summaryrefslogtreecommitdiffstats
path: root/src/DotNetOpenAuth.Test
diff options
context:
space:
mode:
Diffstat (limited to 'src/DotNetOpenAuth.Test')
-rw-r--r--src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj2
-rw-r--r--src/DotNetOpenAuth.Test/OpenId/AssociationHandshakeTests.cs68
-rw-r--r--src/DotNetOpenAuth.Test/OpenId/Messages/CheckIdRequestTests.cs105
-rw-r--r--src/DotNetOpenAuth.Test/OpenId/RealmTests.cs224
4 files changed, 399 insertions, 0 deletions
diff --git a/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj b/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj
index 4469c17..6e294e5 100644
--- a/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj
+++ b/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj
@@ -102,11 +102,13 @@
<Compile Include="OpenId\Messages\AssociateUnsuccessfulResponseTests.cs" />
<Compile Include="OpenId\Messages\AssociateUnencryptedResponseTests.cs" />
<Compile Include="OpenId\ChannelElements\OpenIdChannelTests.cs" />
+ <Compile Include="OpenId\Messages\CheckIdRequestTests.cs" />
<Compile Include="OpenId\Messages\DirectErrorResponseTests.cs" />
<Compile Include="OpenId\Messages\IndirectErrorResponseTests.cs" />
<Compile Include="OpenId\OpenIdCoordinator.cs" />
<Compile Include="OpenId\AssociationHandshakeTests.cs" />
<Compile Include="OpenId\OpenIdTestBase.cs" />
+ <Compile Include="OpenId\RealmTests.cs" />
<Compile Include="Properties\AssemblyInfo.cs" />
<Compile Include="Messaging\ResponseTests.cs" />
<Compile Include="OAuth\AppendixScenarios.cs" />
diff --git a/src/DotNetOpenAuth.Test/OpenId/AssociationHandshakeTests.cs b/src/DotNetOpenAuth.Test/OpenId/AssociationHandshakeTests.cs
index 054a149..7743ccc 100644
--- a/src/DotNetOpenAuth.Test/OpenId/AssociationHandshakeTests.cs
+++ b/src/DotNetOpenAuth.Test/OpenId/AssociationHandshakeTests.cs
@@ -35,6 +35,74 @@ namespace DotNetOpenAuth.Test.OpenId {
}
/// <summary>
+ /// Verifies that the RP and OP can renegotiate an association type if the RP's
+ /// initial request for an association is for a type the OP doesn't support.
+ /// </summary>
+ [TestMethod, Ignore]
+ public void AssociateRenegotiateBitLength() {
+ // TODO: test where the RP asks for an association type that the OP doesn't support
+ throw new NotImplementedException();
+ }
+
+ /// <summary>
+ /// Verifies that the RP cannot get caught in an infinite loop if a bad OP
+ /// keeps sending it association retry messages.
+ /// </summary>
+ [TestMethod, Ignore]
+ public void AssociateRenegotiateBitLengthRPStopsAfterOneRetry() {
+ // TODO: code here
+ throw new NotImplementedException();
+ }
+
+ /// <summary>
+ /// Verifies security settings limit RP's initial associate request
+ /// </summary>
+ [TestMethod, Ignore]
+ public void AssociateRequestDeterminedBySecuritySettings() {
+ // TODO: Code here
+ throw new NotImplementedException();
+ }
+
+ /// <summary>
+ /// Verifies security settings limit RP's acceptance of OP's counter-suggestion
+ /// </summary>
+ [TestMethod, Ignore]
+ public void AssociateRenegotiateLimitedByRPSecuritySettings() {
+ // TODO: Code here
+ throw new NotImplementedException();
+ }
+
+ /// <summary>
+ /// Verifies security settings limit OP's set of acceptable association types.
+ /// </summary>
+ [TestMethod, Ignore]
+ public void AssociateLimitedByOPSecuritySettings() {
+ // TODO: Code here
+ throw new NotImplementedException();
+ }
+
+ /// <summary>
+ /// Verifies the RP can recover with no association after receiving an
+ /// associate error response from the OP when no suggested association
+ /// type is included.
