diff options
Diffstat (limited to 'src/DotNetOpenId.Test/RelyingParty')
7 files changed, 264 insertions, 128 deletions
diff --git a/src/DotNetOpenId.Test/RelyingParty/AuthenticationRequestTests.cs b/src/DotNetOpenId.Test/RelyingParty/AuthenticationRequestTests.cs index 399e4e7..9041d26 100644 --- a/src/DotNetOpenId.Test/RelyingParty/AuthenticationRequestTests.cs +++ b/src/DotNetOpenId.Test/RelyingParty/AuthenticationRequestTests.cs @@ -1,30 +1,29 @@ using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Text;
-using NUnit.Framework;
using DotNetOpenId.RelyingParty;
-using DotNetOpenId.Extensions.SimpleRegistration;
-using DotNetOpenId.Extensions.AttributeExchange;
+using DotNetOpenId.Test.Mocks;
+using NUnit.Framework;
namespace DotNetOpenId.Test.RelyingParty {
[TestFixture]
public class AuthenticationRequestTests {
- IRelyingPartyApplicationStore store;
Realm realm = new Realm(TestSupport.GetFullUrl(TestSupport.ConsumerPage).AbsoluteUri);
Uri returnTo = TestSupport.GetFullUrl(TestSupport.ConsumerPage);
[SetUp]
public void SetUp() {
- store = new ApplicationMemoryStore();
if (!UntrustedWebRequest.WhitelistHosts.Contains("localhost"))
UntrustedWebRequest.WhitelistHosts.Add("localhost");
}
+ [TearDown]
+ public void TearDown() {
+ MockHttpRequest.Reset();
+ }
+
[Test]
public void Provider() {
- OpenIdRelyingParty rp = new OpenIdRelyingParty(store, null, null);
- Identifier id = TestSupport.GetFullUrl("xrdsdiscovery/xrds20.aspx");
+ OpenIdRelyingParty rp = new OpenIdRelyingParty(null, null, null);
+ Identifier id = TestSupport.GetMockIdentifier(TestSupport.Scenarios.AutoApproval, ProtocolVersion.V20);
IAuthenticationRequest request = rp.CreateRequest(id, realm, returnTo);
Assert.IsNotNull(request.Provider);
}
diff --git a/src/DotNetOpenId.Test/RelyingParty/AuthenticationResponseTests.cs b/src/DotNetOpenId.Test/RelyingParty/AuthenticationResponseTests.cs index 7dcb792..0c775e5 100644 --- a/src/DotNetOpenId.Test/RelyingParty/AuthenticationResponseTests.cs +++ b/src/DotNetOpenId.Test/RelyingParty/AuthenticationResponseTests.cs @@ -1,14 +1,10 @@ using System;
using System.Collections.Generic;
-using System.Linq;
-using System.Text;
-using NUnit.Framework;
-using DotNetOpenId.RelyingParty;
-using System.Net;
-using System.Diagnostics;
-using System.IO;
-using System.Web;
using System.Collections.Specialized;
+using System.Web;
+using DotNetOpenId.RelyingParty;
+using DotNetOpenId.Test.Mocks;
+using NUnit.Framework;
namespace DotNetOpenId.Test.RelyingParty {
[TestFixture]
@@ -16,7 +12,6 @@ namespace DotNetOpenId.Test.RelyingParty { Realm realm = new Realm(TestSupport.GetFullUrl(TestSupport.ConsumerPage).AbsoluteUri);
Uri returnTo;
const string returnToRemovableParameter = "a";
- ApplicationMemoryStore store;
public AuthenticationResponseTests() {
UriBuilder builder = new UriBuilder(TestSupport.GetFullUrl(TestSupport.ConsumerPage));
@@ -28,38 +23,23 @@ namespace DotNetOpenId.Test.RelyingParty { [SetUp]
public void SetUp() {
- store = new ApplicationMemoryStore();
if (!UntrustedWebRequest.WhitelistHosts.Contains("localhost"))
UntrustedWebRequest.WhitelistHosts.Add("localhost");
}
+ [TearDown]
+ public void TearDown() {
+ MockHttpRequest.Reset();
+ }
+
Uri getPositiveAssertion(ProtocolVersion version) {
- try {
- OpenIdRelyingParty rp = new OpenIdRelyingParty(store, null, null);
- Identifier id = TestSupport.GetIdentityUrl(TestSupport.Scenarios.AutoApproval, version);
- var request = rp.CreateRequest(id, realm, returnTo);
- HttpWebRequest providerRequest = (HttpWebRequest)WebRequest.Create(request.RedirectingResponse.ExtractUrl());
- providerRequest.AllowAutoRedirect = false;
- Uri redirectUrl;
- try {
- using (HttpWebResponse providerResponse = (HttpWebResponse)providerRequest.GetResponse()) {
- Assert.AreEqual(HttpStatusCode.Redirect, providerResponse.StatusCode);
- redirectUrl = new Uri(providerResponse.Headers[HttpResponseHeader.Location]);
- }
- } catch (WebException ex) {
