React to security changes.
This commit is contained in:
Chris R
parent
b1ff28be73
commit
e47a2faa83
|
|
@ -88,12 +88,12 @@ namespace E2ETests
|
|||
Assert.Null(_httpClientHandler.CookieContainer.GetCookies(new Uri(_deploymentResult.ApplicationBaseUri)).GetCookieWithName(".AspNet.Microsoft.AspNet.Identity.ExternalLogin"));
|
||||
_logger.LogInformation("Successfully signed in with user '{email}'", "AspnetvnextTest@test.com");
|
||||
|
||||
_logger.LogInformation("Verifying if the middleware notifications were fired");
|
||||
_logger.LogInformation("Verifying if the middleware events were fired");
|
||||
//Check for a non existing item
|
||||
response = await _httpClient.GetAsync(string.Format("Admin/StoreManager/GetAlbumIdFromName?albumName={0}", "123"));
|
||||
//This action requires admin permissions. If notifications are fired this permission is granted
|
||||
//This action requires admin permissions. If events are fired this permission is granted
|
||||
Assert.Equal(HttpStatusCode.NotFound, response.StatusCode);
|
||||
_logger.LogInformation("Middleware notifications were fired successfully");
|
||||
_logger.LogInformation("Middleware events were fired successfully");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -89,13 +89,13 @@ namespace E2ETests
|
|||
Assert.Null(_httpClientHandler.CookieContainer.GetCookies(new Uri(_deploymentResult.ApplicationBaseUri)).GetCookieWithName(".AspNet.Microsoft.AspNet.Identity.ExternalLogin"));
|
||||
_logger.LogInformation("Successfully signed in with user '{email}'", "AspnetvnextTest@gmail.com");
|
||||
|
||||
_logger.LogInformation("Verifying if the middleware notifications were fired");
|
||||
_logger.LogInformation("Verifying if the middleware events were fired");
|
||||
//Check for a non existing item
|
||||
response = await _httpClient.GetAsync(string.Format("Admin/StoreManager/GetAlbumIdFromName?albumName={0}", "123"));
|
||||
//This action requires admin permissions. If notifications are fired this permission is granted
|
||||
//This action requires admin permissions. If events are fired this permission is granted
|
||||
_logger.LogVerbose(await response.Content.ReadAsStringAsync());
|
||||
Assert.Equal(HttpStatusCode.NotFound, response.StatusCode);
|
||||
_logger.LogInformation("Middleware notifications were fired successfully");
|
||||
_logger.LogInformation("Middleware events were fired successfully");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -88,13 +88,13 @@ namespace E2ETests
|
|||
Assert.Null(_httpClientHandler.CookieContainer.GetCookies(new Uri(_deploymentResult.ApplicationBaseUri)).GetCookieWithName(".AspNet.Microsoft.AspNet.Identity.ExternalLogin"));
|
||||
_logger.LogInformation("Successfully signed in with user '{email}'", "microsoft@test.com");
|
||||
|
||||
_logger.LogInformation("Verifying if the middleware notifications were fired");
|
||||
_logger.LogInformation("Verifying if the middleware events were fired");
|
||||
//Check for a non existing item
|
||||
response = await _httpClient.GetAsync(string.Format("Admin/StoreManager/GetAlbumIdFromName?albumName={0}", "123"));
|
||||
//This action requires admin permissions. If notifications are fired this permission is granted
|
||||
//This action requires admin permissions. If events are fired this permission is granted
|
||||
_logger.LogInformation(await response.Content.ReadAsStringAsync());
|
||||
Assert.Equal(HttpStatusCode.NotFound, response.StatusCode);
|
||||
_logger.LogInformation("Middleware notifications were fired successfully");
|
||||
_logger.LogInformation("Middleware events were fired successfully");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -77,12 +77,12 @@ namespace E2ETests
|
|||
Assert.Null(_httpClientHandler.CookieContainer.GetCookies(new Uri(_deploymentResult.ApplicationBaseUri)).GetCookieWithName(".AspNet.Microsoft.AspNet.Identity.ExternalLogin"));