+ /// </summary>
+ [TestMethod, Ignore]
+ public void AssociateContinueAfterOpenIdError() {
+ // TODO: Code here
+ throw new NotImplementedException();
+ }
+
+ /// <summary>
+ /// Verifies that the RP can recover from an invalid or non-existent
+ /// response from the OP, for example in the HTTP timeout case.
+ /// </summary>
+ [TestMethod, Ignore]
+ public void AssociateContinueAfterHttpError() {
+ // TODO: Code here
+ throw new NotImplementedException();
+ }
+
+ /// <summary>
/// Runs a parameterized association flow test using all supported OpenID versions.
/// </summary>
/// <param name="opEndpoint">The OP endpoint to simulate using.</param>
diff --git a/src/DotNetOpenAuth.Test/OpenId/Messages/CheckIdRequestTests.cs b/src/DotNetOpenAuth.Test/OpenId/Messages/CheckIdRequestTests.cs
new file mode 100644
index 0000000..0f970f9
--- /dev/null
+++ b/src/DotNetOpenAuth.Test/OpenId/Messages/CheckIdRequestTests.cs
@@ -0,0 +1,105 @@
+//-----------------------------------------------------------------------
+// <copyright file="CheckIdRequestTests.cs" company="Andrew Arnott">
+// Copyright (c) Andrew Arnott. All rights reserved.
+// </copyright>
+//-----------------------------------------------------------------------
+
+namespace DotNetOpenAuth.Test.OpenId.Messages {
+ using System;
+ using System.Collections.Generic;
+ using System.Linq;
+ using System.Text;
+ using Microsoft.VisualStudio.TestTools.UnitTesting;
+ using DotNetOpenAuth.OpenId.Messages;
+ using DotNetOpenAuth.OpenId;
+ using DotNetOpenAuth.Messaging;
+
+ [TestClass]
+ public class CheckIdRequestTests : OpenIdTestBase {
+ private Uri ProviderEndpoint;
+ private CheckIdRequest immediatev1;
+ private CheckIdRequest setupv1;
+ private CheckIdRequest immediatev2;
+ private CheckIdRequest setupv2;
+
+
+ [TestInitialize]
+ public override void SetUp() {
+ base.SetUp();
+
+ ProviderEndpoint = new Uri("http://host");
+
+ immediatev1 = new CheckIdRequest(Protocol.V11.Version, ProviderEndpoint, true);
+ setupv1 = new CheckIdRequest(Protocol.V11.Version, ProviderEndpoint, false);
+
+ immediatev2 = new CheckIdRequest(Protocol.V20.Version, ProviderEndpoint, true);
+ setupv2 = new CheckIdRequest(Protocol.V20.Version, ProviderEndpoint, false);
+
+ // Prepare all message versions so that they SHOULD be valid by default.
+ // In particular, V1 messages require ReturnTo.
+ immediatev1.ReturnTo = new Uri("http://returnto/");
+ setupv1.ReturnTo = new Uri("http://returnto/");
+
+ try {
+ immediatev1.EnsureValidMessage();
+ setupv1.EnsureValidMessage();
+ immediatev2.EnsureValidMessage();
+ setupv2.EnsureValidMessage();
+ } catch (ProtocolException ex) {
+ Assert.Inconclusive("All messages ought to be valid before tests run, but got: {0}", ex.Message);
+ }
+ }
+
+ /// <summary>
+ /// Tests that having <see cref="CheckIdRequest.ClaimedIdentifier"/> set without
+ /// <see cref="CheckIdRequest.LocalIdentifier"/> set is recognized as an error in OpenID 2.x.
+ /// </summary>
+ [TestMethod, ExpectedException(typeof(ProtocolException))]
+ public void ClaimedIdentifierWithoutIdentity() {
+ setupv2.ClaimedIdentifier = "http://andrew.arnott.myopenid.com/";
+ setupv2.EnsureValidMessage();
+ }
+
+ /// <summary>
+ /// Tests that having <see cref="CheckIdRequest.LocalIdentifier"/> set without
+ /// <see cref="CheckIdRequest.ClaimedIdentifier"/> set is recognized as an error in OpenID 2.x.
+ /// </summary>
+ [TestMethod, ExpectedException(typeof(ProtocolException))]
+ public void LocalIdentifierWithoutClaimedIdentifier() {
+ setupv2.LocalIdentifier = "http://andrew.arnott.myopenid.com/";
+ setupv2.EnsureValidMessage();
+ }
+
+ /// <summary>
+ /// Tests that having <see cref="CheckIdRequest.LocalIdentifier"/> set without
+ /// <see cref="CheckIdRequest.ClaimedIdentifier"/> set is recognized as valid in OpenID 1.x.
