From 824682e0b82f8ed1a1801ca45abb91f2de4bcd2d Mon Sep 17 00:00:00 2001 From: pmaytak <34331512+pmaytak@users.noreply.github.com> Date: Mon, 30 Mar 2020 19:25:44 -0700 Subject: [PATCH] Added new unit tests, cleaned up older ones. (#70) Added unit tests for AzureADB2COpenIDConnectEventHandlersTests, CookiePolicyOptionsExtensionsTests, Cleaned up some tests by using InlineData and changing some local variables to instance. (#70) --- .../TestConstants.cs | 19 +- .../AuthorityHelpersTests.cs | 43 +--- ...ureADB2COpenIDConnectEventHandlersTests.cs | 108 +++++++++ .../Base64UrlHelpersTests.cs | 220 ++++-------------- .../ClaimsPrincipalExtensionsTests.cs | 126 +++++----- .../ClaimsPrincipalFactoryTests.cs | 19 +- .../ClientInfoTests.cs | 39 ++-- .../CookiePolicyOptionsExtensionsTests.cs | 113 +++++++++ .../ExtensionsTests.cs | 38 +-- .../MicrosoftIdentityOptionsTests.cs | 2 +- .../Resource/AadIssuerValidatorTests.cs | 10 +- ...OpenIdConnectMiddlewareDiagnosticsTests.cs | 3 + 12 files changed, 403 insertions(+), 337 deletions(-) create mode 100644 tests/Microsoft.Identity.Web.Test/AzureADB2COpenIDConnectEventHandlersTests.cs create mode 100644 tests/Microsoft.Identity.Web.Test/CookiePolicyOptionsExtensionsTests.cs diff --git a/tests/Microsoft.Identity.Web.Test.Common/TestConstants.cs b/tests/Microsoft.Identity.Web.Test.Common/TestConstants.cs index 382a440cb..a514a70ef 100644 --- a/tests/Microsoft.Identity.Web.Test.Common/TestConstants.cs +++ b/tests/Microsoft.Identity.Web.Test.Common/TestConstants.cs @@ -32,19 +32,10 @@ public static class TestConstants public const string AuthorityWithTenantSpecifiedWithV2 = AadInstance + "/" + TenantId + "/v2.0"; public const string AadIssuer = AadInstance + "/" + TenantIdAsGuid + "/v2.0"; - public const string Uid = "uid-value"; - public const string Utid = "utid-value"; - public const string Tfp = "tfp-value"; - public const string Userflow = "userflow-value"; - public const string Oid = "oid-value"; - public const string ObjectId = "objectId-value"; - public const string Tid = "tid-value"; - public const string PreferredUsername = "preferred_username-value"; - public const string NameV1 = "name_V1-value"; - public const string Name = "name-value"; - // B2C - public const string B2CSuSiUserFlow = "b2c_1_susi"; + public const string B2CSignUpSignInUserFlow = "b2c_1_susi"; + public const string B2CEditProfileUserFlow = "b2c_1_edit_profile"; + public const string B2CResetPasswordUserFlow = "b2c_1_reset"; public const string B2CTenant = "fabrikamb2c.onmicrosoft.com"; public const string B2CTenantAsGuid = "775527ff-9a37-4307-8b3d-cc311f58d925"; public const string B2CHost = "fabrikamb2c.b2clogin.com"; @@ -52,9 +43,9 @@ public static class TestConstants public const string B2CInstance2 = "https://catb2c.b2clogin.com"; public const string B2CCustomDomainInstance = "https://catsAreAmazing.com"; - public const string B2CAuthority = B2CInstance + "/" + B2CTenant + "/" + B2CSuSiUserFlow; + public const string B2CAuthority = B2CInstance + "/" + B2CTenant + "/" + B2CSignUpSignInUserFlow; public const string B2CAuthorityWithV2 = B2CAuthority + "/v2.0"; - public const string B2CCustomDomainAuthority = B2CCustomDomainInstance + "/" + B2CTenant + "/" + B2CSuSiUserFlow; + public const string B2CCustomDomainAuthority = B2CCustomDomainInstance + "/" + B2CTenant + "/" + B2CSignUpSignInUserFlow; public const string B2CCustomDomainAuthorityWithV2 = B2CCustomDomainAuthority + "/v2.0"; public const string B2CIssuer = B2CInstance + "/" + B2CTenantAsGuid + "/v2.0"; diff --git a/tests/Microsoft.Identity.Web.Test/AuthorityHelpersTests.cs b/tests/Microsoft.Identity.Web.Test/AuthorityHelpersTests.cs index 0b093f3fe..a9afc7641 100644 --- a/tests/Microsoft.Identity.Web.Test/AuthorityHelpersTests.cs +++ b/tests/Microsoft.Identity.Web.Test/AuthorityHelpersTests.cs @@ -8,36 +8,16 @@ namespace Microsoft.Identity.Web.Test { public class AuthorityHelpersTests { - [Fact] - public void IsV2Authority_EmptyAuthority_ReturnsFalse() + [Theory] + [InlineData("", false)] + [InlineData(null, false)] + [InlineData(TestConstants.AuthorityWithTenantSpecified, false)] + [InlineData(TestConstants.AuthorityWithTenantSpecifiedWithV2, true)] + public void IsV2Authority(string authority, bool expectedResult) { - bool result = AuthorityHelpers.IsV2Authority(string.Empty); - - Assert.False(result); - } + bool result = AuthorityHelpers.IsV2Authority(authority); - [Fact] - public void IsV2Authority_NullAuthority_ReturnsFalse() - { - bool result = AuthorityHelpers.IsV2Authority(null); - - Assert.False(result); - } - - [Fact] - public void IsV2Authority_AuthorityEndsWithV2_ReturnsTrue() - { - bool result = AuthorityHelpers.IsV2Authority(TestConstants.AuthorityWithTenantSpecifiedWithV2); - - Assert.True(result); - } - - [Fact] - public void IsV2Authority_AuthorityDoesntEndWithV2_ReturnsFalse() - { - bool result = AuthorityHelpers.IsV2Authority(TestConstants.AuthorityWithTenantSpecified); - - Assert.False(result); + Assert.Equal(expectedResult, result); } [Fact] @@ -69,7 +49,7 @@ public void BuildAuthority_B2CEmptyDomain_ReturnsNull() { Domain = string.Empty, Instance = TestConstants.B2CInstance, - SignUpSignInPolicyId = TestConstants.B2CSuSiUserFlow + SignUpSignInPolicyId = TestConstants.B2CSignUpSignInUserFlow }; string result = AuthorityHelpers.BuildAuthority(options); @@ -84,7 +64,7 @@ public void BuildAuthority_B2CValidOptions_ReturnsValidB2CAuthority() { Domain = TestConstants.B2CTenant, Instance = TestConstants.B2CInstance, - SignUpSignInPolicyId = TestConstants.B2CSuSiUserFlow + SignUpSignInPolicyId = TestConstants.B2CSignUpSignInUserFlow }; string expectedResult = $"{options.Instance}/{options.Domain}/{options.DefaultUserFlow}/v2.0"; @@ -127,7 +107,6 @@ public void BuildAuthority_AadValidOptions_ReturnsValidAadAuthority() [Fact] public void BuildAuthority_AadInstanceWithTrailingSlash_ReturnsValidAadAuthority() { - //Arrange MicrosoftIdentityOptions options = new MicrosoftIdentityOptions { TenantId = TestConstants.TenantIdAsGuid, @@ -135,10 +114,8 @@ public void BuildAuthority_AadInstanceWithTrailingSlash_ReturnsValidAadAuthority }; string expectedResult = $"{TestConstants.AadInstance}/{options.TenantId}/v2.0"; - //Act string result = AuthorityHelpers.BuildAuthority(options); - //Assert Assert.NotNull(result); Assert.Equal(expectedResult, result); } diff --git a/tests/Microsoft.Identity.Web.Test/AzureADB2COpenIDConnectEventHandlersTests.cs b/tests/Microsoft.Identity.Web.Test/AzureADB2COpenIDConnectEventHandlersTests.cs new file mode 100644 index 000000000..d914fa9ef --- /dev/null +++ b/tests/Microsoft.Identity.Web.Test/AzureADB2COpenIDConnectEventHandlersTests.cs @@ -0,0 +1,108 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +using Microsoft.AspNetCore.Authentication; +using Microsoft.AspNetCore.Authentication.OpenIdConnect; +using Microsoft.AspNetCore.Http; +using Microsoft.Identity.Web.Test.Common; +using Microsoft.Identity.Web.Test.Common.TestHelpers; +using Microsoft.IdentityModel.Protocols.OpenIdConnect; +using NSubstitute; +using Xunit; + +namespace Microsoft.Identity.Web.Test +{ + public class AzureADB2COpenIDConnectEventHandlersTests + { + private const string PathBase = "/PathBase"; + private const string DefaultUserFlow = TestConstants.B2CSignUpSignInUserFlow; + private const string CustomUserFlow = TestConstants.B2CResetPasswordUserFlow; + private string _defaultIssuer = $"IssuerAddress/{DefaultUserFlow}/"; + private string _customIssuer = $"IssuerAddress/{CustomUserFlow}/"; + private AuthenticationScheme _authScheme; + + public AzureADB2COpenIDConnectEventHandlersTests() + { + _authScheme = new AuthenticationScheme(OpenIdConnectDefaults.AuthenticationScheme, OpenIdConnectDefaults.AuthenticationScheme, typeof(OpenIdConnectHandler)); + } + + [Fact] + public async void OnRedirectToIdentityProvider_CustomUserFlow_UpdatesContext() + { + var options = new MicrosoftIdentityOptions() { SignUpSignInPolicyId = DefaultUserFlow }; + var handler = new AzureADB2COpenIDConnectEventHandlers(OpenIdConnectDefaults.AuthenticationScheme, options); + var httpContext = HttpContextUtilities.CreateHttpContext(); + var authProperties = new AuthenticationProperties(); + authProperties.Items.Add(OidcConstants.PolicyKey, CustomUserFlow); + var context = new RedirectContext(httpContext, _authScheme, new OpenIdConnectOptions(), authProperties) { ProtocolMessage = new OpenIdConnectMessage() { IssuerAddress = _defaultIssuer } }; + + await handler.OnRedirectToIdentityProvider(context); + + Assert.Equal(OpenIdConnectScope.OpenIdProfile, context.ProtocolMessage.Scope); + Assert.Equal(OpenIdConnectResponseType.IdToken, context.ProtocolMessage.ResponseType); + Assert.Equal(_customIssuer, context.ProtocolMessage.IssuerAddress, true); + Assert.False(context.Properties.Items.ContainsKey(OidcConstants.PolicyKey)); + } + + [Fact] + public async void OnRedirectToIdentityProvider_DefaultUserFlow_DoesntUpdateContext() + { + var options = new MicrosoftIdentityOptions() { SignUpSignInPolicyId = DefaultUserFlow }; + var handler = new AzureADB2COpenIDConnectEventHandlers(OpenIdConnectDefaults.AuthenticationScheme, options); + var httpContext = HttpContextUtilities.CreateHttpContext(); + var authProperties = new AuthenticationProperties(); + authProperties.Items.Add(OidcConstants.PolicyKey, DefaultUserFlow); + var context = new RedirectContext(httpContext, _authScheme, new OpenIdConnectOptions(), authProperties) { ProtocolMessage = new OpenIdConnectMessage() { IssuerAddress = _defaultIssuer } }; + + await handler.OnRedirectToIdentityProvider(context); + + Assert.Null(context.ProtocolMessage.Scope); + Assert.Null(context.ProtocolMessage.ResponseType); + Assert.Equal(_defaultIssuer, context.ProtocolMessage.IssuerAddress); + Assert.True(context.Properties.Items.ContainsKey(OidcConstants.PolicyKey)); + } + + [Fact] + public async void OnRemoteFailure_PasswordReset_RedirectsSuccessfully() + { + var httpContext = Substitute.For(); + httpContext.Request.PathBase = PathBase; + var handler = new AzureADB2COpenIDConnectEventHandlers(OpenIdConnectDefaults.AuthenticationScheme, new MicrosoftIdentityOptions()); + + var passwordResetException = "'access_denied', error_description: 'AADB2C90118: The user has forgotten their password. Correlation ID: f99deff4-f43b-43cc-b4e7-36141dbaf0a0 Timestamp: 2018-03-05 02:49:35Z', error_uri: 'error_uri is null'"; + + await handler.OnRemoteFailure(new RemoteFailureContext(httpContext, _authScheme, new OpenIdConnectOptions(), new OpenIdConnectProtocolException(passwordResetException))); + + httpContext.Response.Received().Redirect($"{httpContext.Request.PathBase}/MicrosoftIdentity/Account/ResetPassword/{OpenIdConnectDefaults.AuthenticationScheme}"); + } + + [Fact] + public async void OnRemoteFailure_Cancel_RedirectsSuccessfully() + { + var httpContext = Substitute.For(); + httpContext.Request.PathBase = PathBase; + var handler = new AzureADB2COpenIDConnectEventHandlers(OpenIdConnectDefaults.AuthenticationScheme, new MicrosoftIdentityOptions()); + + var cancelException = "'access_denied', error_description: 'AADB2C90091: The user has canceled entering self-asserted information. Correlation ID: d01c8878-0732-4eb2-beb8-da82a57432e0 Timestamp: 2018-03-05 02:56:49Z ', error_uri: 'error_uri is null'"; + + await handler.OnRemoteFailure(new RemoteFailureContext(httpContext, _authScheme, new OpenIdConnectOptions(), new OpenIdConnectProtocolException(cancelException))); + + httpContext.Response.Received().Redirect($"{httpContext.Request.PathBase}/"); + + } + + [Fact] + public async void OnRemoteFailure_OtherException_RedirectsSuccessfully() + { + var httpContext = Substitute.For(); + httpContext.Request.PathBase = PathBase; + var handler = new AzureADB2COpenIDConnectEventHandlers(OpenIdConnectDefaults.AuthenticationScheme, new MicrosoftIdentityOptions()); + + var otherException = "Generic exception."; + + await handler.OnRemoteFailure(new RemoteFailureContext(httpContext, _authScheme, new OpenIdConnectOptions(), new OpenIdConnectProtocolException(otherException))); + + httpContext.Response.Received().Redirect($"{httpContext.Request.PathBase}/MicrosoftIdentity/Account/Error"); + } + } +} diff --git a/tests/Microsoft.Identity.Web.Test/Base64UrlHelpersTests.cs b/tests/Microsoft.Identity.Web.Test/Base64UrlHelpersTests.cs index 66e98a52a..249f37496 100644 --- a/tests/Microsoft.Identity.Web.Test/Base64UrlHelpersTests.cs +++ b/tests/Microsoft.Identity.Web.Test/Base64UrlHelpersTests.cs @@ -16,49 +16,18 @@ public void Encode_NullByteArray_ReturnsNull() Assert.Null(Base64UrlHelpers.Encode(byteArrayToEncode)); } - [Fact] - public void Encode_UTF8ByteArrayOfDecodedString_ReturnsValidEncodedString() + [Theory] + [InlineData("123456", "MTIzNDU2")] //No padding + [InlineData("12345678", "MTIzNDU2Nzg")] //1 padding + [InlineData("1234567", "MTIzNDU2Nw")] //2 padding + [InlineData("12>123", "MTI-MTIz")] //With Base64 plus + [InlineData("12?123", "MTI_MTIz")] //With Base64 slash + [InlineData("", "")] //Empty string + public void Encode_UTF8ByteArrayOfDecodedString_ReturnsValidEncodedString(string stringToEncode, string expectedEncodedString) { - var stringToEncodeNoPadding = "123456"; - var expectedEncodedString = "MTIzNDU2"; - - var actualEncodedString = Base64UrlHelpers.Encode(Encoding.UTF8.GetBytes(stringToEncodeNoPadding)); + var actualEncodedString = Base64UrlHelpers.Encode(Encoding.UTF8.GetBytes(stringToEncode)); Assert.Equal(expectedEncodedString, actualEncodedString); - - var stringToEncode1Padding = "12345678"; - var expectedEncodedString1Padding = "MTIzNDU2Nzg"; - - actualEncodedString = Base64UrlHelpers.Encode(Encoding.UTF8.GetBytes(stringToEncode1Padding)); - - Assert.Equal(expectedEncodedString1Padding, actualEncodedString); - - var stringToEncode2Padding = "1234567"; - var expectedEncodedString2Padding = "MTIzNDU2Nw"; - - actualEncodedString = Base64UrlHelpers.Encode(Encoding.UTF8.GetBytes(stringToEncode2Padding)); - - Assert.Equal(expectedEncodedString2Padding, actualEncodedString); - - var stringToEncodeWithBase64Plus = "12>123"; - var expectedEncodedStringWithBase64Plus = "MTI-MTIz"; - - actualEncodedString = Base64UrlHelpers.Encode(Encoding.UTF8.GetBytes(stringToEncodeWithBase64Plus)); - - Assert.Equal(expectedEncodedStringWithBase64Plus, actualEncodedString); - - var stringToEncodeWithBase64Slash = "12?123"; - var expectedEncodedStringWithBase64Slash = "MTI_MTIz"; - - actualEncodedString = Base64UrlHelpers.Encode(Encoding.UTF8.GetBytes(stringToEncodeWithBase64Slash)); - - Assert.Equal(expectedEncodedStringWithBase64Slash, actualEncodedString); - - var emptyStringToEncode = string.Empty; - - actualEncodedString = Base64UrlHelpers.Encode(Encoding.UTF8.GetBytes(emptyStringToEncode)); - - Assert.Equal(emptyStringToEncode, actualEncodedString); } [Fact] @@ -68,117 +37,48 @@ public void Encode_NullString_ReturnsNull() Assert.Null(Base64UrlHelpers.Encode(stringToEncode)); } - [Fact] - public void Encode_DecodedString_ReturnsEncodedString() - { - var stringToEncodeNoPadding = "123456"; - var expectedEncodedString = "MTIzNDU2"; - - var actualEncodedString = Base64UrlHelpers.Encode(stringToEncodeNoPadding); + [Theory] + [InlineData("123456", "MTIzNDU2")] //No padding + [InlineData("12345678", "MTIzNDU2Nzg")] //1 padding + [InlineData("1234567", "MTIzNDU2Nw")] //2 padding + [InlineData("12>123", "MTI-MTIz")] //With Base64 plus + [InlineData("12?123", "MTI_MTIz")] //With Base64 slash + [InlineData("", "")] //Empty string + public void Encode_DecodedString_ReturnsEncodedString(string stringToEncode, string expectedEncodedString) + { + var actualEncodedString = Base64UrlHelpers.Encode(stringToEncode); Assert.Equal(expectedEncodedString, actualEncodedString); - - var stringToEncode1Padding = "12345678"; - var expectedEncodedString1Padding = "MTIzNDU2Nzg"; - - actualEncodedString = Base64UrlHelpers.Encode(stringToEncode1Padding); - - Assert.Equal(expectedEncodedString1Padding, actualEncodedString); - - var stringToEncode2Padding = "1234567"; - var expectedEncodedString2Padding = "MTIzNDU2Nw"; - - actualEncodedString = Base64UrlHelpers.Encode(stringToEncode2Padding); - - Assert.Equal(expectedEncodedString2Padding, actualEncodedString); - - var stringToEncodeWithBase64Plus = "12>123"; - var expectedEncodedStringWithBase64Plus = "MTI-MTIz"; - - actualEncodedString = Base64UrlHelpers.Encode(stringToEncodeWithBase64Plus); - - Assert.Equal(expectedEncodedStringWithBase64Plus, actualEncodedString); - - var stringToEncodeWithBase64Slash = "12?123"; - var expectedEncodedStringWithBase64Slash = "MTI_MTIz"; - - actualEncodedString = Base64UrlHelpers.Encode(stringToEncodeWithBase64Slash); - - Assert.Equal(expectedEncodedStringWithBase64Slash, actualEncodedString); - - var emptyStringToEncode = string.Empty; - - actualEncodedString = Base64UrlHelpers.Encode(emptyStringToEncode); - - Assert.Equal(emptyStringToEncode, actualEncodedString); } - [Fact] - public void DecodeToString_ValidBase64UrlString_ReturnsDecodedString() + [Theory] + [InlineData("MTIzNDU2", "123456")] //No padding + [InlineData("MTIzNDU2Nzg", "12345678")] //1 padding + [InlineData("MTIzNDU2Nw", "1234567")] //2 padding + [InlineData("MTI-MTIz", "12>123")] //With Base64 plus + [InlineData("MTI_MTIz", "12?123")] //With Base64 slash + [InlineData("", "")] //Empty string + public void DecodeToString_ValidBase64UrlString_ReturnsDecodedString(string stringToDecode, string expectedDecodedString) { - var stringToDecodeNoPadding = "MTIzNDU2"; - var expectedDecodedString = "123456"; - - var actualDecodedString = Base64UrlHelpers.DecodeToString(stringToDecodeNoPadding); + var actualDecodedString = Base64UrlHelpers.DecodeToString(stringToDecode); Assert.Equal(expectedDecodedString, actualDecodedString); - - var stringToDecode1Padding = "MTIzNDU2Nzg"; - var expectedDecodedString1Padding = "12345678"; - - actualDecodedString = Base64UrlHelpers.DecodeToString(stringToDecode1Padding); - - Assert.Equal(expectedDecodedString1Padding, actualDecodedString); - - var stringToDecode2Padding = "MTIzNDU2Nw"; - var expectedDecodedString2Padding = "1234567"; - - actualDecodedString = Base64UrlHelpers.DecodeToString(stringToDecode2Padding); - - Assert.Equal(expectedDecodedString2Padding, actualDecodedString); - - var stringToDecodeWithBase64Plus = "MTI-MTIz"; - var expectedDecodedStringWithBase64Plus = "12>123"; - - actualDecodedString = Base64UrlHelpers.DecodeToString(stringToDecodeWithBase64Plus); - - Assert.Equal(expectedDecodedStringWithBase64Plus, actualDecodedString); - - var stringToDecodeWithBase64Slash = "MTI_MTIz"; - var expectedEncodedStringWithBase64Slash = "12?123"; - - actualDecodedString = Base64UrlHelpers.DecodeToString(stringToDecodeWithBase64Slash); - - Assert.Equal(expectedEncodedStringWithBase64Slash, actualDecodedString); - - var emptyStringToDecode = string.Empty; - - actualDecodedString = Base64UrlHelpers.DecodeToString(emptyStringToDecode); - - Assert.Equal(emptyStringToDecode, actualDecodedString); } - [Fact] - public void CreateString_UTF8Bytes_ReturnsValidString() + [Theory] + [InlineData("123456")] + [InlineData("")] + public void CreateString_UTF8Bytes_ReturnsValidString(string stringToCreate) { - var stringToCreate = "123456"; - var resultString = Base64UrlHelpers.CreateString(Encoding.UTF8.GetBytes(stringToCreate)); Assert.Equal(stringToCreate, resultString); - - stringToCreate = string.Empty; - - resultString = Base64UrlHelpers.CreateString(Encoding.UTF8.GetBytes(stringToCreate)); - - Assert.Equal(stringToCreate, resultString); } - [Fact] - public void CreateString_NonUTF8Bytes_ReturnsInvalidString() + [Theory] + [InlineData("123456")] + public void CreateString_NonUTF8Bytes_ReturnsInvalidString(string stringToCreate) { - var stringToCreate = "123456"; - var resultString = Base64UrlHelpers.CreateString(Encoding.UTF32.GetBytes(stringToCreate)); Assert.NotEqual(stringToCreate, resultString); @@ -188,48 +88,18 @@ public void CreateString_NonUTF8Bytes_ReturnsInvalidString() Assert.NotEqual(stringToCreate, resultString); } - [Fact] - public void DecodeToBytes_ValidBase64UrlString_ReturnsByteArray() + [Theory] + [InlineData("MTIzNDU2", "123456")] //No padding + [InlineData("MTIzNDU2Nzg", "12345678")] //1 padding + [InlineData("MTIzNDU2Nw", "1234567")] //2 padding + [InlineData("MTI-MTIz", "12>123")] //With Base64 plus + [InlineData("MTI_MTIz", "12?123")] //With Base64 slash + [InlineData("", "")] //Empty string + public void DecodeToBytes_ValidBase64UrlString_ReturnsByteArray(string stringToDecode, string expectedDecodedString) { - var stringToDecodeWithNoPadding = "MTIzNDU2"; - var expectedDecodedByteArray = Encoding.UTF8.GetBytes("123456"); - - var actualDecodedByteArray = Base64UrlHelpers.DecodeToBytes(stringToDecodeWithNoPadding); - - Assert.Equal(expectedDecodedByteArray, actualDecodedByteArray); - - var stringToDecodeWith1Padding = "MTIzNDU2Nzg"; - expectedDecodedByteArray = Encoding.UTF8.GetBytes("12345678"); - - actualDecodedByteArray = Base64UrlHelpers.DecodeToBytes(stringToDecodeWith1Padding); - - Assert.Equal(expectedDecodedByteArray, actualDecodedByteArray); - - var stringToDecodeWith2Padding = "MTIzNDU2Nw"; - expectedDecodedByteArray = Encoding.UTF8.GetBytes("1234567"); - - actualDecodedByteArray = Base64UrlHelpers.DecodeToBytes(stringToDecodeWith2Padding); - - Assert.Equal(expectedDecodedByteArray, actualDecodedByteArray); - - var stringToDecodeWithBase64Plus = "MTI-MTIz"; - expectedDecodedByteArray = Encoding.UTF8.GetBytes("12>123"); - - actualDecodedByteArray = Base64UrlHelpers.DecodeToBytes(stringToDecodeWithBase64Plus); - - Assert.Equal(expectedDecodedByteArray, actualDecodedByteArray); - - var stringToDecodeWithBase64Slash = "MTI_MTIz"; - expectedDecodedByteArray = Encoding.UTF8.GetBytes("12?123"); - - actualDecodedByteArray = Base64UrlHelpers.DecodeToBytes(stringToDecodeWithBase64Slash); - - Assert.Equal(expectedDecodedByteArray, actualDecodedByteArray); - - var emptyStringToDecode = string.Empty; - expectedDecodedByteArray = Encoding.UTF8.GetBytes(emptyStringToDecode); + var expectedDecodedByteArray = Encoding.UTF8.GetBytes(expectedDecodedString); - actualDecodedByteArray = Base64UrlHelpers.DecodeToBytes(emptyStringToDecode); + var actualDecodedByteArray = Base64UrlHelpers.DecodeToBytes(stringToDecode); Assert.Equal(expectedDecodedByteArray, actualDecodedByteArray); } diff --git a/tests/Microsoft.Identity.Web.Test/ClaimsPrincipalExtensionsTests.cs b/tests/Microsoft.Identity.Web.Test/ClaimsPrincipalExtensionsTests.cs index 1ebd851a2..32de9db6d 100644 --- a/tests/Microsoft.Identity.Web.Test/ClaimsPrincipalExtensionsTests.cs +++ b/tests/Microsoft.Identity.Web.Test/ClaimsPrincipalExtensionsTests.cs @@ -9,6 +9,16 @@ namespace Microsoft.Identity.Web.Test { public class ClaimsPrincipalExtensionsTests { + private const string Name = "name-value"; + private const string NameV1 = "name_V1-value"; + private const string ObjectId = "objectId-value"; + private const string Oid = "oid-value"; + private const string PreferredUsername = "preferred_username-value"; + private const string TenantId = "some-tenant-id"; + private const string Tfp = "tfp-value"; + private const string Tid = "tid-value"; + private const string Userflow = "userflow-value"; + private const string Utid = "utid-value"; [Fact] public void GetNameIdentifierId_WithUtidClaim_ReturnsNameId() @@ -16,11 +26,11 @@ public void GetNameIdentifierId_WithUtidClaim_ReturnsNameId() var claimsPrincipalWithUtid = new ClaimsPrincipal( new ClaimsIdentity(new Claim[] { - new Claim(ClaimConstants.UniqueObjectIdentifier, TestConstants.Utid) + new Claim(ClaimConstants.UniqueObjectIdentifier, Utid) }) ); - Assert.Equal(TestConstants.Utid, claimsPrincipalWithUtid.GetNameIdentifierId()); + Assert.Equal(Utid, claimsPrincipalWithUtid.GetNameIdentifierId()); } [Fact] @@ -38,26 +48,26 @@ public void GetUserFlowId_WithTfpOrUserFlowClaims_ReturnsUserFlowId() var claimsPrincipalWithTfp = new ClaimsPrincipal( new ClaimsIdentity(new Claim[] { - new Claim(ClaimConstants.Tfp, TestConstants.Tfp) + new Claim(ClaimConstants.Tfp, Tfp) }) ); var claimsPrincipalWithUserFlow = new ClaimsPrincipal( new ClaimsIdentity(new Claim[] { - new Claim(ClaimConstants.UserFlow, TestConstants.Userflow) + new Claim(ClaimConstants.UserFlow, Userflow) }) ); var claimsPrincipalWithTfpAndUserFlow = new ClaimsPrincipal( new ClaimsIdentity(new Claim[] { - new Claim(ClaimConstants.Tfp, TestConstants.Tfp), - new Claim(ClaimConstants.UserFlow, TestConstants.Userflow) + new Claim(ClaimConstants.Tfp, Tfp), + new Claim(ClaimConstants.UserFlow, Userflow) }) ); - Assert.Equal(TestConstants.Tfp, claimsPrincipalWithTfp.GetUserFlowId()); - Assert.Equal(TestConstants.Userflow, claimsPrincipalWithUserFlow.GetUserFlowId()); - Assert.Equal(TestConstants.Tfp, claimsPrincipalWithTfpAndUserFlow.GetUserFlowId()); + Assert.Equal(Tfp, claimsPrincipalWithTfp.GetUserFlowId()); + Assert.Equal(Userflow, claimsPrincipalWithUserFlow.GetUserFlowId()); + Assert.Equal(Tfp, claimsPrincipalWithTfpAndUserFlow.GetUserFlowId()); } [Fact] @@ -74,26 +84,26 @@ public void GetObjectId_WithOidOrObjectIdClaims_ReturnsObjectId() var claimsPrincipalWithOid = new ClaimsPrincipal( new ClaimsIdentity(new Claim[] { - new Claim(ClaimConstants.Oid, TestConstants.Oid) + new Claim(ClaimConstants.Oid, Oid) }) ); var claimsPrincipalWithObjectId = new ClaimsPrincipal( new ClaimsIdentity(new Claim[] { - new Claim(ClaimConstants.ObjectId, TestConstants.ObjectId) + new Claim(ClaimConstants.ObjectId, ObjectId) }) ); var claimsPrincipalWithOidAndObjectId = new ClaimsPrincipal( new ClaimsIdentity(new Claim[] { - new Claim(ClaimConstants.Oid, TestConstants.Oid), - new Claim(ClaimConstants.ObjectId, TestConstants.ObjectId) + new Claim(ClaimConstants.Oid, Oid), + new Claim(ClaimConstants.ObjectId, ObjectId) }) ); - Assert.Equal(TestConstants.Oid, claimsPrincipalWithOid.GetObjectId()); - Assert.Equal(TestConstants.ObjectId, claimsPrincipalWithObjectId.GetObjectId()); - Assert.Equal(TestConstants.Oid, claimsPrincipalWithOidAndObjectId.GetObjectId()); + Assert.Equal(Oid, claimsPrincipalWithOid.GetObjectId()); + Assert.Equal(ObjectId, claimsPrincipalWithObjectId.GetObjectId()); + Assert.Equal(Oid, claimsPrincipalWithOidAndObjectId.GetObjectId()); } [Fact] @@ -110,26 +120,26 @@ public void GetTenantId_WithTidOrTenantIdClaims_ReturnsTenantId() var claimsPrincipalWithTid = new ClaimsPrincipal( new ClaimsIdentity(new Claim[] { - new Claim(ClaimConstants.Tid, TestConstants.Tid) + new Claim(ClaimConstants.Tid, Tid) }) ); var