1 //
2 // WSFederationHttpBindingTest.cs
3 //
4 // Author:
5 //	Atsushi Enomoto <atsushi@ximian.com>
6 //
7 // Copyright (C) 2006 Novell, Inc.  http://www.novell.com
8 //
9 // Permission is hereby granted, free of charge, to any person obtaining
10 // a copy of this software and associated documentation files (the
11 // "Software"), to deal in the Software without restriction, including
12 // without limitation the rights to use, copy, modify, merge, publish,
13 // distribute, sublicense, and/or sell copies of the Software, and to
14 // permit persons to whom the Software is furnished to do so, subject to
15 // the following conditions:
16 //
17 // The above copyright notice and this permission notice shall be
18 // included in all copies or substantial portions of the Software.
19 //
20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
27 //
28 #if !MOBILE && !XAMMAC_4_5
29 using System;
30 using System.Collections.ObjectModel;
31 using System.IdentityModel.Tokens;
32 using System.Net;
33 using System.Net.Security;
34 using System.ServiceModel;
35 using System.ServiceModel.Channels;
36 using System.ServiceModel.Security;
37 using System.ServiceModel.Security.Tokens;
38 using NUnit.Framework;
39 
40 namespace MonoTests.System.ServiceModel
41 {
42 	[TestFixture]
43 	public class WSFederationHttpBindingTest
44 	{
45 		[Test]
DefaultValues()46 		public void DefaultValues ()
47 		{
48 			WSFederationHttpBinding b= new WSFederationHttpBinding ();
49 			// common tests
50 			DefaultValues (b, "http");
51 
52 			// WSFederationHttpSecurity
53 			WSFederationHttpSecurity sec = b.Security;
54 			Assert.IsNotNull (sec, "#2-1");
55 			Assert.AreEqual (WSFederationHttpSecurityMode.Message, sec.Mode, "#2-2");
56 			// Security.Message
57 			FederatedMessageSecurityOverHttp msg = sec.Message;
58 			Assert.IsNotNull (msg, "#2-3");
59 			Assert.AreEqual (SecurityAlgorithmSuite.Default,
60 					 msg.AlgorithmSuite, "#2-3-2");
61 			Assert.AreEqual (SecurityKeyType.SymmetricKey,
62 					 msg.IssuedKeyType, "#2-3-3");
63 			Assert.AreEqual (true, msg.NegotiateServiceCredential, "#2-3-4");
64 
65 			// Binding elements
66 
67 			BindingElementCollection bec = b.CreateBindingElements ();
68 			Assert.AreEqual (4, bec.Count, "#5-1");
69 			Assert.AreEqual (typeof (TransactionFlowBindingElement),
70 				bec [0].GetType (), "#5-2");
71 			Assert.AreEqual (typeof (SymmetricSecurityBindingElement),
72 				bec [1].GetType (), "#5-3");
73 			Assert.AreEqual (typeof (TextMessageEncodingBindingElement),
74 				bec [2].GetType (), "#5-4");
75 			Assert.AreEqual (typeof (HttpTransportBindingElement),
76 				bec [3].GetType (), "#5-5");
77 		}
78 
79 		[Test]
80 		[Category ("NotWorking")] // transport security
DefaultValuesSecurityModeTransport()81 		public void DefaultValuesSecurityModeTransport ()
82 		{
83 			WSFederationHttpBinding b = new WSFederationHttpBinding (WSFederationHttpSecurityMode.TransportWithMessageCredential);
84 			// common tests.
