Sunday 29 July 2012

Simple BDD

I have spoken before about how much I like the fluent-interface. I use it a lot expecially with object builders. I was looking at the Bddify framework. I have known about this style of testing and BDD for a while, but was really inspired about how Bddify write tests.

I realized that I could do this so easily with everyday tests as well without the need for any fancy frameworks etc. And just make my own tests easier to write and understand.

I was doing a very simple schedule for an import process and heeding the warning by Ayende about scheduling. I tried to consider the wise words and established that my requirement is very simple and to the point and most of these won't be a problem for me. With this in mind I wanted to make sure there are no bugs in the schedule logic so this is what I came up with. First I could express my requirements in the test:

The implementation of this is very simple and I have just done so directly in my test class. It's just about the grammar Given a set of inputs When certain conditions are met, Then we can expect a specific result.

Given - Construction of the objects I am testing.
When - Setting some criterea on the objects I have created.
Then - Run a method and (Act and Assert)

Obviously to have a good grammar you first need to understand a bit more about your domain and tests. And what you will be testing, so when starting I still write the first test or 2 using a few variables and seeing how the test logic fits together and create my grammar from there.

Bugs with these kinds of things could be a nightmare in a live environment. So this style of testing helps you build all of the scenarios that you can think of and make sure those work through the lifetime of the solution.

Wednesday 25 July 2012

PowerShell - Using Credentials

Many commands in PowerShell makes use of Credentials, like for instance the Send-MailMessage. This however may require the user to be prompted for such information. See how you can use secure strings to store user credentials

Send-MailMessage

In PowerShell you can use the Send-MailMessage command to simply send an email through SMTP. This is easy enough and the command is simply to call this with some arguments as follows:

  Send-MailMessage   Send-MailMessage -SmtpServer "mail.yourserver.com" -Subject "Error" -From "user@domain.com" -To "user@domain.com" -Body "test"

Send-MailMessage
1	`Send-MailMessage` `-SmtpServer` `"mail.yourserver.com"` `-Subject` `"Error"` `-From` `"user@domain.com"` `-To` `"user@domain.com"` `-Body` `"test"`

The problem is that you may get an authentication error:

   The SMTP server requires a secure connection or the client was not authenticated. 
The server response was: 5.5.1 Authentication Required.

The issue is that you need to specify a credential by using the -Credential parameter

You can use the Get-Credential Cmdlet, but this will show a prompt unless you specify the username and password in your script file. This is not good for anyone viewing or copying our script file. Turns out we can easily encrypt this information using the ConvertTo-SecureString:

First we need to get the password from user input:

Read-Host
1	`Read-Host` `-AsSecureString`

  Output  ************
System.Security.SecureString
PS C:\>

Output
`************` `System.Security.SecureString` `PS C:\>`

We can also read it from a UI prompt:

Get-Credential
1	`(Get-Credential` `-Credential` `"user").Password`

You can also save this password to a file like this:

  Get-Credential   (Get-Credential -Credential "user").Password | ConvertFrom-SecureString | Out-File "C:\temp\mycredential.cred"

Get-Credential
1	`(Get-Credential` `-Credential` `"user").Password \|` `ConvertFrom-SecureString` `\|` `Out-File` `"C:\temp\mycredential.cred"`

Which will produce output that looks something like this:

  Securestring output  01000000d08c9ddf0115d1118c7a00c04fc297eb0100000064ff74aec2ba6d428b22782a6f91faac000000000200000000001066000000010000200000005b03f7a95e78f996e0a25c5b50fc3f481cf275092131e7fc45eb7553db7d1220000000000e800000000200002000000060b480288abe198159022376076f3f6663478790e547238af5d8550b65a9b6f810000000f536330ee4f0a2a2cd37da4472c4ed17400000008d65be8e08d68ce5472c25f70b60a252d9380b7e950a5780b253e1e20bccbd491bb65d5db6513b0e8925eb6e70f730e21b09223981f43f96dc2b1de12a3407fe

Securestring output
`01000000d08c9ddf0115d1118c7a00c04fc297eb0100000064ff74aec2ba6d428b22782a6f91faac000000000200000000001066000000010000200000005b03f7a95e78f996e0a25c5b50fc3f481cf275092131e7fc45eb7553db7d1220000000000e800000000200002000000060b480288abe198159022376076f3f6663478790e547238af5d8550b65a9b6f810000000f536330ee4f0a2a2cd37da4472c4ed17400000008d65be8e08d68ce5472c25f70b60a252d9380b7e950a5780b253e1e20bccbd491bb65d5db6513b0e8925eb6e70f730e21b09223981f43f96dc2b1de12a3407fe`

Now these secure strings cannot be decoded by anyone else but your own logged on user, if you try to take this file and decrypt it on a different machine you will get this error:

  SecureString error  ConvertTo-SecureString : Key not valid for use in specified state.
 