claimsPrincipalWithTenantId = new ClaimsPrincipal( new ClaimsIdentity(new Claim[] { - new Claim(ClaimConstants.TenantId, TestConstants.TenantId) + new Claim(ClaimConstants.TenantId, TenantId) }) ); var claimsPrincipalWithTidAndTenantId = new ClaimsPrincipal( new ClaimsIdentity(new Claim[] { - new Claim(ClaimConstants.Tid, TestConstants.Tid), - new Claim(ClaimConstants.TenantId, TestConstants.TenantId) + new Claim(ClaimConstants.Tid, Tid), + new Claim(ClaimConstants.TenantId, TenantId) }) ); - Assert.Equal(TestConstants.Tid, claimsPrincipalWithTid.GetTenantId()); - Assert.Equal(TestConstants.TenantId, claimsPrincipalWithTenantId.GetTenantId()); - Assert.Equal(TestConstants.Tid, claimsPrincipalWithTidAndTenantId.GetTenantId()); + Assert.Equal(Tid, claimsPrincipalWithTid.GetTenantId()); + Assert.Equal(TenantId, claimsPrincipalWithTenantId.GetTenantId()); + Assert.Equal(Tid, claimsPrincipalWithTidAndTenantId.GetTenantId()); } [Fact] @@ -146,42 +156,42 @@ public void GetDisplayName_WithSomeOrAllNameClaims_ReturnsName() var claimsPrincipalWithPreferredUsername = new ClaimsPrincipal( new ClaimsIdentity(new Claim[] { - new Claim(ClaimConstants.PreferredUserName, TestConstants.PreferredUsername) + new Claim(ClaimConstants.PreferredUserName, PreferredUsername) }) ); var claimsPrincipalWithNameV1 = new ClaimsPrincipal( new ClaimsIdentity(new Claim[] { - new Claim(ClaimsIdentity.DefaultNameClaimType, TestConstants.NameV1) + new Claim(ClaimsIdentity.DefaultNameClaimType, NameV1) }) ); var claimsPrincipalWithName = new ClaimsPrincipal( new ClaimsIdentity(new Claim[] { - new Claim(ClaimConstants.Name, TestConstants.Name) + new Claim(ClaimConstants.Name, Name) }) ); var claimsPrincipalWithNameV1AndName = new ClaimsPrincipal( new ClaimsIdentity(new Claim[] { - new Claim(ClaimConstants.Name, TestConstants.Name), - new Claim(ClaimsIdentity.DefaultNameClaimType, TestConstants.NameV1) + new Claim(ClaimConstants.Name, Name), + new Claim(ClaimsIdentity.DefaultNameClaimType, NameV1) }) ); var claimsPrincipalWithPreferredUsernameAndNameV1AndName = new ClaimsPrincipal( new ClaimsIdentity(new Claim[] { - new Claim(ClaimConstants.Name, TestConstants.Name), - new Claim(ClaimConstants.PreferredUserName, TestConstants.PreferredUsername), - new Claim(ClaimsIdentity.DefaultNameClaimType, TestConstants.NameV1) + new Claim(ClaimConstants.Name, Name), + new Claim(ClaimConstants.PreferredUserName, PreferredUsername), + new Claim(ClaimsIdentity.DefaultNameClaimType, NameV1) }) ); - Assert.Equal(TestConstants.PreferredUsername, claimsPrincipalWithPreferredUsername.GetDisplayName()); - Assert.Equal(TestConstants.NameV1, claimsPrincipalWithNameV1.GetDisplayName()); - Assert.Equal(TestConstants.Name, claimsPrincipalWithName.GetDisplayName()); - Assert.Equal(TestConstants.NameV1, claimsPrincipalWithNameV1AndName.GetDisplayName()); - Assert.Equal(TestConstants.PreferredUsername, claimsPrincipalWithPreferredUsernameAndNameV1AndName.GetDisplayName()); + Assert.Equal(PreferredUsername, claimsPrincipalWithPreferredUsername.GetDisplayName()); + Assert.Equal(NameV1, claimsPrincipalWithNameV1.GetDisplayName()); + Assert.Equal(Name, claimsPrincipalWithName.GetDisplayName()); + Assert.Equal(NameV1, claimsPrincipalWithNameV1AndName.GetDisplayName()); + Assert.Equal(PreferredUsername, claimsPrincipalWithPreferredUsernameAndNameV1AndName.GetDisplayName()); } [Fact] @@ -229,42 +239,42 @@ public void GetLoginHint_WithSomeOrAllNameClaims_ReturnsName() var claimsPrincipalWithPreferredUsername = new ClaimsPrincipal( new ClaimsIdentity(new Claim[] { - new Claim(ClaimConstants.PreferredUserName, TestConstants.PreferredUsername) + new Claim(ClaimConstants.PreferredUserName, PreferredUsername) }) ); var claimsPrincipalWithNameV1 = new ClaimsPrincipal( new ClaimsIdentity(new Claim[] { - new Claim(ClaimsIdentity.DefaultNameClaimType, TestConstants.NameV1) + new Claim(ClaimsIdentity.DefaultNameClaimType, NameV1) }) ); var claimsPrincipalWithName = new ClaimsPrincipal( new ClaimsIdentity(new Claim[] { - new Claim(ClaimConstants.Name, TestConstants.Name) + new Claim(ClaimConstants.Name, Name) }) ); var claimsPrincipalWithNameV1AndName = new ClaimsPrincipal( new ClaimsIdentity(new Claim[] { - new Claim(ClaimConstants.Name, TestConstants.Name), - new Claim(ClaimsIdentity.DefaultNameClaimType, TestConstants.NameV1) + new Claim(ClaimConstants.Name, Name), + new Claim(ClaimsIdentity.DefaultNameClaimType, NameV1) }) ); var claimsPrincipalWithPreferredUsernameAndNameV1AndName = new ClaimsPrincipal( new ClaimsIdentity(new Claim[] { - new Claim(ClaimConstants.Name, TestConstants.Name), - new Claim(ClaimConstants.PreferredUserName, TestConstants.PreferredUsername), - new Claim(ClaimsIdentity.DefaultNameClaimType, TestConstants.NameV1) + new Claim(ClaimConstants.Name, Name), + new Claim(ClaimConstants.PreferredUserName, PreferredUsername), + new Claim(ClaimsIdentity.DefaultNameClaimType, NameV1) }) ); - Assert.Equal(TestConstants.PreferredUsername, claimsPrincipalWithPreferredUsername.GetLoginHint()); - Assert.Equal(TestConstants.NameV1, claimsPrincipalWithNameV1.GetLoginHint()); - Assert.Equal(TestConstants.Name, claimsPrincipalWithName.GetLoginHint()); - Assert.Equal(TestConstants.NameV1, claimsPrincipalWithNameV1AndName.GetLoginHint()); - Assert.Equal(TestConstants.PreferredUsername, claimsPrincipalWithPreferredUsernameAndNameV1AndName.GetLoginHint()); + Assert.Equal(PreferredUsername, claimsPrincipalWithPreferredUsername.GetLoginHint()); + Assert.Equal(NameV1, claimsPrincipalWithNameV1.GetLoginHint()); + Assert.Equal(Name, claimsPrincipalWithName.GetLoginHint()); + Assert.Equal(NameV1, claimsPrincipalWithNameV1AndName.GetLoginHint()); + Assert.Equal(PreferredUsername, claimsPrincipalWithPreferredUsernameAndNameV1AndName.GetLoginHint()); } [Fact] @@ -278,24 +288,24 @@ public void GetLoginHint_NoNameClaims_ReturnsNull() [Fact] public void GetMsalAccountId_WithNeededClaims_ReturnsFormattedMsalId() { - var b2cPattern = $"{TestConstants.Utid}.{TestConstants.Tid}"; - var aadPattern = $"{TestConstants.Oid}.{TestConstants.Tid}"; + var b2cPattern = $"{Utid}.{Tid}"; + var aadPattern = $"{Oid}.