csharp/tests/AuthTests.cs

using System;
using System.IO;
using System.Linq;
using System.Net;
using System.Net.Http.Headers;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.Text;
using System.Threading.Tasks;
using k8s.Models;
using k8s.Tests.Mock;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Server.Kestrel.Https;
using Microsoft.Rest;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Pkcs;
using Org.BouncyCastle.Security;
using Xunit;
using Xunit.Abstractions;

namespace k8s.Tests
{
    public class AuthTests
        : TestBase
    {
        public AuthTests(ITestOutputHelper testOutput) : base(testOutput)
        {
        }

        private static HttpOperationResponse<V1PodList> ExecuteListPods(IKubernetes client)
        {
            return client.ListNamespacedPodWithHttpMessagesAsync("default").Result;
        }

        [Fact]
        public void Anonymous()
        {
            using (var server = new MockKubeApiServer(TestOutput))
            {
                var client = new Kubernetes(new KubernetesClientConfiguration
                {
                    Host = server.Uri.ToString()
                });

                var listTask = ExecuteListPods(client);

                Assert.True(listTask.Response.IsSuccessStatusCode);
                Assert.Equal(1, listTask.Body.Items.Count);
            }

            using (var server = new MockKubeApiServer(TestOutput, cxt =>
            {
                cxt.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
                return Task.FromResult(false);
            }))
            {
                var client = new Kubernetes(new KubernetesClientConfiguration
                {
                    Host = server.Uri.ToString()
                });

                var listTask = ExecuteListPods(client);

                Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);
            }
        }

        [Fact]
        public void BasicAuth()
        {
            const string testName = "test_name";
            const string testPassword = "test_password";

            using (var server = new MockKubeApiServer(TestOutput, cxt =>
            {
                var header = cxt.Request.Headers["Authorization"].FirstOrDefault();

                var expect = new AuthenticationHeaderValue("Basic", Convert.ToBase64String(Encoding.UTF8.GetBytes($"{testName}:{testPassword}")))
                    .ToString();

                if (header != expect)
                {
                    cxt.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
                    return Task.FromResult(false);
                }

                return Task.FromResult(true);
            }))
            {
                {
                    var client = new Kubernetes(new KubernetesClientConfiguration
                    {
                        Host = server.Uri.ToString(),
                        Username = testName,
                        Password = testPassword
                    });

                    var listTask = ExecuteListPods(client);
                    Assert.True(listTask.Response.IsSuccessStatusCode);
                    Assert.Equal(1, listTask.Body.Items.Count);
                }

                {
                    var client = new Kubernetes(new KubernetesClientConfiguration
                    {
                        Host = server.Uri.ToString(),
                        Username = "wrong name",
                        Password = testPassword
                    });

                    var listTask = ExecuteListPods(client);

                    Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);
                }

                {
                    var client = new Kubernetes(new KubernetesClientConfiguration
                    {
                        Host = server.Uri.ToString(),
                        Username = testName,
                        Password = "wrong password"
                    });

                    var listTask = ExecuteListPods(client);

                    Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);
                }

                {
                    var client = new Kubernetes(new KubernetesClientConfiguration
                    {
                        Host = server.Uri.ToString(),
                        Username = "both wrong",
                        Password = "wrong password"
                    });

                    var listTask = ExecuteListPods(client);

                    Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);
                }

                {
                    var client = new Kubernetes(new KubernetesClientConfiguration
                    {
                        Host = server.Uri.ToString()
                    });

                    var listTask = ExecuteListPods(client);

                    Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);
                }

                {
                    var client = new Kubernetes(new KubernetesClientConfiguration
                    {
                        Host = server.Uri.ToString(),
                        Username = "xx"
                    });

                    var listTask = ExecuteListPods(client);

                    Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);
                }
            }
        }

        [Fact]
        public void Cert()
        {
            var serverCertificateData = File.ReadAllText("assets/apiserver-pfx-data.txt");

            var clientCertificateKeyData = File.ReadAllText("assets/client-key-data.txt");
            var clientCertificateData = File.ReadAllText("assets/client-certificate-data.txt");