|
||||
_logger.LogInformation("Successfully signed in with user '{email}'", "User3@aspnettest.onmicrosoft.com");
|
||||
|
||||
_logger.LogInformation("Verifying if the middleware notifications were fired");
|
||||
_logger.LogInformation("Verifying if the middleware events were fired");
|
||||
//Check for a non existing item
|
||||
response = await _httpClient.GetAsync(string.Format("Admin/StoreManager/GetAlbumIdFromName?albumName={0}", "123"));
|
||||
//This action requires admin permissions. If notifications are fired this permission is granted
|
||||
//This action requires admin permissions. If events are fired this permission is granted
|
||||
Assert.Equal(HttpStatusCode.NotFound, response.StatusCode);
|
||||
_logger.LogInformation("Middleware notifications were fired successfully");
|
||||
_logger.LogInformation("Middleware events were fired successfully");
|
||||
|
||||
_logger.LogInformation("Verifying the OpenIdConnect logout flow..");
|
||||
response = await _httpClient.GetAsync(string.Empty);
|
||||
|
|
|
|||
|
|
@ -88,12 +88,12 @@ namespace E2ETests
|
|||
Assert.Null(_httpClientHandler.CookieContainer.GetCookies(new Uri(_deploymentResult.ApplicationBaseUri)).GetCookieWithName(".AspNet.Microsoft.AspNet.Identity.ExternalLogin"));
|
||||
_logger.LogInformation("Successfully signed in with user '{email}'", "twitter@test.com");
|
||||
|
||||
_logger.LogInformation("Verifying if the middleware notifications were fired");
|
||||
_logger.LogInformation("Verifying if the middleware events were fired");
|
||||
//Check for a non existing item
|
||||
response = await _httpClient.GetAsync(string.Format("Admin/StoreManager/GetAlbumIdFromName?albumName={0}", "123"));
|
||||
//This action requires admin permissions. If notifications are fired this permission is granted
|
||||
//This action requires admin permissions. If events are fired this permission is granted
|
||||
Assert.Equal(HttpStatusCode.NotFound, response.StatusCode);
|
||||
_logger.LogInformation("Middleware notifications were fired successfully");
|
||||
_logger.LogInformation("Middleware events were fired successfully");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -10,10 +10,7 @@ using MusicStore.Mocks.Common;
|
|||
|
||||
namespace MusicStore.Mocks.Facebook
|
||||
{
|
||||
/// <summary>
|
||||
/// Summary description for FacebookNotifications
|
||||
/// </summary>
|
||||
internal class FacebookNotifications
|
||||
internal class FacebookEvents
|
||||
{
|
||||
internal static async Task OnAuthenticated(OAuthAuthenticatedContext context)
|
||||
{
|
||||
|
|
@ -38,7 +35,7 @@ namespace MusicStore.Mocks.Facebook
|
|||
{
|
||||
if (context.Principal != null && context.SignInScheme == new IdentityCookieOptions().ExternalCookieAuthenticationScheme)
|
||||
{
|
||||
//This way we will know all notifications were fired.
|
||||
//This way we will know all events were fired.
|
||||
var identity = context.Principal.Identities.First();
|
||||
var manageStoreClaim = identity?.Claims.Where(c => c.Type == "ManageStore" && c.Value == "false").FirstOrDefault();
|
||||
if (manageStoreClaim != null)
|
||||
|
|
@ -10,10 +10,7 @@ using MusicStore.Mocks.Common;
|
|||
|
||||
namespace MusicStore.Mocks.Google
|
||||
{
|
||||
/// <summary>
|
||||
/// Summary description for GoogleNotifications
|
||||
/// </summary>
|
||||
internal class GoogleNotifications
|
||||
internal class GoogleEvents
|
||||
{
|
||||
internal static async Task OnAuthenticated(OAuthAuthenticatedContext context)
|
||||
{
|
||||
|
|
@ -37,7 +34,7 @@ namespace MusicStore.Mocks.Google
|
|||
{
|
||||
if (context.Principal != null && context.SignInScheme == new IdentityCookieOptions().ExternalCookieAuthenticationScheme)
|
||||
{
|
||||
//This way we will know all notifications were fired.