At line:1 char:58
+ cat ("C:\temp\mycredential.cred") | convertto-securestring <<<< 
    + CategoryInfo          : InvalidArgument: (:) [ConvertTo-SecureString], CryptographicException
    + FullyQualifiedErrorId : ImportSecureString_InvalidArgument_CryptographicError,Microsoft.PowerShell.Commands.ConvertToSecureStringCommand

SecureString error
`ConvertTo-SecureString : Key not valid for use in specified state.` `At line:1 char:58` `+ cat ("C:\temp\mycredential.cred") \| convertto-securestring <<<<` `+ CategoryInfo : InvalidArgument: (:) [ConvertTo-SecureString], CryptographicException` `+ FullyQualifiedErrorId : ImportSecureString_InvalidArgument_CryptographicError,Microsoft.PowerShell.Commands.ConvertToSecureStringCommand`

Note: Initially i thought that I could make this more secure by providing an additional security key something like this:

  ConvertFrom-SecureString   ConvertFrom-SecureString -Key ([System.Text.Encoding]::ASCII.GetBytes("0e5c436f3993432590f12c0b2a48dafa"))

ConvertFrom-SecureString
1	`ConvertFrom-SecureString` `-Key` `([System.Text.Encoding]::ASCII.GetBytes("0e5c436f3993432590f12c0b2a48dafa"))`

The Key i would use I would simply generate as follows:

NewGuid
1	`[System.Guid]::NewGuid().ToString().Replace('-',` `'')`

  Output  0e5c436f3993432590f12c0b2a48dafa
PS C:\>

Output
`0e5c436f3993432590f12c0b2a48dafa` `PS C:\>`

But this actually circumvents the Data Protection API. This page has a good explanation and more information.

So which way is more secure? Well that depends on your needs and environment but I think when the key is in your script file it is easier for an attacker to copy the file and script and then decrypt the information. So as always it is a good idea to apply as many security features as possible and keep the file safe and private, apply permissions and possibly use a different or lower access account.

The simplest way to save the credential to a file would be as follows:

  Get-Credential   (Get-Credential -Credential "user").Password | ConvertFrom-SecureString | Out-File c:\temp\mycredential.cred

Get-Credential
1	`(Get-Credential` `-Credential` `"user").Password \|` `ConvertFrom-SecureString` `\|` `Out-File` `c:\temp\mycredential.cred`

  c:\temp\mycredential.cred  01000000d08c9ddf0115d1118c7a00c04fc297eb0100000021edac733db042498f873cbbdc18c766...

c:\temp\mycredential.cred
`01000000d08c9ddf0115d1118c7a00c04fc297eb0100000021edac733db042498f873cbbdc18c766...`

And we could save this to a file. However when running this same script say off a flash drive could be a problem when you create the encrypted file and load it again as they will be different for each logged on session. So I thought to create a reusable function that rather takes a store folder and saves a different file for each users unique account which is done by getting the AccountDomainSid:

  GetFile   function GetFile($storeFolder)
{
     return [System.IO.Path]::Combine($storeFolder, 
        [System.Security.Principal.WindowsIdentity]::GetCurrent().User.AccountDomainSid.ToString())
}

GetFile
1 2 3 4 5	`function` `GetFile($storeFolder)` `{` `return` `[System.IO.Path]::Combine($storeFolder,` `[System.Security.Principal.WindowsIdentity]::GetCurrent().User.AccountDomainSid.ToString())` `}`

  CreatePassword   function CreatePassword($storeFolder)
{
    (Get-Credential -Credential "user").Password | ConvertFrom-SecureString | Out-File (GetFile $storeFolder)
}

CreatePassword
1 2 3 4	`function` `CreatePassword($storeFolder)` `{` `(Get-Credential` `-Credential` `"user").Password \|` `ConvertFrom-SecureString` `\|` `Out-File` `(GetFile` `$storeFolder)` `}`

And use it:

Output
`PS C:\> CreatePassword c:\temp`

Creates a file S-X-X-XX-XXXXXXX-XXXXXXX-XXXXXXXXX

  c:\temp\S-X-X-XX-XXXXXXX-XXXXXXX-XXXXXXXXX  01000000d08c9ddf0115d1118c7a00c04fc297eb0100000064ff74aec2ba6d428b22782a...