            X509Certificate2 serverCertificate = null;
            using (MemoryStream serverCertificateStream = new MemoryStream(Convert.FromBase64String(serverCertificateData)))
            {
                serverCertificate = OpenCertificateStore(serverCertificateStream);
            }

            var clientCertificate = new X509Certificate2(Convert.FromBase64String(clientCertificateData), "");

            var clientCertificateValidationCalled = false;

            using (var server = new MockKubeApiServer(TestOutput, listenConfigure: options =>
            {
                options.UseHttps(new HttpsConnectionAdapterOptions
                {
                    ServerCertificate = serverCertificate,
                    ClientCertificateMode = ClientCertificateMode.RequireCertificate,
                    ClientCertificateValidation = (certificate, chain, valid) =>
                    {
                        clientCertificateValidationCalled = true;
                        return clientCertificate.Equals(certificate);
                    }
                });
            }))
            {
                {
                    clientCertificateValidationCalled = false;
                    var client = new Kubernetes(new KubernetesClientConfiguration
                    {
                        Host = server.Uri.ToString(),
                        ClientCertificateData = clientCertificateData,
                        ClientCertificateKeyData = clientCertificateKeyData,
                        SslCaCert = serverCertificate,
                        SkipTlsVerify = false
                    });

                    var listTask = ExecuteListPods(client);

                    Assert.True(clientCertificateValidationCalled);
                    Assert.True(listTask.Response.IsSuccessStatusCode);
                    Assert.Equal(1, listTask.Body.Items.Count);
                }

                {
                    clientCertificateValidationCalled = false;
                    var client = new Kubernetes(new KubernetesClientConfiguration
                    {
                        Host = server.Uri.ToString(),
                        ClientCertificateData = clientCertificateData,
                        ClientCertificateKeyData = clientCertificateKeyData,
                        SkipTlsVerify = true
                    });

                    var listTask = ExecuteListPods(client);

                    Assert.True(clientCertificateValidationCalled);
                    Assert.True(listTask.Response.IsSuccessStatusCode);
                    Assert.Equal(1, listTask.Body.Items.Count);
                }

                {
                    clientCertificateValidationCalled = false;
                    var client = new Kubernetes(new KubernetesClientConfiguration
                    {
                        Host = server.Uri.ToString(),
                        ClientCertificateFilePath = "assets/client.crt", // TODO amazoning why client.crt != client-data.txt
                        ClientKeyFilePath = "assets/client.key",
                        SkipTlsVerify = true
                    });

                    Assert.ThrowsAny<Exception>(() => ExecuteListPods(client));
                    Assert.True(clientCertificateValidationCalled);
                }

                {
                    clientCertificateValidationCalled = false;
                    var client = new Kubernetes(new KubernetesClientConfiguration
                    {
                        Host = server.Uri.ToString(),
                        SkipTlsVerify = true
                    });

                    Assert.ThrowsAny<Exception>(() => ExecuteListPods(client));
                    Assert.False(clientCertificateValidationCalled);
                }
            }
        }

        [Fact]
        public void Token()
        {
            const string token = "testingtoken";

            using (var server = new MockKubeApiServer(TestOutput, cxt =>
            {
                var header = cxt.Request.Headers["Authorization"].FirstOrDefault();

                var expect = new AuthenticationHeaderValue("Bearer", token).ToString();

                if (header != expect)
                {
                    cxt.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
                    return Task.FromResult(false);
                }

                return Task.FromResult(true);
            }))
            {
                {
                    var client = new Kubernetes(new KubernetesClientConfiguration
                    {
                        Host = server.Uri.ToString(),
                        AccessToken = token
                    });

                    var listTask = ExecuteListPods(client);
                    Assert.True(listTask.Response.IsSuccessStatusCode);
                    Assert.Equal(1, listTask.Body.Items.Count);
                }

