1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
|
using System;
using System.Web;
using System.Web.Security;
using DotNetOpenAuth.AspNet;
using Moq;
using NUnit.Framework;
namespace DotNetOpenAuth.Test.Web
{
[TestFixture]
public class OAuthAuthenticationTickerHelperTest
{
[TestCase]
public void SetAuthenticationTicketSetCookieOnHttpResponseWithPersistentSet()
{
SetAuthenticationTicketSetCookieOnHttpResponse(isPersistent: true);
}
[TestCase]
public void SetAuthenticationTicketSetCookieOnHttpResponseWithPersistentNotSet()
{
SetAuthenticationTicketSetCookieOnHttpResponse(isPersistent: false);
}
[TestCase]
public void IsOAuthAuthenticationTicketReturnsTrueIfCookieIsPresent()
{
// Arrange
var ticket = new FormsAuthenticationTicket(
2,
"username",
DateTime.Now,
DateTime.Now.Add(FormsAuthentication.Timeout),
false,
"OAuth",
FormsAuthentication.FormsCookiePath);
var cookie = new HttpCookie(name: FormsAuthentication.FormsCookieName,
value: FormsAuthentication.Encrypt(ticket));
var cookies = new HttpCookieCollection {cookie};
var context = new Mock<HttpContextBase>();
context.Setup(c => c.Request.Cookies).Returns(cookies);
// Act
bool result = OpenAuthAuthenticationTicketHelper.IsValidAuthenticationTicket(context.Object);
// Assert
Assert.IsTrue(result);
}
[TestCase]
public void IsOAuthAuthenticationTicketReturnsFalseIfCookieIsNotPresent()
{
// Arrange
var context = new Mock<HttpContextBase>();
context.Setup(c => c.Request.Cookies).Returns(new HttpCookieCollection());
// Act
bool result = OpenAuthAuthenticationTicketHelper.IsValidAuthenticationTicket(context.Object);
// Assert
Assert.IsFalse(result);
}
[TestCase]
public void IsOAuthAuthenticationTicketReturnsFalseIfCookieIsPresentButDoesNotHaveOAuthData()
{
// Arrange
var ticket = new FormsAuthenticationTicket(
2,
"username",
DateTime.Now,
DateTime.Now.Add(FormsAuthentication.Timeout),
false,
null,
FormsAuthentication.FormsCookiePath);
var cookie = new HttpCookie(name: FormsAuthentication.FormsCookieName,
value: FormsAuthentication.Encrypt(ticket));
var cookies = new HttpCookieCollection { cookie };
var context = new Mock<HttpContextBase>();
context.Setup(c => c.Request.Cookies).Returns(cookies);
// Act
bool result = OpenAuthAuthenticationTicketHelper.IsValidAuthenticationTicket(context.Object);
// Assert
Assert.IsFalse(result);
}
[TestCase]
public void IsOAuthAuthenticationTicketReturnsFalseIfCookieIsPresentButDoesNotHaveCorrectName()
{
// Arrange
var response = new Mock<HttpResponseBase>();
var ticket = new FormsAuthenticationTicket(
2,
"username",
DateTime.Now,
DateTime.Now.Add(FormsAuthentication.Timeout),
false,
"OAuth",
FormsAuthentication.FormsCookiePath);
var cookie = new HttpCookie(name: "random cookie name",
value: FormsAuthentication.Encrypt(ticket));
var cookies = new HttpCookieCollection { cookie };
var context = new Mock<HttpContextBase>();
context.Setup(c => c.Request.Cookies).Returns(cookies);
// Act
bool result = OpenAuthAuthenticationTicketHelper.IsValidAuthenticationTicket(context.Object);
// Assert
Assert.IsFalse(result);
}
private void SetAuthenticationTicketSetCookieOnHttpResponse(bool isPersistent)
{
// Arrange
var cookies = new HttpCookieCollection();
var context = new Mock<HttpContextBase>();
context.Setup(c => c.Request.IsSecureConnection).Returns(true);
context.Setup(c => c.Response.Cookies).Returns(cookies);
// Act
OpenAuthAuthenticationTicketHelper.SetAuthenticationTicket(context.Object, "user", isPersistent);
// Assert
Assert.AreEqual(1, cookies.Count);
HttpCookie addedCookie = cookies[0];
Assert.AreEqual(FormsAuthentication.FormsCookieName, addedCookie.Name);
Assert.IsTrue(addedCookie.HttpOnly);
Assert.AreEqual("/", addedCookie.Path);
Assert.IsFalse(addedCookie.Secure);
Assert.IsNotNullOrEmpty(addedCookie.Value);
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(addedCookie.Value);
Assert.NotNull(ticket);
Assert.AreEqual(2, ticket.Version);
Assert.AreEqual("user", ticket.Name);
Assert.AreEqual("OAuth", ticket.UserData);
Assert.AreEqual(isPersistent, ticket.IsPersistent);
}
}
}
|