|
||||
//This way we will know all events were fired.
|
||||
var identity = context.Principal.Identities.First();
|
||||
var manageStoreClaim = identity?.Claims.Where(c => c.Type == "ManageStore" && c.Value == "false").FirstOrDefault();
|
||||
if (manageStoreClaim != null)
|
||||
|
|
@ -10,10 +10,7 @@ using MusicStore.Mocks.Common;
|
|||
|
||||
namespace MusicStore.Mocks.MicrosoftAccount
|
||||
{
|
||||
/// <summary>
|
||||
/// Summary description for MicrosoftAccountNotifications
|
||||
/// </summary>
|
||||
internal class MicrosoftAccountNotifications
|
||||
internal class MicrosoftAccountEvents
|
||||
{
|
||||
internal static async Task OnAuthenticated(OAuthAuthenticatedContext context)
|
||||
{
|
||||
|
|
@ -38,7 +35,7 @@ namespace MusicStore.Mocks.MicrosoftAccount
|
|||
{
|
||||
if (context.Principal != null && context.SignInScheme == new IdentityCookieOptions().ExternalCookieAuthenticationScheme)
|
||||
{
|
||||
//This way we will know all notifications were fired.
|
||||
//This way we will know all events were fired.
|
||||
var identity = context.Principal.Identities.First();
|
||||
var manageStoreClaim = identity?.Claims.Where(c => c.Type == "ManageStore" && c.Value == "false").FirstOrDefault();
|
||||
if (manageStoreClaim != null)
|
||||
|
|
@ -2,7 +2,6 @@
|
|||
using System.Collections.Generic;
|
||||
using System.Security.Claims;
|
||||
using System.Threading.Tasks;
|
||||
using Microsoft.AspNet.Authentication;
|
||||
using Microsoft.AspNet.Authentication.OpenIdConnect;
|
||||
using Microsoft.AspNet.Http;
|
||||
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
|
||||
|
|
@ -10,45 +9,45 @@ using MusicStore.Mocks.Common;
|
|||
|
||||
namespace MusicStore.Mocks.OpenIdConnect
|
||||
{
|
||||
internal class OpenIdConnectNotifications
|
||||
internal class OpenIdConnectEvents
|
||||
{
|
||||
private static List<string> notificationsFired = new List<string>();
|
||||
private static List<string> eventsFired = new List<string>();
|
||||
|
||||
internal static Task MessageReceived(MessageReceivedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> context)
|
||||
internal static Task MessageReceived(MessageReceivedContext context)
|
||||
{
|
||||
Helpers.ThrowIfConditionFailed(() => context.ProtocolMessage != null, "ProtocolMessage is null.");
|
||||
notificationsFired.Add(nameof(MessageReceived));
|
||||
eventsFired.Add(nameof(MessageReceived));
|
||||
return Task.FromResult(0);
|
||||
}
|
||||
|
||||
internal static Task SecurityTokenReceived(SecurityTokenReceivedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> context)
|
||||
internal static Task SecurityTokenReceived(SecurityTokenReceivedContext context)
|
||||
{
|
||||
notificationsFired.Add(nameof(SecurityTokenReceived));
