diff options
Diffstat (limited to 'src/DotNetOpenAuth.Test')
4 files changed, 399 insertions, 0 deletions
diff --git a/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj b/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj index 4469c17..6e294e5 100644 --- a/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj +++ b/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj @@ -102,11 +102,13 @@ <Compile Include="OpenId\Messages\AssociateUnsuccessfulResponseTests.cs" /> <Compile Include="OpenId\Messages\AssociateUnencryptedResponseTests.cs" /> <Compile Include="OpenId\ChannelElements\OpenIdChannelTests.cs" /> + <Compile Include="OpenId\Messages\CheckIdRequestTests.cs" /> <Compile Include="OpenId\Messages\DirectErrorResponseTests.cs" /> <Compile Include="OpenId\Messages\IndirectErrorResponseTests.cs" /> <Compile Include="OpenId\OpenIdCoordinator.cs" /> <Compile Include="OpenId\AssociationHandshakeTests.cs" /> <Compile Include="OpenId\OpenIdTestBase.cs" /> + <Compile Include="OpenId\RealmTests.cs" /> <Compile Include="Properties\AssemblyInfo.cs" /> <Compile Include="Messaging\ResponseTests.cs" /> <Compile Include="OAuth\AppendixScenarios.cs" /> diff --git a/src/DotNetOpenAuth.Test/OpenId/AssociationHandshakeTests.cs b/src/DotNetOpenAuth.Test/OpenId/AssociationHandshakeTests.cs index 054a149..7743ccc 100644 --- a/src/DotNetOpenAuth.Test/OpenId/AssociationHandshakeTests.cs +++ b/src/DotNetOpenAuth.Test/OpenId/AssociationHandshakeTests.cs @@ -35,6 +35,74 @@ namespace DotNetOpenAuth.Test.OpenId { } /// <summary> + /// Verifies that the RP and OP can renegotiate an association type if the RP's + /// initial request for an association is for a type the OP doesn't support. + /// </summary> + [TestMethod, Ignore] + public void AssociateRenegotiateBitLength() { + // TODO: test where the RP asks for an association type that the OP doesn't support + throw new NotImplementedException(); + } + + /// <summary> + /// Verifies that the RP cannot get caught in an infinite loop if a bad OP + /// keeps sending it association retry messages. + /// </summary> + [TestMethod, Ignore] + public void AssociateRenegotiateBitLengthRPStopsAfterOneRetry() { + // TODO: code here + throw new NotImplementedException(); + } + + /// <summary> + /// Verifies security settings limit RP's initial associate request + /// </summary> + [TestMethod, Ignore] + public void AssociateRequestDeterminedBySecuritySettings() { + // TODO: Code here + throw new NotImplementedException(); + } + + /// <summary> + /// Verifies security settings limit RP's acceptance of OP's counter-suggestion + /// </summary> + [TestMethod, Ignore] + public void AssociateRenegotiateLimitedByRPSecuritySettings() { + // TODO: Code here + throw new NotImplementedException(); + } + + /// <summary> + /// Verifies security settings limit OP's set of acceptable association types. + /// </summary> + [TestMethod, Ignore] + public void AssociateLimitedByOPSecuritySettings() { + // TODO: Code here + throw new NotImplementedException(); + } + + /// <summary> + /// Verifies the RP can recover with no association after receiving an + /// associate error response from the OP when no suggested association + /// type is included. + /// </summary> + [TestMethod, Ignore] + public void AssociateContinueAfterOpenIdError() { + // TODO: Code here + throw new NotImplementedException(); + } + + /// <summary> + /// Verifies that the RP can recover from an invalid or non-existent + /// response from the OP, for example in the HTTP timeout case. + /// </summary> + [TestMethod, Ignore] + public void AssociateContinueAfterHttpError() { + // TODO: Code here + throw new NotImplementedException(); + } + + /// <summary> /// Runs a parameterized association flow test using all supported OpenID versions. /// </summary> /// <param name="opEndpoint">The OP endpoint to simulate using.</param> diff --git a/src/DotNetOpenAuth.Test/OpenId/Messages/CheckIdRequestTests.cs b/src/DotNetOpenAuth.Test/OpenId/Messages/CheckIdRequestTests.cs new file mode 100644 index 0000000..0f970f9 --- /dev/null +++ b/src/DotNetOpenAuth.Test/OpenId/Messages/CheckIdRequestTests.cs @@ -0,0 +1,105 @@ +//----------------------------------------------------------------------- +// <copyright file="CheckIdRequestTests.