{Tid}"; var claimsPrincipalForB2c = new ClaimsPrincipal( new ClaimsIdentity(new Claim[] { - new Claim(ClaimConstants.Oid, TestConstants.Oid), - new Claim(ClaimConstants.UniqueObjectIdentifier, TestConstants.Utid), - new Claim(ClaimConstants.TenantId, TestConstants.Tid), - new Claim(ClaimConstants.Tfp, TestConstants.Userflow) + new Claim(ClaimConstants.Oid, Oid), + new Claim(ClaimConstants.UniqueObjectIdentifier, Utid), + new Claim(ClaimConstants.TenantId, Tid), + new Claim(ClaimConstants.Tfp, Userflow) }) ); var claimsPrincipalForAad = new ClaimsPrincipal( new ClaimsIdentity(new Claim[] { - new Claim(ClaimConstants.Oid, TestConstants.Oid), - new Claim(ClaimConstants.PreferredUserName, TestConstants.Utid), - new Claim(ClaimConstants.TenantId, TestConstants.Tid) + new Claim(ClaimConstants.Oid, Oid), + new Claim(ClaimConstants.PreferredUserName, Utid), + new Claim(ClaimConstants.TenantId, Tid) }) ); diff --git a/tests/Microsoft.Identity.Web.Test/ClaimsPrincipalFactoryTests.cs b/tests/Microsoft.Identity.Web.Test/ClaimsPrincipalFactoryTests.cs index 5ae4ec23d..d7624f9f5 100644 --- a/tests/Microsoft.Identity.Web.Test/ClaimsPrincipalFactoryTests.cs +++ b/tests/Microsoft.Identity.Web.Test/ClaimsPrincipalFactoryTests.cs @@ -10,27 +10,24 @@ namespace Microsoft.Identity.Web.Test { public class ClaimsPrincipalFactoryTests { + private string _objectId = "objectId"; + private string _tenantId = "tenantId"; + [Fact] public void FromTenantIdAndObjectId_NullParameters_ThrowsException() { - var objectId = "objectId"; - var tenantId = "tenantId"; - - Assert.Throws("value", () => ClaimsPrincipalFactory.FromTenantIdAndObjectId(tenantId, null)); - Assert.Throws("value", () => ClaimsPrincipalFactory.FromTenantIdAndObjectId(null, objectId)); + Assert.Throws("value", () => ClaimsPrincipalFactory.FromTenantIdAndObjectId(_tenantId, null)); + Assert.Throws("value", () => ClaimsPrincipalFactory.FromTenantIdAndObjectId(null, _objectId)); } [Fact] public void FromTenantIdAndObjectId_ValidParameters_ReturnsClaimsPrincipal() { - var objectId = "objectId"; - var tenantId = "tenantId"; - - var claimsIdentityResult = ClaimsPrincipalFactory.FromTenantIdAndObjectId(tenantId, objectId).Identity as ClaimsIdentity; + var claimsIdentityResult = ClaimsPrincipalFactory.FromTenantIdAndObjectId(_tenantId, _objectId).Identity as ClaimsIdentity; Assert.NotNull(claimsIdentityResult); Assert.Equal(2, claimsIdentityResult.Claims.Count()); - Assert.Equal(objectId, claimsIdentityResult.FindFirst(ClaimConstants.Oid)?.Value); - Assert.Equal(tenantId, claimsIdentityResult.FindFirst(ClaimConstants.Tid)?.Value); + Assert.Equal(_objectId, claimsIdentityResult.FindFirst(ClaimConstants.Oid)?.Value); + Assert.Equal(_tenantId, claimsIdentityResult.FindFirst(ClaimConstants.Tid)?.Value); } } } diff --git a/tests/Microsoft.Identity.Web.Test/ClientInfoTests.cs b/tests/Microsoft.Identity.Web.Test/ClientInfoTests.cs index cadfbc747..6cc7e6045 100644 --- a/tests/Microsoft.Identity.Web.Test/ClientInfoTests.cs +++ b/tests/Microsoft.Identity.Web.Test/ClientInfoTests.cs @@ -3,26 +3,28 @@ using System; using System.Text; -using Microsoft.Identity.Web.Test.Common; using Xunit; namespace Microsoft.Identity.Web.Test { public class ClientInfoTests { + private const string Uid = "uid-value"; + private const string Utid = "utid-value"; + private string _decodedJson = $"{{\"uid\":\"{Uid}\",\"utid\":\"{Utid}\"}}"; + private string _decodedEmptyJson = "{}"; + private string _invalidJson = $"{{\"uid\":\"{Uid}\",\"utid\":\"{Utid}\""; + [Fact] public void CreateFromJson_ValidJson_ReturnsClientInfo() { - var decodedJson = $"{{\"uid\":\"{TestConstants.Uid}\",\"utid\":\"{TestConstants.Utid}\"}}"; - var clientInfoResult = ClientInfo.CreateFromJson(Base64UrlHelpers.Encode(decodedJson)); + var clientInfoResult = ClientInfo.CreateFromJson(Base64UrlHelpers.Encode(_decodedJson)); Assert.NotNull(clientInfoResult); - Assert.Equal(TestConstants.Uid, clientInfoResult.UniqueObjectIdentifier); - Assert.Equal(TestConstants.Utid, clientInfoResult.UniqueTenantIdentifier); - - var decodedEmptyJson = "{}"; + Assert.Equal(Uid, clientInfoResult.UniqueObjectIdentifier); + Assert.Equal(Utid, clientInfoResult.UniqueTenantIdentifier); - clientInfoResult = ClientInfo.CreateFromJson(Base64UrlHelpers.Encode(decodedEmptyJson)); + clientInfoResult = ClientInfo.CreateFromJson(Base64UrlHelpers.Encode(_decodedEmptyJson)); Assert.NotNull(clientInfoResult); Assert.Null(clientInfoResult.UniqueObjectIdentifier); Assert.Null(clientInfoResult.UniqueTenantIdentifier); @@ -43,26 +45,21 @@ public void CreateFromJson_NullOrEmptyString_ThrowsException() [Fact] public void CreateFromJson_InvalidString_ThrowsException() { - var invalidJson = $"{{\"uid\":\"{TestConstants.Uid}\",\"utid\":\"{TestConstants.Utid}\""; - - Assert.Throws(() => ClientInfo.CreateFromJson(Base64UrlHelpers.Encode(invalidJson))); + Assert.Throws(() => ClientInfo.CreateFromJson(Base64UrlHelpers.Encode(_invalidJson))); - Assert.Throws(() => ClientInfo.CreateFromJson(invalidJson)); + Assert.Throws(() => ClientInfo.CreateFromJson(_invalidJson)); } [Fact] public void DeserializeFromJson_ValidByteArray_ReturnsClientInfo() { - var decodedJson = $"{{\"uid\":\"{TestConstants.Uid}\",\"utid\":\"{TestConstants.Utid}\"}}"; - var clientInfoResult = ClientInfo.DeserializeFromJson(Encoding.UTF8.GetBytes(decodedJson)); + var clientInfoResult = ClientInfo.DeserializeFromJson(Encoding.UTF8.GetBytes(_decodedJson)); Assert.NotNull(clientInfoResult); - Assert.Equal(TestConstants.Uid, clientInfoResult.UniqueObjectIdentifier); - Assert.Equal(TestConstants.Utid, clientInfoResult.UniqueTenantIdentifier); + Assert.Equal(Uid, clientInfoResult.UniqueObjectIdentifier); + Assert.Equal(Utid, clientInfoResult.UniqueTenantIdentifier); - var decodedEmptyJson = "{}"; - - clientInfoResult = ClientInfo.DeserializeFromJson(Encoding.UTF8.GetBytes(decodedEmptyJson)); + clientInfoResult = ClientInfo.DeserializeFromJson(Encoding.UTF8.GetBytes(_decodedEmptyJson)); Assert.NotNull(clientInfoResult); Assert.Null(clientInfoResult.UniqueObjectIdentifier); Assert.Null(clientInfoResult.UniqueTenantIdentifier); @@ -83,9 +80,7 @@ public void DeserializeFromJson_NullOrEmptyJsonByteArray_ReturnsNull() [Fact] public void DeserializeFromJson_InvalidJsonByteArray_ReturnsNull() { - var invalidJson = $"{{\"uid\":\"{TestConstants.Uid}\",\"utid\":\"{TestConstants.Utid}\""; - - Assert.Throws(() => ClientInfo.DeserializeFromJson(Encoding.UTF8.GetBytes(invalidJson))); + Assert.Throws(() => ClientInfo.DeserializeFromJson(Encoding.UTF8.GetBytes(_invalidJson))); } } } diff --git a/tests/Microsoft.Identity.Web.Test/CookiePolicyOptionsExtensionsTests.cs b/tests/Microsoft.Identity.Web.Test/CookiePolicyOptionsExtensionsTests.cs new file mode 100644 index 000000000..76205dedf --- /dev/null +++ b/tests/Microsoft.Identity.Web.Test/CookiePolicyOptionsExtensionsTests.cs @@ -0,0 +1,113 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +using System; +using System.Collections.Generic; +using System.Text; +using Microsoft.AspNetCore.Builder; +using Microsoft.AspNetCore.CookiePolicy; +using Microsoft.AspNetCore.Http; +using Microsoft.Identity.Web.Test.Common.TestHelpers; +using Xunit; + +namespace Microsoft.Identity.Web.Test +{ + public class CookiePolicyOptionsExtensionsTests + { + private string _userAgentHeaderName = "User-Agent"; + private string _cookieName = "cookieName"; + private string _cookieValue = "cookieValue"; + private CookiePolicyOptions _cookiePolicyOptions; + private HttpContext _httpContext; + + public CookiePolicyOptionsExtensionsTests() + { + _cookiePolicyOptions = new CookiePolicyOptions() + { + MinimumSameSitePolicy = SameSiteMode.Strict + }; + _httpContext = HttpContextUtilities.CreateHttpContext(); + } + + [Theory] + [InlineData(SameSiteMode.None, SameSiteMode.Unspecified, "Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148")] //Allow SameSite None + [InlineData(SameSiteMode.None, SameSiteMode.None, "Mozilla/5.0 (iPhone; CPU iPhone OS 13_1_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.1 Mobile/15E148 Safari/604.1")] //Disallow SameSite None + [InlineData(SameSiteMode.Strict, SameSiteMode.Strict, "Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148")] + public void HandleSameSiteCookieCompatibility_Default_ExecutesSuccessfully(SameSiteMode initialSameSiteMode, SameSiteMode expectedSameSiteMode, string userAgent) + { + _httpContext.Request.Headers.Add(_userAgentHeaderName, userAgent); + var appendCookieOptions = new CookieOptions() { SameSite = initialSameSiteMode }; + var deleteCookieOptions = new CookieOptions() { SameSite = initialSameSiteMode }; + var appendCookieContext = new AppendCookieContext(_httpContext, appendCookieOptions, _cookieName, _cookieValue); + var deleteCookieContext = new DeleteCookieContext(_httpContext, deleteCookieOptions, _cookieName); + + _cookiePolicyOptions.HandleSameSiteCookieCompatibility(); + + Assert.Equal(SameSiteMode.Unspecified, _cookiePolicyOptions.MinimumSameSitePolicy); + + _cookiePolicyOptions.OnAppendCookie(appendCookieContext); + Assert.Equal(expectedSameSiteMode, appendCookieOptions.SameSite); + + _cookiePolicyOptions.OnDeleteCookie(deleteCookieContext); + Assert.Equal(expectedSameSiteMode, deleteCookieOptions.SameSite); + } + + [Theory] + [InlineData(SameSiteMode.None, SameSiteMode.Unspecified, true, "Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148")] //Allow SameSite None + [InlineData(SameSiteMode.None, SameSiteMode.None, true, "Mozilla/5.0 (iPhone; CPU iPhone OS 13_1_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.1 Mobile/15E148 Safari/604.1")] //Disallow SameSite None + [InlineData(SameSiteMode.Strict, SameSiteMode.Strict, false, "Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148")] + public void HandleSameSiteCookieCompatibility_CustomFilter_ExecutesSuccessfully(SameSiteMode initialSameSiteMode, SameSiteMode expectedSameSiteMode, bool expectedEventCalled, string userAgent) + { + _httpContext.Request.Headers.Add(_userAgentHeaderName, userAgent); + var appendCookieOptions = new CookieOptions() { SameSite = initialSameSiteMode }; + var deleteCookieOptions = new CookieOptions() { SameSite = initialSameSiteMode }; + var appendCookieContext = new AppendCookieContext(_httpContext, appendCookieOptions, _cookieName, _cookieValue); + var deleteCookieContext = new DeleteCookieContext(_httpContext, deleteCookieOptions, _cookieName); + var appendEventCalled = false; + var deleteEventCalled = false; + + _cookiePolicyOptions.HandleSameSiteCookieCompatibility((userAgent) => { + appendEventCalled = true; + return CookiePolicyOptionsExtensions.DisallowsSameSiteNone(userAgent); + }); + + Assert.Equal(SameSiteMode.Unspecified, _cookiePolicyOptions.MinimumSameSitePolicy); + + _cookiePolicyOptions.OnAppendCookie(appendCookieContext); + Assert.Equal(expectedSameSiteMode, appendCookieOptions.SameSite); + Assert.Equal(expectedEventCalled, appendEventCalled); + + _cookiePolicyOptions.HandleSameSiteCookieCompatibility((userAgent) => { + deleteEventCalled = true; + return CookiePolicyOptionsExtensions.DisallowsSameSiteNone(userAgent); + }); + + _cookiePolicyOptions.OnDeleteCookie(deleteCookieContext); + Assert.Equal(expectedSameSiteMode, deleteCookieOptions.SameSite); + Assert.Equal(expectedEventCalled, deleteEventCalled); + } + + [Theory] + [InlineData(true, "Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148")] + [InlineData(true, "Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.1 Mobile/15E148 Safari/604.1")] + [InlineData(true, "Mozilla/5.0 (iPad; CPU OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148")] + [InlineData(true, "Mozilla/5.0 (iPad; CPU OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.1 Mobile/15E148 Safari/604.1")] + [InlineData(true, "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Safari/605.1.15")] + [InlineData(true, "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36")] + [InlineData(true, "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36")] + [InlineData(false, "Mozilla/5.0 (iPhone; CPU iPhone OS 13_1_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.1 Mobile/15E148 Safari/604.1")] + [InlineData(false, "Mozilla/5.0 (iPhone; CPU iPhone OS 11_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1")] + [InlineData(false, "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36")] + [InlineData(false, "Mozilla/5.0 (iPhone; CPU iPhone OS 13_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/81.0.4044.69 Mobile/15E148 Safari/604.1")] + [InlineData(false, "Mozilla/5.0 (iPad; CPU OS 13_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/81.0.4044.69 Mobile/15E148 Safari/604.1")] + [InlineData(false, "Mozilla/5.0 (iPad; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1")] + [InlineData(false, "Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1")] + [InlineData(false, "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.90 Safari/537.36")] + public void DisallowsSameSiteNone_VariousUserAgents_ExecutesSuccessfully(bool expectedResult, string userAgent) + { + var actualResult = CookiePolicyOptionsExtensions.DisallowsSameSiteNone(userAgent); + + Assert.Equal(expectedResult, actualResult); + } + } +} \ No newline at end of file diff --git a/tests/Microsoft.Identity.Web.Test/ExtensionsTests.cs b/tests/Microsoft.Identity.Web.Test/ExtensionsTests.cs index 56381e23e..e24a5ff72 100644 --- a/tests/Microsoft.Identity.Web.Test/ExtensionsTests.cs +++ b/tests/Microsoft.Identity.Web.Test/ExtensionsTests.cs @@ -7,28 +7,30 @@ namespace Microsoft.Identity.Web.Test { public class ExtensionsTests { - [Fact] - public void ContainsAny_CollectionContainsInput_ReturnsTrue() + [Theory] + [InlineData("", "")] + [InlineData("search", "")] + [InlineData("search", "search")] + [InlineData("searchString", "search")] + [InlineData("search