85 			DefaultValues (b, "https");
86 
87 			// WSFederationHttpSecurity
88 			WSFederationHttpSecurity sec = b.Security;
89 			Assert.IsNotNull (sec, "#2-1");
90 			Assert.AreEqual (WSFederationHttpSecurityMode.TransportWithMessageCredential, sec.Mode, "#2-2");
91 			// Security.Message
92 			FederatedMessageSecurityOverHttp msg = sec.Message;
93 			Assert.IsNotNull (msg, "#2-3");
94 			Assert.AreEqual (SecurityAlgorithmSuite.Default,
95 					 msg.AlgorithmSuite, "#2-3-2");
96 			Assert.AreEqual (SecurityKeyType.SymmetricKey,
97 					 msg.IssuedKeyType, "#2-3-3");
98 			Assert.AreEqual (true, msg.NegotiateServiceCredential, "#2-3-4");
99 
100 			// Binding elements
101 			BindingElementCollection bec = b.CreateBindingElements ();
102 			Assert.AreEqual (4, bec.Count, "#5-1");
103 			Assert.AreEqual (typeof (TransactionFlowBindingElement),
104 				bec [0].GetType (), "#5-2");
105 			Assert.AreEqual (typeof (TransportSecurityBindingElement),
106 				bec [1].GetType (), "#5-3");
107 			Assert.AreEqual (typeof (TextMessageEncodingBindingElement),
108 				bec [2].GetType (), "#5-4");
109 			Assert.AreEqual (typeof (HttpsTransportBindingElement),
110 				bec [3].GetType (), "#5-5");
111 		}
112 
DefaultValues(WSFederationHttpBinding b, string scheme)113 		void DefaultValues (WSFederationHttpBinding b, string scheme)
114 		{
115 			Assert.AreEqual (false, b.BypassProxyOnLocal, "#1");
116 			Assert.AreEqual (HostNameComparisonMode.StrongWildcard,
117 				b.HostNameComparisonMode, "#2");
118 			Assert.AreEqual (0x80000, b.MaxBufferPoolSize, "#3");
119 			Assert.AreEqual (0x10000, b.MaxReceivedMessageSize, "#5");
120 			Assert.AreEqual (WSMessageEncoding.Text, b.MessageEncoding, "#6");
121 			Assert.IsNull (b.ProxyAddress, "#7");
122 			// FIXME: test b.ReaderQuotas
123 			Assert.AreEqual (scheme, b.Scheme, "#8");
124 			Assert.AreEqual (EnvelopeVersion.Soap12, b.EnvelopeVersion, "#9");
125 			Assert.AreEqual (65001, b.TextEncoding.CodePage, "#10"); // utf-8
126 			Assert.AreEqual (false, b.TransactionFlow, "#11");
127 			Assert.AreEqual (true, b.UseDefaultWebProxy, "#12");
128 			Assert.AreEqual (MessageVersion.Default, b.MessageVersion, "#14");
129 			Assert.IsNotNull (b.ReliableSession, "#15");
130 		}
131 
132 /*
133 		[Test]
134 		public void DefaultMessageEncoding ()
135 		{
136 			WSHttpBinding b = new WSHttpBinding ();
137 			foreach (BindingElement be in b.CreateBindingElements ()) {
138 				MessageEncodingBindingElement mbe =
139 					be as MessageEncodingBindingElement;
140 				if (mbe == null)
141 					continue;
142 				MessageEncoderFactory f = mbe.CreateMessageEncoderFactory ();
143 				MessageEncoder e = f.Encoder;
144 
145 				Assert.AreEqual (typeof (TextMessageEncodingBindingElement), mbe.GetType (), "#1-1");
146 				Assert.AreEqual (MessageVersion.Default, f.MessageVersion, "#2-1");
147 				Assert.AreEqual ("application/soap+xml; charset=utf-8", e.ContentType, "#3-1");
148 				Assert.AreEqual ("application/soap+xml", e.MediaType, "#3-2");
149 				return;
150 			}
151 			Assert.Fail ("No message encodiing binding element.");
152 		}
153 
154 		[Test]
155 		public void DefaultHttpTransport ()
156 		{
157 			WSHttpBinding b = new WSHttpBinding ();
158 			foreach (BindingElement be in b.CreateBindingElements ()) {
159 				HttpTransportBindingElement tbe =
160 					be as HttpTransportBindingElement;
161 				if (tbe == null)
162 					continue;
163 
164 				Assert.AreEqual (false, tbe.AllowCookies, "#1");
165 				Assert.AreEqual (AuthenticationSchemes.Anonymous, tbe.AuthenticationScheme, "#2");
166 				Assert.AreEqual (false, tbe.BypassProxyOnLocal, "#3");