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.Test.OpenId.Messages { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + using Microsoft.VisualStudio.TestTools.UnitTesting; + using DotNetOpenAuth.OpenId.Messages; + using DotNetOpenAuth.OpenId; + using DotNetOpenAuth.Messaging; + + [TestClass] + public class CheckIdRequestTests : OpenIdTestBase { + private Uri ProviderEndpoint; + private CheckIdRequest immediatev1; + private CheckIdRequest setupv1; + private CheckIdRequest immediatev2; + private CheckIdRequest setupv2; + + + [TestInitialize] + public override void SetUp() { + base.SetUp(); + + ProviderEndpoint = new Uri("http://host"); + + immediatev1 = new CheckIdRequest(Protocol.V11.Version, ProviderEndpoint, true); + setupv1 = new CheckIdRequest(Protocol.V11.Version, ProviderEndpoint, false); + + immediatev2 = new CheckIdRequest(Protocol.V20.Version, ProviderEndpoint, true); + setupv2 = new CheckIdRequest(Protocol.V20.Version, ProviderEndpoint, false); + + // Prepare all message versions so that they SHOULD be valid by default. + // In particular, V1 messages require ReturnTo. + immediatev1.ReturnTo = new Uri("http://returnto/"); + setupv1.ReturnTo = new Uri("http://returnto/"); + + try { + immediatev1.EnsureValidMessage(); + setupv1.EnsureValidMessage(); + immediatev2.EnsureValidMessage(); + setupv2.EnsureValidMessage(); + } catch (ProtocolException ex) { + Assert.Inconclusive("All messages ought to be valid before tests run, but got: {0}", ex.Message); + } + } + + /// <summary> + /// Tests that having <see cref="CheckIdRequest.ClaimedIdentifier"/> set without + /// <see cref="CheckIdRequest.LocalIdentifier"/> set is recognized as an error in OpenID 2.x. + /// </summary> + [TestMethod, ExpectedException(typeof(ProtocolException))] + public void ClaimedIdentifierWithoutIdentity() { + setupv2.ClaimedIdentifier = "http://andrew.arnott.myopenid.com/"; + setupv2.EnsureValidMessage(); + } + + /// <summary> + /// Tests that having <see cref="CheckIdRequest.LocalIdentifier"/> set without + /// <see cref="CheckIdRequest.ClaimedIdentifier"/> set is recognized as an error in OpenID 2.x. + /// </summary> + [TestMethod, ExpectedException(typeof(ProtocolException))] + public void LocalIdentifierWithoutClaimedIdentifier() { + setupv2.LocalIdentifier = "http://andrew.arnott.myopenid.com/"; + setupv2.EnsureValidMessage(); + } + + /// <summary> + /// Tests that having <see cref="CheckIdRequest.LocalIdentifier"/> set without + /// <see cref="CheckIdRequest.ClaimedIdentifier"/> set is recognized as valid in OpenID 1.x. + /// </summary> + [TestMethod] + public void LocalIdentifierWithoutClaimedIdentifierV1() { + setupv1.LocalIdentifier = "http://andrew.arnott.myopenid.com/"; + setupv1.EnsureValidMessage(); + } + + /// <summary> + /// Verifies that the validation check throws if the return_to and the realm + /// values are not compatible. + /// </summary> + [TestMethod, ExpectedException(typeof(ProtocolException))] + public void RealmReturnToMismatchV2() { + setupv2.Realm = "http://somehost/"; + setupv2.ReturnTo = new Uri("http://someotherhost/"); + setupv2.EnsureValidMessage(); + } + + /// <summary> + /// Verifies that the validation check throws if the return_to and the realm + /// values are not compatible. + /// </summary> + [TestMethod, ExpectedException(typeof(ProtocolException))] + public void RealmReturnToMismatchV1() { + setupv1.Realm = "http://somehost/"; + setupv1.ReturnTo = new Uri("http://someotherhost/"); + setupv1.EnsureValidMessage(); + } + } +} diff --git a/src/DotNetOpenAuth.Test/OpenId/RealmTests.cs b/src/DotNetOpenAuth.Test/OpenId/RealmTests.cs new file mode 100644 index 0000000..5d59ded --- /dev/null +++ b/src/DotNetOpenAuth.Test/OpenId/RealmTests.cs @@ -0,0 +1,224 @@ +//----------------------------------------------------------------------- +// <copyright file="RealmTests.