dohertj2/lmxopcua
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
ca149ce9070b0d97b1bc73a3b57712d8a15a0af6
lmxopcua/tests/Server/ZB.MOM.WW.OtOpcUa.Server.Tests/SecurityConfigurationTests.cs
Joseph Doherty a25593a9c6 chore: organize solution into module folders (Core/Server/Drivers/Client/Tooling) 
Group all 69 projects into category subfolders under src/ and tests/ so the
Rider Solution Explorer mirrors the module structure. Folders: Core, Server,
Drivers (with a nested Driver CLIs subfolder), Client, Tooling.

- Move every project folder on disk with git mv (history preserved as renames).
- Recompute relative paths in 57 .csproj files: cross-category ProjectReferences,
  the lib/ HintPath+None refs in Driver.Historian.Wonderware, and the external
  mxaccessgw refs in Driver.Galaxy and its test project.
- Rebuild ZB.MOM.WW.OtOpcUa.slnx with nested solution folders.
- Re-prefix project paths in functional scripts (e2e, compliance, smoke SQL,
  integration, install).

Build green (0 errors); unit tests pass. Docs left for a separate pass.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-17 01:55:28 -04:00

89 lines
3.3 KiB
C#
Raw Blame History

using Shouldly;
using Xunit;
using ZB.MOM.WW.OtOpcUa.Server.OpcUa;
using ZB.MOM.WW.OtOpcUa.Server.Security;
namespace ZB.MOM.WW.OtOpcUa.Server.Tests;
[Trait("Category", "Unit")]
public sealed class SecurityConfigurationTests
{
[Fact]
public async Task DenyAllAuthenticator_rejects_every_credential()
{
var auth = new DenyAllUserAuthenticator();
var r = await auth.AuthenticateAsync("admin", "admin", CancellationToken.None);
r.Success.ShouldBeFalse();
r.Error.ShouldContain("not supported");
}
[Fact]
public async Task LdapAuthenticator_rejects_blank_credentials_without_hitting_server()
{
var options = new LdapOptions { Enabled = true, AllowInsecureLdap = true };
var auth = new LdapUserAuthenticator(options, Microsoft.Extensions.Logging.Abstractions.NullLogger<LdapUserAuthenticator>.Instance);
var empty = await auth.AuthenticateAsync("", "", CancellationToken.None);
empty.Success.ShouldBeFalse();
empty.Error.ShouldContain("Credentials");
}
[Fact]
public async Task LdapAuthenticator_rejects_when_disabled()
{
var options = new LdapOptions { Enabled = false };
var auth = new LdapUserAuthenticator(options, Microsoft.Extensions.Logging.Abstractions.NullLogger<LdapUserAuthenticator>.Instance);
var r = await auth.AuthenticateAsync("alice", "pw", CancellationToken.None);
r.Success.ShouldBeFalse();
r.Error.ShouldContain("disabled");
}
[Fact]
public async Task LdapAuthenticator_rejects_plaintext_when_both_TLS_and_insecure_are_disabled()
{
var options = new LdapOptions { Enabled = true, UseTls = false, AllowInsecureLdap = false };
var auth = new LdapUserAuthenticator(options, Microsoft.Extensions.Logging.Abstractions.NullLogger<LdapUserAuthenticator>.Instance);
var r = await auth.AuthenticateAsync("alice", "pw", CancellationToken.None);
r.Success.ShouldBeFalse();
r.Error.ShouldContain("Insecure");
}
[Theory]
[InlineData("hello", "hello")]
[InlineData("hi(there)", "hi\\28there\\29")]
[InlineData("name*", "name\\2a")]
[InlineData("a\\b", "a\\5cb")]
public void LdapFilter_escapes_reserved_characters(string input, string expected)
{
LdapUserAuthenticator.EscapeLdapFilter(input).ShouldBe(expected);
}
[Theory]
[InlineData("cn=alice,ou=Engineering,dc=example,dc=com", "Engineering")]
[InlineData("cn=bob,dc=example,dc=com", null)]
[InlineData("cn=carol,ou=Ops,dc=example,dc=com", "Ops")]
public void ExtractOuSegment_pulls_primary_group_from_DN(string dn, string? expected)
{
LdapUserAuthenticator.ExtractOuSegment(dn).ShouldBe(expected);
}
[Theory]
[InlineData("cn=Operators,ou=Groups,dc=example", "Operators")]
[InlineData("cn=LoneValue", "LoneValue")]
[InlineData("plain-no-equals", "plain-no-equals")]
public void ExtractFirstRdnValue_returns_first_rdn(string dn, string expected)
{
LdapUserAuthenticator.ExtractFirstRdnValue(dn).ShouldBe(expected);
}
[Fact]
public void OpcUaServerOptions_default_is_anonymous_only()
{
var opts = new OpcUaServerOptions();
opts.SecurityProfile.ShouldBe(OpcUaSecurityProfile.None);
opts.Ldap.Enabled.ShouldBeFalse();
}
}
Reference in New Issue View Git Blame Copy Permalink