Permalink
Browse files

Merge pull request #760 from andreichuk/FormsAuthentication

Added RequireSSL property to FormsAuthentication. Issue #425
  • Loading branch information...
2 parents 9509e4d + e680123 commit c8be5d47d2c5bb37b7d4f9b0e5bfec4f3b7d53d0 @thecodejunkie thecodejunkie committed Oct 4, 2012
@@ -14,6 +14,7 @@ namespace Nancy.Authentication.Forms.Tests
public class FormsAuthenticationFixture
{
private FormsAuthenticationConfiguration config;
+ private FormsAuthenticationConfiguration secureConfig;
private NancyContext context;
private Guid userGuid;
@@ -45,6 +46,15 @@ public FormsAuthenticationFixture()
CryptographyConfiguration = this.cryptographyConfiguration,
RedirectUrl = "/login",
UserMapper = A.Fake<IUserMapper>(),
+ RequiresSSL = false
+ };
+
+ this.secureConfig = new FormsAuthenticationConfiguration()
+ {
+ CryptographyConfiguration = this.cryptographyConfiguration,
+ RedirectUrl = "/login",
+ UserMapper = A.Fake<IUserMapper>(),
+ RequiresSSL = true
};
this.context = new NancyContext()
@@ -145,10 +155,13 @@ public void Should_have_authentication_cookie_in_login_response_when_logging_in_
[Fact]
public void Should_set_authentication_cookie_to_httponly_when_logging_in_with_redirect()
{
+ //Given
FormsAuthentication.Enable(A.Fake<IPipelines>(), this.config);
+ //When
var result = FormsAuthentication.UserLoggedInRedirectResponse(context, userGuid);
+ //Then
result.Cookies.Where(c => c.Name == FormsAuthentication.FormsAuthenticationCookieName).First()
.HttpOnly.ShouldBeTrue();
}
@@ -541,5 +554,62 @@ public void Should_retain_querystring_when_redirecting_after_successfull_login()
// Then
result.Headers["Location"].ShouldEqual("/secure?foo=bar");
}
+
+ [Fact]
+ public void Should_set_authentication_cookie_to_secure_when_config_requires_ssl_and_logging_in_with_redirect()
+ {
+ //Given
+ FormsAuthentication.Enable(A.Fake<IPipelines>(), this.secureConfig);
+
+ //When
+ var result = FormsAuthentication.UserLoggedInRedirectResponse(context, userGuid);
+
+ //Then
+ result.Cookies
+ .Where(c => c.Name == FormsAuthentication.FormsAuthenticationCookieName)
+ .First()
+ .Secure.ShouldBeTrue();
+ }
+
+ [Fact]
+ public void Should_set_authentication_cookie_to_secure_when_config_requires_ssl_and_logging_in_without_redirect()
+ {
+ // Given
+ FormsAuthentication.Enable(A.Fake<IPipelines>(), this.secureConfig);
+
+ // When
+ var result = FormsAuthentication.UserLoggedInResponse(userGuid);
+
+ // Then
+ result.Cookies
+ .Where(c => c.Name == FormsAuthentication.FormsAuthenticationCookieName)
+ .First()
+ .Secure.ShouldBeTrue();
+ }
+
+ [Fact]
+ public void Should_set_authentication_cookie_to_secure_when_config_requires_ssl_and_user_logs_out_with_redirect()
+ {
+ FormsAuthentication.Enable(A.Fake<IPipelines>(), this.secureConfig);
+
+ var result = FormsAuthentication.LogOutAndRedirectResponse(context, "/");
+
+ var cookie = result.Cookies.Where(c => c.Name == FormsAuthentication.FormsAuthenticationCookieName).First();
+ cookie.Secure.ShouldBeTrue();
+ }
+
+ [Fact]
+ public void Should_set_authentication_cookie_to_secure_when_config_requires_ssl_and_user_logs_out_without_redirect()
+ {
+ // Given
+ FormsAuthentication.Enable(A.Fake<IPipelines>(), this.secureConfig);
+
+ // When
+ var result = FormsAuthentication.LogOutResponse();
+
+ // Then
+ var cookie = result.Cookies.Where(c => c.Name == FormsAuthentication.FormsAuthenticationCookieName).First();
+ cookie.Secure.ShouldBeTrue();
+ }
}
}
@@ -157,8 +157,7 @@ public static Response LogOutResponse()
if (userGuid != Guid.Empty)
{
-
- context.CurrentUser = configuration.UserMapper.GetUserFromIdentifier(userGuid, context);
+ context.CurrentUser = configuration.UserMapper.GetUserFromIdentifier(userGuid, context);
}
return null;
@@ -223,7 +222,7 @@ private static INancyCookie BuildCookie(Guid userIdentifier, DateTime? cookieExp
{
var cookieContents = EncryptAndSignCookie(userIdentifier.ToString(), configuration);
- var cookie = new NancyCookie(formsAuthenticationCookieName, cookieContents, true) { Expires = cookieExpiry };
+ var cookie = new NancyCookie(formsAuthenticationCookieName, cookieContents, true, configuration.RequiresSSL) { Expires = cookieExpiry };
return cookie;
}
@@ -235,7 +234,7 @@ private static INancyCookie BuildCookie(Guid userIdentifier, DateTime? cookieExp
/// <returns>Nancy cookie instance</returns>
private static INancyCookie BuildLogoutCookie(FormsAuthenticationConfiguration configuration)
{
- return new NancyCookie(formsAuthenticationCookieName, String.Empty, true) { Expires = DateTime.Now.AddDays(-1) };
+ return new NancyCookie(formsAuthenticationCookieName, String.Empty, true, configuration.RequiresSSL) { Expires = DateTime.Now.AddDays(-1) };
}
/// <summary>
@@ -314,8 +313,5 @@ private static string GetRedirectQuerystringKey(FormsAuthenticationConfiguration
return redirectQuerystringKey;
}
-
}
-
-
}
@@ -42,6 +42,12 @@ public FormsAuthenticationConfiguration(CryptographyConfiguration cryptographyCo
public IUserMapper UserMapper { get; set; }
/// <summary>
+ /// Gets or sets RequiresSSL property
+ /// </summary>
+ /// <value>The flag that indicates whether SSL is required</value>
+ public bool RequiresSSL { get; set; }
+
+ /// <summary>
/// Gets or sets the cryptography configuration
/// </summary>
public CryptographyConfiguration CryptographyConfiguration { get; set; }

0 comments on commit c8be5d4

Please sign in to comment.