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.Test +{ + using System; + using Microsoft.VisualStudio.TestTools.UnitTesting; + using DotNetOpenAuth.OpenId; + + [TestClass] + public class RealmTests + { + [TestMethod] + public void ValidRealmsTest() + { + // Just create these. If any are determined to be invalid, + // an exception should be thrown that would fail this test. + new Realm("http://www.myopenid.com"); + new Realm("http://www.myopenid.com/"); + new Realm("http://www.myopenid.com:5221/"); + new Realm("https://www.myopenid.com"); + new Realm("http://www.myopenid.com/abc"); + new Realm("http://www.myopenid.com/abc/"); + new Realm("http://*.myopenid.com/"); + new Realm("http://*.com/"); + new Realm("http://*.guest.myopenid.com/"); + } + + [TestMethod] + [ExpectedException(typeof(ArgumentNullException))] + public void InvalidRealmNullString() + { + new Realm((string)null); + } + + [TestMethod] + [ExpectedException(typeof(ArgumentNullException))] + public void InvalidRealmNullUri() { + new Realm((Uri)null); + } + + [TestMethod] + [ExpectedException(typeof(UriFormatException))] + public void InvalidRealmEmpty() + { + new Realm(string.Empty); + } + + [TestMethod] + [ExpectedException(typeof(UriFormatException))] + public void InvalidRealmBadProtocol() + { + new Realm("asdf://www.microsoft.com/"); + } + + [TestMethod] + [ExpectedException(typeof(UriFormatException))] + public void InvalidRealmNoScheme() + { + new Realm("www.guy.com"); + } + + [TestMethod] + [ExpectedException(typeof(UriFormatException))] + public void InvalidRealmBadWildcard1() + { + new Realm("http://*www.my.com"); + } + + [TestMethod] + [ExpectedException(typeof(UriFormatException))] + public void InvalidRealmBadWildcard2() { + new Realm("http://www.*.com"); + } + + [TestMethod] + [ExpectedException(typeof(UriFormatException))] + public void InvalidRealmBadWildcard3() { + new Realm("http://www.my.*/"); + } + + [TestMethod] + [ExpectedException(typeof(UriFormatException))] + public void InvalidRealmTwoWildcards1() + { + new Realm("http://**.my.com"); + } + + [TestMethod] + [ExpectedException(typeof(UriFormatException))] + public void InvalidRealmTwoWildcards2() + { + new Realm("http://*.*.my.com"); + } + + [TestMethod] + public void IsSaneTest() + { + Assert.IsTrue(new Realm("http://www.myopenid.com").IsSane); + Assert.IsTrue(new Realm("http://myopenid.com").IsSane); + Assert.IsTrue(new Realm("http://localhost").IsSane); + Assert.IsTrue(new Realm("http://localhost:33532/dab").IsSane); + Assert.IsTrue(new Realm("http://www.myopenid.com").IsSane); + + Assert.IsFalse(new Realm("http://*.com").IsSane); + Assert.IsFalse(new Realm("http://*.co.uk").IsSane); + } + + [TestMethod] + public void IsUrlWithinRealmTests() + { + /* + * The openid.return_to URL MUST descend from the openid.trust_root, or the + * Identity Provider SHOULD return an error. Namely, the URL scheme and port + * MUST match. The path, if present, MUST be equal to or below the value of + * openid.trust_root, and the domains on both MUST match, or, the + * openid.trust_root value contain a wildcard like http://*.example.com. + * The wildcard SHALL only be at the beginning. It is RECOMMENDED Identity + * Provider's protect their End Users from requests for things like + * http://*.com/ or http://*.co.uk/. + */ + + // Schemes must match + Assert.IsFalse(new Realm("https://www.my.com/").Contains("http://www.my.com/")); + Assert.IsFalse(new Realm("http://www.my.com/").Contains("https://www.my.com/")); + + // Ports must match + Assert.IsTrue(new Realm("http://www.my.com/").Contains("http://www.my.com:80/boo")); + Assert.IsTrue(new Realm("http://www.my.com:80/").Contains("http://www.my.com/boo")); + Assert.IsFalse(new Realm("http://www.my.com:79/").Contains("http://www.my.com/boo")); + Assert.IsFalse(new Realm("https://www.my.com/").Contains("http://www.my.com:79/boo")); + + // Path must be (at or) below trust root + Assert.IsTrue(new Realm("http://www.my.com/").Contains("http://www.my.com/")); + Assert.IsTrue(new Realm("http://www.my.com/").Contains("http://www.my.com/boo")); + Assert.IsTrue(new Realm("http://www.my.com/p/").Contains("http://www.my.com/p/l")); + Assert.IsTrue(new Realm("http://www.my.com/bah").Contains("http://www.my.com/bah/bah")); + Assert.IsTrue(new