Merge pull request #4 from firebase/require-uid

Require uid

FirebaseTokenGenerator.Tests/BasicUnitTest.cs

@@ -0,0 +1,260 @@
+using System;
+using System.Collections;
+using System.Collections.Generic;
+using System.Text;
+using System.Text.RegularExpressions;
+using Microsoft.VisualStudio.TestTools.UnitTesting;
+using Firebase;
+
+namespace Firebase.Tests
+{
+    [TestClass]
+    public class BasicUnitTest
+    {
+        private string FIREBASE_SUPER_SECRET_KEY = "moozooherpderp";
+
+        [TestMethod]
+        [ExpectedException(typeof(Exception))]
+        public void CheckIfBasicLength()
+        {
+            var payload = new Dictionary<string, object>();
+
+            var tokenGenerator = new TokenGenerator("x");
+            var token = tokenGenerator.CreateToken(payload);
+        }
+
+        [TestMethod]
+        public void CheckBasicStructureHasCorrectNumberOfFragments()
+        {
+            var payload = new Dictionary<string, object>
+            {
+                { "uid", "1" },
+                { "abc", "0123456789~!@#$%^&*()_+-=abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ,./;'[]\\<>?\"{}|" }
+            };
+
+            var tokenGenerator = new TokenGenerator(FIREBASE_SUPER_SECRET_KEY);
+            var token = tokenGenerator.CreateToken(payload);
+
+            String[] tokenFragments = token.Split('.');
+
+            Assert.IsTrue(tokenFragments.Length == 3, "Token has the proper number of fragments: jwt metadata, payload, and signature");
+        }
+
+        [TestMethod]
+        public void CheckResultProperlyDoesNotHavePadding()
+        {
+            var payload = new Dictionary<string, object>
+            {
+                { "uid", "1" },
+                { "abc", "0123456789~!@#$%^&*()_+-=abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ,./;'[]\\<>?\"{}|" }
+            };
+
+            var tokenGenerator = new TokenGenerator(FIREBASE_SUPER_SECRET_KEY);
+            var token = tokenGenerator.CreateToken(payload);
+
+            Assert.IsTrue(token.IndexOf('=') < 0);
+        }
+
+        [TestMethod]
+        public void CheckIfResultIsUrlSafePlusSign()
+        {
+            var payload = new Dictionary<string, object>
+            {
+                { "uid", "1" },
+                { "abc", "0123456789~!@#$%^&*()_+-=abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ,./;'[]\\<>?\"{}|" }
+            };
+
+            var tokenGenerator = new TokenGenerator(FIREBASE_SUPER_SECRET_KEY);
+            var token = tokenGenerator.CreateToken(payload);
+
+            Assert.IsTrue(token.IndexOf('+') < 0);
+        }
+
+        [TestMethod]
+        public void CheckIfResultIsUrlSafePlusSlash()
+        {
+            var payload = new Dictionary<string, object>
+            {
+                { "uid", "1" },
+                { "abc", "0123456789~!@#$%^&*()_+-=abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ,./;'[]\\<>?\"{}|" }
+            };
+
+            var tokenGenerator = new TokenGenerator(FIREBASE_SUPER_SECRET_KEY);
+            var token = tokenGenerator.CreateToken(payload);
+
+            Assert.IsTrue(token.IndexOf('/') < 0);
+        }
+
+        [TestMethod]
+        public void CheckIfResultHasWhiteSpace()
+        {
+            var payload = new Dictionary<string, object>
+            {
+                { "uid", "1" },
+                { "a", "apple" },
+                { "b", "banana" },
+                { "c", "carrot" },
+                { "number", Double.MaxValue },
+                { "abc", "0123456789~!@#$%^&*()_+-=abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ,./;'[]\\<>?\"{}|" },
+                { "herp1", "Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.?" }
+            };
+
+            var tokenGenerator = new TokenGenerator(FIREBASE_SUPER_SECRET_KEY);
+            var token = tokenGenerator.CreateToken(payload);
+
+            var pattern = new Regex(@"\s");
+            var hasWhiteSpace = pattern.IsMatch(token);
+
+            Assert.IsFalse(hasWhiteSpace, "Token has white space");
+        }
+
+        [TestMethod]
+        public void BasicInspectTest()
+        {
+            var customData = "0123456789~!@#$%^&*()_+-=abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ,./;'[]\\<>?\"{}|";
+            var payload = new Dictionary<string, object>
+            {
+                { "uid", "1" },
+                { "abc", customData }
+            };
+
+            var tokenGenerator = new TokenGenerator(FIREBASE_SUPER_SECRET_KEY);
+            var tokenOptions = new TokenOptions(DateTime.Now, DateTime.Now, true, true);
+
+            var token = tokenGenerator.CreateToken(payload, tokenOptions);
+            var decoded = JWT.JsonWebToken.DecodeToObject(token, FIREBASE_SUPER_SECRET_KEY) as Dictionary<string, object>;
+            Assert.IsTrue(decoded.ContainsKey("v") && (decoded["v"] is int) && (int.Parse(decoded["v"].ToString()) == 0));
+            Assert.IsTrue(decoded.ContainsKey("d") && (decoded["d"] as Dictionary<string, object>).ContainsKey("abc"));
+            Assert.IsTrue(decoded.ContainsKey("exp") && (decoded["exp"] is int));
+            Assert.IsTrue(decoded.ContainsKey("iat") && (decoded["iat"] is int));
