/DotNetOpenAuth.Test/OpenId/OpenIdTestBase.cs b/src/DotNetOpenAuth.Test/OpenId/OpenIdTestBase.cs index 59c818c..5034b7e 100644 --- a/src/DotNetOpenAuth.Test/OpenId/OpenIdTestBase.cs +++ b/src/DotNetOpenAuth.Test/OpenId/OpenIdTestBase.cs @@ -71,6 +71,14 @@ namespace DotNetOpenAuth.Test.OpenId { this.MockResponder = MockHttpRequest.CreateUntrustedMockHttpHandler(); this.RequestHandler = this.MockResponder.MockWebRequestHandler; this.AutoProviderScenario = Scenarios.AutoApproval; + Identifier.EqualityOnStrings = true; + } + + [TestCleanup] + public override void Cleanup() { + base.Cleanup(); + + Identifier.EqualityOnStrings = false; } /// <summary> @@ -168,6 +176,11 @@ namespace DotNetOpenAuth.Test.OpenId { } } + protected Realm GetMockRealm(bool useSsl) { + var rpDescription = new RelyingPartyEndpointDescription(useSsl ? RPUriSsl : RPUri, new string[] { Protocol.V20.RPReturnToTypeURI }); + return new MockRealm(useSsl ? RPRealmUriSsl : RPRealmUri, rpDescription); + } + protected Identifier GetMockIdentifier(ProtocolVersion providerVersion) { return this.GetMockIdentifier(providerVersion, false); } diff --git a/src/DotNetOpenAuth.Test/OpenId/Provider/OpenIdProviderTests.cs b/src/DotNetOpenAuth.Test/OpenId/Provider/OpenIdProviderTests.cs index 7c92389..8528aa7 100644 --- a/src/DotNetOpenAuth.Test/OpenId/Provider/OpenIdProviderTests.cs +++ b/src/DotNetOpenAuth.Test/OpenId/Provider/OpenIdProviderTests.cs @@ -6,6 +6,7 @@ namespace DotNetOpenAuth.Test.OpenId.Provider { using System; + using System.IO; using System.Web; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OpenId; @@ -128,15 +129,19 @@ namespace DotNetOpenAuth.Test.OpenId.Provider { [TestMethod] public void BadRequestsGenerateValidErrorResponsesHosted() { - using (AspNetHost host = AspNetHost.CreateHost(TestWebDirectory)) { - Uri opEndpoint = new Uri(host.BaseUri, "/OpenIdProviderEndpoint.ashx"); - var rp = new OpenIdRelyingParty(null); - var nonOpenIdMessage = new Mocks.TestDirectedMessage(); - nonOpenIdMessage.Recipient = opEndpoint; - nonOpenIdMessage.HttpMethods = HttpDeliveryMethods.PostRequest; - MessagingTestBase.GetStandardTestMessage(MessagingTestBase.FieldFill.AllRequired, nonOpenIdMessage); - var response = rp.Channel.Request<DirectErrorResponse>(nonOpenIdMessage); - Assert.IsNotNull(response.ErrorMessage); + try { + using (AspNetHost host = AspNetHost.CreateHost(TestWebDirectory)) { + Uri opEndpoint = new Uri(host.BaseUri, "/OpenIdProviderEndpoint.ashx"); + var rp = new OpenIdRelyingParty(null); + var nonOpenIdMessage = new Mocks.TestDirectedMessage(); + nonOpenIdMessage.Recipient = opEndpoint; + nonOpenIdMessage.HttpMethods = HttpDeliveryMethods.PostRequest; + MessagingTestBase.GetStandardTestMessage(MessagingTestBase.FieldFill.AllRequired, nonOpenIdMessage); + var response = rp.Channel.Request<DirectErrorResponse>(nonOpenIdMessage); + Assert.IsNotNull(response.ErrorMessage); + } + } catch (FileNotFoundException ex) { + Assert.Inconclusive("Unable to execute hosted ASP.NET tests because {0} could not be found. {1}", ex.FileName, ex.FusionLog); } } } diff --git a/src/DotNetOpenAuth.Test/OpenId/RelyingParty/OpenIdRelyingPartyTests.cs b/src/DotNetOpenAuth.Test/OpenId/RelyingParty/OpenIdRelyingPartyTests.cs index 68bbff3..f6a57e7 100644 --- a/src/DotNetOpenAuth.Test/OpenId/RelyingParty/OpenIdRelyingPartyTests.cs +++ b/src/DotNetOpenAuth.Test/OpenId/RelyingParty/OpenIdRelyingPartyTests.cs @@ -63,6 +63,21 @@ namespace DotNetOpenAuth.Test.OpenId.RelyingParty { Assert.AreEqual(1, requests.Count()); } + [TestMethod] + public void CreateRequestsWithEndpointFilter() { + var