Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
F
FIT-Connect-SDK - .NET
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package Registry
Container Registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Service Desk
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
FIT-Connect
FIT-Connect-SDK - .NET
Commits
052616fe
Commit
052616fe
authored
2 years ago
by
Klaus Fischer
Browse files
Options
Downloads
Patches
Plain Diff
Problems with Mocking WebRequest due to internal contructor
parent
4c7553da
No related branches found
Branches containing commit
No related tags found
Tags containing commit
1 merge request
!4
Feature/563 check callback
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
FitConnect/Subscriber.cs
+16
-2
16 additions, 2 deletions
FitConnect/Subscriber.cs
IntegrationTests/CallbackTest.cs
+51
-11
51 additions, 11 deletions
IntegrationTests/CallbackTest.cs
with
67 additions
and
13 deletions
FitConnect/Subscriber.cs
+
16
−
2
View file @
052616fe
using
System.Net
;
using
System.Reflection
;
using
System.Security.Cryptography
;
using
System.Text
;
using
Autofac
;
using
Autofac.Core.Activators.Reflection
;
using
FitConnect.Encryption
;
using
FitConnect.Interfaces.Subscriber
;
using
FitConnect.Models
;
...
...
@@ -202,11 +205,22 @@ public class Subscriber : FitConnectClient,
Logger
?.
LogInformation
(
"Submission completed {status}"
,
result
);
}
public
static
void
VerifyCallback
(
WebRequest
request
)
{
public
static
bool
VerifyCallback
(
WebRequest
request
)
{
var
timestamp
=
long
.
Parse
(
request
.
Headers
[
"callback-timestamp"
]
??
"0"
);
if
(
timestamp
<
DateTime
.
Now
.
AddMinutes
(-
5
).
ToEpochTime
())
throw
new
ArgumentException
(
"Request is too old"
);
var
secret
=
request
.
Headers
[
"callback-authentication"
]
??
""
;
using
var
requestStream
=
request
.
GetRequestStream
();
var
content
=
new
StreamReader
(
requestStream
).
ReadToEnd
();
var
hmac
=
new
HMACSHA512
(
Encoding
.
UTF8
.
GetBytes
(
secret
)).
ComputeHash
(
Encoding
.
UTF8
.
GetBytes
(
request
.
Headers
[
"callback-timestamp"
]
+
"."
+
content
));
var
hmacString
=
Convert
.
ToHexString
(
hmac
);
if
(
hmacString
!=
secret
)
throw
new
ArgumentException
(
"Request is not authentic"
);
return
true
;
}
}
...
...
This diff is collapsed.
Click to expand it.
IntegrationTests/CallbackTest.cs
+
51
−
11
View file @
052616fe
using
System
;
using
System.IO
;
using
System.Net
;
using
System.Text
;
using
FluentAssertions
;
using
IdentityModel
;
using
Moq
;
using
NUnit.Framework
;
namespace
IntegrationTests
;
...
...
@@ -18,25 +21,62 @@ public class CallbackTest {
//
// {"type":"https://schema.fitko.de/fit-connect/submission-api/callbacks/new-submissions","submissionIds":["f39ab143-d91a-474a-b69f-b00f1a1873c2"]}
R
equest
=
HttpWebRequest
.
Create
(
var
r
equest
=
HttpWebRequest
.
Create
(
"https://fachverfahren.beispielstadt.example.org/callbacks/fit-connect"
);
R
equest
.
Headers
.
Add
(
"callback-authentication"
,
r
equest
.
Headers
.
Add
(
"callback-authentication"
,
"798cd0edb70c08e5b32aa8a18cbbc8ff6b3078c51af6d011ff4e32e470c746234fc4314821fe5185264b029e962bd37de33f3b9fc5f1a93c40ce6672845e90df"
);
Request
.
Headers
.
Add
(
"callback-timestamp"
,
"1641066653"
);
Request
.
Method
=
"POST"
;
Request
.
GetRequestStream
().
Write
(
Encoding
.
UTF8
.
GetBytes
(
"{\"type\":\"https://schema.fitko.de/fit-connect/submission-api/callbacks/new-submissions\",\"submissionIds\":[\"f39ab143-d91a-474a-b69f-b00f1a1873c2\"]}"
));
request
.
Headers
.
Add
(
"callback-timestamp"
,
DateTime
.
Now
.
ToEpochTime
().
ToString
());
request
.
Method
=
"POST"
;
request
.
ContentType
=
"application/json"
;
var
memoryStream
=
new
MemoryStream
();
var
streamWriter
=
new
StreamWriter
(
memoryStream
);
streamWriter
.
WriteLine
(
"{\"type\":\"https://schema.fitko.de/fit-connect/submission-api/callbacks/new-submissions\",\"submissionIds\":[\"f39ab143-d91a-474a-b69f-b00f1a1873c2\"]}"
);
streamWriter
.
Flush
();
memoryStream
.
Position
=
0
;
var
mock
=
new
Mock
<
HttpWebRequest
>(
"https://fachverfahren.beispielstadt.example.org/callbacks/fit-connect"
);
mock
.
Setup
(
w
=>
w
.
ContentType
).
Returns
(
"application/json"
);
mock
.
Setup
(
w
=>
w
.
Headers
).
Returns
(
request
.
Headers
);
mock
.
Setup
(
w
=>
w
.
Method
).
Returns
(
"POST"
);
mock
.
Setup
(
w
=>
w
.
GetRequestStream
()).
Returns
(
memoryStream
);
mock
.
Setup
(
w
=>
w
.
RequestUri
)
.
Returns
(
new
Uri
(
"https://fachverfahren.beispielstadt.example.org/callbacks/fit-connect"
));
Request
=
mock
.
Object
;
}
[
Test
]
public
void
ValidRequest
()
{
Request
.
Should
().
NotBeNull
();
// Assert
FitConnect
.
Subscriber
.
VerifyCallback
(
Request
).
Should
().
Be
(
true
);
}
[
Test
]
public
void
CheckRequestAge_Fails
()
{
Assert
.
Throws
<
ArgumentException
>(()
=>
{
FitConnect
.
Subscriber
.
VerifyCallback
(
Request
);
}).
Message
.
Should
().
Be
(
"Request is too old"
);
public
void
RequestAge_Fails
()
{
// Arrange
Request
.
Headers
[
"callback-timestamp"
]
=
"1641066653"
;
// Atc
// Assert
Assert
.
Throws
<
ArgumentException
>(()
=>
{
FitConnect
.
Subscriber
.
VerifyCallback
(
Request
);
})
.
Message
.
Should
().
Be
(
"Request is too old"
);
}
[
Test
]
public
void
RequestAuthentication_Fails
()
{
// Arrange
Request
.
Headers
[
"callback-authentication"
]
=
"898cd0edb70c08e5b32aa8a18cbbc8ff6b3078c51af6d011ff4e32e470c746234fc4314821fe5185264b029e962bd37de33f3b9fc5f1a93c40ce6672845e90df"
;
// Atc
// Assert
Assert
.
Throws
<
ArgumentException
>(()
=>
{
FitConnect
.
Subscriber
.
VerifyCallback
(
Request
);
})
.
Message
.
Should
().
Be
(
"Request is not authentic"
);
}
}
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment