ldap tests
using System; | |
using System.Collections.Generic; | |
using System.Linq; | |
using System.Text; | |
using System.Threading.Tasks; | |
using NUnit.Framework; | |
namespace Ldap.Tests | |
{ | |
//https://searchcode.com/codesearch/view/11311613/ | |
//AntiXSS /trunk/Microsoft.Security.Application.Encoder.UnitTests/LdapTests.cs | |
//add antixss from nuget | |
[TestFixture] | |
public class ldapTests | |
{ | |
/// <summary> | |
/// Tests that passing a null to filter encoding should return a null. | |
/// </summary> | |
[Test] | |
public void PassingANullToFilterEncodeShouldReturnANull() | |
{ | |
const string Target = null; | |
const string Expected = null; | |
//string actual = Microsoft.Security.Application.Encoder.LdapFilterEncode(Target); | |
string actual = Microsoft.Security.Application.Encoder.LdapFilterEncode(Target); | |
Assert.AreEqual(Expected, actual); | |
} | |
/// <summary> | |
/// Tests that passing an empty string to filter encoding should return an empty string. | |
/// </summary> | |
[Test] | |
public void PassingAnEmptyStringToFilterEncodeShouldReturnAnEmptyString() | |
{ | |
string target = string.Empty; | |
string expected = string.Empty; | |
string actual = Microsoft.Security.Application.Encoder.LdapFilterEncode(target); | |
Assert.AreEqual(expected, actual); | |
} | |
/// <summary> | |
/// Tests the encoding of RFC4515 parenthesis example. | |
/// </summary> | |
[Test] | |
public void FilterEncodingShouldEncodeParenthesis() | |
{ | |
const string Target = @"Parens R Us (for all your parenthetical needs)"; | |
const string Expected = @"Parens R Us \28for all your parenthetical needs\29"; | |
string actual = Microsoft.Security.Application.Encoder.LdapFilterEncode(Target); | |
Assert.AreEqual(Expected, actual); | |
} | |
/// <summary> | |
/// Tests the encoding of RFC4515 asterisk example. | |
/// </summary> | |
[Test] | |
public void FilterEncodingShouldEncodeAsterisks() | |
{ | |
const string Target = @"*"; | |
const string Expected = @"\2a"; | |
string actual = Microsoft.Security.Application.Encoder.LdapFilterEncode(Target); | |
Assert.AreEqual(Expected, actual); | |
} | |
/// <summary> | |
/// Tests the encoding of RFC4515 backslash example. | |
/// </summary> | |
[Test] | |
public void FilterEncodingShouldEncodeBackslashes() | |
{ | |
const string Target = @"C:\MyFile"; | |
const string Expected = @"C:\5cMyFile"; | |
string actual = Microsoft.Security.Application.Encoder.LdapFilterEncode(Target); | |
Assert.AreEqual(Expected, actual); | |
} | |
/// <summary> | |
/// Tests the encoding of RFC4515 binary example. | |
/// </summary> | |
[Test] | |
public void FilterEncodingShouldEncodeBinary() | |
{ | |
char[] binaryData = new[] { '\u0000', '\u0000', '\u0000', '\u0004' }; | |
string target = new string(binaryData); | |
const string Expected = @"\00\00\00\04"; | |
string actual = Microsoft.Security.Application.Encoder.LdapFilterEncode(target); | |
Assert.AreEqual(Expected, actual); | |
} | |
/// <summary> | |
/// Tests the encoding of RFC4515 accented example. | |
/// </summary> | |
[Test] | |
public void FilterEncodingShouldEncodeAccentedCharacters() | |
{ | |
const string Target = @"Lu?i?"; | |
const string Expected = @"Lu\c4\8di\c4\87"; | |
string actual = Microsoft.Security.Application.Encoder.LdapFilterEncode(Target); | |
Assert.AreEqual(Expected, actual); | |
} | |
/// <summary> | |
/// Tests the null non-printable character is encoded correctly in filter encoding. | |
/// </summary> | |
[Test] | |
public void FilterNullCharactersShouldBeHashThenHexEncoded() | |
{ | |