                {
                    var client = new Kubernetes(new KubernetesClientConfiguration
                    {
                        Host = server.Uri.ToString(),
                        AccessToken = "wrong token"
                    });

                    var listTask = ExecuteListPods(client);

                    Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);
                }


                {
                    var client = new Kubernetes(new KubernetesClientConfiguration
                    {
                        Host = server.Uri.ToString(),
                        Username = "wrong name",
                        Password = "same password"
                    });

                    var listTask = ExecuteListPods(client);

                    Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);
                }

                {
                    var client = new Kubernetes(new KubernetesClientConfiguration
                    {
                        Host = server.Uri.ToString()
                    });

                    var listTask = ExecuteListPods(client);

                    Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);
                }
            }
        }

        private X509Certificate2 OpenCertificateStore(Stream stream)
        {
            Pkcs12Store store = new Pkcs12Store();
            store.Load(stream, new char[] { });

            var keyAlias = store.Aliases.Cast<string>().SingleOrDefault(a => store.IsKeyEntry(a));

            var key = (RsaPrivateCrtKeyParameters)store.GetKey(keyAlias).Key;
            var bouncyCertificate = store.GetCertificate(keyAlias).Certificate;

            var certificate = new X509Certificate2(DotNetUtilities.ToX509Certificate(bouncyCertificate));
            var parameters = DotNetUtilities.ToRSAParameters(key);

            RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
            rsa.ImportParameters(parameters);

            certificate = RSACertificateExtensions.CopyWithPrivateKey(certificate, rsa);

            return certificate;
        }
    }
}
cleanup unused code and functions and fix unittest naming style 2017-11-08 14:22:10 +08:00			`using System;`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`using System.IO;`
			`using System.Linq;`
			`using System.Net;`
			`using System.Net.Http.Headers;`
Run integration tests as part of CI (after #129) (#131) * Run CI scripts on both Mac and Linux * Fix AuthTests for macOS * Use SocketsHttpHandler * Install minikube on the Travis CI servers * Add integration tests * Fix an issue where StreamConnectAsync would crash if the credentials were not set 2018-03-31 07:32:14 +02:00			`using System.Security.Cryptography;`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`using System.Security.Cryptography.X509Certificates;`
cleanup unused code and functions and fix unittest naming style 2017-11-08 14:22:10 +08:00			`using System.Text;`
add watch testcases 2017-10-24 03:33:15 +08:00			`using System.Threading.Tasks;`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`using k8s.Models;`
			`using k8s.Tests.Mock;`
			`using Microsoft.AspNetCore.Hosting;`
			`using Microsoft.AspNetCore.Server.Kestrel.Https;`
			`using Microsoft.Rest;`
Run integration tests as part of CI (after #129) (#131) * Run CI scripts on both Mac and Linux * Fix AuthTests for macOS * Use SocketsHttpHandler * Install minikube on the Travis CI servers * Add integration tests * Fix an issue where StreamConnectAsync would crash if the credentials were not set 2018-03-31 07:32:14 +02:00			`using Org.BouncyCastle.Crypto.Parameters;`
			`using Org.BouncyCastle.Pkcs;`
			`using Org.BouncyCastle.Security;`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`using Xunit;`
Custom validation of server certificate for WebSockets (#103) * Improve SSL customisation for WebSockets kubernetes-client/csharp#102 * First test for exec-in-pod over WebSockets. Also, implement basic mock server for testing WebSockets. kubernetes-client/csharp#102 * Attempt to handle raciness of Watcher tests. kubernetes-client/csharp#102 * Attempt to handle raciness of ByteBuffer test. kubernetes-client/csharp#102 2018-03-20 16:03:28 +11:00			`using Xunit.Abstractions;`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00
			`namespace k8s.Tests`
			`{`
Custom validation of server certificate for WebSockets (#103) * Improve SSL customisation for WebSockets kubernetes-client/csharp#102 * First test for exec-in-pod over WebSockets. Also, implement basic mock server for testing WebSockets. kubernetes-client/csharp#102 * Attempt to handle raciness of Watcher tests. kubernetes-client/csharp#102 * Attempt to handle raciness of ByteBuffer test. kubernetes-client/csharp#102 2018-03-20 16:03:28 +11:00			`public class AuthTests`
			`: TestBase`
			`{`
			`public AuthTests(ITestOutputHelper testOutput) : base(testOutput)`
			`{`
			`}`

