diff options
author | Hao Kung <haokung+github@gmail.com> | 2022-07-07 05:47:28 +0300 |
---|---|---|
committer | Hao Kung <haokung+github@gmail.com> | 2022-07-07 05:47:28 +0300 |
commit | 3aec4d62a3c6de4c4c54d29a008e4a24f6326466 (patch) | |
tree | e305c7cdb2015c14f2ed26696245099b4e7df710 | |
parent | 0be5ba5989b93d56aab02e39f984a0aae5917c46 (diff) |
Add ticket store testshaok/renew
-rw-r--r-- | src/Security/Authentication/test/CookieTests.cs | 103 |
1 files changed, 85 insertions, 18 deletions
diff --git a/src/Security/Authentication/test/CookieTests.cs b/src/Security/Authentication/test/CookieTests.cs index 369fc6d5e9..d4169b2e6c 100644 --- a/src/Security/Authentication/test/CookieTests.cs +++ b/src/Security/Authentication/test/CookieTests.cs @@ -16,7 +16,6 @@ using Microsoft.AspNetCore.Testing; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Hosting; using Microsoft.Extensions.Options; -using Moq; namespace Microsoft.AspNetCore.Authentication.Cookies; @@ -102,7 +101,7 @@ public class CookieTests : SharedAuthenticationTests<CookieAuthenticationOptions Assert.Equal("http://example.com/Account/Login?ReturnUrl=%2FCustomRedirect", location.ToString()); } - private Task SignInAsAlice(HttpContext context) + private static Task SignInAsAlice(HttpContext context) { var user = new ClaimsIdentity(new GenericIdentity("Alice", "Cookies")); user.AddClaim(new Claim("marker", "true")); @@ -111,7 +110,7 @@ public class CookieTests : SharedAuthenticationTests<CookieAuthenticationOptions new AuthenticationProperties()); } - private Task SignInAsWrong(HttpContext context) + private static Task SignInAsWrong(HttpContext context) { return context.SignInAsync("Oops", new ClaimsPrincipal(new ClaimsIdentity(new GenericIdentity("Alice", "Cookies"))), @@ -148,41 +147,105 @@ public class CookieTests : SharedAuthenticationTests<CookieAuthenticationOptions Assert.Equal("no-cache", transaction.Response.Headers.Pragma.ToString()); } + private class TestTicketStore : ITicketStore + { + private const string KeyPrefix = "AuthSessionStore-"; + public readonly Dictionary<string, AuthenticationTicket> Store = new Dictionary<string, AuthenticationTicket>(); + + public async Task<string> StoreAsync(AuthenticationTicket ticket) + { + var guid = Guid.NewGuid(); + var key = KeyPrefix + guid.ToString(); + await RenewAsync(key, ticket); + return key; + } + + public Task RenewAsync(string key, AuthenticationTicket ticket) + { + Store[key] = ticket; + + return Task.FromResult(0); + } + + public Task<AuthenticationTicket> RetrieveAsync(string key) + { + AuthenticationTicket ticket; + Store.TryGetValue(key, out ticket); + return Task.FromResult(ticket); + } + + public Task RemoveAsync(string key) + { + Store.Remove(key); + return Task.FromResult(0); + } + } + [Fact] - public async Task TicketStoreRequiresSessionId() + public async Task SignInWithTicketStoreWorks() { - var ticketStore = new Mock<ITicketStore>(); + var sessionStore = new TestTicketStore(); using var host = await CreateHostWithServices(s => { - s.AddAuthentication().AddCookie(o => + s.AddSingleton<ISystemClock>(_clock); + s.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie(o => { - o.LoginPath = new PathString("/login"); - o.Cookie.Name = "TestCookie"; + o.SessionStore = sessionStore; }); - s.AddSingleton(ticketStore.Object); }, SignInAsAlice); using var server = host.GetTestServer(); - var transaction = await SendAsync(server, "http://example.com/checkforerrors", "boguscookie"); - transaction.Response.EnsureSuccessStatusCode(); + var transaction1 = await SendAsync(server, "http://example.com/testpath"); + + var transaction2 = await SendAsync(server, "http://example.com/me/Cookies", transaction1.CookieNameValue); + + // Make sure we have one key as the session id + var key1 = Assert.Single(sessionStore.Store.Keys); + Assert.Equal("Alice", FindClaimValue(transaction2, ClaimTypes.Name)); + + // Make sure the session is expired + _clock.Add(TimeSpan.FromDays(60)); + + // Verify that a new session is generated with a new key + var transaction3 = await SendAsync(server, "http://example.com/signinalice", transaction1.CookieNameValue); + + var transaction4 = await SendAsync(server, "http://example.com/me/Cookies", transaction3.CookieNameValue); + + var key2 = Assert.Single(sessionStore.Store.Keys); + Assert.Equal("Alice", FindClaimValue(transaction4, ClaimTypes.Name)); + Assert.NotEqual(key1, key2); } [Fact] - public async Task SignInStoresTicket() + public async Task SessionStoreRemovesExpired() { - var ticketStore = new Mock<ITicketStore>(); + var sessionStore = new TestTicketStore(); using var host = await CreateHostWithServices(s => { - s.AddAuthentication().AddCookie(o => + s.AddSingleton<ISystemClock>(_clock); + s.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie(o => { - o.LoginPath = new PathString("/login"); - o.Cookie.Name = "TestCookie"; + o.SessionStore = sessionStore; }); - s.AddSingleton(ticketStore.Object); }, SignInAsAlice); using var server = host.GetTestServer(); - var transaction = await SendAsync(server, "http://example.com/checkforerrors"); + var transaction1 = await SendAsync(server, "http://example.com/testpath"); + + var transaction2 = await SendAsync(server, "http://example.com/me/Cookies", transaction1.CookieNameValue); + + // Make sure we have one key as the session id + var key1 = Assert.Single(sessionStore.Store.Keys); + Assert.Equal("Alice", FindClaimValue(transaction2, ClaimTypes.Name)); + + // Make sure the session is expired + _clock.Add(TimeSpan.FromDays(60)); + + // Verify that a new session is generated with a new key + var transaction3 = await SendAsync(server, "http://example.com/me/Cookies", transaction1.CookieNameValue); + + Assert.Empty(sessionStore.Store.Keys); + Assert.Null(FindClaimValue(transaction3, ClaimTypes.Name)); } [Fact] @@ -1762,6 +1825,10 @@ public class CookieTests : SharedAuthenticationTests<CookieAuthenticationOptions { await context.ChallengeAsync(CookieAuthenticationDefaults.AuthenticationScheme); } + else if (req.Path == new PathString("/signinalice")) + { + await SignInAsAlice(context); + } else if (req.Path == new PathString("/signout")) { await context.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme); |