+            Assert.IsTrue(decoded.ContainsKey("nbf") && (decoded["nbf"] is int));
+            Assert.IsTrue(decoded.ContainsKey("admin") && (decoded["admin"] is bool));
+            Assert.IsTrue(decoded.ContainsKey("debug") && (decoded["debug"] is bool));
+        }
+
+        [TestMethod]
+        [ExpectedException(typeof(Exception))]
+        public void RequireUidInPayload()
+        {
+            var payload = new Dictionary<string, object>
+            {
+                { "abc", "0123456789~!@#$%^&*()_+-=abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ,./;'[]\\<>?\"{}|" }
+            };
+
+            var tokenGenerator = new TokenGenerator(FIREBASE_SUPER_SECRET_KEY);
+            var token = tokenGenerator.CreateToken(payload);
+        }
+
+        [TestMethod]
+        [ExpectedException(typeof(Exception))]
+        public void RequireUidStringInPayload()
+        {
+            var payload = new Dictionary<string, object>
+            {
+                { "uid", 1 }
+            };
+
+            var tokenGenerator = new TokenGenerator(FIREBASE_SUPER_SECRET_KEY);
+            var token = tokenGenerator.CreateToken(payload);
+        }
+
+        [TestMethod]
+        public void AllowMaxLengthUid()
+        {
+            var payload = new Dictionary<string, object>
+            {
+                //                10        20        30        40        50        60        70        80        90       100       110       120       130       140       150       160       170       180       190       200       210       220       230       240       250   256
+                { "uid", "1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456" }
+            };
+
+            var tokenGenerator = new TokenGenerator(FIREBASE_SUPER_SECRET_KEY);
+            var token = tokenGenerator.CreateToken(payload);
+        }
+
+        [TestMethod]
+        [ExpectedException(typeof(Exception))]
+        public void DisallowUidTooLong()
+        {
+            var payload = new Dictionary<string, object>
+            {
+                //                10        20        30        40        50        60        70        80        90       100       110       120       130       140       150       160       170       180       190       200       210       220       230       240       250    257
+                { "uid", "12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567" }
+            };
+
+            var tokenGenerator = new TokenGenerator(FIREBASE_SUPER_SECRET_KEY);
+            var token = tokenGenerator.CreateToken(payload);
+        }
+
+        [TestMethod]
+        public void AllowEmptyStringUid()
+        {
+            var payload = new Dictionary<string, object>
+            {
+                { "uid", "" }
+            };
+
+            var tokenGenerator = new TokenGenerator(FIREBASE_SUPER_SECRET_KEY);
+            var token = tokenGenerator.CreateToken(payload);
+        }
+
+        [TestMethod]
+        [ExpectedException(typeof(Exception))]
+        public void DisallowTokensTooLong()
+        {
+            var payload = new Dictionary<string, object>
+            {
+                { "uid", "blah" },
+                { "longVar", "123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345612345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234561234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456" }
+            };
+
+            var tokenGenerator = new TokenGenerator(FIREBASE_SUPER_SECRET_KEY);
+            var token = tokenGenerator.CreateToken(payload);
+        }
+
+        [TestMethod]
+        public void AllowNoUidWithAdmin()
+        {
+            var tokenOptions = new TokenOptions(null, null, true, false);
+
+            var tokenGenerator = new TokenGenerator(FIREBASE_SUPER_SECRET_KEY);
+            var token = tokenGenerator.CreateToken(null, tokenOptions);
+            var payload1 = new Dictionary<string, object>();
+            var token1 = tokenGenerator.CreateToken(payload1, tokenOptions);
+            var payload2 = new Dictionary<string, object>
+            {
+                { "foo", "bar" }
+            };
+            var token2 = tokenGenerator.CreateToken(payload2, tokenOptions);
+        }
+
+        [TestMethod]
+        [ExpectedException(typeof(Exception))]
+        public void DisallowInvalidUidWithAdmin1()
+        {
+            var payload = new Dictionary<string, object>
+            {
+                { "uid", 1 }
+            };
+
+            var tokenOptions = new TokenOptions(null, null, true, false);
+
+            var tokenGenerator = new TokenGenerator(FIREBASE_SUPER_SECRET_KEY);
+            var token = tokenGenerator.CreateToken(payload, tokenOptions);
+        }
+
+        [TestMethod]
+        [ExpectedException(typeof(Exception))]
+        public void DisallowInvalidUidWithAdmin2()
+        {
+            var payload = new Dictionary<string, object>
+            {
+                { "uid", null }
+            };
+
+            var tokenOptions = new TokenOptions(null, null, true, false);
+
+            var tokenGenerator = new TokenGenerator(FIREBASE_SUPER_SECRET_KEY);
+            var token = tokenGenerator.CreateToken(payload, tokenOptions);
+        }
+    }
+}