c:\temp\S-X-X-XX-XXXXXXX-XXXXXXX-XXXXXXXXX
`01000000d08c9ddf0115d1118c7a00c04fc297eb0100000064ff74aec2ba6d428b22782a...`

Reading the password:

  GetPassword   function GetPassword($storeFolder)
{
    return cat ((GetFile $storeFolder)) | ConvertTo-SecureString
}

GetPassword
1 2 3 4	`function` `GetPassword($storeFolder)` `{` `return` `cat ((GetFile` `$storeFolder)) \|` `ConvertTo-SecureString` `}`

And use it:

  Output  PS C:\> GetPassword c:\temp
System.Security.SecureString

Output
`PS C:\> GetPassword c:\temp` `System.Security.SecureString`

Now as you can see we can't actually see the password because it is securely stored in the System.Security.SecureString But we can use this object to create Credentials.

Creating a credential:

  ReadCredential   function ReadCredential($userName, $storeFolder)
{
    return new-object -typename System.Management.Automation.PSCredential -argumentlist $userName, (GetPassword $storeFolder)
}

ReadCredential
1 2 3 4	`function` `ReadCredential($userName,` `$storeFolder)` `{` `return` `new-object` `-typename` `System.Management.Automation.PSCredential` `-argumentlist` `$userName, (GetPassword` `$storeFolder)` `}`

And use it:

  Output  PS C:\> ReadCredential "DOMAIN\user" "C:\temp"
 
UserName       Password
--------       --------
DOMAIN\user    System.Security.SecureString
 
PS C:\>

Output
`PS C:\> ReadCredential "DOMAIN\user" "C:\temp"` `UserName Password` `-------- --------` `DOMAIN\user System.Security.SecureString` `PS C:\>`

Putting it all together

As always you can create a reusable module from the functions above and use it whenever you need to save or load credentials. Just pick a filename such as CredentialFunctions.psm1 and then import it using:

  Import-Module   Import-Module  -Name "c:\PowerShell\CredentialFunctions.psm1"

Import-Module
1	`Import-Module` `-Name` `"c:\PowerShell\CredentialFunctions.psm1"`

And now you can simply use this in credential functions such as Send-MailMessage

  Send-MailMessage   Send-MailMessage -SmtpServer "mail.yourserver.com" -Subject "Error" -From "user@domain.com" -To "user@domain.com" -Body "test" -Credential (ReadCredential "DOMAIN\user" "C:\temp")

Send-MailMessage
1	`Send-MailMessage` `-SmtpServer` `"mail.yourserver.com"` `-Subject` `"Error"` `-From` `"user@domain.com"` `-To` `"user@domain.com"` `-Body` `"test"` `-Credential` `(ReadCredential` `"DOMAIN\user"` `"C:\temp")`

Powershell has a number of functions that may require Credentials and you could use this to do things like start processes etc.

Final note:

Even though the password is encrypted securely and with a key don't leave the file lying around and still protect it for instance on a flash disk. An attacker could still having access to your machine and your script key decrypt it. Lastly don't abuse the SMTP server.

Wednesday 18 July 2012

MVC 4.0 on IIS 7, 404, 403 errors.

It seems that every time I deploy a new site to IIS there is some problem this time it is an MVC 4.0 App to a machine that does not have visual studio or ASP.NET MVC Installed.

First I got error 404 not found, so I tried a few things that didn’t work including the usual suspects

Registering .NET 4.0 with IIS (which it wasn’t):

Then I started to get 403 – Forbidden.

In the end enabling the HTTP Redirection fixed it:

This post was particularly useful and contained the answer.

Saturday 7 July 2012

PowerShell–Zip

PowerShell does not have a class construct as a first class citizen. You can create objects either from .NET or creating CmdLets but how do you create an object from a pure PowerShell script?. Here is a solution.

Whenever writing automation scripts you often need to zip some files, either to upload them or just for back-up purposes.

I wanted a really simple and easy way I can do this repeatedly so I thought of creating a PowerShell script that I can reuse to do this easily. I thought that PowerShell's pipeline would be a perfect tool for this. So I wanted to use the dir command with all its powerful filters etc and then just pipe this out to a zip file something like this:

PowerShell Zip UsagePush-Location c:\temp
# create new zip file
dir -Recurse c:\temp\stufftoZip1 | ToZip -relativeBaseDirectory (Get-Location).Path  -fileName "c:\temp\test.zip"
# append to zip file
dir -Recurse c:\temp\stufftoZip2 | ToZip -relativeBaseDirectory (Get-Location).Path -appendToZip -fileName "c:\temp\test.zip"
Pop-Location

PowerShell Zip Usage
1 2 3 4 5 6	`Push-Location` `c:\temp` `# create new zip file` `dir` `-Recurse` `c:\temp\stufftoZip1 \| ToZip` `-relativeBaseDirectory` `(Get-Location).Path` `-fileName` `"c:\temp\test.zip"` `# append to zip file` `dir` `-Recurse` `c:\temp\stufftoZip2 \| ToZip` `-relativeBaseDirectory` `(Get-Location).Path` `-appendToZip` `-fileName` `"c:\temp\test.zip"` `Pop-Location`

And that is all you need to make use of it. You can use all the query operators like select, where, select, first, etc.