+ /// </summary>
+ [TestMethod]
+ public void LocalIdentifierWithoutClaimedIdentifierV1() {
+ setupv1.LocalIdentifier = "http://andrew.arnott.myopenid.com/";
+ setupv1.EnsureValidMessage();
+ }
+
+ /// <summary>
+ /// Verifies that the validation check throws if the return_to and the realm
+ /// values are not compatible.
+ /// </summary>
+ [TestMethod, ExpectedException(typeof(ProtocolException))]
+ public void RealmReturnToMismatchV2() {
+ setupv2.Realm = "http://somehost/";
+ setupv2.ReturnTo = new Uri("http://someotherhost/");
+ setupv2.EnsureValidMessage();
+ }
+
+ /// <summary>
+ /// Verifies that the validation check throws if the return_to and the realm
+ /// values are not compatible.
+ /// </summary>
+ [TestMethod, ExpectedException(typeof(ProtocolException))]
+ public void RealmReturnToMismatchV1() {
+ setupv1.Realm = "http://somehost/";
+ setupv1.ReturnTo = new Uri("http://someotherhost/");
+ setupv1.EnsureValidMessage();
+ }
+ }
+}
diff --git a/src/DotNetOpenAuth.Test/OpenId/RealmTests.cs b/src/DotNetOpenAuth.Test/OpenId/RealmTests.cs
new file mode 100644
index 0000000..5d59ded
--- /dev/null
+++ b/src/DotNetOpenAuth.Test/OpenId/RealmTests.cs
@@ -0,0 +1,224 @@
+//-----------------------------------------------------------------------
+// <copyright file="RealmTests.cs" company="Andrew Arnott">
+// Copyright (c) Andrew Arnott. All rights reserved.
+// </copyright>
+//-----------------------------------------------------------------------
+
+namespace DotNetOpenAuth.Test
+{
+ using System;
+ using Microsoft.VisualStudio.TestTools.UnitTesting;
+ using DotNetOpenAuth.OpenId;
+
+ [TestClass]
+ public class RealmTests
+ {
+ [TestMethod]
+ public void ValidRealmsTest()
+ {
+ // Just create these. If any are determined to be invalid,
+ // an exception should be thrown that would fail this test.
+ new Realm("http://www.myopenid.com");
+ new Realm("http://www.myopenid.com/");
+ new Realm("http://www.myopenid.com:5221/");
+ new Realm("https://www.myopenid.com");
+ new Realm("http://www.myopenid.com/abc");
+ new Realm("http://www.myopenid.com/abc/");
+ new Realm("http://*.myopenid.com/");
+ new Realm("http://*.com/");
+ new Realm("http://*.guest.myopenid.com/");
+ }
+
+ [TestMethod]
+ [ExpectedException(typeof(ArgumentNullException))]
+ public void InvalidRealmNullString()
+ {
+ new Realm((string)null);
+ }
+
+ [TestMethod]
+ [ExpectedException(typeof(ArgumentNullException))]
+ public void InvalidRealmNullUri() {
+ new Realm((Uri)null);
+ }
+
+ [TestMethod]
+ [ExpectedException(typeof(UriFormatException))]
+ public void InvalidRealmEmpty()
+ {
+ new Realm(string.Empty);
+ }
+
+ [TestMethod]
+ [ExpectedException(typeof(UriFormatException))]
+ public void InvalidRealmBadProtocol()
+ {
+ new Realm("asdf://www.microsoft.com/");
+ }
+
+ [TestMethod]
+ [ExpectedException(typeof(UriFormatException))]
+ public void InvalidRealmNoScheme()
+ {
+ new Realm("www.guy.com");
+ }
+
+ [TestMethod]
+ [ExpectedException(typeof(UriFormatException))]
+ public void InvalidRealmBadWildcard1()
+ {
+ new Realm("http://*www.my.com");
+ }
+
+ [TestMethod]
+ [ExpectedException(typeof(UriFormatException))]
+ public void InvalidRealmBadWildcard2() {
+ new Realm("http://www.*.com");
+ }
+
+ [TestMethod]
+ [ExpectedException(typeof(UriFormatException))]