FirebaseTokenGenerator.Tests/FirebaseTokenGenerator.Tests.csproj

@@ -0,0 +1,100 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="12.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+    <ProjectGuid>{40A54324-D081-4C1F-8F39-F2DB4BF20166}</ProjectGuid>
+    <OutputType>Library</OutputType>
+    <AppDesignerFolder>Properties</AppDesignerFolder>
+    <RootNamespace>Firebase.Tests</RootNamespace>
+    <AssemblyName>FirebaseTokenGenerator.Tests</AssemblyName>
+    <TargetFrameworkVersion>v3.5</TargetFrameworkVersion>
+    <FileAlignment>512</FileAlignment>
+    <ProjectTypeGuids>{3AC096D0-A1C2-E12C-1390-A8335801FDAB};{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}</ProjectTypeGuids>
+    <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion>
+    <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath>
+    <ReferencePath>$(ProgramFiles)\Common Files\microsoft shared\VSTT\$(VisualStudioVersion)\UITestExtensionPackages</ReferencePath>
+    <IsCodedUITest>False</IsCodedUITest>
+    <TestProjectType>UnitTest</TestProjectType>
+    <TargetFrameworkProfile />
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
+    <DebugSymbols>true</DebugSymbols>
+    <DebugType>full</DebugType>
+    <Optimize>false</Optimize>
+    <OutputPath>bin\Debug\</OutputPath>
+    <DefineConstants>DEBUG;TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
+    <DebugType>pdbonly</DebugType>
+    <Optimize>true</Optimize>
+    <OutputPath>bin\Release\</OutputPath>
+    <DefineConstants>TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <ItemGroup>
+    <Reference Include="JWT, Version=1.3.0.0, Culture=neutral, processorArchitecture=MSIL">
+      <SpecificVersion>False</SpecificVersion>
+      <HintPath>..\packages\JWT.1.3.1\lib\3.5\JWT.dll</HintPath>
+    </Reference>
+    <Reference Include="System" />
+    <Reference Include="System.Core">
+      <RequiredTargetFramework>3.5</RequiredTargetFramework>
+    </Reference>
+  </ItemGroup>
+  <Choose>
+    <When Condition="('$(VisualStudioVersion)' == '10.0' or '$(VisualStudioVersion)' == '') and '$(TargetFrameworkVersion)' == 'v3.5'">
+      <ItemGroup>
+        <Reference Include="Microsoft.VisualStudio.QualityTools.UnitTestFramework, Version=10.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL" />
+      </ItemGroup>
+    </When>
+    <Otherwise>
+      <ItemGroup>
+        <Reference Include="Microsoft.VisualStudio.QualityTools.UnitTestFramework" />
+      </ItemGroup>
+    </Otherwise>
+  </Choose>
+  <ItemGroup>
+    <Compile Include="BasicUnitTest.cs" />
+    <Compile Include="Properties\AssemblyInfo.cs" />
+  </ItemGroup>
+  <ItemGroup>
+    <ProjectReference Include="..\FirebaseTokenGenerator\FirebaseTokenGenerator.csproj">
+      <Project>{edf6d0ec-8015-463c-9b3b-034ef0f897a9}</Project>
+      <Name>FirebaseTokenGenerator</Name>
+    </ProjectReference>
+  </ItemGroup>
+  <ItemGroup>
+    <WCFMetadata Include="Service References\" />
