forked from OrchardCMS/OrchardCore
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' into show_btn_with_perm
- Loading branch information
Showing
6 changed files
with
213 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
57 changes: 57 additions & 0 deletions
57
src/OrchardCore/OrchardCore.Users.Core/Json/LoginInfoJsonConverter.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
using System; | ||
using System.Text.Json; | ||
using System.Text.Json.Nodes; | ||
using System.Text.Json.Serialization; | ||
using Microsoft.AspNetCore.Identity; | ||
|
||
namespace OrchardCore.Users.Core.Json; | ||
|
||
public class LoginInfoJsonConverter : JsonConverter<UserLoginInfo> | ||
{ | ||
public static readonly LoginInfoJsonConverter Instance = new(); | ||
|
||
public override UserLoginInfo Read(ref Utf8JsonReader reader, Type typeToConvert, JsonSerializerOptions options) | ||
{ | ||
var loginInfo = new UserLoginInfo(string.Empty, string.Empty, string.Empty); | ||
|
||
while (reader.Read()) | ||
{ | ||
if (reader.TokenType == JsonTokenType.EndObject) | ||
{ | ||
break; | ||
} | ||
|
||
if (reader.TokenType == JsonTokenType.PropertyName) | ||
{ | ||
var propertyName = reader.GetString(); | ||
reader.Read(); | ||
|
||
switch (propertyName) | ||
{ | ||
case nameof(UserLoginInfo.LoginProvider): | ||
loginInfo.LoginProvider = reader.GetString(); | ||
break; | ||
case nameof(UserLoginInfo.ProviderKey): | ||
loginInfo.ProviderKey = reader.GetString(); | ||
break; | ||
case nameof(UserLoginInfo.ProviderDisplayName): | ||
loginInfo.ProviderDisplayName = reader.GetString(); | ||
break; | ||
default: | ||
break; | ||
} | ||
} | ||
} | ||
|
||
return loginInfo; | ||
} | ||
|
||
public override void Write(Utf8JsonWriter writer, UserLoginInfo objectToWrite, JsonSerializerOptions options) | ||
{ | ||
writer.WriteStartObject(); | ||
writer.WriteString(nameof(UserLoginInfo.LoginProvider), objectToWrite.LoginProvider); | ||
writer.WriteString(nameof(UserLoginInfo.ProviderKey), objectToWrite.ProviderKey); | ||
writer.WriteString(nameof(UserLoginInfo.ProviderDisplayName), objectToWrite.ProviderDisplayName); | ||
writer.WriteEndObject(); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
70 changes: 70 additions & 0 deletions
70
test/OrchardCore.Tests/Modules/OrchardCore.Resources/SubResourceIntegrityTests.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,70 @@ | ||
using System.Security.Cryptography; | ||
using OrchardCore.ResourceManagement; | ||
using OrchardCore.Resources; | ||
|
||
namespace OrchardCore.Tests.Modules.OrchardCore.Resources; | ||
|
||
public class SubResourceIntegrityTests | ||
{ | ||
[Fact] | ||
public async Task SavedSubResourceIntegritiesShouldMatchCurrentResources() | ||
{ | ||
// Arrange | ||
var resourceOptions = Options.Create(new ResourceOptions()); | ||
var httpContextAccessorMock = new Mock<IHttpContextAccessor>(); | ||
httpContextAccessorMock | ||
.Setup(a => a.HttpContext) | ||
.Returns(new DefaultHttpContext()); | ||
var configurationOptions = new ResourceManagementOptionsConfiguration( | ||
resourceOptions, | ||
Mock.Of<IHostEnvironment>(), | ||
httpContextAccessorMock.Object); | ||
var resourceManagementOptions = new ResourceManagementOptions(); | ||
|
||
// Act | ||
configurationOptions.Configure(resourceManagementOptions); | ||
|
||
// Assert | ||
var resourceManifest = resourceManagementOptions.ResourceManifests.First(); | ||
|
||
using var httpClient = new HttpClient(); | ||
await ValidateSubResourceIntegrityAsync("script"); | ||
await ValidateSubResourceIntegrityAsync("style"); | ||
|
||
async Task ValidateSubResourceIntegrityAsync(string resourceType) | ||
{ | ||
foreach (var resource in resourceManifest.GetResources(resourceType)) | ||
{ | ||
foreach (var resourceDefinition in resource.Value) | ||
{ | ||