167 				Assert.AreEqual (HostNameComparisonMode.StrongWildcard, tbe.HostNameComparisonMode, "#4");
168 				Assert.AreEqual (true, tbe.KeepAliveEnabled, "#5");
169 				Assert.AreEqual (false, tbe.ManualAddressing, "#6");
170 				Assert.AreEqual (0x80000, tbe.MaxBufferPoolSize, "#7");
171 				Assert.AreEqual (0x10000, tbe.MaxBufferSize, "#8");
172 				Assert.AreEqual (0x10000, tbe.MaxReceivedMessageSize, "#9");
173 				Assert.IsNull (tbe.ProxyAddress, "#10");
174 				Assert.AreEqual (AuthenticationSchemes.Anonymous, tbe.ProxyAuthenticationScheme, "#11");
175 				Assert.AreEqual ("", tbe.Realm, "#12");
176 				Assert.AreEqual (TransferMode.Buffered, tbe.TransferMode, "#13");
177 				Assert.AreEqual (true, tbe.UseDefaultWebProxy, "#14");
178 
179 				return;
180 			}
181 			Assert.Fail ("No transport binding element.");
182 		}
183 
184 		[Test]
185 		public void DefaultTransactionFlow ()
186 		{
187 			WSHttpBinding b = new WSHttpBinding ();
188 			foreach (BindingElement be in b.CreateBindingElements ()) {
189 				TransactionFlowBindingElement tbe =
190 					be as TransactionFlowBindingElement;
191 				if (tbe == null)
192 					continue;
193 
194 				Assert.AreEqual (TransactionProtocol.WSAtomicTransactionOctober2004,
195 					tbe.TransactionProtocol, "#1");
196 
197 				return;
198 			}
199 			Assert.Fail ("No transaction flow binding element.");
200 		}
201 
202 		[Test]
203 		public void CreateMessageSecurity ()
204 		{
205 			Assert.IsNull (new MyWSBinding (SecurityMode.None).CreateMessageSecurityEx (), "None");
206 			Assert.IsNotNull (new MyWSBinding (SecurityMode.Message).CreateMessageSecurityEx (), "Message");
207 			Assert.IsNull (new MyWSBinding (SecurityMode.Transport).CreateMessageSecurityEx (), "Transport");
208 		}
209 
210 		[Test]
211 		public void DefaultMessageSecurity ()
212 		{
213 			WSHttpBinding b = new WSHttpBinding ();
214 			SymmetricSecurityBindingElement sbe = b.CreateBindingElements ().Find<SymmetricSecurityBindingElement> ();
215 			Assert.IsNotNull (sbe, "#0");
216 
217 			SecureConversationSecurityTokenParameters p =
218 				sbe.ProtectionTokenParameters as SecureConversationSecurityTokenParameters;
219 			Assert.IsNotNull (p, "#1");
220 
221 			Assert.AreEqual (SecurityAlgorithmSuite.Default,
222 				sbe.DefaultAlgorithmSuite, "#2");
223 
224 			SupportingTokenParameters s =
225 				sbe.EndpointSupportingTokenParameters;
226 			Assert.IsNotNull (s, "#3");
227 			Assert.AreEqual (0, s.Endorsing.Count, "#3-1");
228 			Assert.AreEqual (0, s.Signed.Count, "#3-2");
229 			Assert.AreEqual (0, s.SignedEndorsing.Count, "#3-3");
230 			Assert.AreEqual (0, s.SignedEncrypted.Count, "#3-4");
231 
232 			Assert.AreEqual (0, sbe.OperationSupportingTokenParameters.Count, "#4");
233 
234 			s = sbe.OptionalEndpointSupportingTokenParameters;
235 			Assert.IsNotNull (s, "#5");
236 			Assert.AreEqual (0, s.Endorsing.Count, "#5-1");
237 			Assert.AreEqual (0, s.Signed.Count, "#5-2");
238 			Assert.AreEqual (0, s.SignedEndorsing.Count, "#5-3");
239 			Assert.AreEqual (0, s.SignedEncrypted.Count, "#5-4");
240 			Assert.AreEqual (0, sbe.OptionalOperationSupportingTokenParameters.Count, "#6");
241 		}
242 
243 		[Test]
244 		public void MessageSecurityNoSecureConversation ()
245 		{
246 			WSHttpBinding b = new WSHttpBinding ();
247 			b.Security.Message.EstablishSecurityContext = false;
248 			SymmetricSecurityBindingElement sbe = b.CreateBindingElements ().Find<SymmetricSecurityBindingElement> ();
249 			Assert.IsNotNull (sbe, "#0");
250 
251 			Assert.AreEqual (
252 				typeof (SspiSecurityTokenParameters),
253 				sbe.ProtectionTokenParameters.GetType (), "#1");
254 			// no worthy to check SSPI security as we never support it.