- Trace.WriteLine(ex);
- if (ex.Response != null) {
- using (StreamReader sr = new StreamReader(ex.Response.GetResponseStream())) {
- Trace.WriteLine(sr.ReadToEnd());
- }
- }
- throw;
- }
- return redirectUrl;
- } catch (OpenIdException ex) {
- Assert.Ignore("Test failed to verify good or bad behavior on account of failing to set itself up: {0}", ex);
- return null; // Assert.Ignore will throw an exception anyway
- }
+ OpenIdRelyingParty rp = TestSupport.CreateRelyingParty(null);
+ Identifier id = TestSupport.GetMockIdentifier(TestSupport.Scenarios.AutoApproval, version);
+ var request = rp.CreateRequest(id, realm, returnTo);
+ var provider = TestSupport.CreateProviderForRequest(request);
+ var opRequest = provider.Request as DotNetOpenId.Provider.IAuthenticationRequest;
+ opRequest.IsAuthenticated = true;
+ return opRequest.Response.ExtractUrl();
}
void removeQueryParameter(ref Uri uri, string parameterToRemove) {
UriBuilder builder = new UriBuilder(uri);
@@ -92,7 +72,7 @@ namespace DotNetOpenId.Test.RelyingParty { void resign(ref Uri uri) {
UriBuilder builder = new UriBuilder(uri);
NameValueCollection nvc = HttpUtility.ParseQueryString(builder.Query);
- TestSupport.Resign(nvc, store);
+ TestSupport.Resign(nvc, TestSupport.RelyingPartyStore);
builder.Query = UriUtil.CreateQueryString(nvc);
uri = builder.Uri;
}
@@ -106,7 +86,7 @@ namespace DotNetOpenId.Test.RelyingParty { // which should cause a failure because the return_to argument
// says that parameter is supposed to be there.
removeQueryParameter(ref assertion, returnToRemovableParameter);
- var response = new OpenIdRelyingParty(store, assertion, HttpUtility.ParseQueryString(assertion.Query)).Response;
+ var response = TestSupport.CreateRelyingParty(TestSupport.RelyingPartyStore, assertion, HttpUtility.ParseQueryString(assertion.Query)).Response;
Assert.AreEqual(AuthenticationStatus.Failed, response.Status);
Assert.IsNotNull(response.Exception);
}
@@ -140,10 +120,27 @@ namespace DotNetOpenId.Test.RelyingParty { resign(ref assertion); // resign changed URL to simulate a contrived OP for breaking into RPs.
// (triggers exception) "... you're in trouble up to your ears."
- var response = new OpenIdRelyingParty(store, assertion, HttpUtility.ParseQueryString(assertion.Query)).Response;
+ var response = TestSupport.CreateRelyingParty(TestSupport.RelyingPartyStore, assertion, HttpUtility.ParseQueryString(assertion.Query)).Response;
Assert.AreEqual(AuthenticationStatus.Failed, response.Status);
Assert.IsNotNull(response.Exception);
}
+ [Test]
+ public void ClaimedIdentifierChangesAtProviderUnexpectedly() {
+ OpenIdRelyingParty rp = TestSupport.CreateRelyingParty(null);
+ Identifier id = TestSupport.GetMockIdentifier(TestSupport.Scenarios.ApproveOnSetup, ProtocolVersion.V20);
+ Identifier newClaimedId = TestSupport.GetMockIdentifier(TestSupport.Scenarios.AutoApproval, ProtocolVersion.V20);
+ Identifier newLocalId = TestSupport.GetDelegateUrl(TestSupport.Scenarios.AutoApproval);
+ MockHttpRequest.RegisterMockXrdsResponse(new Uri(newClaimedId), newClaimedId.Discover());
+ var request = rp.CreateRequest(id, realm, returnTo);
+ var provider = TestSupport.CreateProviderForRequest(request);
+ var opRequest = provider.Request as DotNetOpenId.Provider.IAuthenticationRequest;
+ opRequest.IsAuthenticated = true;
+ opRequest.ClaimedIdentifier = newClaimedId;
+ opRequest.LocalIdentifier = newLocalId;
+ var assertion = opRequest.Response.ExtractUrl();
+ var response = TestSupport.CreateRelyingParty(TestSupport.RelyingPartyStore, assertion, HttpUtility.ParseQueryString(assertion.Query)).Response;
+ Assert.AreEqual(AuthenticationStatus.Authenticated, response.Status);
+ }
}
}
diff --git a/src/DotNetOpenId.Test/RelyingParty/IProviderEndpointTests.cs b/src/DotNetOpenId.Test/RelyingParty/IProviderEndpointTests.cs index 04f5873..8830691 100644 --- a/src/DotNetOpenId.Test/RelyingParty/IProviderEndpointTests.cs +++ b/src/DotNetOpenId.Test/RelyingParty/IProviderEndpointTests.cs @@ -1,11 +1,9 @@ using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Text;