+ public void InvalidRealmBadWildcard3() {
+ new Realm("http://www.my.*/");
+ }
+
+ [TestMethod]
+ [ExpectedException(typeof(UriFormatException))]
+ public void InvalidRealmTwoWildcards1()
+ {
+ new Realm("http://**.my.com");
+ }
+
+ [TestMethod]
+ [ExpectedException(typeof(UriFormatException))]
+ public void InvalidRealmTwoWildcards2()
+ {
+ new Realm("http://*.*.my.com");
+ }
+
+ [TestMethod]
+ public void IsSaneTest()
+ {
+ Assert.IsTrue(new Realm("http://www.myopenid.com").IsSane);
+ Assert.IsTrue(new Realm("http://myopenid.com").IsSane);
+ Assert.IsTrue(new Realm("http://localhost").IsSane);
+ Assert.IsTrue(new Realm("http://localhost:33532/dab").IsSane);
+ Assert.IsTrue(new Realm("http://www.myopenid.com").IsSane);
+
+ Assert.IsFalse(new Realm("http://*.com").IsSane);
+ Assert.IsFalse(new Realm("http://*.co.uk").IsSane);
+ }
+
+ [TestMethod]
+ public void IsUrlWithinRealmTests()
+ {
+ /*
+ * The openid.return_to URL MUST descend from the openid.trust_root, or the
+ * Identity Provider SHOULD return an error. Namely, the URL scheme and port
+ * MUST match. The path, if present, MUST be equal to or below the value of
+ * openid.trust_root, and the domains on both MUST match, or, the
+ * openid.trust_root value contain a wildcard like http://*.example.com.
+ * The wildcard SHALL only be at the beginning. It is RECOMMENDED Identity
+ * Provider's protect their End Users from requests for things like
+ * http://*.com/ or http://*.co.uk/.
+ */
+
+ // Schemes must match
+ Assert.IsFalse(new Realm("https://www.my.com/").Contains("http://www.my.com/"));
+ Assert.IsFalse(new Realm("http://www.my.com/").Contains("https://www.my.com/"));
+
+ // Ports must match
+ Assert.IsTrue(new Realm("http://www.my.com/").Contains("http://www.my.com:80/boo"));
+ Assert.IsTrue(new Realm("http://www.my.com:80/").Contains("http://www.my.com/boo"));
+ Assert.IsFalse(new Realm("http://www.my.com:79/").Contains("http://www.my.com/boo"));
+ Assert.IsFalse(new Realm("https://www.my.com/").Contains("http://www.my.com:79/boo"));
+
+ // Path must be (at or) below trust root
+ Assert.IsTrue(new Realm("http://www.my.com/").Contains("http://www.my.com/"));
+ Assert.IsTrue(new Realm("http://www.my.com/").Contains("http://www.my.com/boo"));
+ Assert.IsTrue(new Realm("http://www.my.com/p/").Contains("http://www.my.com/p/l"));
+ Assert.IsTrue(new Realm("http://www.my.com/bah").Contains("http://www.my.com/bah/bah"));
+ Assert.IsTrue(new Realm("http://www.my.com/bah").Contains("http://www.my.com/bah/bah"));
+ Assert.IsTrue(new Realm("http://www.my.com/bah.html").Contains("http://www.my.com/bah.html/bah"));
+ Assert.IsFalse(new Realm("http://www.my.com/bah").Contains("http://www.my.com/bahbah"));
+ Assert.IsTrue(new Realm("http://www.my.com/bah").Contains("http://www.my.com/bah?q=a"));
+ Assert.IsTrue(new Realm("http://www.my.com/bah?q=a").Contains("http://www.my.com/bah?q=a"));
+ Assert.IsTrue(new Realm("http://www.my.com/bah?a=b&c=d").Contains("http://www.my.com/bah?a=b&c=d&e=f"));
+ Assert.IsFalse(new Realm("http://www.my.com/bah?a=b&c=d").Contains("http://www.my.com/bah?a=b"));
+
+ // Domains MUST match
+ Assert.IsFalse(new Realm("http://www.my.com/").Contains("http://yours.com/"));
+ Assert.IsFalse(new Realm("http://www.my.com/").Contains("http://www.yours.com/"));