This also introduces the concept of Pipeline functions.

Pipeline

Each pipeline function has a begin, process and end. In the begin block is where we initialize our function. In the process block this is where you handle each item from the pipeline. The end block is where we clean-up like close files etc.

PowerShell Pipeline functionfunction ToZip($fileName, $relativeBaseDirectory=$null, [switch] $appendToZip=$false, $verbose=$true)
{
    begin
    {       
        # initialization
        $zipFile = [System.IO.Packaging.Package]::Open($fileName, $mode)
    }
    process
    {       
        # $_.FullName is the current item (in this case file) in the pipeline.
    }
    end
    {       
        # finalization
        $zipFile.Close();
    }
}

PowerShell Pipeline function
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17	`function` `ToZip($fileName,` `$relativeBaseDirectory=$null,` `[switch]` `$appendToZip=$false,` `$verbose=$true)` `{` `begin` `{` `# initialization` `$zipFile` `=` `[System.IO.Packaging.Package]::Open($fileName,` `$mode)` `}` `process` `{` `# $_.FullName is the current item (in this case file) in the pipeline.` `}` `end` `{` `# finalization` `$zipFile.Close();` `}` `}`

Implementation

In order to use the System.IO.Packaging.Package namespace and create Zip files you have to import the assembly WindowsBase as follows:

1	`[Reflection.Assembly]::LoadWithPartialName("WindowsBase") \|` `Out-Null`

Save the following to a file and call it Zip.psm1

Zip.psm1Set-StrictMode -V 1.0
[Reflection.Assembly]::LoadWithPartialName("WindowsBase") | Out-Null
function ToZip($fileName, $relativeBaseDirectory=$null, [switch] $appendToZip=$false, $verbose=$true)
{
    begin
    {
        $zipCreated = { (Get-Variable -ErrorAction SilentlyContinue -Name zipFile) -ne $null }
        $logMessage = { 
            param ($message) 
            if ($verbose)
            {
                Write-Host  $message
            }
        }
        $mode = [System.IO.FileMode]::Create
        if ($appendToZip)
        {
            $mode = [System.IO.FileMode]::Open
        }
        $zipFile = [System.IO.Packaging.Package]::Open($fileName, $mode)
    }
    process
    {
        if  ((&$zipCreated) -and ([System.IO.File]::Exists($_.FullName) -eq $true))
        {
             
            $zipFileName = $_.FullName
            if ($relativeBaseDirectory -ne $null)           
            {
                #$directoryName = [System.IO.Path]::GetDirectoryName($_.FullName)
                $zipFileName = $_.FullName.SubString($relativeBaseDirectory.Length, $_.FullName.Length-$relativeBaseDirectory.Length)               
            }
             
             
            $destFilename = [System.IO.Path]::Combine(".\\", $zipFileName)
            #$destFilename = $destFilename.Replace(" ", "_")
            $uri = New-Object Uri -ArgumentList ($destFilename, [UriKind]::Relative)
            $uri = [System.IO.Packaging.PackUriHelper]::CreatePartUri($uri)
             
            &$logMessage ("Adding: {0}" -f $destFileName)
             
            if ($zipFile.PartExists($uri))
            {
                $zipFile.DeletePart($uri);
            }
             
            $part = $zipFile.CreatePart($uri, [string]::Empty, [System.IO.Packaging.CompressionOption]::Normal)
            $dest = $part.GetStream()
             
            $srcStream = New-Object System.IO.FileStream -ArgumentList ($_.FullName, [System.IO.FileMode]::Open, [System.IO.FileAccess]::Read)
            try
            {
                $srcStream.CopyTo($dest)
            }
            finally
            {
                $srcStream.Close()
            }           
        }
    }
    end
    {
        if  (&$zipCreated)
        {
            $zipFile.Close()
        }
        &$logMessage "Done"
    }
}