fix tests and examples to use v1.8 model 2017-11-24 12:19:44 +08:00			`private static HttpOperationResponse<V1PodList> ExecuteListPods(IKubernetes client)`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`{`
			`return client.ListNamespacedPodWithHttpMessagesAsync("default").Result;`
			`}`

			`[Fact]`
cleanup unused code and functions and fix unittest naming style 2017-11-08 14:22:10 +08:00			`public void Anonymous()`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`{`
Custom validation of server certificate for WebSockets (#103) * Improve SSL customisation for WebSockets kubernetes-client/csharp#102 * First test for exec-in-pod over WebSockets. Also, implement basic mock server for testing WebSockets. kubernetes-client/csharp#102 * Attempt to handle raciness of Watcher tests. kubernetes-client/csharp#102 * Attempt to handle raciness of ByteBuffer test. kubernetes-client/csharp#102 2018-03-20 16:03:28 +11:00			`using (var server = new MockKubeApiServer(TestOutput))`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`{`
			`var client = new Kubernetes(new KubernetesClientConfiguration`
			`{`
			`Host = server.Uri.ToString()`
			`});`

			`var listTask = ExecuteListPods(client);`

			`Assert.True(listTask.Response.IsSuccessStatusCode);`
			`Assert.Equal(1, listTask.Body.Items.Count);`
			`}`

Custom validation of server certificate for WebSockets (#103) * Improve SSL customisation for WebSockets kubernetes-client/csharp#102 * First test for exec-in-pod over WebSockets. Also, implement basic mock server for testing WebSockets. kubernetes-client/csharp#102 * Attempt to handle raciness of Watcher tests. kubernetes-client/csharp#102 * Attempt to handle raciness of ByteBuffer test. kubernetes-client/csharp#102 2018-03-20 16:03:28 +11:00			`using (var server = new MockKubeApiServer(TestOutput, cxt =>`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`{`
Run integration tests as part of CI (after #129) (#131) * Run CI scripts on both Mac and Linux * Fix AuthTests for macOS * Use SocketsHttpHandler * Install minikube on the Travis CI servers * Add integration tests * Fix an issue where StreamConnectAsync would crash if the credentials were not set 2018-03-31 07:32:14 +02:00			`cxt.Response.StatusCode = (int)HttpStatusCode.Unauthorized;`
add watch testcases 2017-10-24 03:33:15 +08:00			`return Task.FromResult(false);`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`}))`
			`{`
			`var client = new Kubernetes(new KubernetesClientConfiguration`
			`{`
			`Host = server.Uri.ToString()`
			`});`

			`var listTask = ExecuteListPods(client);`

			`Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);`
			`}`
			`}`

			`[Fact]`
cleanup unused code and functions and fix unittest naming style 2017-11-08 14:22:10 +08:00			`public void BasicAuth()`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`{`
			`const string testName = "test_name";`
			`const string testPassword = "test_password";`

Custom validation of server certificate for WebSockets (#103) * Improve SSL customisation for WebSockets kubernetes-client/csharp#102 * First test for exec-in-pod over WebSockets. Also, implement basic mock server for testing WebSockets. kubernetes-client/csharp#102 * Attempt to handle raciness of Watcher tests. kubernetes-client/csharp#102 * Attempt to handle raciness of ByteBuffer test. kubernetes-client/csharp#102 2018-03-20 16:03:28 +11:00			`using (var server = new MockKubeApiServer(TestOutput, cxt =>`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`{`
			`var header = cxt.Request.Headers["Authorization"].FirstOrDefault();`

cleanup unused code and functions and fix unittest naming style 2017-11-08 14:22:10 +08:00			`var expect = new AuthenticationHeaderValue("Basic", Convert.ToBase64String(Encoding.UTF8.GetBytes($"{testName}:{testPassword}")))`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`.ToString();`

