mcs/class/System.Web/Test/System.Web.Security/FormsAuthenticationTest.cs


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146

//
// FormsAuthenticationTest.cs - NUnit Test Cases for FormsAuthentication
//
// Author:
//	Sebastien Pouliot (sebastien@ximian.com)
//
// Copyright (C) 2005 Novell, Inc (http://www.novell.com)
//

using System;
using System.Security.Cryptography;
using System.Text;
using System.Web;
using System.Web.Security;

using NUnit.Framework;
using MonoTests.SystemWeb.Framework;

namespace MonoTests.System.Web.Security
{
	[TestFixture]
	public class FormsAuthenticationTest
	{
		[Test]
		[Category ("NotDotNet")] // Dot.net url must include Namespace name
		[Category("NunitWeb")]
		public void DefaultValues ()
		{
			new WebTest(new HandlerInvoker (new HandlerDelegate(DefaultValues_delegate))).Run ();
		}

		static public void DefaultValues_delegate ()
		{
			// MS use ".ASPXAUTH" while Mono use ".MONOAUTH"
			string str = FormsAuthentication.FormsCookieName;
			Assert.IsTrue ((str.Length == 9 && str [0] == '.' && str.EndsWith ("AUTH")), "FormsCookieName");
			Assert.AreEqual ("/", FormsAuthentication.FormsCookiePath, "FormsCookiePath");
			Assert.IsFalse (FormsAuthentication.RequireSSL, "RequireSSL");
			Assert.IsTrue (FormsAuthentication.SlidingExpiration, "SlidingExpiration");
			// MSDN: The default is an empty string ("") but null.
			Assert.AreEqual ("", FormsAuthentication.CookieDomain, "CookieDomain");
			Assert.AreEqual (HttpCookieMode.UseDeviceProfile, FormsAuthentication.CookieMode, "CookieMode");
			Assert.IsTrue (FormsAuthentication.CookiesSupported, "CookiesSupported");
			Assert.AreEqual ("/NunitWeb/default.aspx", FormsAuthentication.DefaultUrl);
			Assert.IsFalse (FormsAuthentication.EnableCrossAppRedirects, "EnableCrossAppRedirects");
			Assert.AreEqual ("/NunitWeb/login.aspx", FormsAuthentication.LoginUrl, "LoginUrl");
		}

		[Test]
		[Category ("NotDotNet")] // Dot.net url must include Namespace name
		[Category("NunitWeb")]
		public void Initialize ()
		{
			new WebTest(new HandlerInvoker (new HandlerDelegate(Initialize_delegate))).Run ();
		}

		static public void Initialize_delegate ()
		{
			// calling Initialize without an HttpContext
			FormsAuthentication.Initialize ();
			// and that doesn't change the default values
			DefaultValues_delegate ();
		}

		[Test]
		[ExpectedException (typeof (ArgumentNullException))]
		public void HashPasswordForStoringInConfigFile_NullPassword ()
		{
			FormsAuthentication.HashPasswordForStoringInConfigFile (null, "MD5");
		}

		[Test]
		[ExpectedException (typeof (ArgumentNullException))]
		public void HashPasswordForStoringInConfigFile_NullPasswordFormat ()
		{
			FormsAuthentication.HashPasswordForStoringInConfigFile ("Mono", null);
		}

		[Test]
		public void HashPasswordForStoringInConfigFile_MD5 ()
		{
			// § (C2-A7)
			string s = Encoding.UTF8.GetString (new byte [2] { 0xC2, 0xA7 });
			Assert.AreEqual ("BD9A4C255DEEC8944D99E01A64C1E322", FormsAuthentication.HashPasswordForStoringInConfigFile (s, "MD5"));

			// ä (C3-A4)
			s = Encoding.UTF8.GetString (new byte [2] { 0xC3, 0xA4 });
			Assert.AreEqual ("8419B71C87A225A2C70B50486FBEE545", FormsAuthentication.HashPasswordForStoringInConfigFile (s, "md5"));
		}

		[Test]
		public void HashPasswordForStoringInConfigFile_SHA1 ()
		{
			// § (C2-A7)
			string s = Encoding.UTF8.GetString (new byte [2] { 0xC2, 0xA7 });
			Assert.AreEqual ("EB2CB244889599F736B6CDD633C5E324F521D1BB", FormsAuthentication.HashPasswordForStoringInConfigFile (s, "SHA1"));

			// ä (C3-A4)
			s = Encoding.UTF8.GetString (new byte [2] { 0xC3, 0xA4 });
			Assert.AreEqual ("961FA22F61A56E19F3F5F8867901AC8CF5E6D11F", FormsAuthentication.HashPasswordForStoringInConfigFile (s, "sha1"));
		}

		[Test]
		[ExpectedException (typeof (ArgumentException))]
		public void HashPasswordForStoringInConfigFile_SHA256 ()
		{
			FormsAuthentication.HashPasswordForStoringInConfigFile ("mono", "SHA256");
		}
		[Test]
		[ExpectedException (typeof (NullReferenceException))]
		public void RedirectToLoginPage ()
		{
			FormsAuthentication.RedirectToLoginPage ();
		}

		[Test]
		[ExpectedException (typeof (NullReferenceException))]
		public void RedirectToLoginPage_XtraQuery_Null ()
		{
			FormsAuthentication.RedirectToLoginPage (null);
		}

		[Test]
		[ExpectedException (typeof (NullReferenceException))]
		public void RedirectToLoginPage_XtraQuery_Empty ()
		{
			FormsAuthentication.RedirectToLoginPage (String.Empty);
		}

		[Test]
		[Category ("NotWorking")] // works on .net
		public void Authenticate ()
		{
			Assert.IsFalse (FormsAuthentication.Authenticate (null, "password"), "null,string");
			Assert.IsFalse (FormsAuthentication.Authenticate ("user", null), "string,null");
			// not throwing
			Assert.IsFalse (FormsAuthentication.Authenticate ("user", "password"), "string,string");
		}

		[TestFixtureTearDown]
		public void TestFixtureTearDown()
		{
			WebTest.Unload();
		}
	}
}