-using NUnit.Framework;
-using DotNetOpenId.RelyingParty;
-using DotNetOpenId.Extensions.SimpleRegistration;
using DotNetOpenId.Extensions.AttributeExchange;
+using DotNetOpenId.Extensions.SimpleRegistration;
+using DotNetOpenId.RelyingParty;
+using NUnit.Framework;
+using DotNetOpenId.Test.Mocks;
namespace DotNetOpenId.Test.RelyingParty {
[TestFixture]
@@ -21,11 +19,16 @@ namespace DotNetOpenId.Test.RelyingParty { UntrustedWebRequest.WhitelistHosts.Add("localhost");
}
+ [TearDown]
+ public void TearDown() {
+ Mocks.MockHttpRequest.Reset();
+ }
+
[Test]
public void IsExtensionSupportedTest() {
- OpenIdRelyingParty rp = new OpenIdRelyingParty(store, null, null);
- Identifier id = TestSupport.GetFullUrl("xrdsdiscovery/xrds20.aspx");
- IAuthenticationRequest request = rp.CreateRequest(id, realm, returnTo);
+ OpenIdRelyingParty rp = TestSupport.CreateRelyingParty(null);
+ Identifier id = MockHttpRequest.RegisterMockXrdsResponse("/Discovery/xrdsdiscovery/xrds20.xml");
+ IAuthenticationRequest request = rp.CreateRequest(id, TestSupport.Realm, TestSupport.ReturnTo);
IProviderEndpoint provider = request.Provider;
Assert.IsTrue(provider.IsExtensionSupported<ClaimsRequest>());
Assert.IsTrue(provider.IsExtensionSupported(typeof(ClaimsRequest)));
@@ -34,7 +37,7 @@ namespace DotNetOpenId.Test.RelyingParty { // Test the AdditionalTypeUris list by pulling from an XRDS page with one of the
// TypeURIs that only shows up in that list.
- id = TestSupport.GetFullUrl("xrdsdiscovery/xrds10.aspx");
+ id = MockHttpRequest.RegisterMockXrdsResponse("/Discovery/xrdsdiscovery/xrds10.xml");
request = rp.CreateRequest(id, realm, returnTo);
Assert.IsTrue(provider.IsExtensionSupported<ClaimsRequest>());
Assert.IsTrue(provider.IsExtensionSupported(typeof(ClaimsRequest)));
@@ -42,9 +45,9 @@ namespace DotNetOpenId.Test.RelyingParty { [Test]
public void UriTest() {
- OpenIdRelyingParty rp = new OpenIdRelyingParty(store, null, null);
- Identifier id = TestSupport.GetFullUrl("xrdsdiscovery/xrds20.aspx");
- IAuthenticationRequest request = rp.CreateRequest(id, realm, returnTo);
+ OpenIdRelyingParty rp = TestSupport.CreateRelyingParty(null);
+ Identifier id = MockHttpRequest.RegisterMockXrdsResponse("/Discovery/xrdsdiscovery/xrds20.xml");
+ IAuthenticationRequest request = rp.CreateRequest(id, TestSupport.Realm, TestSupport.ReturnTo);
IProviderEndpoint provider = request.Provider;
Assert.AreEqual(new Uri("http://a/b"), provider.Uri);
}
diff --git a/src/DotNetOpenId.Test/RelyingParty/OpenIdMobileTextBoxTest.cs b/src/DotNetOpenId.Test/RelyingParty/OpenIdMobileTextBoxTest.cs deleted file mode 100644 index 0feea56..0000000 --- a/src/DotNetOpenId.Test/RelyingParty/OpenIdMobileTextBoxTest.cs +++ /dev/null @@ -1,16 +0,0 @@ -using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Text;
-using NUnit.Framework;
-
-namespace DotNetOpenId.Test.RelyingParty {
- [TestFixture]
- public class OpenIdMobileTextBoxTest {
- [Test]
- public void TextBoxAppears() {
- string html = TestSupport.Host.ProcessRequest(TestSupport.MobileConsumerPage);
- Assert.IsTrue(html.Contains("<input "));
- }
- }
-}
diff --git a/src/DotNetOpenId.Test/RelyingParty/OpenIdRelyingPartyTest.cs b/src/DotNetOpenId.Test/RelyingParty/OpenIdRelyingPartyTest.cs index 2503207..fb36e71 100644 --- a/src/DotNetOpenId.Test/RelyingParty/OpenIdRelyingPartyTest.cs +++ b/src/DotNetOpenId.Test/RelyingParty/OpenIdRelyingPartyTest.cs @@ -3,13 +3,13 @@ using System.Collections.Generic; using System.Collections.Specialized;
using System.Web;
using DotNetOpenId.RelyingParty;
+using DotNetOpenId.Test.Mocks;
using NUnit.Framework;
-using ProviderMemoryStore = DotNetOpenId.AssociationMemoryStore<DotNetOpenId.AssociationRelyingPartyType>;
+using OpenIdProvider = DotNetOpenId.Provider.OpenIdProvider;
namespace DotNetOpenId.Test.RelyingParty {