const string Target = "\u0000"; | |
const string Expected = @"\00"; | |
string actual = Microsoft.Security.Application.Encoder.LdapFilterEncode(Target); | |
Assert.AreEqual(Expected, actual); | |
} | |
/// <summary> | |
/// Tests the null non-printable character is encoded correctly in DN encoding. | |
/// </summary> | |
[Test] | |
public void FilterDelCharactersShouldBeHashThenHexEncoded() | |
{ | |
const string Target = "\u007f"; | |
const string Expected = @"\7f"; | |
string actual = Microsoft.Security.Application.Encoder.LdapFilterEncode(Target); | |
Assert.AreEqual(Expected, actual); | |
} | |
/// <summary> | |
/// Checks the characters on http://projects.webappsec.org/LDAP-Injection are all escaped during filter encoding. | |
/// </summary> | |
[Test] | |
public void PassingAnUnsafeCharacterToFilterEncodeShouldNotReturnTheCharacter() | |
{ | |
string[] targetArray = new[] { "\u0000", "(", ")", "\\", "*", "/" }; | |
foreach (string target in targetArray) | |
{ | |
string notExpected = target; | |
string actual = Microsoft.Security.Application.Encoder.LdapFilterEncode(target); | |
Assert.AreNotEqual(notExpected, actual); | |
} | |
} | |
/// <summary> | |
/// Tests that passing a null to DN encoding should return a null. | |
/// </summary> | |
[Test] | |
public void PassingANullToDistinguisedNameEncodeShouldReturnANull() | |
{ | |
const string Target = null; | |
const string Expected = null; | |
string actual = Microsoft.Security.Application.Encoder.LdapFilterEncode(Target); | |
Assert.AreEqual(Expected, actual); | |
} | |
/// <summary> | |
/// Tests that passing an empty string to DN encoding should return an empty string. | |
/// </summary> | |
[Test] | |
public void PassingAnEmptyStringToDistinguisedNameEncodeShouldReturnAnEmptyString() | |
{ | |
string target = string.Empty; | |
string expected = string.Empty; | |
string actual = Microsoft.Security.Application.Encoder.LdapFilterEncode(target); | |
Assert.AreEqual(expected, actual); | |
} | |
/// <summary> | |
/// Tests that passing the always encoded values to DN encoding returns their slash escaped value. | |
/// </summary> | |
[Test] | |
public void PassingAnAlwaysEncodedValueToDistinguishedNameEncodeShouldReturnTheirSlashEscapedValue() | |
{ | |
const string Target = ",+\"\\<>;"; | |
const string Expected = "\\,\\+\\\"\\\\\\<\\>\\;"; | |
string actual = Microsoft.Security.Application.Encoder.LdapFilterEncode(Target); | |
Assert.AreEqual(Expected, actual); | |
} | |
/// <summary> | |
/// Checks the characters on http://projects.webappsec.org/LDAP-Injection are all escaped during DN encoding. | |
/// </summary> | |
[Test] | |
public void PassingAnUnsafeCharacterToDistinguishedNameEncodeShouldNotReturnTheCharacter() | |
{ | |
string[] targetArray = new[] { "&", "!", "|", "=", "<", ">", ",", "+", "-", "\"", "'", ";" }; | |
foreach (string target in targetArray) | |
{ | |
string notExpected = target; | |
string actual = Microsoft.Security.Application.Encoder.LdapFilterEncode(target); | |
Assert.AreNotEqual(notExpected, actual); | |
} | |
} | |
/// <summary> | |
/// Test that spaces at the start of a string get escaped properly. | |
/// </summary> | |
[Test] | |
public void PassingASpaceAtTheBeginningOfAStringToDistinguishedNameEncodeMustEscapeTheSpace() | |
{ | |
const string Target = " abcdef"; | |
const string Expected = "\\ abcdef"; | |
string actual = Microsoft.Security.Application.Encoder.LdapFilterEncode(Target); | |
Assert.AreEqual(Expected, actual); | |
} | |
/// <summary> | |
/// Test that spaces at the end of a string get escaped properly. | |
/// </summary> | |
[Test] | |