+  </ItemGroup>
+  <Choose>
+    <When Condition="'$(VisualStudioVersion)' == '10.0' And '$(IsCodedUITest)' == 'True'">
+      <ItemGroup>
+        <Reference Include="Microsoft.VisualStudio.QualityTools.CodedUITestFramework, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+          <Private>False</Private>
+        </Reference>
+        <Reference Include="Microsoft.VisualStudio.TestTools.UITest.Common, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+          <Private>False</Private>
+        </Reference>
+        <Reference Include="Microsoft.VisualStudio.TestTools.UITest.Extension, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+          <Private>False</Private>
+        </Reference>
+        <Reference Include="Microsoft.VisualStudio.TestTools.UITesting, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+          <Private>False</Private>
+        </Reference>
+      </ItemGroup>
+    </When>
+  </Choose>
+  <Import Project="$(VSToolsPath)\TeamTest\Microsoft.TestTools.targets" Condition="Exists('$(VSToolsPath)\TeamTest\Microsoft.TestTools.targets')" />
+  <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
+  <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
+       Other similar extension points exist, see Microsoft.Common.targets.
+  <Target Name="BeforeBuild">
+  </Target>
+  <Target Name="AfterBuild">
+  </Target>
+  -->
+</Project>

FirebaseTokenGenerator.Tests/Properties/AssemblyInfo.cs

@@ -0,0 +1,36 @@
+using System.Reflection;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+
+// General Information about an assembly is controlled through the following 
+// set of attributes. Change these attribute values to modify the information
+// associated with an assembly.
+[assembly: AssemblyTitle("FirebaseTokenGenerator.Tests")]
+[assembly: AssemblyDescription("")]
+[assembly: AssemblyConfiguration("")]
+[assembly: AssemblyCompany("")]
+[assembly: AssemblyProduct("FirebaseTokenGenerator.Tests")]
+[assembly: AssemblyCopyright("Copyright ©  2014")]
+[assembly: AssemblyTrademark("")]
+[assembly: AssemblyCulture("")]
+
+// Setting ComVisible to false makes the types in this assembly not visible 
+// to COM components.  If you need to access a type in this assembly from 
+// COM, set the ComVisible attribute to true on that type.
+[assembly: ComVisible(false)]
+
+// The following GUID is for the ID of the typelib if this project is exposed to COM
+[assembly: Guid("8e346b3e-2110-45c5-b287-3ff8d30baff1")]
+
+// Version information for an assembly consists of the following four values:
+//
+//      Major Version
+//      Minor Version 
+//      Build Number
+//      Revision
+//
+// You can specify all the values or you can default the Build and Revision Numbers 
+// by using the '*' as shown below:
+// [assembly: AssemblyVersion("1.0.*")]
+[assembly: AssemblyVersion("1.0.0.0")]
+[assembly: AssemblyFileVersion("1.0.0.0")]