[TestFixture]
public class OpenIdRelyingPartyTest {
- IRelyingPartyApplicationStore store;
UriIdentifier simpleOpenId = new UriIdentifier("http://nonexistant.openid.com");
readonly Realm realm = new Realm(TestSupport.GetFullUrl(TestSupport.ConsumerPage).AbsoluteUri);
readonly Uri returnTo = TestSupport.GetFullUrl(TestSupport.ConsumerPage);
@@ -17,14 +17,13 @@ namespace DotNetOpenId.Test.RelyingParty { [SetUp]
public void Setup() {
- store = new ApplicationMemoryStore();
if (!UntrustedWebRequest.WhitelistHosts.Contains("localhost"))
UntrustedWebRequest.WhitelistHosts.Add("localhost");
}
[TearDown]
public void TearDown() {
- UntrustedWebRequest.MockRequests = null;
+ MockHttpRequest.Reset();
}
[Test]
@@ -35,7 +34,7 @@ namespace DotNetOpenId.Test.RelyingParty { [Test]
public void CtorWithNullRequestUri() {
- new OpenIdRelyingParty(store, null, null);
+ new OpenIdRelyingParty(new ApplicationMemoryStore(), null, null);
}
[Test]
@@ -46,59 +45,64 @@ namespace DotNetOpenId.Test.RelyingParty { [Test]
[ExpectedException(typeof(InvalidOperationException))]
public void CreateRequestWithoutContext1() {
- var consumer = new OpenIdRelyingParty(store, simpleNonOpenIdRequest, new NameValueCollection());
+ var consumer = new OpenIdRelyingParty(new ApplicationMemoryStore(), simpleNonOpenIdRequest, new NameValueCollection());
consumer.CreateRequest(simpleOpenId);
}
[Test]
[ExpectedException(typeof(InvalidOperationException))]
public void CreateRequestWithoutContext2() {
- var consumer = new OpenIdRelyingParty(store, simpleNonOpenIdRequest, new NameValueCollection());
+ var consumer = new OpenIdRelyingParty(new ApplicationMemoryStore(), simpleNonOpenIdRequest, new NameValueCollection());
consumer.CreateRequest(simpleOpenId, realm);
}
[Test]
public void CreateRequestStripsFragment() {
- var consumer = new OpenIdRelyingParty(store, simpleNonOpenIdRequest, new NameValueCollection());
+ var consumer = TestSupport.CreateRelyingParty(null);
UriBuilder userSuppliedIdentifier = new UriBuilder((Uri)TestSupport.GetIdentityUrl(TestSupport.Scenarios.AutoApproval, ProtocolVersion.V20));
userSuppliedIdentifier.Fragment = "c";
- IAuthenticationRequest request = consumer.CreateRequest(userSuppliedIdentifier.Uri, realm, returnTo);
+ Identifier mockIdentifer = new MockIdentifier(userSuppliedIdentifier.Uri,
+ TestSupport.GetMockIdentifier(TestSupport.Scenarios.AutoApproval, ProtocolVersion.V20).Discover());
+ Assert.IsTrue(mockIdentifer.ToString().EndsWith("#c"), "Test broken");
+ IAuthenticationRequest request = consumer.CreateRequest(mockIdentifer, TestSupport.Realm, TestSupport.ReturnTo);
Assert.AreEqual(0, new Uri(request.ClaimedIdentifier).Fragment.Length);
}
[Test]
public void AssociationCreationWithStore() {
- var providerStore = new ProviderMemoryStore();
+ TestSupport.ResetStores(); // get rid of existing associations so a new one is created
- OpenIdRelyingParty rp = new OpenIdRelyingParty(new ApplicationMemoryStore(), null, null);
- var idUrl = TestSupport.GetIdentityUrl(TestSupport.Scenarios.AutoApproval, ProtocolVersion.V20);
+ OpenIdRelyingParty rp = TestSupport.CreateRelyingParty(null);
+ var directMessageSniffer = new DirectMessageSniffWrapper(rp.DirectMessageChannel);
+ rp.DirectMessageChannel = directMessageSniffer;
+ var idUrl = TestSupport.GetMockIdentifier(TestSupport.Scenarios.AutoApproval, ProtocolVersion.V20);
DotNetOpenId.RelyingParty.IAuthenticationRequest req;
bool associationMade = false;
- TestSupport.Interceptor.SigningMessage = m => {
- if (m.EncodedFields.ContainsKey("assoc_handle") && m.EncodedFields.ContainsKey("session_type"))
+ directMessageSniffer.Receiving += (provider, fields) => {
+ if (fields.ContainsKey("assoc_handle") && fields.ContainsKey("session_type"))
associationMade = true;
};
req = rp.CreateRequest(idUrl, realm, returnTo);
- TestSupport.Interceptor.SigningMessage = null;
Assert.IsTrue(associationMade);
}
[Test]
public void NoAssociationRequestWithoutStore() {
- var providerStore = new ProviderMemoryStore();
+ TestSupport.ResetStores(); // get rid of existing associations so a new one is created
- OpenIdRelyingParty rp = new OpenIdRelyingParty(null, null, null);
- var idUrl = TestSupport.GetIdentityUrl(TestSupport.Scenarios.AutoApproval, ProtocolVersion.V20);
+ OpenIdRelyingParty rp = TestSupport.CreateRelyingParty(null, null);
+ var directMessageSniffer = new DirectMessageSniffWrapper(rp.DirectMessageChannel);
+ rp.DirectMessageChannel = directMessageSniffer;
+ var idUrl = TestSupport.GetMockIdentifier(TestSupport.Scenarios.AutoApproval, ProtocolVersion.V20);
DotNetOpenId.RelyingParty.IAuthenticationRequest req;
bool associationMade = false;
- TestSupport.Interceptor.SigningMessage = m => {
- if (m.EncodedFields.ContainsKey("assoc_handle") && m.EncodedFields.ContainsKey("session_type"))
+ directMessageSniffer.Receiving += (provider, fields) => {
+ if (fields.ContainsKey("assoc_handle") && fields.ContainsKey("session_type"))
associationMade = true;
};
req = rp.CreateRequest(idUrl, realm, returnTo);
- TestSupport.Interceptor.SigningMessage = null;
Assert.IsFalse(associationMade);
}
@@ -128,9 +132,7 @@ namespace DotNetOpenId.Test.RelyingParty { }
private static void testExplicitPortOnRealmAndReturnTo(Uri returnTo, Realm realm) {
- var identityUrl = TestSupport.GetIdentityUrl(TestSupport.Scenarios.AutoApproval, ProtocolVersion.V20);
- var consumer = new OpenIdRelyingParty(null, null, null);
- var request = consumer.CreateRequest(identityUrl, realm, returnTo);
+ var request = TestSupport.CreateRelyingPartyRequest(true, TestSupport.Scenarios.AutoApproval, ProtocolVersion.V20);
Protocol protocol = Protocol.Lookup(request.Provider.Version);
var nvc = HttpUtility.ParseQueryString(request.RedirectingResponse.ExtractUrl().Query);
string realmString = nvc[protocol.openid.Realm];
@@ -147,10 +149,7 @@ namespace DotNetOpenId.Test.RelyingParty { [Test]
public void ReturnToUrlEncodingTest() {
- Uri origin = TestSupport.GetFullUrl(TestSupport.ConsumerPage);
- var identityUrl = TestSupport.GetIdentityUrl(TestSupport.Scenarios.AutoApproval, ProtocolVersion.V20);
- var consumer = new OpenIdRelyingParty(null, null, null);
- var request = consumer.CreateRequest(identityUrl, origin, origin);
+ var request = TestSupport.CreateRelyingPartyRequest(true, TestSupport.Scenarios.AutoApproval, ProtocolVersion.V20);
Protocol protocol = Protocol.Lookup(request.Provider.Version);
request.AddCallbackArguments("a+b", "c+d");
var requestArgs = HttpUtility.ParseQueryString(request.RedirectingResponse.ExtractUrl().Query);
@@ -205,6 +204,7 @@ namespace DotNetOpenId.Test.RelyingParty { string xrds = @"<?xml version='1.0' encoding='UTF-8'?>
<XRD xmlns='xri://$xrd*($v*2.0)'>
<Query>=MultipleEndpoint</Query>
+ <Status cid='verified' code='100' />
<ProviderID>=!91F2.8153.F600.AE24</ProviderID>
<CanonicalID>=!91F2.8153.F600.AE24</CanonicalID>
<Service>
@@ -236,9 +236,8 @@ namespace DotNetOpenId.Test.RelyingParty { </Service>
<ServedBy>OpenXRI</ServedBy>
</XRD>";
- UntrustedWebRequest.MockRequests = TestSupport.GenerateMockXrdsResponses(new Dictionary<string, string> {
+ MockHttpRequest.RegisterMockXrdsResponses(new Dictionary<string, string> {
{"https://xri.net/=MultipleEndpoint?_xrd_r=application/xrd%2Bxml;sep=false", xrds},
- {"https://xri.net/=!91F2.8153.F600.AE24?_xrd_r=application/xrd%2Bxml;sep=false", xrds},
});
OpenIdRelyingParty rp = new OpenIdRelyingParty(null, null, null);
Realm realm = new Realm("http://somerealm");
@@ -248,12 +247,181 @@ namespace DotNetOpenId.Test.RelyingParty { rp.EndpointOrder = (se1, se2) => -se1.ServicePriority.Value.CompareTo(se2.ServicePriority.Value);
request = rp.CreateRequest("=MultipleEndpoint", realm, return_to);
Assert.AreEqual("https://authn.freexri.com/auth10/", request.Provider.Uri.AbsoluteUri);
-
+
// Now test the filter. Auth20 would come out on top, if we didn't select it out with the filter.