			`if (header != expect)`
			`{`
Run integration tests as part of CI (after #129) (#131) * Run CI scripts on both Mac and Linux * Fix AuthTests for macOS * Use SocketsHttpHandler * Install minikube on the Travis CI servers * Add integration tests * Fix an issue where StreamConnectAsync would crash if the credentials were not set 2018-03-31 07:32:14 +02:00			`cxt.Response.StatusCode = (int)HttpStatusCode.Unauthorized;`
add watch testcases 2017-10-24 03:33:15 +08:00			`return Task.FromResult(false);`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`}`

add watch testcases 2017-10-24 03:33:15 +08:00			`return Task.FromResult(true);`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`}))`
			`{`
			`{`
			`var client = new Kubernetes(new KubernetesClientConfiguration`
			`{`
			`Host = server.Uri.ToString(),`
			`Username = testName,`
			`Password = testPassword`
			`});`

			`var listTask = ExecuteListPods(client);`
			`Assert.True(listTask.Response.IsSuccessStatusCode);`
			`Assert.Equal(1, listTask.Body.Items.Count);`
			`}`

			`{`
			`var client = new Kubernetes(new KubernetesClientConfiguration`
			`{`
			`Host = server.Uri.ToString(),`
			`Username = "wrong name",`
			`Password = testPassword`
			`});`

			`var listTask = ExecuteListPods(client);`

			`Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);`
			`}`

			`{`
			`var client = new Kubernetes(new KubernetesClientConfiguration`
			`{`
			`Host = server.Uri.ToString(),`
			`Username = testName,`
			`Password = "wrong password"`
			`});`

			`var listTask = ExecuteListPods(client);`

			`Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);`
			`}`

			`{`
			`var client = new Kubernetes(new KubernetesClientConfiguration`
			`{`
			`Host = server.Uri.ToString(),`
			`Username = "both wrong",`
			`Password = "wrong password"`
			`});`

			`var listTask = ExecuteListPods(client);`

			`Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);`
			`}`

			`{`
			`var client = new Kubernetes(new KubernetesClientConfiguration`
			`{`
			`Host = server.Uri.ToString()`
			`});`

			`var listTask = ExecuteListPods(client);`

			`Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);`
			`}`

			`{`
			`var client = new Kubernetes(new KubernetesClientConfiguration`
			`{`
			`Host = server.Uri.ToString(),`
			`Username = "xx"`
			`});`

			`var listTask = ExecuteListPods(client);`

			`Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);`
			`}`
			`}`
			`}`

			`[Fact]`
cleanup unused code and functions and fix unittest naming style 2017-11-08 14:22:10 +08:00			`public void Cert()`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`{`
			`var serverCertificateData = File.ReadAllText("assets/apiserver-pfx-data.txt");`

			`var clientCertificateKeyData = File.ReadAllText("assets/client-key-data.txt");`
			`var clientCertificateData = File.ReadAllText("assets/client-certificate-data.txt");`
Run integration tests as part of CI (after #129) (#131) * Run CI scripts on both Mac and Linux * Fix AuthTests for macOS * Use SocketsHttpHandler * Install minikube on the Travis CI servers * Add integration tests * Fix an issue where StreamConnectAsync would crash if the credentials were not set 2018-03-31 07:32:14 +02:00
			`X509Certificate2 serverCertificate = null;`
			`using (MemoryStream serverCertificateStream = new MemoryStream(Convert.FromBase64String(serverCertificateData)))`
			`{`
			`serverCertificate = OpenCertificateStore(serverCertificateStream);`
			`}`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00
fix testcases (#119) 2018-03-28 10:29:37 +08:00			`var clientCertificate = new X509Certificate2(Convert.FromBase64String(clientCertificateData), "");`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00
			`var clientCertificateValidationCalled = false;`

