129 lines
4.2 KiB
C#
129 lines
4.2 KiB
C#
using System;
|
|
using Xunit;
|
|
using Newtonsoft.Json.Linq;
|
|
using FluentAssertions;
|
|
|
|
namespace raven_integration
|
|
{
|
|
|
|
public class Auth
|
|
{
|
|
/// <summary>
|
|
///
|
|
/// </summary>
|
|
[Fact]
|
|
public async void BadLoginShouldNotWork()
|
|
{
|
|
//Expect status code 401 and result:
|
|
// {{
|
|
// "error": {
|
|
// "code": "2003",
|
|
// "message": "Authentication failed"
|
|
// }
|
|
// }}
|
|
|
|
dynamic d = new JObject();
|
|
d.login = "BOGUS";
|
|
d.password = "ACCOUNT";
|
|
ApiResponse a = await Util.PostAsync("Auth", null, d.ToString());
|
|
Util.ValidateErrorCodeResponse(a, 2003, 401);
|
|
}
|
|
|
|
|
|
|
|
/// <summary>
|
|
///
|
|
/// </summary>
|
|
[Fact]
|
|
public async void JWTExpiredTokenShouldFail()
|
|
{
|
|
ApiResponse a = await Util.GetAsync("Locale/picklist", await Util.GetTokenAsync("INTEGRATION_TEST", "EXPIRED"));//lowest level test user because there are no limits on this route except to be authenticated
|
|
Util.ValidateHTTPStatusCode(a, 401);
|
|
}
|
|
|
|
/// <summary>
|
|
///
|
|
/// </summary>
|
|
[Fact]
|
|
public async void JWTWrongIssuerShouldFail()
|
|
{
|
|
ApiResponse a = await Util.GetAsync("Locale/picklist", await Util.GetTokenAsync("INTEGRATION_TEST", "WRONG_ISSUER"));//lowest level test user because there are no limits on this route except to be authenticated
|
|
Util.ValidateHTTPStatusCode(a, 401);
|
|
}
|
|
|
|
/// <summary>
|
|
///
|
|
/// </summary>
|
|
[Fact]
|
|
public async void JWTNoAlgorithmShouldFail()
|
|
{
|
|
ApiResponse a = await Util.GetAsync("Locale/picklist", await Util.GetTokenAsync("INTEGRATION_TEST", "NO_ALGORITHM"));
|
|
Util.ValidateHTTPStatusCode(a, 401);
|
|
}
|
|
|
|
/// <summary>
|
|
///
|
|
/// </summary>
|
|
[Fact]
|
|
public async void JWTBadSecretShouldFail()
|
|
{
|
|
ApiResponse a = await Util.GetAsync("Locale/picklist", await Util.GetTokenAsync("INTEGRATION_TEST", "WRONG_SECRET"));
|
|
Util.ValidateHTTPStatusCode(a, 401);
|
|
}
|
|
|
|
|
|
/// <summary>
|
|
///
|
|
/// </summary>
|
|
[Fact]
|
|
public async void JWTTruncatedSignatureShouldFail()
|
|
{
|
|
ApiResponse a = await Util.GetAsync("Locale/picklist", await Util.GetTokenAsync("INTEGRATION_TEST", "TRUNCATED_SIGNATURE"));
|
|
Util.ValidateHTTPStatusCode(a, 401);
|
|
}
|
|
|
|
|
|
/// <summary>
|
|
///
|
|
/// </summary>
|
|
[Fact]
|
|
public async void JWTTransposedSignatureShouldFail()
|
|
{
|
|
ApiResponse a = await Util.GetAsync("Locale/picklist", await Util.GetTokenAsync("INTEGRATION_TEST", "TRANSPOSE_SIGNATURE"));
|
|
Util.ValidateHTTPStatusCode(a, 401);
|
|
}
|
|
|
|
|
|
/*
|
|
if (creds.Password == "INTEGRATION_TEST")
|
|
|
|
switch (creds.Login)
|
|
case "EXPIRED":
|
|
exp = new DateTimeOffset(DateTime.Now.AddDays(-30).ToUniversalTime(), TimeSpan.Zero);
|
|
break;
|
|
case "WRONG_ISSUER":
|
|
Issuer = "Bogus";
|
|
break;
|
|
case "NO_ALGORITHM":
|
|
Algorithm = Jose.JwsAlgorithm.none;
|
|
break;
|
|
case "WRONG_SECRET":
|
|
secretKey = System.Text.Encoding.ASCII.GetBytes("xxxxxxThisIsObviouslyWrongxxxxxx");
|
|
break;
|
|
|
|
|
|
case "TRUNCATED_SIGNATURE":
|
|
PostTransform = true;
|
|
break;
|
|
case "TRANSPOSE_SIGNATURE":
|
|
PostTransform = true;
|
|
break;
|
|
}
|
|
*/
|
|
|
|
//==================================================
|
|
|
|
}//eoc
|
|
}//eons
|
|
|