rp.EndpointOrder = OpenIdRelyingParty.DefaultEndpointOrder;
rp.EndpointFilter = (se) => se.Uri.AbsoluteUri == "https://authn.freexri.com/auth10/";
request = rp.CreateRequest("=MultipleEndpoint", realm, return_to);
Assert.AreEqual("https://authn.freexri.com/auth10/", request.Provider.Uri.AbsoluteUri);
}
+
+ private string stripScheme(string identifier) {
+ return identifier.Substring(identifier.IndexOf("://") + 3);
+ }
+
+ [Test]
+ public void RequireSslPrependsHttpsScheme() {
+ MockHttpRequest.Reset();
+ OpenIdRelyingParty rp = TestSupport.CreateRelyingParty(null);
+ rp.Settings.RequireSsl = true;
+ Identifier mockId = TestSupport.GetMockIdentifier(TestSupport.Scenarios.AutoApproval, ProtocolVersion.V20, true);
+ string noSchemeId = stripScheme(mockId);
+ var request = rp.CreateRequest(noSchemeId, TestSupport.Realm, TestSupport.ReturnTo);
+ Assert.IsTrue(request.ClaimedIdentifier.ToString().StartsWith("https://", StringComparison.OrdinalIgnoreCase));
+ }
+
+ [Test]
+ public void DirectedIdentityWithRequireSslSucceeds() {
+ Uri claimedId = TestSupport.GetFullUrl("/secureClaimedId", null, true);
+ Identifier opIdentifier = TestSupport.GetMockOPIdentifier(TestSupport.Scenarios.AutoApproval, claimedId, true, true);
+ var rp = TestSupport.CreateRelyingParty(null);
+ rp.Settings.RequireSsl = true;
+ var rpRequest = rp.CreateRequest(opIdentifier, TestSupport.Realm, TestSupport.ReturnTo);
+ var rpResponse = TestSupport.CreateRelyingPartyResponseThroughProvider(rpRequest, opRequest => {
+ opRequest.IsAuthenticated = true;
+ opRequest.ClaimedIdentifier = claimedId;
+ });
+ Assert.AreEqual(AuthenticationStatus.Authenticated, rpResponse.Status);
+ }
+
+ [Test]
+ public void DirectedIdentityWithRequireSslFailsWithoutSecureIdentity() {
+ Uri claimedId = TestSupport.GetFullUrl("/insecureClaimedId", null, false);
+ Identifier opIdentifier = TestSupport.GetMockOPIdentifier(TestSupport.Scenarios.AutoApproval, claimedId, true, true);
+ var rp = TestSupport.CreateRelyingParty(null);
+ rp.Settings.RequireSsl = true;
+ var rpRequest = rp.CreateRequest(opIdentifier, TestSupport.Realm, TestSupport.ReturnTo);
+ var rpResponse = TestSupport.CreateRelyingPartyResponseThroughProvider(rpRequest, opRequest => {
+ opRequest.IsAuthenticated = true;
+ opRequest.ClaimedIdentifier = claimedId;
+ });
+ Assert.AreEqual(AuthenticationStatus.Failed, rpResponse.Status);
+ }
+
+ [Test]
+ public void DirectedIdentityWithRequireSslFailsWithoutSecureProviderEndpoint() {
+ Uri claimedId = TestSupport.GetFullUrl("/secureClaimedId", null, true);
+ // We want to generate an OP Identifier that itself is secure, but whose
+ // XRDS doc describes an insecure provider endpoint.
