Add ticket store testshaok/renew

author: Hao Kung <haokung+github@gmail.com> 2022-07-07 05:47:28 +0300
committer: Hao Kung <haokung+github@gmail.com> 2022-07-07 05:47:28 +0300
commit: 3aec4d62a3c6de4c4c54d29a008e4a24f6326466 (patch)
tree: e305c7cdb2015c14f2ed26696245099b4e7df710
parent: 0be5ba5989b93d56aab02e39f984a0aae5917c46 (diff)
1 files changed, 85 insertions, 18 deletions
diff --git a/src/Security/Authentication/test/CookieTests.cs b/src/Security/Authentication/test/CookieTests.cs
index 369fc6d5e9..d4169b2e6c 100644
--- a/src/Security/Authentication/test/CookieTests.cs
+++ b/src/Security/Authentication/test/CookieTests.cs
@@ -16,7 +16,6 @@ using Microsoft.AspNetCore.Testing;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Hosting;
 using Microsoft.Extensions.Options;
-using Moq;
 
 namespace Microsoft.AspNetCore.Authentication.Cookies;
 
@@ -102,7 +101,7 @@ public class CookieTests : SharedAuthenticationTests<CookieAuthenticationOptions
         Assert.Equal("http://example.com/Account/Login?ReturnUrl=%2FCustomRedirect", location.ToString());
     }
 
-    private Task SignInAsAlice(HttpContext context)
+    private static Task SignInAsAlice(HttpContext context)
     {
         var user = new ClaimsIdentity(new GenericIdentity("Alice", "Cookies"));
         user.AddClaim(new Claim("marker", "true"));
@@ -111,7 +110,7 @@ public class CookieTests : SharedAuthenticationTests<CookieAuthenticationOptions
             new AuthenticationProperties());
     }
 
-    private Task SignInAsWrong(HttpContext context)
+    private static Task SignInAsWrong(HttpContext context)
     {
         return context.SignInAsync("Oops",
             new ClaimsPrincipal(new ClaimsIdentity(new GenericIdentity("Alice", "Cookies"))),
@@ -148,41 +147,105 @@ public class CookieTests : SharedAuthenticationTests<CookieAuthenticationOptions
         Assert.Equal("no-cache", transaction.Response.Headers.Pragma.ToString());
     }
 
+    private class TestTicketStore : ITicketStore
+    {
+        private const string KeyPrefix = "AuthSessionStore-";
+        public readonly Dictionary<string, AuthenticationTicket> Store = new Dictionary<string, AuthenticationTicket>();
+
+        public async Task<string> StoreAsync(AuthenticationTicket ticket)
+        {
+            var guid = Guid.NewGuid();
+            var key = KeyPrefix + guid.ToString();
+            await RenewAsync(key, ticket);
+            return key;
+        }
+
+        public Task RenewAsync(string key, AuthenticationTicket ticket)
+        {
+            Store[key] = ticket;
+
+            return Task.FromResult(0);
+        }
+
+        public Task<AuthenticationTicket> RetrieveAsync(string key)
+        {
+            AuthenticationTicket ticket;
+            Store.TryGetValue(key, out ticket);
+            return Task.FromResult(ticket);
+        }
+
+        public Task RemoveAsync(string key)
+        {
+            Store.Remove(key);
+            return Task.FromResult(0);
+        }
+    }
+
     [Fact]
-    public async Task TicketStoreRequiresSessionId()
+    public async Task SignInWithTicketStoreWorks()
     {
-        var ticketStore = new Mock<ITicketStore>();
+        var sessionStore = new TestTicketStore();
         using var host = await CreateHostWithServices(s =>
         {
-            s.AddAuthentication().AddCookie(o =>
+            s.AddSingleton<ISystemClock>(_clock);
+            s.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie(o =>
             {
-                o.LoginPath = new PathString("/login");
-                o.Cookie.Name = "TestCookie";
+                o.SessionStore = sessionStore;
             });
-            s.AddSingleton(ticketStore.Object);
         }, SignInAsAlice);
 