string", "string")] + [InlineData("search string", "ch str")] + [InlineData("search search string", "search")] + [InlineData("search string", "string", "search")] + [InlineData("search string", "string", "alsoString")] + public void ContainsAny_CollectionContainsInput_ReturnsTrue(string str, params string[] stringCollection) { - Assert.True(string.Empty.ContainsAny(string.Empty)); - Assert.True("search".ContainsAny(string.Empty)); - Assert.True("search".ContainsAny("search")); - Assert.True("searchString".ContainsAny("search")); - Assert.True("search string".ContainsAny("string")); - Assert.True("search string".ContainsAny("ch str")); - Assert.True("search search string".ContainsAny("search")); - Assert.True("search string".ContainsAny("string", "search")); - Assert.True("search string".ContainsAny("string", "alsoString")); + Assert.True(str.ContainsAny(stringCollection)); } - [Fact] - public void ContainsAny_CollectionDoesntContainInput_ReturnsFalse() + [Theory] + [InlineData("", "s")] + [InlineData("search", "string")] + [InlineData("searchString", "notSearch")] + [InlineData("search string", " ")] + [InlineData("search string", "notIncludedString", "alsoString")] + public void ContainsAny_CollectionDoesntContainInput_ReturnsFalse(string str, params string[] stringCollection) { - Assert.False(string.Empty.ContainsAny("s")); - Assert.False("search".ContainsAny("string")); - Assert.False("searchString".ContainsAny("notSearch")); - Assert.False("search string".ContainsAny(" ")); - Assert.False("search string".ContainsAny("notIncludedString", "alsoString")); + Assert.False(str.ContainsAny(stringCollection)); } } } diff --git a/tests/Microsoft.Identity.Web.Test/MicrosoftIdentityOptionsTests.cs b/tests/Microsoft.Identity.Web.Test/MicrosoftIdentityOptionsTests.cs index 166680e5c..8efdcc058 100644 --- a/tests/Microsoft.Identity.Web.Test/MicrosoftIdentityOptionsTests.cs +++ b/tests/Microsoft.Identity.Web.Test/MicrosoftIdentityOptionsTests.cs @@ -13,7 +13,7 @@ public void IsB2C_NotNullOrEmptyUserFlow_ReturnsTrue() { var options = new MicrosoftIdentityOptions() { - SignUpSignInPolicyId = TestConstants.B2CSuSiUserFlow + SignUpSignInPolicyId = TestConstants.B2CSignUpSignInUserFlow }; Assert.True(options.IsB2C); diff --git a/tests/Microsoft.Identity.Web.Test/Resource/AadIssuerValidatorTests.cs b/tests/Microsoft.Identity.Web.Test/Resource/AadIssuerValidatorTests.cs index 2dae1b562..6bafa7613 100644 --- a/tests/Microsoft.Identity.Web.Test/Resource/AadIssuerValidatorTests.cs +++ b/tests/Microsoft.Identity.Web.Test/Resource/AadIssuerValidatorTests.cs @@ -237,7 +237,7 @@ public void Validate_InvalidIssuerToValidate_ThrowsException() public void Validate_FromB2CAuthority_WithNoTidClaim_ValidateSuccessfully() { Claim issClaim = new Claim(TestConstants.ClaimNameIss, TestConstants.B2CIssuer); - Claim tfpClaim = new Claim(TestConstants.ClaimNameTfp, TestConstants.B2CSuSiUserFlow); + Claim tfpClaim = new Claim(TestConstants.ClaimNameTfp, TestConstants.B2CSignUpSignInUserFlow); JwtSecurityToken jwtSecurityToken = new JwtSecurityToken(issuer: TestConstants.B2CIssuer, claims: new[] { issClaim, tfpClaim }); AadIssuerValidator validator = AadIssuerValidator.GetIssuerValidator(TestConstants.B2CAuthorityWithV2); @@ -257,7 +257,7 @@ public void Validate_FromB2CAuthority_WithNoTidClaim_ValidateSuccessfully() public void Validate_FromB2CAuthority_WithTidClaim_ValidateSuccessfully() { Claim issClaim = new Claim(TestConstants.ClaimNameIss, TestConstants.B2CIssuer); - Claim tfpClaim = new Claim(TestConstants.ClaimNameTfp, TestConstants.B2CSuSiUserFlow); + Claim tfpClaim = new Claim(TestConstants.ClaimNameTfp, TestConstants.B2CSignUpSignInUserFlow); Claim tidClaim = new Claim(TestConstants.ClaimNameTid, TestConstants.B2CTenantAsGuid); JwtSecurityToken jwtSecurityToken = new JwtSecurityToken(issuer: TestConstants.B2CIssuer, claims: new[] { issClaim, tfpClaim, tidClaim }); @@ -278,7 +278,7 @@ public void Validate_FromB2CAuthority_WithTidClaim_ValidateSuccessfully() public void Validate_FromB2CAuthority_InvalidIssuer_Fails() { Claim issClaim = new Claim(TestConstants.ClaimNameIss, TestConstants.B2CIssuer2); - Claim tfpClaim = new Claim(TestConstants.ClaimNameTfp, TestConstants.B2CSuSiUserFlow); + Claim tfpClaim = new Claim(TestConstants.ClaimNameTfp, TestConstants.B2CSignUpSignInUserFlow); JwtSecurityToken jwtSecurityToken = new JwtSecurityToken(issuer: TestConstants.B2CIssuer2, claims: new[] { issClaim, tfpClaim }); AadIssuerValidator validator = AadIssuerValidator.GetIssuerValidator(TestConstants.B2CAuthorityWithV2); @@ -301,7 +301,7 @@ public void Validate_FromB2CAuthority_InvalidIssuerTid_Fails() { string issuerWithInvalidTid = TestConstants.B2CInstance + "/" + TestConstants.TenantIdAsGuid + "/v2.0"; Claim issClaim = new Claim(TestConstants.ClaimNameIss, issuerWithInvalidTid); - Claim tfpClaim = new Claim(TestConstants.ClaimNameTfp, TestConstants.B2CSuSiUserFlow); + Claim tfpClaim = new Claim(TestConstants.ClaimNameTfp, TestConstants.B2CSignUpSignInUserFlow); JwtSecurityToken jwtSecurityToken = new JwtSecurityToken(issuer: issuerWithInvalidTid, claims: new[] { issClaim, tfpClaim }); AadIssuerValidator validator = AadIssuerValidator.GetIssuerValidator(TestConstants.B2CAuthorityWithV2); @@ -323,7 +323,7 @@ public void Validate_FromB2CAuthority_InvalidIssuerTid_Fails() public void Validate_FromCustomB2CAuthority_ValidateSuccessfully() { Claim issClaim = new Claim(TestConstants.ClaimNameIss, TestConstants.B2CCustomDomainIssuer); - Claim tfpClaim = new Claim(TestConstants.ClaimNameTfp, TestConstants.B2CSuSiUserFlow); + Claim tfpClaim = new Claim(TestConstants.ClaimNameTfp, TestConstants.B2CSignUpSignInUserFlow); JwtSecurityToken jwtSecurityToken = new JwtSecurityToken(issuer: TestConstants.B2CCustomDomainIssuer, claims: new[] { issClaim, tfpClaim }); AadIssuerValidator validator = AadIssuerValidator.GetIssuerValidator(TestConstants.B2CCustomDomainAuthorityWithV2); diff --git a/tests/Microsoft.Identity.Web.Test/Resource/OpenIdConnectMiddlewareDiagnosticsTests.cs b/tests/Microsoft.Identity.Web.Test/Resource/OpenIdConnectMiddlewareDiagnosticsTests.cs index 3fdeaffb1..7a81863ad 100644 --- a/tests/Microsoft.Identity.Web.Test/Resource/OpenIdConnectMiddlewareDiagnosticsTests.cs +++ b/tests/Microsoft.Identity.Web.Test/Resource/OpenIdConnectMiddlewareDiagnosticsTests.cs @@ -16,6 +16,9 @@ namespace Microsoft.Identity.Web.Test.Resource { + /// + /// See the class level comments in for more information. + /// public class OpenIdConnectMiddlewareDiagnosticsTests { private bool _customEventWasRaised;