public void UnknownRequirement()
        {
            // Setup
            string hdid         = "The User HDID";
            string resourceHDID = hdid;
            string token        = "Fake Access Token";
            string userId       = "User ID";
            string username     = "******";

            List <Claim> claims = new List <Claim>()
            {
                new Claim(ClaimTypes.Name, username),
                new Claim(ClaimTypes.NameIdentifier, userId),
                new Claim(GatewayClaims.HDID, hdid),
            };
            ClaimsIdentity  identity        = new ClaimsIdentity(claims, "TestAuth");
            ClaimsPrincipal claimsPrincipal = new ClaimsPrincipal(identity);

            IHeaderDictionary headerDictionary = new HeaderDictionary();

            headerDictionary.Add("Authorization", token);
            RouteValueDictionary routeValues = new RouteValueDictionary();

            routeValues.Add("hdid", resourceHDID);
            Mock <HttpRequest> httpRequestMock = new Mock <HttpRequest>();

            httpRequestMock.Setup(s => s.Headers).Returns(headerDictionary);
            httpRequestMock.Setup(s => s.RouteValues).Returns(routeValues);

            Mock <HttpContext> httpContextMock = new Mock <HttpContext>();

            httpContextMock.Setup(s => s.User).Returns(claimsPrincipal);
            httpContextMock.Setup(s => s.Request).Returns(httpRequestMock.Object);

            Mock <IHttpContextAccessor> httpContextAccessorMock = new Mock <IHttpContextAccessor>();

            httpContextAccessorMock.Setup(s => s.HttpContext).Returns(httpContextMock.Object);

            using ILoggerFactory loggerFactory = LoggerFactory.Create(builder => builder.AddConsole());
            ILogger <FhirResourceDelegateAuthorizationHandler> logger =
                loggerFactory.CreateLogger <FhirResourceDelegateAuthorizationHandler>();

            FhirResourceDelegateAuthorizationHandler authHandler = new FhirResourceDelegateAuthorizationHandler(
                logger,
                this.GetConfiguration(),
                httpContextAccessorMock.Object,
                new Mock <IPatientService>().Object,
                new Mock <IResourceDelegateDelegate>().Object
                );
            var requirements = new[] { new NameAuthorizationRequirement(username) };

            AuthorizationHandlerContext context = new AuthorizationHandlerContext(requirements, claimsPrincipal, null);

            authHandler.HandleAsync(context);
            Assert.False(context.HasSucceeded);
            Assert.False(context.HasFailed);
        }
        public void ShouldNotAuthExpiredDelegate()
        {
            string       hdid         = "The User HDID";
            string       resourceHDID = "The Resource HDID";
            string       token        = "Fake Access Token";
            string       userId       = "User ID";
            string       username     = "******";
            string       scopes       = "user/Observation.read";
            List <Claim> claims       = new List <Claim>()
            {
                new Claim(ClaimTypes.Name, username),
                new Claim(ClaimTypes.NameIdentifier, userId),
                new Claim(GatewayClaims.HDID, hdid),
                new Claim(GatewayClaims.Scope, scopes),
            };
            ClaimsIdentity  identity        = new ClaimsIdentity(claims, "TestAuth");
            ClaimsPrincipal claimsPrincipal = new ClaimsPrincipal(identity);
            PatientModel    patientModel    = new PatientModel()
            {
                Birthdate = DateTime.Now
                            .AddYears(MaxDependentAge * -1)
            };
            RequestResult <PatientModel> getPatientResult =
                new RequestResult <PatientModel>(patientModel, ResultType.Success);

            IHeaderDictionary headerDictionary = new HeaderDictionary();

            headerDictionary.Add("Authorization", token);
            RouteValueDictionary routeValues = new RouteValueDictionary();

            routeValues.Add("hdid", resourceHDID);
            Mock <HttpRequest> httpRequestMock = new Mock <HttpRequest>();

            httpRequestMock.Setup(s => s.Headers).Returns(headerDictionary);
            httpRequestMock.Setup(s => s.RouteValues).Returns(routeValues);

            Mock <HttpContext> httpContextMock = new Mock <HttpContext>();

            httpContextMock.Setup(s => s.User).Returns(claimsPrincipal);
            httpContextMock.Setup(s => s.Request).Returns(httpRequestMock.Object);

            Mock <IHttpContextAccessor> httpContextAccessorMock = new Mock <IHttpContextAccessor>();

            httpContextAccessorMock.Setup(s => s.HttpContext).Returns(httpContextMock.Object);

            using ILoggerFactory loggerFactory = LoggerFactory.Create(builder => builder.AddConsole());
            ILogger <FhirResourceDelegateAuthorizationHandler> logger = loggerFactory.CreateLogger <FhirResourceDelegateAuthorizationHandler>();

            Mock <IResourceDelegateDelegate> mockDependentDelegate = new Mock <IResourceDelegateDelegate>();

            mockDependentDelegate.Setup(s => s.Exists(resourceHDID, hdid)).Returns(true);

            Mock <IPatientService> mockPatientService = new Mock <IPatientService>();

            mockPatientService
            .Setup(s => s.GetPatient(resourceHDID, PatientIdentifierType.HDID))
            .ReturnsAsync(getPatientResult);

            FhirResourceDelegateAuthorizationHandler authHandler = new FhirResourceDelegateAuthorizationHandler(
                logger,
                this.GetConfiguration(),
                httpContextAccessorMock.Object,
                mockPatientService.Object,
                mockDependentDelegate.Object
                );
            var requirements = new[] { new FhirRequirement(FhirResource.Observation, FhirAccessType.Read, supportsUserDelegation: true) };

            AuthorizationHandlerContext context = new AuthorizationHandlerContext(requirements, claimsPrincipal, null);

            authHandler.HandleAsync(context);
            Assert.False(context.HasSucceeded);
            Assert.False(context.HasFailed);
        }