public void PassingASpaceAtTheEndOfAStringToDistinguishedNameEncodeMustEscapeTheSpace() | |
{ | |
const string Target = "abcdef "; | |
const string Expected = "abcdef \\ "; | |
string actual = Microsoft.Security.Application.Encoder.LdapFilterEncode(Target); | |
Assert.AreEqual(Expected, actual); | |
} | |
/// <summary> | |
/// Test that a single space input does not trigger both start and finish escaping, but returns a single escaped space. | |
/// </summary> | |
[Test] | |
public void PassingASingleSpaceStringShouldReturnASingleEscapedString() | |
{ | |
const string Target = " "; | |
const string Expected = "\\ "; | |
string actual = Microsoft.Security.Application.Encoder.LdapFilterEncode(Target); | |
Assert.AreEqual(Expected, actual); | |
} | |
/// <summary> | |
/// Test that hashes at the start of a string get escaped properly. | |
/// </summary> | |
[Test] | |
public void PassingAHashAtTheBeginningOfAStringToDistinguishedNameEncodeMustEscapeTheHash() | |
{ | |
const string Target = "##abcdef"; | |
const string Expected = "\\##abcdef"; | |
string actual = Microsoft.Security.Application.Encoder.LdapFilterEncode(Target); | |
Assert.AreEqual(Expected, actual); | |
} | |
/// <summary> | |
/// Tests that the override of initial character handling works with hashes. | |
/// </summary> | |
[Test] | |
public void PassingAHashAtTheBeginningOfAStringToDistinguishedNameEncodeButOverridingTheInitialRulesDoesNotEncodeTheHash() | |
{ | |
const string Target = "##abcdef"; | |
const string Expected = "##abcdef"; | |
string actual = Microsoft.Security.Application.Encoder.LdapDistinguishedNameEncode(Target, false, true); | |
Assert.AreEqual(Expected, actual); | |
} | |
/// <summary> | |
/// Tests that the override of initial character handling works with space. | |
/// </summary> | |
[Test] | |
public void PassingASpaceAtTheBeginningOfAStringToDistinguishedNameEncodeButOverridingTheInitialRulesDoesNotEncodeTheSpace() | |
{ | |
const string Target = " abcdef"; | |
const string Expected = " abcdef"; | |
string actual = Microsoft.Security.Application.Encoder.LdapDistinguishedNameEncode(Target, false, true); | |
Assert.AreEqual(Expected, actual); | |
} | |
/// <summary> | |
/// Tests that the override of final character handling works with hashes. | |
/// </summary> | |
[Test] | |
public void PassingASpaceAtTheEndOfAStringToDistinguishedNameEncodeButOverridingTheFinalRuleDoesNotEncodeTheSpace() | |
{ | |
const string Target = "abcdef# "; | |
const string Expected = "abcdef# "; | |
string actual = Microsoft.Security.Application.Encoder.LdapDistinguishedNameEncode(Target, true, false); | |
Assert.AreEqual(Expected, actual); | |
} | |
/// <summary> | |
/// Tests the null non-printable character is encoded correctly in DN encoding. | |
/// </summary> | |
[Test] | |
public void DistinguishedNameNullCharactersShouldBeHashThenHexEncoded() | |
{ | |
const string Target = "\u0000"; | |
const string Expected = "#00"; | |
string actual = Microsoft.Security.Application.Encoder.LdapDistinguishedNameEncode(Target, true, false); | |
Assert.AreEqual(Expected, actual); | |
} | |
/// <summary> | |
/// Tests the null non-printable character is encoded correctly in DN encoding. | |
/// </summary> | |
[Test] | |
public void DistinguishedNameDelCharactersShouldBeHashThenHexEncoded() | |
{ | |
const string Target = "\u007F"; | |
const string Expected = "#7F"; | |
string actual = Microsoft.Security.Application.Encoder.LdapDistinguishedNameEncode(Target, true, false); | |
Assert.AreEqual(Expected, actual); | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment