public async Task Roles_Authorized()
{
// arrange
TestServer server = CreateTestServer(
services =>
{
services.AddGraphQL(CreateExecutor());
},
context =>
{
var identity = new ClaimsIdentity();
identity.AddClaim(new Claim(
ClaimTypes.Role,
"a"));
context.User.AddIdentity(identity);
});
var request = "{ roles }";
var contentType = "application/graphql";
// act
HttpResponseMessage message =
await server.SendPostRequestAsync(request, contentType, null);
// assert
Assert.Equal(HttpStatusCode.OK, message.StatusCode);
var json = await message.Content.ReadAsStringAsync();
ClientQueryResult result = JsonConvert
.DeserializeObject <ClientQueryResult>(json);
Assert.Null(result.Errors);
result.Snapshot();
}
public async Task PipedAuthorizeDirectives_Authorized()
{
// arrange
TestServer server = CreateTestServer(
services =>
{
services.AddAuthorization(options =>
{
options.AddPolicy("a", policy =>
policy.RequireAssertion(context =>
context.User.HasClaim(c =>
c.Type == ClaimTypes.DateOfBirth)));
options.AddPolicy("b", policy =>
policy.RequireAssertion(context =>
context.User.HasClaim(c =>
c.Type == ClaimTypes.Country)));
});
services.AddGraphQL(CreateExecutor());
},
context =>
{
var identity = new ClaimsIdentity();
identity.AddClaim(new Claim(
ClaimTypes.DateOfBirth,
"2013-05-30"));
identity.AddClaim(new Claim(
ClaimTypes.Country,
"US"));
context.User.AddIdentity(identity);
});
var request = "{ piped }";
var contentType = "application/graphql";
// act
HttpResponseMessage message =
await server.SendPostRequestAsync(request, contentType, null);
// assert
Assert.Equal(HttpStatusCode.OK, message.StatusCode);
var json = await message.Content.ReadAsStringAsync();
ClientQueryResult result = JsonConvert
.DeserializeObject <ClientQueryResult>(json);
Assert.Null(result.Errors);
result.Snapshot();
}
public async Task Policy_NotFound()
{
// arrange
TestServer server = CreateTestServer(
services =>
{
services.AddAuthorization(options =>
{
options.AddPolicy("FooBar", policy =>
policy.RequireAssertion(context =>
context.User.HasClaim(c =>
c.Type == ClaimTypes.DateOfBirth)));
});
services.AddGraphQL(CreateExecutor());
},
context =>
{
// no user
});
var request = "{ age }";
var contentType = "application/graphql";
// act
HttpResponseMessage message =
await server.SendPostRequestAsync(request, contentType, null);
// assert
Assert.Equal(HttpStatusCode.OK, message.StatusCode);
var json = await message.Content.ReadAsStringAsync();
ClientQueryResult result = JsonConvert
.DeserializeObject <ClientQueryResult>(json);
Assert.NotNull(result.Errors);
result.Snapshot();
}