+ Identifier opIdentifier = TestSupport.GetMockOPIdentifier(TestSupport.Scenarios.AutoApproval, claimedId, true, false);
+ var rp = TestSupport.CreateRelyingParty(null);
+ rp.Settings.RequireSsl = true;
+ var rpRequest = rp.CreateRequest(opIdentifier, TestSupport.Realm, TestSupport.ReturnTo);
+ var rpResponse = TestSupport.CreateRelyingPartyResponseThroughProvider(rpRequest, opRequest => {
+ opRequest.IsAuthenticated = true;
+ opRequest.ClaimedIdentifier = claimedId;
+ });
+ Assert.AreEqual(AuthenticationStatus.Failed, rpResponse.Status);
+ }
+
+ [Test]
+ public void UnsolicitedAssertionWithRequireSsl() {
+ MockHttpRequest.Reset();
+ Mocks.MockHttpRequest.RegisterMockRPDiscovery();
+ TestSupport.Scenarios scenario = TestSupport.Scenarios.AutoApproval;
+ Identifier claimedId = TestSupport.GetMockIdentifier(scenario, ProtocolVersion.V20, true);
+ Identifier localId = TestSupport.GetDelegateUrl(scenario, true);
+
+ OpenIdProvider op = TestSupport.CreateProvider(null, true);
+ IResponse assertion = op.PrepareUnsolicitedAssertion(TestSupport.Realm, claimedId, localId);
+
+ var opAuthWebResponse = (Response)assertion;
+ var opAuthResponse = (DotNetOpenId.Provider.EncodableResponse)opAuthWebResponse.EncodableMessage;
+ var rp = TestSupport.CreateRelyingParty(TestSupport.RelyingPartyStore, opAuthResponse.RedirectUrl,
+ opAuthResponse.EncodedFields.ToNameValueCollection());
+ rp.Settings.RequireSsl = true;
+
+ Assert.AreEqual(AuthenticationStatus.Authenticated, rp.Response.Status);
+ Assert.AreEqual(claimedId, rp.Response.ClaimedIdentifier);
+ }
+
+ [Test]
+ public void UnsolicitedAssertionWithRequireSslWithoutSecureIdentityUrl() {
+ MockHttpRequest.Reset();
+ Mocks.MockHttpRequest.RegisterMockRPDiscovery();
+ TestSupport.Scenarios scenario = TestSupport.Scenarios.AutoApproval;
+ Identifier claimedId = TestSupport.GetMockIdentifier(scenario, ProtocolVersion.V20);
+ Identifier localId = TestSupport.GetDelegateUrl(scenario);
+
+ OpenIdProvider op = TestSupport.CreateProvider(null);
+ IResponse assertion = op.PrepareUnsolicitedAssertion(TestSupport.Realm, claimedId, localId);
+
+ var opAuthWebResponse = (Response)assertion;
+ var opAuthResponse = (DotNetOpenId.Provider.EncodableResponse)opAuthWebResponse.EncodableMessage;
+ var rp = TestSupport.CreateRelyingParty(TestSupport.RelyingPartyStore, opAuthResponse.RedirectUrl,
+ opAuthResponse.EncodedFields.ToNameValueCollection());
+ rp.Settings.RequireSsl = true;
+
+ Assert.AreEqual(AuthenticationStatus.Failed, rp.Response.Status);
+ Assert.IsNull(rp.Response.ClaimedIdentifier);
+ }
+
+ [Test]
+ public void UnsolicitedAssertionWithRequireSslWithSecureIdentityButInsecureProviderEndpoint() {
+ MockHttpRequest.Reset();
+ Mocks.MockHttpRequest.RegisterMockRPDiscovery();
+ TestSupport.Scenarios scenario = TestSupport.Scenarios.AutoApproval;
+ ProtocolVersion version = ProtocolVersion.V20;
+ ServiceEndpoint providerEndpoint = TestSupport.GetServiceEndpoint(scenario, version, 10, false);
+ Identifier claimedId = new MockIdentifier(TestSupport.GetIdentityUrl(scenario, version, true),
+ new ServiceEndpoint[] { providerEndpoint });
+ Identifier localId = TestSupport.GetDelegateUrl(scenario, true);
+
+ OpenIdProvider op = TestSupport.CreateProvider(null, false);
+ IResponse assertion = op.PrepareUnsolicitedAssertion(TestSupport.Realm, claimedId, localId);
+
+ var opAuthWebResponse = (Response)assertion;
+ var opAuthResponse = (DotNetOpenId.Provider.EncodableResponse)opAuthWebResponse.EncodableMessage;
+ var rp = TestSupport.CreateRelyingParty(TestSupport.RelyingPartyStore, opAuthResponse.RedirectUrl,
+ opAuthResponse.EncodedFields.ToNameValueCollection());
+ rp.Settings.RequireSsl = true;
+
+ Assert.AreEqual(AuthenticationStatus.Failed, rp.Response.Status);
+ Assert.IsNull(rp.Response.ClaimedIdentifier);
+ }
+
+ /// <summary>
+ /// Verifies that an RP will not "discover" endpoints below OpenID 2.0 when appropriate.