Custom validation of server certificate for WebSockets (#103) * Improve SSL customisation for WebSockets kubernetes-client/csharp#102 * First test for exec-in-pod over WebSockets. Also, implement basic mock server for testing WebSockets. kubernetes-client/csharp#102 * Attempt to handle raciness of Watcher tests. kubernetes-client/csharp#102 * Attempt to handle raciness of ByteBuffer test. kubernetes-client/csharp#102 2018-03-20 16:03:28 +11:00			`using (var server = new MockKubeApiServer(TestOutput, listenConfigure: options =>`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`{`
			`options.UseHttps(new HttpsConnectionAdapterOptions`
			`{`
			`ServerCertificate = serverCertificate,`
			`ClientCertificateMode = ClientCertificateMode.RequireCertificate,`
			`ClientCertificateValidation = (certificate, chain, valid) =>`
			`{`
			`clientCertificateValidationCalled = true;`
			`return clientCertificate.Equals(certificate);`
			`}`
			`});`
			`}))`
			`{`
			`{`
			`clientCertificateValidationCalled = false;`
			`var client = new Kubernetes(new KubernetesClientConfiguration`
			`{`
			`Host = server.Uri.ToString(),`
			`ClientCertificateData = clientCertificateData,`
rename client cert params to a better name 2017-10-13 01:53:25 +08:00			`ClientCertificateKeyData = clientCertificateKeyData,`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`SslCaCert = serverCertificate,`
			`SkipTlsVerify = false`
			`});`

			`var listTask = ExecuteListPods(client);`

			`Assert.True(clientCertificateValidationCalled);`
			`Assert.True(listTask.Response.IsSuccessStatusCode);`
			`Assert.Equal(1, listTask.Body.Items.Count);`
			`}`

			`{`
			`clientCertificateValidationCalled = false;`
			`var client = new Kubernetes(new KubernetesClientConfiguration`
			`{`
			`Host = server.Uri.ToString(),`
			`ClientCertificateData = clientCertificateData,`
rename client cert params to a better name 2017-10-13 01:53:25 +08:00			`ClientCertificateKeyData = clientCertificateKeyData,`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`SkipTlsVerify = true`
			`});`

			`var listTask = ExecuteListPods(client);`

			`Assert.True(clientCertificateValidationCalled);`
			`Assert.True(listTask.Response.IsSuccessStatusCode);`
			`Assert.Equal(1, listTask.Body.Items.Count);`
			`}`

			`{`
			`clientCertificateValidationCalled = false;`
			`var client = new Kubernetes(new KubernetesClientConfiguration`
			`{`
			`Host = server.Uri.ToString(),`
rename client cert params to a better name 2017-10-13 01:53:25 +08:00			`ClientCertificateFilePath = "assets/client.crt", // TODO amazoning why client.crt != client-data.txt`
			`ClientKeyFilePath = "assets/client.key",`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`SkipTlsVerify = true`
			`});`

			`Assert.ThrowsAny<Exception>(() => ExecuteListPods(client));`
			`Assert.True(clientCertificateValidationCalled);`
			`}`

			`{`
			`clientCertificateValidationCalled = false;`
			`var client = new Kubernetes(new KubernetesClientConfiguration`
			`{`
			`Host = server.Uri.ToString(),`
			`SkipTlsVerify = true`
			`});`

			`Assert.ThrowsAny<Exception>(() => ExecuteListPods(client));`
			`Assert.False(clientCertificateValidationCalled);`
			`}`
			`}`
			`}`

			`[Fact]`
cleanup unused code and functions and fix unittest naming style 2017-11-08 14:22:10 +08:00			`public void Token()`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`{`
			`const string token = "testingtoken";`