if (!string.IsNullOrEmpty(resourceDefinition.CdnIntegrity) && !string.IsNullOrEmpty(resourceDefinition.UrlCdnDebug)) | ||
{ | ||
var resourceIntegrity = await GetSubResourceIntegrityAsync(httpClient, resourceDefinition.UrlCdnDebug); | ||
|
||
Assert.True(resourceIntegrity.Equals(resourceDefinition.CdnDebugIntegrity), | ||
$"The {resourceType} {resourceDefinition.UrlCdnDebug} has invalid SRI hash, please use '{resourceIntegrity}' instead."); | ||
} | ||
|
||
if (!string.IsNullOrEmpty(resourceDefinition.CdnIntegrity) && !string.IsNullOrEmpty(resourceDefinition.UrlCdn)) | ||
{ | ||
var resourceIntegrity = await GetSubResourceIntegrityAsync(httpClient, resourceDefinition.UrlCdn); | ||
|
||
Assert.True(resourceIntegrity.Equals(resourceDefinition.CdnIntegrity), | ||
$"The {resourceType} {resourceDefinition.UrlCdn} has invalid SRI hash, please use '{resourceIntegrity}' instead."); | ||
} | ||
} | ||
} | ||
} | ||
} | ||
|
||
private static async Task<string> GetSubResourceIntegrityAsync(HttpClient httpClient, string url) | ||
{ | ||
var data = await httpClient.GetByteArrayAsync(url); | ||
|
||
using var memoryStream = new MemoryStream(data); | ||
using var sha384Hash = SHA384.Create(); | ||
var hash = sha384Hash.ComputeHash(memoryStream); | ||
|
||
return "sha384-" + Convert.ToBase64String(hash); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,77 @@ | ||
using System.Text.Json; | ||
using OrchardCore.Tests.Apis.Context; | ||
using OrchardCore.Users.Core.Json; | ||
using OrchardCore.Users.Indexes; | ||
using OrchardCore.Users.Models; | ||
|
||
namespace OrchardCore.Tests.Serializers; | ||
|
||
public class JsonSerializerTests | ||
{ | ||
private const string _userLoginInfo = "{\"LoginProvider\":\"OpenIdConnect\",\"ProviderKey\":\"abc\",\"ProviderDisplayName\":\"default\"}"; | ||
|
||
private readonly JsonSerializerOptions _options; | ||
|
||
public JsonSerializerTests() | ||
{ | ||
_options = new JsonSerializerOptions(); | ||
_options.Converters.Add(new LoginInfoJsonConverter()); | ||
} | ||
|
||
[Fact] | ||
public void Deserialize_WhenCalled_ReturnValidUserLoginInfo() | ||
{ | ||
var obj = JsonSerializer.Deserialize<UserLoginInfo>(_userLoginInfo, _options); | ||
|
||
Assert.Equal("OpenIdConnect", obj.LoginProvider); | ||
Assert.Equal("abc", obj.ProviderKey); | ||
Assert.Equal("default", obj.ProviderDisplayName); | ||
} | ||
|
||
[Fact] | ||
public void Serialize_WhenCalled_ReturnValidJson() | ||
{ | ||
var loginInfo = new UserLoginInfo("OpenIdConnect", "abc", "default"); | ||
var json = JsonSerializer.Serialize(loginInfo, _options); | ||
|
||
Assert.Equal(_userLoginInfo, json); | ||
} | ||
|
||
[Fact] | ||
public async Task DefaultContentSerializer_SerializeAndDeserialize_UserWithUserLoginInfo() | ||
{ | ||
using var context = new SiteContext(); | ||
await context.InitializeAsync(); | ||
await context.UsingTenantScopeAsync(async scope => | ||
{ | ||
var loginInfo = new UserLoginInfo("OpenIdConnect", "abc", "default"); | ||
|
||
var newUser = new User() | ||
{ | ||
UserId = "abc", | ||
UserName = "mike", | ||
Email = "test@test.com", | ||
LoginInfos = | ||
[ | ||
loginInfo | ||
] | ||
}; | ||
|
||
var session = scope.ServiceProvider.GetRequiredService<YesSql.ISession>(); | ||
|
||
await session.SaveAsync(newUser); | ||
await session.SaveChangesAsync(); | ||
|
||
var dbUser = await session.Query<User, UserIndex>(x => x.UserId == "abc").FirstOrDefaultAsync(); | ||
|
||
Assert.NotNull(dbUser); | ||
|
||
var userLoginInfo = dbUser.LoginInfos.FirstOrDefault(); | ||
|
||
Assert.NotNull(userLoginInfo); | ||
Assert.Equal(loginInfo.LoginProvider, userLoginInfo.LoginProvider); | ||
Assert.Equal(loginInfo.ProviderKey, userLoginInfo.ProviderKey); | ||
Assert.Equal(loginInfo.ProviderDisplayName, userLoginInfo.ProviderDisplayName); | ||
}); | ||
} | ||
} |