Zip.psm1
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69	`Set-StrictMode` `-V` `1.0` `[Reflection.Assembly]::LoadWithPartialName("WindowsBase") \|` `Out-Null` `function` `ToZip($fileName,` `$relativeBaseDirectory=$null,` `[switch]` `$appendToZip=$false,` `$verbose=$true)` `{` `begin` `{` `$zipCreated` `= { (Get-Variable` `-ErrorAction` `SilentlyContinue` `-Name` `zipFile)` `-ne` `$null` `}` `$logMessage` `= {` `param` `($message)` `if` `($verbose)` `{` `Write-Host` `$message` `}` `}` `$mode` `=` `[System.IO.FileMode]::Create` `if` `($appendToZip)` `{` `$mode` `=` `[System.IO.FileMode]::Open` `}` `$zipFile` `=` `[System.IO.Packaging.Package]::Open($fileName,` `$mode)` `}` `process` `{` `if` `((&$zipCreated)` `-and` `([System.IO.File]::Exists($_.FullName)` `-eq` `$true))` `{` `$zipFileName` `=` `$_.FullName` `if` `($relativeBaseDirectory` `-ne` `$null)` `{` `#$directoryName = [System.IO.Path]::GetDirectoryName($_.FullName)` `$zipFileName` `=` `$_.FullName.SubString($relativeBaseDirectory.Length,` `$_.FullName.Length-$relativeBaseDirectory.Length)` `}` `$destFilename` `=` `[System.IO.Path]::Combine(".\\",` `$zipFileName)` `#$destFilename = $destFilename.Replace(" ", "_")` `$uri` `=` `New-Object` `Uri` `-ArgumentList` `($destFilename,` `[UriKind]::Relative)` `$uri` `=` `[System.IO.Packaging.PackUriHelper]::CreatePartUri($uri)` `&$logMessage` `("Adding: {0}"` `-f` `$destFileName)` `if` `($zipFile.PartExists($uri))` `{` `$zipFile.DeletePart($uri);` `}` `$part` `=` `$zipFile.CreatePart($uri,` `[string]::Empty,` `[System.IO.Packaging.CompressionOption]::Normal)` `$dest` `=` `$part.GetStream()` `$srcStream` `=` `New-Object` `System.IO.FileStream` `-ArgumentList` `($_.FullName,` `[System.IO.FileMode]::Open,` `[System.IO.FileAccess]::Read)` `try` `{` `$srcStream.CopyTo($dest)` `}` `finally` `{` `$srcStream.Close()` `}` `}` `}` `end` `{` `if` `(&$zipCreated)` `{` `$zipFile.Close()` `}` `&$logMessage` `"Done"` `}` `}`

Import & Usage

You can easily reuse the above module anywhere in your PowerShell scripts by importing it as follows:

PowerShell Zip UsageImport-Module c:\Development\PowerShell\Zip.psm1
 
# Example 1
dir | ToZip c:\temp\test.zip
 
# Example 2
dir | ToZip -fileName c:\temp\test.zip -relativeBaseDirectory (Get-Location).Path 
 
# Example 3
dir | ToZip -fileName c:\temp\test.zip -relativeBaseDirectory (Get-Location).Path -appendToZip

PowerShell Zip Usage
1 2 3 4 5 6 7 8 9 10	`Import-Module` `c:\Development\PowerShell\Zip.psm1` `# Example 1` `dir \| ToZip c:\temp\test.zip` `# Example 2` `dir \| ToZip` `-fileName` `c:\temp\test.zip` `-relativeBaseDirectory` `(Get-Location).Path` `# Example 3` `dir \| ToZip` `-fileName` `c:\temp\test.zip` `-relativeBaseDirectory` `(Get-Location).Path` `-appendToZip`

Example 1

Zip all the content in the current directory to c:\temp\test.zip

Example 2

Zip all the content in the current directory to c:\temp\test.zip. Using the folder structure starting at the current directory as relative path.

Example 3

Zip all the content in the current directory to c:\temp\test.zip. Using the folder structure starting at the current directory as relative path, and appending to the Zip.

Caveats

Actually there are none from PowerShell side, however the build in .net packaging library places a [Content_Types].xml in the zip file. You can't get rid of this. Also files with spaces will be escaped. This obviously can affect anything you zip and unzip where the file names are required. But again this is not PowerShell but the packaging library.

I will try and make a future post on a version that uses SharpZipLib so stay tuned...

The Walking Dev

Sunday 29 July 2012

Simple BDD

Wednesday 25 July 2012

PowerShell - Using Credentials

Send-MailMessage

Putting it all together

Wednesday 18 July 2012

MVC 4.0 on IIS 7, 404, 403 errors.

Saturday 7 July 2012

PowerShell–Zip

Pipeline

Implementation

Import & Usage

Example 1

Example 2

Example 3

Caveats

Search This Blog

Meta