Custom validation of server certificate for WebSockets (#103) * Improve SSL customisation for WebSockets kubernetes-client/csharp#102 * First test for exec-in-pod over WebSockets. Also, implement basic mock server for testing WebSockets. kubernetes-client/csharp#102 * Attempt to handle raciness of Watcher tests. kubernetes-client/csharp#102 * Attempt to handle raciness of ByteBuffer test. kubernetes-client/csharp#102 2018-03-20 16:03:28 +11:00			`using (var server = new MockKubeApiServer(TestOutput, cxt =>`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`{`
			`var header = cxt.Request.Headers["Authorization"].FirstOrDefault();`

			`var expect = new AuthenticationHeaderValue("Bearer", token).ToString();`

			`if (header != expect)`
			`{`
Run integration tests as part of CI (after #129) (#131) * Run CI scripts on both Mac and Linux * Fix AuthTests for macOS * Use SocketsHttpHandler * Install minikube on the Travis CI servers * Add integration tests * Fix an issue where StreamConnectAsync would crash if the credentials were not set 2018-03-31 07:32:14 +02:00			`cxt.Response.StatusCode = (int)HttpStatusCode.Unauthorized;`
add watch testcases 2017-10-24 03:33:15 +08:00			`return Task.FromResult(false);`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`}`

add watch testcases 2017-10-24 03:33:15 +08:00			`return Task.FromResult(true);`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`}))`
			`{`
			`{`
			`var client = new Kubernetes(new KubernetesClientConfiguration`
			`{`
			`Host = server.Uri.ToString(),`
			`AccessToken = token`
			`});`

			`var listTask = ExecuteListPods(client);`
			`Assert.True(listTask.Response.IsSuccessStatusCode);`
			`Assert.Equal(1, listTask.Body.Items.Count);`
			`}`

			`{`
			`var client = new Kubernetes(new KubernetesClientConfiguration`
			`{`
			`Host = server.Uri.ToString(),`
			`AccessToken = "wrong token"`
			`});`

			`var listTask = ExecuteListPods(client);`

			`Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);`
			`}`


			`{`
			`var client = new Kubernetes(new KubernetesClientConfiguration`
			`{`
			`Host = server.Uri.ToString(),`
			`Username = "wrong name",`
			`Password = "same password"`
			`});`

			`var listTask = ExecuteListPods(client);`

			`Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);`
			`}`

			`{`
			`var client = new Kubernetes(new KubernetesClientConfiguration`
			`{`
			`Host = server.Uri.ToString()`
			`});`

			`var listTask = ExecuteListPods(client);`

			`Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);`
			`}`
			`}`
Run integration tests as part of CI (after #129) (#131) * Run CI scripts on both Mac and Linux * Fix AuthTests for macOS * Use SocketsHttpHandler * Install minikube on the Travis CI servers * Add integration tests * Fix an issue where StreamConnectAsync would crash if the credentials were not set 2018-03-31 07:32:14 +02:00			`}`

			`private X509Certificate2 OpenCertificateStore(Stream stream)`
			`{`
			`Pkcs12Store store = new Pkcs12Store();`
			`store.Load(stream, new char[] { });`

			`var keyAlias = store.Aliases.Cast<string>().SingleOrDefault(a => store.IsKeyEntry(a));`

			`var key = (RsaPrivateCrtKeyParameters)store.GetKey(keyAlias).Key;`
			`var bouncyCertificate = store.GetCertificate(keyAlias).Certificate;`

			`var certificate = new X509Certificate2(DotNetUtilities.ToX509Certificate(bouncyCertificate));`
			`var parameters = DotNetUtilities.ToRSAParameters(key);`

			`RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();`
			`rsa.ImportParameters(parameters);`

			`certificate = RSACertificateExtensions.CopyWithPrivateKey(certificate, rsa);`

			`return certificate;`
introduce auth test using asp.net core 2017-10-21 21:28:08 +08:00			`}`
			`}`
RFC - Support WebSockets with channels (#66) * Add support for demuxing streams from WebSockets. * Add missing using statement, fix unit test 2018-01-03 05:45:53 +01:00			`}`