255 
256 			b.Security.Message.ClientCredentialType = MessageCredentialType.None;
257 			sbe = b.CreateBindingElements ().Find<SymmetricSecurityBindingElement> ();
258 			SslSecurityTokenParameters ssltp =
259 				sbe.ProtectionTokenParameters
260 				as SslSecurityTokenParameters;
261 			Assert.IsNotNull(ssltp, "#2-1");
262 			Assert.AreEqual (true, ssltp.RequireCancellation, "#2-2");
263 			Assert.AreEqual (false, ssltp.RequireClientCertificate, "#2-3");
264 
265 			b.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
266 			sbe = b.CreateBindingElements ().Find<SymmetricSecurityBindingElement> ();
267 			ssltp = sbe.ProtectionTokenParameters as SslSecurityTokenParameters;
268 			Assert.IsNotNull(ssltp, "#3-1");
269 
270 			// No NegotiateServiceCredential modes ...
271 
272 			b.Security.Message.NegotiateServiceCredential = false;
273 			b.Security.Message.ClientCredentialType = MessageCredentialType.Windows;
274 			sbe = b.CreateBindingElements ().Find<SymmetricSecurityBindingElement> ();
275 			KerberosSecurityTokenParameters ktp =
276 				sbe.ProtectionTokenParameters
277 				as KerberosSecurityTokenParameters;
278 			Assert.IsNotNull (ktp, "#4-1");
279 			// no worthy of testing windows-only Kerberos stuff
280 
281 			b.Security.Message.ClientCredentialType = MessageCredentialType.None;
282 			sbe = b.CreateBindingElements ().Find<SymmetricSecurityBindingElement> ();
283 			X509SecurityTokenParameters x509tp =
284 				sbe.ProtectionTokenParameters
285 				as X509SecurityTokenParameters;
286 			Assert.IsNotNull (x509tp, "#5-1");
287 			Assert.AreEqual (X509KeyIdentifierClauseType.Thumbprint, x509tp.X509ReferenceStyle, "#5-2");
288 		}
289 
290 		[Test]
291 		[ExpectedException (typeof (InvalidOperationException))]
292 		[Category ("NotWorking")]
293 		public void BuildListenerWithoutServiceCertificate ()
294 		{
295 			ServiceHost host = new ServiceHost (typeof (Foo));
296 			WSHttpBinding binding = new WSHttpBinding ();
297 			binding.Security.Message.ClientCredentialType =
298 				MessageCredentialType.IssuedToken;
299 			host.AddServiceEndpoint ("Foo", binding, "http://localhost:8080");
300 			host.Open ();
301 		}
302 */
303 
304 		[ServiceContract]
305 		class Foo
306 		{
307 			[OperationContract]
SayWhat()308 			public void SayWhat () { }
309 		}
310 
311 		class MyWSBinding : WSHttpBinding
312 		{
MyWSBinding(SecurityMode mode)313 			public MyWSBinding (SecurityMode mode)
314 				: base (mode)
315 			{
316 			}
317 
CreateMessageSecurityEx()318 			public SecurityBindingElement CreateMessageSecurityEx ()
319 			{
320 				return CreateMessageSecurity ();
321 			}
322 		}
323 	}
324 }
325 #endif