|
||||
eventsFired.Add(nameof(SecurityTokenReceived));
|
||||
return Task.FromResult(0);
|
||||
}
|
||||
|
||||
internal static Task SecurityTokenValidated(SecurityTokenValidatedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> context)
|
||||
internal static Task SecurityTokenValidated(SecurityTokenValidatedContext context)
|
||||
{
|
||||
Helpers.ThrowIfConditionFailed(() => context.AuthenticationTicket != null, "context.AuthenticationTicket is null.");
|
||||
Helpers.ThrowIfConditionFailed(() => context.AuthenticationTicket.Principal != null, "context.AuthenticationTicket.Principal is null.");
|
||||
Helpers.ThrowIfConditionFailed(() => context.AuthenticationTicket.Principal.Identity != null, "context.AuthenticationTicket.Principal.Identity is null.");
|
||||
Helpers.ThrowIfConditionFailed(() => !string.IsNullOrWhiteSpace(context.AuthenticationTicket.Principal.Identity.Name), "context.AuthenticationTicket.Principal.Identity.Name is null.");
|
||||
notificationsFired.Add(nameof(SecurityTokenValidated));
|
||||
eventsFired.Add(nameof(SecurityTokenValidated));
|
||||
return Task.FromResult(0);
|
||||
}
|
||||
|
||||
internal static Task AuthorizationCodeReceived(AuthorizationCodeReceivedNotification context)
|
||||
internal static Task AuthorizationCodeReceived(AuthorizationCodeReceivedContext context)
|
||||
{
|
||||
Helpers.ThrowIfConditionFailed(() => context.Code == "AAABAAAAvPM1KaPlrEqdFSBzjqfTGGBtrTYVn589oKw4lLgJ6Svz0AhPVOJr0J2-Uu_KffGlqIbYlRAyxmt-vZ7VlSVdrWvOkNhK9OaAMaSD7LDoPbBTVMEkB0MdAgBTV34l2el-s8ZI02_9PvgQaORZs7n8eGaGbcoKAoxiDn2OcKuJVplXYgrGUwU4VpRaqe6RaNzuseM7qBFbLIv4Wps8CndE6W8ccmuu6EvGC6-H4uF9EZL7gU4nEcTcvkE4Qyt8do6VhTVfM1ygRNQgmV1BCig5t_5xfhL6-xWQdy15Uzn_Df8VSsyDXe8s9cxyKlqc_AIyLFy_NEiMQFUqjZWKd_rR3A8ugug15SEEGuo1kF3jMc7dVMdE6OF9UBd-Ax5ILWT7V4clnRQb6-CXB538DlolREfE-PowXYruFBA-ARD6rwAVtuVfCSbS0Zr4ZqfNjt6x8yQdK-OkdQRZ1thiZcZlm1lyb2EquGZ8Deh2iWBoY1uNcyjzhG-L43EivxtHAp6Y8cErhbo41iacgqOycgyJWxiB5J0HHkxD0nQ2RVVuY8Ybc9sdgyfKkkK2wZ3idGaRCdZN8Q9VBhWRXPDMqHWG8t3aZRtvJ_Xd3WhjNPJC0GpepUGNNQtXiEoIECC363o1z6PZC5-E7U3l9xK06BZkcfTOnggUiSWNCrxUKS44dNqaozdYlO5E028UgAEhJ4eDtcP3PZty-0j4j5Mw0F2FmyAA",
|
||||
"context.Code is invalid.");
|
||||
notificationsFired.Add(nameof(AuthorizationCodeReceived));
|
||||
eventsFired.Add(nameof(AuthorizationCodeReceived));
|
||||
|
||||
// Verify all notifications are fired.
|
||||
if (notificationsFired.Contains(nameof(RedirectToIdentityProvider)) &&
|
||||
notificationsFired.Contains(nameof(MessageReceived)) &&
|
||||
notificationsFired.Contains(nameof(SecurityTokenReceived)) &&
|
||||
notificationsFired.Contains(nameof(SecurityTokenValidated)) &&
|
||||
notificationsFired.Contains(nameof(AuthorizationCodeReceived)))
|
||||
// Verify all events are fired.