rp = this.CreateRelyingParty(); + StoreAssociation(rp, OPUri, HmacShaAssociation.Create("somehandle", new byte[20], TimeSpan.FromDays(1))); + Identifier id = Identifier.Parse(GetMockIdentifier(ProtocolVersion.V20)); + + rp.EndpointFilter = opendpoint => true; + var requests = rp.CreateRequests(id, RPRealmUri, RPUri); + Assert.AreEqual(1, requests.Count()); + + rp.EndpointFilter = opendpoint => false; + requests = rp.CreateRequests(id, RPRealmUri, RPUri); + Assert.AreEqual(0, requests.Count()); + } + [TestMethod, ExpectedException(typeof(ProtocolException))] public void CreateRequestOnNonOpenID() { Uri nonOpenId = new Uri("http://www.microsoft.com/"); @@ -79,5 +94,31 @@ namespace DotNetOpenAuth.Test.OpenId.RelyingParty { var requests = rp.CreateRequests(nonOpenId, RPRealmUri, RPUri); Assert.AreEqual(0, requests.Count()); } + + /// <summary> + /// Verifies that incoming positive assertions throw errors if they come from + /// OPs that are not approved by <see cref="OpenIdRelyingParty.EndpointFilter"/>. + /// </summary> + [TestMethod] + public void AssertionWithEndpointFilter() { + var coordinator = new OpenIdCoordinator( + rp => { + // register with RP so that id discovery passes + rp.Channel.WebRequestHandler = this.MockResponder.MockWebRequestHandler; + + // Rig it to always deny the incoming OP + rp.EndpointFilter = op => false; + + // Receive the unsolicited assertion + var response = rp.GetResponse(); + Assert.AreEqual(AuthenticationStatus.Failed, response.Status); + }, + op => { + Identifier id = GetMockIdentifier(ProtocolVersion.V20); + op.SendUnsolicitedAssertion(OPUri, GetMockRealm(false), id, id); + AutoProvider(op); + }); + coordinator.Run(); + } } } diff --git a/src/DotNetOpenAuth.Test/OpenId/RelyingParty/PositiveAuthenticationResponseTests.cs b/src/DotNetOpenAuth.Test/OpenId/RelyingParty/PositiveAuthenticationResponseTests.cs index 7701090..701bcae 100644 --- a/src/DotNetOpenAuth.Test/OpenId/RelyingParty/PositiveAuthenticationResponseTests.cs +++ b/src/DotNetOpenAuth.Test/OpenId/RelyingParty/PositiveAuthenticationResponseTests.cs @@ -38,7 +38,7 @@ namespace DotNetOpenAuth.Test.OpenId.RelyingParty { Assert.AreEqual(AuthenticationStatus.Authenticated, authResponse.Status); Assert.IsNull(authResponse.Exception); Assert.AreEqual<string>(assertion.ClaimedIdentifier, authResponse.ClaimedIdentifier); - Assert.AreEqual<string>(authResponseAccessor.endpoint.FriendlyIdentifierForDisplay, authResponse.FriendlyIdentifierForDisplay); + Assert.AreEqual<string>(authResponse.Endpoint.FriendlyIdentifierForDisplay, authResponse.FriendlyIdentifierForDisplay); Assert.AreSame(extension, authResponse.GetUntrustedExtension(typeof(ClaimsResponse))); Assert.AreSame(extension, authResponse.GetUntrustedExtension<ClaimsResponse>()); Assert.IsNull(authResponse.GetCallbackArgument("a")); @@ -59,6 +59,18 @@ namespace DotNetOpenAuth.Test.OpenId.RelyingParty { Assert.AreEqual(AuthenticationStatus.Failed, authResponse.Status); } + /// <summary> + /// Verifies that the RP rejects positive assertions with HTTP Claimed + /// Cdentifiers when RequireSsl is set to true. + /// </summary> + [TestMethod, ExpectedException(typeof(ProtocolException))] + public void InsecureIdentifiersRejectedWithRequireSsl() { + PositiveAssertionResponse assertion = this.GetPositiveAssertion(); + var rp = CreateRelyingParty(); + rp.SecuritySettings.RequireSsl = true; + var authResponse = new PositiveAuthenticationResponse(assertion, rp); + } + [TestMethod] public void GetCallbackArguments() { PositiveAssertionResponse assertion = this.GetPositiveAssertion(); |