Realm("http://www.my.com/bah").Contains("http://www.my.com/bah/bah")); + Assert.IsTrue(new Realm("http://www.my.com/bah.html").Contains("http://www.my.com/bah.html/bah")); + Assert.IsFalse(new Realm("http://www.my.com/bah").Contains("http://www.my.com/bahbah")); + Assert.IsTrue(new Realm("http://www.my.com/bah").Contains("http://www.my.com/bah?q=a")); + Assert.IsTrue(new Realm("http://www.my.com/bah?q=a").Contains("http://www.my.com/bah?q=a")); + Assert.IsTrue(new Realm("http://www.my.com/bah?a=b&c=d").Contains("http://www.my.com/bah?a=b&c=d&e=f")); + Assert.IsFalse(new Realm("http://www.my.com/bah?a=b&c=d").Contains("http://www.my.com/bah?a=b")); + + // Domains MUST match + Assert.IsFalse(new Realm("http://www.my.com/").Contains("http://yours.com/")); + Assert.IsFalse(new Realm("http://www.my.com/").Contains("http://www.yours.com/")); + Assert.IsFalse(new Realm("http://www.my.com/").Contains("http://q.www.my.com/")); + Assert.IsFalse(new Realm("http://www.my.com/").Contains("http://wwww.my.com/")); + Assert.IsFalse(new Realm("http://www.my.com/").Contains("http://www.my.com.uk/")); + Assert.IsFalse(new Realm("http://www.my.com/").Contains("http://www.my.comm/")); + + // Allow for wildcards + Assert.IsTrue(new Realm("http://*.www.my.com/").Contains("http://bah.www.my.com/")); + Assert.IsTrue(new Realm("http://*.www.my.com/").Contains("http://bah.WWW.MY.COM/")); + Assert.IsTrue(new Realm("http://*.www.my.com/").Contains("http://bah.www.my.com/boo")); + Assert.IsTrue(new Realm("http://*.my.com/").Contains("http://bah.www.my.com/boo")); + Assert.IsTrue(new Realm("http://*.my.com/").Contains("http://my.com/boo")); + Assert.IsFalse(new Realm("http://*.my.com/").Contains("http://ohmeohmy.com/")); + Assert.IsFalse(new Realm("http://*.my.com/").Contains("http://me.com/")); + Assert.IsFalse(new Realm("http://*.my.com/").Contains("http://my.co/")); + Assert.IsFalse(new Realm("http://*.my.com/").Contains("http://com/")); + Assert.IsFalse(new Realm("http://*.www.my.com/").Contains("http://my.com/")); + Assert.IsFalse(new Realm("http://*.www.my.com/").Contains("http://zzz.my.com/")); + // These are tested against by the constructor test, as these are invalid wildcard positions. + ////Assert.IsFalse(new Realm("http://*www.my.com/").ValidateUrl("http://bah.www.my.com/")); + ////Assert.IsFalse(new Realm("http://*www.my.com/").ValidateUrl("http://wwww.my.com/")); + + // Among those that should return true, mix up character casing to test for case sensitivity. + // Host names should be case INSENSITIVE, but paths should probably be case SENSITIVE, + // because in some systems they are case sensitive and to ignore this would open + // security holes. + Assert.IsTrue(new Realm("http://www.my.com/").Contains("http://WWW.MY.COM/")); + Assert.IsFalse(new Realm("http://www.my.com/abc").Contains("http://www.my.com/ABC")); + } + + [TestMethod] + public void ImplicitConversionFromStringTests() { + Realm realm = "http://host"; + Assert.AreEqual("host", realm.Host); + realm = (string)null; + Assert.IsNull(realm); + } + + [TestMethod] + public void ImplicitConversionToStringTests() { + Realm realm = new Realm("http://host/"); + string realmString = realm; + Assert.AreEqual("http://host/", realmString); + realm = null; + realmString = realm; + Assert.IsNull(realmString); + } + + [TestMethod] + public void ImplicitConverstionFromUriTests() { + Uri uri = new Uri("http://host"); + Realm realm = uri; + Assert.AreEqual(uri.Host, realm.Host); + uri = null; + realm = uri; + Assert.IsNull(realm); + } + + [TestMethod] + public void EqualsTest() + { + Realm testRealm1a = new Realm("http://www.yahoo.com"); + Realm testRealm1b = new Realm("http://www.yahoo.com"); + Realm testRealm2 = new Realm("http://www.yahoo.com/b"); + Realm testRealm3 = new Realm("http://*.www.yahoo.com"); + + Assert.AreEqual(testRealm1a, testRealm1b); + Assert.AreNotEqual(testRealm1a, testRealm2); + Assert.AreNotEqual(testRealm1a, null); + Assert.AreNotEqual(testRealm1a, testRealm1a.ToString(), "Although the URLs are equal, different object types shouldn't be equal."); + Assert.AreNotEqual(testRealm3, testRealm1a, "Wildcard difference ignored by Equals"); + } + } +} |