src/DotNetOpenAuth.Test/OpenId/Provider/HostProcessedRequestTests.cs


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101

//-----------------------------------------------------------------------
// <copyright file="HostProcessedRequestTests.cs" company="Outercurve Foundation">
//     Copyright (c) Outercurve Foundation. All rights reserved.
// </copyright>
//-----------------------------------------------------------------------

namespace DotNetOpenAuth.Test.OpenId.Provider {
	using System;
	using System.Threading;
	using System.Threading.Tasks;
	using DotNetOpenAuth.OpenId;
	using DotNetOpenAuth.OpenId.Messages;
	using DotNetOpenAuth.OpenId.Provider;
	using DotNetOpenAuth.Test.Mocks;

	using NUnit.Framework;

	[TestFixture]
	public class HostProcessedRequestTests : OpenIdTestBase {
		private Protocol protocol;
		private OpenIdProvider provider;
		private CheckIdRequest checkIdRequest;
		private AuthenticationRequest request;

		[SetUp]
		public override void SetUp() {
			base.SetUp();

			this.protocol = Protocol.Default;
			this.provider = this.CreateProvider();
			this.checkIdRequest = new CheckIdRequest(this.protocol.Version, OPUri, AuthenticationRequestMode.Setup);
			this.checkIdRequest.Realm = RPRealmUri;
			this.checkIdRequest.ReturnTo = RPUri;
			this.request = new AuthenticationRequest(this.provider, this.checkIdRequest);
		}

		[Test]
		public async Task IsReturnUrlDiscoverableNoResponse() {
			Assert.AreEqual(RelyingPartyDiscoveryResult.NoServiceDocument, await this.request.IsReturnUrlDiscoverableAsync(this.provider.Channel.HostFactories, CancellationToken.None));
		}

		[Test]
		public async Task IsReturnUrlDiscoverableValidResponse() {
			await CoordinatorBase.RunAsync(
				async (hostFactories, ct) => {
					this.request = new AuthenticationRequest(this.provider, this.checkIdRequest);
					Assert.AreEqual(RelyingPartyDiscoveryResult.Success, await this.request.IsReturnUrlDiscoverableAsync(this.provider.Channel.HostFactories, CancellationToken.None));
				},
				MockHttpRequest.RegisterMockRPDiscovery(false));
		}

		/// <summary>
		/// Verifies that when discovery would be performed over standard HTTP and RequireSsl
		/// is set, that discovery fails.
		/// </summary>
		[Test]
		public async Task IsReturnUrlDiscoverableNotSsl() {
			await CoordinatorBase.RunAsync(
				async (hostFactories, ct) => {
					this.provider.SecuritySettings.RequireSsl = true;
					Assert.AreEqual(RelyingPartyDiscoveryResult.NoServiceDocument, await this.request.IsReturnUrlDiscoverableAsync(this.provider.Channel.HostFactories, CancellationToken.None));
				},
				MockHttpRequest.RegisterMockRPDiscovery(false));
		}

		/// <summary>
		/// Verifies that when discovery would be performed over HTTPS that discovery succeeds.
		/// </summary>
		[Test]
		public async Task IsReturnUrlDiscoverableRequireSsl() {
			await CoordinatorBase.RunAsync(
				async (hostFactories, ct) => {
					this.checkIdRequest.Realm = RPRealmUriSsl;
					this.checkIdRequest.ReturnTo = RPUriSsl;

					// Try once with RequireSsl
					this.provider.SecuritySettings.RequireSsl = true;
					this.request = new AuthenticationRequest(this.provider, this.checkIdRequest);
					Assert.AreEqual(RelyingPartyDiscoveryResult.Success, await this.request.IsReturnUrlDiscoverableAsync(this.provider.Channel.HostFactories, CancellationToken.None));

					// And again without RequireSsl
					this.provider.SecuritySettings.RequireSsl = false;
					this.request = new AuthenticationRequest(this.provider, this.checkIdRequest);
					Assert.AreEqual(RelyingPartyDiscoveryResult.Success, await this.request.IsReturnUrlDiscoverableAsync(this.provider.Channel.HostFactories, CancellationToken.None));
				},
				MockHttpRequest.RegisterMockRPDiscovery(false));
		}

		[Test]
		public async Task IsReturnUrlDiscoverableValidButNoMatch() {
			await CoordinatorBase.RunAsync(
				async (hostFactories, ct) => {
					this.provider.SecuritySettings.RequireSsl = false; // reset for another failure test case
					this.checkIdRequest.ReturnTo = new Uri("http://somerandom/host");
					this.request = new AuthenticationRequest(this.provider, this.checkIdRequest);
					Assert.AreEqual(RelyingPartyDiscoveryResult.NoMatchingReturnTo, await this.request.IsReturnUrlDiscoverableAsync(this.provider.Channel.HostFactories, CancellationToken.None));
				},
				MockHttpRequest.RegisterMockRPDiscovery(false));
		}
	}
}