|
||||
if (eventsFired.Contains(nameof(RedirectToIdentityProvider)) &&
|
||||
eventsFired.Contains(nameof(MessageReceived)) &&
|
||||
eventsFired.Contains(nameof(SecurityTokenReceived)) &&
|
||||
eventsFired.Contains(nameof(SecurityTokenValidated)) &&
|
||||
eventsFired.Contains(nameof(AuthorizationCodeReceived)))
|
||||
{
|
||||
((ClaimsIdentity)context.AuthenticationTicket.Principal.Identity).AddClaim(new Claim("ManageStore", "Allowed"));
|
||||
}
|
||||
|
|
@ -57,9 +56,9 @@ namespace MusicStore.Mocks.OpenIdConnect
|
|||
}
|
||||
|
||||
internal static Task RedirectToIdentityProvider
|
||||
(RedirectToIdentityProviderNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> context)
|
||||
(RedirectToIdentityProviderContext context)
|
||||
{
|
||||
notificationsFired.Add(nameof(RedirectToIdentityProvider));
|
||||
eventsFired.Add(nameof(RedirectToIdentityProvider));
|
||||
|
||||
if (context.ProtocolMessage.RequestType == OpenIdConnectRequestType.LogoutRequest)
|
||||
{
|
||||
|
|
@ -77,13 +77,13 @@ namespace MusicStore
|
|||
options.ProtocolValidator.NonceLifetime = TimeSpan.FromDays(36500);
|
||||
options.UseTokenLifetime = false;
|
||||
|
||||
options.Notifications = new OpenIdConnectAuthenticationNotifications
|
||||
options.Events = new OpenIdConnectAuthenticationEvents
|
||||
{
|
||||
MessageReceived = OpenIdConnectNotifications.MessageReceived,
|
||||
AuthorizationCodeReceived = OpenIdConnectNotifications.AuthorizationCodeReceived,
|
||||
RedirectToIdentityProvider = OpenIdConnectNotifications.RedirectToIdentityProvider,
|
||||
SecurityTokenReceived = OpenIdConnectNotifications.SecurityTokenReceived,
|
||||
SecurityTokenValidated = OpenIdConnectNotifications.SecurityTokenValidated
|
||||
OnMessageReceived = OpenIdConnectEvents.MessageReceived,
|
||||
OnAuthorizationCodeReceived = OpenIdConnectEvents.AuthorizationCodeReceived,
|
||||
OnRedirectToIdentityProvider = OpenIdConnectEvents.RedirectToIdentityProvider,
|
||||
OnSecurityTokenReceived = OpenIdConnectEvents.SecurityTokenReceived,
|
||||
OnSecurityTokenValidated = OpenIdConnectEvents.SecurityTokenValidated
|
||||
};
|
||||
});
|
||||
|
||||
|
|
|
|||
|
|
@ -79,11 +79,11 @@ namespace MusicStore
|
|||
{
|
||||
options.AppId = "[AppId]";
|
||||
options.AppSecret = "[AppSecret]";
|
||||
options.Notifications = new OAuthAuthenticationNotifications()
|
||||
options.Events = new OAuthAuthenticationEvents()
|
||||
{
|
||||
OnAuthenticated = FacebookNotifications.OnAuthenticated,
|
||||
OnReturnEndpoint = FacebookNotifications.OnReturnEndpoint,
|
||||
OnApplyRedirect = FacebookNotifications.OnApplyRedirect
|
||||
OnAuthenticated = FacebookEvents.OnAuthenticated,
|
||||
OnReturnEndpoint = FacebookEvents.OnReturnEndpoint,
|
||||
OnApplyRedirect = FacebookEvents.OnApplyRedirect
|
||||
};
|
||||
options.BackchannelHttpHandler = new FacebookMockBackChannelHttpHandler();
|
||||
options.StateDataFormat = new CustomStateDataFormat();
|
||||
|
|
@ -97,11 +97,11 @@ namespace MusicStore
|
|||
options.ClientId = "[ClientId]";
|
||||
options.ClientSecret = "[ClientSecret]";
|
||||
options.AccessType = "offline";
|
||||
options.Notifications = new OAuthAuthenticationNotifications()
|
||||
options.Events = new OAuthAuthenticationEvents()
|
||||
{
|
||||
OnAuthenticated = GoogleNotifications.OnAuthenticated,
|
||||
OnReturnEndpoint = GoogleNotifications.OnReturnEndpoint,
|
||||
OnApplyRedirect = GoogleNotifications.OnApplyRedirect
|
||||
OnAuthenticated = GoogleEvents.OnAuthenticated,
|
||||
OnReturnEndpoint = GoogleEvents.OnReturnEndpoint,
|
||||
OnApplyRedirect = GoogleEvents.OnApplyRedirect
|
||||
};
|
||||
options.StateDataFormat = new CustomStateDataFormat();
|
||||
options.BackchannelHttpHandler = new GoogleMockBackChannelHttpHandler();
|
||||
|
|
@ -111,11 +111,11 @@ namespace MusicStore
|
|||
{
|
||||
options.ConsumerKey = "[ConsumerKey]";
|
||||
options.ConsumerSecret = "[ConsumerSecret]";
|
||||
options.Notifications = new TwitterAuthenticationNotifications()
|
||||
options.Events = new TwitterAuthenticationEvents()
|
||||
{
|
||||
OnAuthenticated = TwitterNotifications.OnAuthenticated,
|
||||
OnReturnEndpoint = TwitterNotifications.OnReturnEndpoint,
|
||||
OnApplyRedirect = TwitterNotifications.OnApplyRedirect
|
||||
OnAuthenticated = TwitterEvents.OnAuthenticated,
|
||||
OnReturnEndpoint = TwitterEvents.OnReturnEndpoint,
|
||||
OnApplyRedirect = TwitterEvents.OnApplyRedirect
|
||||
};
|
||||
options.StateDataFormat = new CustomTwitterStateDataFormat();
|
||||
options.BackchannelHttpHandler = new TwitterMockBackChannelHttpHandler();
|
||||
|
|
@ -129,11 +129,11 @@ namespace MusicStore
|
|||
options.Caption = "MicrosoftAccount - Requires project changes";
|
||||
options.ClientId = "[ClientId]";
|
||||
options.ClientSecret = "[ClientSecret]";
|
||||
options.Notifications = new OAuthAuthenticationNotifications()
|
||||
options.Events = new OAuthAuthenticationEvents()
|
||||
{
|
||||
OnAuthenticated = MicrosoftAccountNotifications.OnAuthenticated,
|
||||
OnReturnEndpoint = MicrosoftAccountNotifications.OnReturnEndpoint,
|
||||
OnApplyRedirect = MicrosoftAccountNotifications.OnApplyRedirect
|
||||
OnAuthenticated = MicrosoftAccountEvents.OnAuthenticated,
|
||||
OnReturnEndpoint = MicrosoftAccountEvents.OnReturnEndpoint,
|
||||
OnApplyRedirect = MicrosoftAccountEvents.OnApplyRedirect
|
||||
};
|
||||
options.BackchannelHttpHandler = new MicrosoftAccountMockBackChannelHandler();
|
||||
options.StateDataFormat = new CustomStateDataFormat();
|
||||
|
|
|
|||
|
|
@ -8,10 +8,7 @@ using MusicStore.Mocks.Common;
|
|||
|
||||
namespace MusicStore.Mocks.Twitter
|
||||
{
|
||||
/// <summary>
|
||||
/// Summary description for TwitterNotifications
|
||||
/// </summary>
|
||||
internal class TwitterNotifications
|
||||
internal class TwitterEvents
|
||||
{
|
||||
internal static async Task OnAuthenticated(TwitterAuthenticatedContext context)
|
||||
{
|
||||
|
|
@ -31,7 +28,7 @@ namespace MusicStore.Mocks.Twitter
|
|||
{
|
||||
if (context.Principal != null && context.SignInScheme == new IdentityCookieOptions().ExternalCookieAuthenticationScheme)
|
||||
{
|
||||
//This way we will know all notifications were fired.
|
||||
//This way we will know all Events were fired.
|
||||
var identity = context.Principal.Identities.First();
|
||||
var manageStoreClaim = identity?.Claims.Where(c => c.Type == "ManageStore" && c.Value == "false").FirstOrDefault();
|
||||
if (manageStoreClaim != null)
|
||||
Loading…
Reference in New Issue