+ /// </summary>
+ [Test, ExpectedException(typeof(OpenIdException))]
+ public void MinimumOPVersion20() {
+ MockIdentifier id = TestSupport.GetMockIdentifier(TestSupport.Scenarios.AutoApproval, ProtocolVersion.V11);
+
+ var rp = TestSupport.CreateRelyingParty(null);
+ rp.Settings.MinimumRequiredOpenIdVersion = ProtocolVersion.V20;
+ rp.CreateRequest(id, TestSupport.Realm, TestSupport.ReturnTo);
+ }
+
+ /// <summary>
+ /// Verifies that an RP configured to require 2.0 OPs will fail on communicating with 1.x OPs
+ /// that merely advertise 2.0 support but don't really have it.
+ /// </summary>
+ [Test]
+ public void MinimumOPVersion20WithDeceptiveEndpointRealizedAtAuthentication() {
+ // Create an identifier that claims to have a 2.0 OP endpoint.
+ MockIdentifier id = TestSupport.GetMockIdentifier(TestSupport.Scenarios.AutoApproval, ProtocolVersion.V20);
+
+ var rp = TestSupport.CreateRelyingParty(null, null);
+
+ IAuthenticationRequest req = rp.CreateRequest(id, TestSupport.Realm, TestSupport.ReturnTo);
+ IResponse providerResponse = TestSupport.CreateProviderResponseToRequest(req, opReq => {
+ opReq.IsAuthenticated = true;
+ });
+
+ var opAuthWebResponse = (Response)providerResponse;
+ var opAuthResponse = (DotNetOpenId.Provider.EncodableResponse)opAuthWebResponse.EncodableMessage;
+ var rp2 =TestSupport. CreateRelyingParty(null, opAuthResponse.RedirectUrl,
+ opAuthResponse.EncodedFields.ToNameValueCollection());
+ rp2.Settings.MinimumRequiredOpenIdVersion = ProtocolVersion.V20;
+ // Rig an intercept between the provider and RP to make our own Provider LOOK like a 1.x provider.
+ var sniffer = new DirectMessageSniffWrapper(rp2.DirectMessageChannel);
+ rp2.DirectMessageChannel = sniffer;
+ sniffer.Receiving += (endpoint, fields) => {
+ fields.Remove(Protocol.v20.openidnp.ns);
+ };
+ var resp = rp2.Response;
+
+ Assert.AreEqual(AuthenticationStatus.Failed, resp.Status, "Authentication should have failed since OP is really a 1.x OP masquerading as a 2.0 OP.");
+ }
}
}
diff --git a/src/DotNetOpenId.Test/RelyingParty/OpenIdTextBoxTest.cs b/src/DotNetOpenId.Test/RelyingParty/OpenIdTextBoxTest.cs deleted file mode 100644 index 9176096..0000000 --- a/src/DotNetOpenId.Test/RelyingParty/OpenIdTextBoxTest.cs +++ /dev/null @@ -1,17 +0,0 @@ -using System;
-using System.Collections.Generic;
-using System.Text;
-using NUnit.Framework;
-using DotNetOpenId.Test.Hosting;
-using System.Net;
-
-namespace DotNetOpenId.Test.RelyingParty {
- [TestFixture]
- public class OpenIdTextBoxTest {
- [Test]
- public void TextBoxAppears() {
- string html = TestSupport.Host.ProcessRequest(TestSupport.ConsumerPage);
- Assert.IsTrue(html.Contains("<input "));
- }
- }
-}
diff --git a/src/DotNetOpenId.Test/RelyingParty/ServiceEndpointTests.cs b/src/DotNetOpenId.Test/RelyingParty/ServiceEndpointTests.cs index cb2a61b..d2677b8 100644 --- a/src/DotNetOpenId.Test/RelyingParty/ServiceEndpointTests.cs +++ b/src/DotNetOpenId.Test/RelyingParty/ServiceEndpointTests.cs @@ -116,7 +116,9 @@ namespace DotNetOpenId.Test.RelyingParty { public void FriendlyIdentifierForDisplay() {
Uri providerEndpoint= new Uri("http://someprovider");
Identifier localId = "someuser";
- string[] serviceTypeUris = new string[0];
+ string[] serviceTypeUris = new string[] {
+ Protocol.v20.ClaimedIdentifierServiceTypeURI,
+ };
ServiceEndpoint se;
// strip of protocol and fragment
@@ -132,7 +134,7 @@ namespace DotNetOpenId.Test.RelyingParty { // restore user supplied identifier to XRIs
se = ServiceEndpoint.CreateForClaimedIdentifier(new XriIdentifier("=!9B72.7DD1.50A9.5CCD"),
new XriIdentifier("=Arnott崎村"), localId, providerEndpoint, serviceTypeUris, null, null);
- Assert.AreEqual("=!9B72.7DD1.50A9.5CCD (=Arnott崎村)", se.FriendlyIdentifierForDisplay);
+ Assert.AreEqual("=Arnott崎村", se.FriendlyIdentifierForDisplay);
// If UserSuppliedIdentifier is the same as the ClaimedIdentifier, don't display it twice...
se = ServiceEndpoint.CreateForClaimedIdentifier(
|