         using var server = host.GetTestServer();
-        var transaction = await SendAsync(server, "http://example.com/checkforerrors", "boguscookie");
-        transaction.Response.EnsureSuccessStatusCode();
+        var transaction1 = await SendAsync(server, "http://example.com/testpath");
+
+        var transaction2 = await SendAsync(server, "http://example.com/me/Cookies", transaction1.CookieNameValue);
+
+        // Make sure we have one key as the session id
+        var key1 = Assert.Single(sessionStore.Store.Keys);
+        Assert.Equal("Alice", FindClaimValue(transaction2, ClaimTypes.Name));
+
+        // Make sure the session is expired
+        _clock.Add(TimeSpan.FromDays(60));
+
+        // Verify that a new session is generated with a new key
+        var transaction3 = await SendAsync(server, "http://example.com/signinalice", transaction1.CookieNameValue);
+
+        var transaction4 = await SendAsync(server, "http://example.com/me/Cookies", transaction3.CookieNameValue);
+
+        var key2 = Assert.Single(sessionStore.Store.Keys);
+        Assert.Equal("Alice", FindClaimValue(transaction4, ClaimTypes.Name));
+        Assert.NotEqual(key1, key2);
     }
 
     [Fact]
-    public async Task SignInStoresTicket()
+    public async Task SessionStoreRemovesExpired()
     {
-        var ticketStore = new Mock<ITicketStore>();
+        var sessionStore = new TestTicketStore();
         using var host = await CreateHostWithServices(s =>
         {
-            s.AddAuthentication().AddCookie(o =>
+            s.AddSingleton<ISystemClock>(_clock);
+            s.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie(o =>
             {
-                o.LoginPath = new PathString("/login");
-                o.Cookie.Name = "TestCookie";
+                o.SessionStore = sessionStore;
             });
-            s.AddSingleton(ticketStore.Object);
         }, SignInAsAlice);
 
         using var server = host.GetTestServer();
-        var transaction = await SendAsync(server, "http://example.com/checkforerrors");
+        var transaction1 = await SendAsync(server, "http://example.com/testpath");
+
+        var transaction2 = await SendAsync(server, "http://example.com/me/Cookies", transaction1.CookieNameValue);
+
+        // Make sure we have one key as the session id
+        var key1 = Assert.Single(sessionStore.Store.Keys);
+        Assert.Equal("Alice", FindClaimValue(transaction2, ClaimTypes.Name));
+
+        // Make sure the session is expired
+        _clock.Add(TimeSpan.FromDays(60));
+
+        // Verify that a new session is generated with a new key
+        var transaction3 = await SendAsync(server, "http://example.com/me/Cookies", transaction1.CookieNameValue);
+
+        Assert.Empty(sessionStore.Store.Keys);
+        Assert.Null(FindClaimValue(transaction3, ClaimTypes.Name));
     }
 
     [Fact]
@@ -1762,6 +1825,10 @@ public class CookieTests : SharedAuthenticationTests<CookieAuthenticationOptions
                             {
                                 await context.ChallengeAsync(CookieAuthenticationDefaults.AuthenticationScheme);
                             }
+                            else if (req.Path == new PathString("/signinalice"))
+                            {
+                                await SignInAsAlice(context);
+                            }
                             else if (req.Path == new PathString("/signout"))
                             {
                                 await context.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
author	Hao Kung <haokung+github@gmail.com>	2022-07-07 05:47:28 +0300
committer	Hao Kung <haokung+github@gmail.com>	2022-07-07 05:47:28 +0300
commit	3aec4d62a3c6de4c4c54d29a008e4a24f6326466 (patch)
tree	e305c7cdb2015c14f2ed26696245099b4e7df710
parent	0be5ba5989b93d56aab02e39f984a0aae5917c46 (diff)