Beispiel #1
0
        public void Should_add_two_items_to_the_start_of_the_begin_pipeline_when_RequiresClaims_enabled()
        {
            var module = new FakeHookedModule(A.Fake <BeforePipeline>());

            module.RequiresClaims(new[] { string.Empty });

            A.CallTo(() => module.Before.AddItemToEndOfPipeline(A <Func <NancyContext, Response> > .Ignored)).MustHaveHappened(Repeated.Exactly.Twice);
        }
Beispiel #2
0
        public void Should_add_two_items_to_the_end_of_the_begin_pipeline_when_RequiresClaims_enabled()
        {
            var module = new FakeHookedModule(A.Fake <BeforePipeline>());

            module.RequiresClaims(_ => true);

            A.CallTo(() => module.Before.AddItemToEndOfPipeline(A <Func <NancyContext, Response> > .Ignored)).MustHaveHappenedTwiceExactly();
        }
Beispiel #3
0
        public void Should_return_unauthorized_response_with_RequiresClaims_enabled_and_no_username()
        {
            var module = new FakeHookedModule(new BeforePipeline());

            module.RequiresClaims(new[] { string.Empty });

            var result = module.Before.Invoke(new NancyContext());

            result.ShouldNotBeNull();
            result.StatusCode.ShouldEqual(HttpStatusCode.Unauthorized);
        }
Beispiel #4
0
        public void Should_return_null_with_RequiresClaims_and_all_claims_met()
        {
            var module = new FakeHookedModule(new BeforePipeline());

            module.RequiresClaims(new[] { "Claim1", "Claim2" });
            var context = new NancyContext
            {
                CurrentUser = GetFakeUser("username", new[] { "Claim1", "Claim2", "Claim3" })
            };

            var result = module.Before.Invoke(context);

            result.ShouldBeNull();
        }
Beispiel #5
0
        public void Should_return_null_with_RequiresClaims_and_all_claims_met()
        {
            var module = new FakeHookedModule(new BeforePipeline());

            module.RequiresClaims(new[] { "Claim1", "Claim2" });
            var context = new NancyContext();

            context.Items[Nancy.Security.SecurityConventions.AuthenticatedUsernameKey] = "username";
            context.Items[Nancy.Security.SecurityConventions.AuthenticatedClaimsKey]   = new[] { "Claim1", "Claim2", "Claim3" };

            var result = module.Before.Invoke(context);

            result.ShouldBeNull();
        }
Beispiel #6
0
        public void Should_return_forbidden_response_with_RequiresClaims_enabled_but_claims_key_missing()
        {
            var module = new FakeHookedModule(new BeforePipeline());

            module.RequiresClaims(new[] { "Claim1" });
            var context = new NancyContext();

            context.Items[Nancy.Security.SecurityConventions.AuthenticatedUsernameKey] = "username";

            var result = module.Before.Invoke(context);

            result.ShouldNotBeNull();
            result.StatusCode.ShouldEqual(HttpStatusCode.Forbidden);
        }
Beispiel #7
0
        public void Should_return_unauthorized_response_with_RequiresClaims_enabled_and_blank_username()
        {
            var module = new FakeHookedModule(new BeforePipeline());

            module.RequiresClaims(new[] { string.Empty });
            var context = new NancyContext();

            context.Items[Nancy.Security.SecurityConventions.AuthenticatedUsernameKey] = String.Empty;

            var result = module.Before.Invoke(context);

            result.ShouldNotBeNull();
            result.StatusCode.ShouldEqual(HttpStatusCode.Unauthorized);
        }
Beispiel #8
0
        public void Should_return_forbidden_response_with_RequiresClaims_enabled_but_not_all_claims_met()
        {
            var module = new FakeHookedModule(new BeforePipeline());

            module.RequiresClaims(new[] { "Claim1", "Claim2" });
            var context = new NancyContext
            {
                CurrentUser = GetFakeUser("username", new[] { "Claim2" })
            };

            var result = module.Before.Invoke(context);

            result.ShouldNotBeNull();
            result.StatusCode.ShouldEqual(HttpStatusCode.Forbidden);
        }
        public void Should_return_forbidden_response_with_RequiresClaims_enabled_but_claims_key_missing()
        {
            var module = new FakeHookedModule(new BeforePipeline());

            module.RequiresClaims(c => c.Type == "Claim1");
            var context = new NancyContext
            {
                CurrentUser = GetFakeUser("username")
            };

            var result = module.Before.Invoke(context, new CancellationToken());

            result.Result.ShouldNotBeNull();
            result.Result.StatusCode.ShouldEqual(HttpStatusCode.Forbidden);
        }
Beispiel #10
0
        public void Should_return_unauthorized_response_with_RequiresClaims_enabled_and_blank_username()
        {
            var module = new FakeHookedModule(new BeforePipeline());

            module.RequiresClaims(new[] { string.Empty });
            var context = new NancyContext
            {
                CurrentUser = GetFakeUser(String.Empty)
            };

            var result = module.Before.Invoke(context, new CancellationToken());

            result.Result.ShouldNotBeNull();
            result.Result.StatusCode.ShouldEqual(HttpStatusCode.Unauthorized);
        }
        public void Should_return_null_with_RequiresClaims_and_all_claims_met()
        {
            var module = new FakeHookedModule(new BeforePipeline());

            module.RequiresClaims(c => c.Type == "Claim1", c => c.Type == "Claim2");
            var context = new NancyContext
            {
                CurrentUser = GetFakeUser("username",
                                          new Claim("Claim1", string.Empty),
                                          new Claim("Claim2", string.Empty),
                                          new Claim("Claim3", string.Empty))
            };

            var result = module.Before.Invoke(context, new CancellationToken());

            result.Result.ShouldBeNull();
        }