+ Assert.IsFalse(new Realm("http://www.my.com/").Contains("http://q.www.my.com/"));
+ Assert.IsFalse(new Realm("http://www.my.com/").Contains("http://wwww.my.com/"));
+ Assert.IsFalse(new Realm("http://www.my.com/").Contains("http://www.my.com.uk/"));
+ Assert.IsFalse(new Realm("http://www.my.com/").Contains("http://www.my.comm/"));
+
+ // Allow for wildcards
+ Assert.IsTrue(new Realm("http://*.www.my.com/").Contains("http://bah.www.my.com/"));
+ Assert.IsTrue(new Realm("http://*.www.my.com/").Contains("http://bah.WWW.MY.COM/"));
+ Assert.IsTrue(new Realm("http://*.www.my.com/").Contains("http://bah.www.my.com/boo"));
+ Assert.IsTrue(new Realm("http://*.my.com/").Contains("http://bah.www.my.com/boo"));
+ Assert.IsTrue(new Realm("http://*.my.com/").Contains("http://my.com/boo"));
+ Assert.IsFalse(new Realm("http://*.my.com/").Contains("http://ohmeohmy.com/"));
+ Assert.IsFalse(new Realm("http://*.my.com/").Contains("http://me.com/"));
+ Assert.IsFalse(new Realm("http://*.my.com/").Contains("http://my.co/"));
+ Assert.IsFalse(new Realm("http://*.my.com/").Contains("http://com/"));
+ Assert.IsFalse(new Realm("http://*.www.my.com/").Contains("http://my.com/"));
+ Assert.IsFalse(new Realm("http://*.www.my.com/").Contains("http://zzz.my.com/"));
+ // These are tested against by the constructor test, as these are invalid wildcard positions.
+ ////Assert.IsFalse(new Realm("http://*www.my.com/").ValidateUrl("http://bah.www.my.com/"));
+ ////Assert.IsFalse(new Realm("http://*www.my.com/").ValidateUrl("http://wwww.my.com/"));
+
+ // Among those that should return true, mix up character casing to test for case sensitivity.
+ // Host names should be case INSENSITIVE, but paths should probably be case SENSITIVE,
+ // because in some systems they are case sensitive and to ignore this would open
+ // security holes.
+ Assert.IsTrue(new Realm("http://www.my.com/").Contains("http://WWW.MY.COM/"));
+ Assert.IsFalse(new Realm("http://www.my.com/abc").Contains("http://www.my.com/ABC"));
+ }
+
+ [TestMethod]
+ public void ImplicitConversionFromStringTests() {
+ Realm realm = "http://host";
+ Assert.AreEqual("host", realm.Host);
+ realm = (string)null;
+ Assert.IsNull(realm);
+ }
+
+ [TestMethod]
+ public void ImplicitConversionToStringTests() {
+ Realm realm = new Realm("http://host/");
+ string realmString = realm;
+ Assert.AreEqual("http://host/", realmString);
+ realm = null;
+ realmString = realm;
+ Assert.IsNull(realmString);
+ }
+
+ [TestMethod]
+ public void ImplicitConverstionFromUriTests() {
+ Uri uri = new Uri("http://host");
+ Realm realm = uri;
+ Assert.AreEqual(uri.Host, realm.Host);
+ uri = null;
+ realm = uri;
+ Assert.IsNull(realm);
+ }
+
+ [TestMethod]
+ public void EqualsTest()
+ {
+ Realm testRealm1a = new Realm("http://www.yahoo.com");
+ Realm testRealm1b = new Realm("http://www.yahoo.com");
+ Realm testRealm2 = new Realm("http://www.yahoo.com/b");
+ Realm testRealm3 = new Realm("http://*.www.yahoo.com");
+
+ Assert.AreEqual(testRealm1a, testRealm1b);
+ Assert.AreNotEqual(testRealm1a, testRealm2);
+ Assert.AreNotEqual(testRealm1a, null);
+ Assert.AreNotEqual(testRealm1a, testRealm1a.ToString(), "Although the URLs are equal, different object types shouldn't be equal.");
+ Assert.AreNotEqual(testRealm3, testRealm1a, "Wildcard difference ignored by Equals");
+ }
+ }
+}