public void Should_have_authentication_cookie_in_login_response_when_logging_in_without_redirect()
{
// Given
FormsAuthentication.Enable(A.Fake <IPipelines>(), this.config);
// When
var result = FormsAuthentication.UserLoggedInResponse(userGuid);
// Then
result.Cookies.Where(c => c.Name == FormsAuthentication.FormsAuthenticationCookieName).Any().ShouldBeTrue();
}
public void Should_set_expiry_date_if_one_specified_when_logging_in_without_redirect()
{
// Given
FormsAuthentication.Enable(A.Fake <IPipelines>(), this.config);
// When
var result = FormsAuthentication.UserLoggedInResponse(userGuid, DateTime.Now.AddDays(1));
// Then
result.Cookies.Where(c => c.Name == FormsAuthentication.FormsAuthenticationCookieName).First()
.Expires.ShouldNotBeNull();
}
public void Should_return_ok_response_when_user_logs_in_without_redirect()
{
// Given
FormsAuthentication.Enable(A.Fake <IPipelines>(), this.config);
// When
var result = FormsAuthentication.UserLoggedInResponse(userGuid);
// Then
result.ShouldBeOfType(typeof(Response));
result.StatusCode.ShouldEqual(HttpStatusCode.OK);
}
public void Should_set_authentication_cookie_to_httponly_when_logging_in_without_redirect()
{
// Given
FormsAuthentication.Enable(A.Fake <IApplicationPipelines>(), this.config);
// When
var result = FormsAuthentication.UserLoggedInResponse(userGuid);
// Then
result.Cookies.Where(c => c.Name == FormsAuthentication.FormsAuthenticationCookieName).First()
.HttpOnly.ShouldBeTrue();
}
public void Should_set_authentication_cookie_to_secure_when_config_requires_ssl_and_logging_in_without_redirect()
{
// Given
FormsAuthentication.Enable(A.Fake <IPipelines>(), this.secureConfig);
// When
var result = FormsAuthentication.UserLoggedInResponse(userGuid);
// Then
result.Cookies
.Where(c => c.Name == FormsAuthentication.FormsAuthenticationCookieName)
.First()
.Secure.ShouldBeTrue();
}
public void Should_encrypt_cookie_when_logging_in_without_redirect()
{
// Given
var mockEncrypter = A.Fake <IEncryptionProvider>();
this.config.CryptographyConfiguration = new CryptographyConfiguration(mockEncrypter, this.cryptographyConfiguration.HmacProvider);
FormsAuthentication.Enable(A.Fake <IPipelines>(), this.config);
// When
FormsAuthentication.UserLoggedInResponse(userGuid, DateTime.Now.AddDays(1));
// Then
A.CallTo(() => mockEncrypter.Encrypt(A <string> .Ignored))
.MustHaveHappened(Repeated.Exactly.Once);
}
public void Should_generate_hmac_for_cookie_from_encrypted_cookie_when_logging_in_without_redirect()
{
// Given
var fakeEncrypter = A.Fake <IEncryptionProvider>();
var fakeCryptoText = "FakeText";
A.CallTo(() => fakeEncrypter.Encrypt(A <string> .Ignored))
.Returns(fakeCryptoText);
var mockHmac = A.Fake <IHmacProvider>();
this.config.CryptographyConfiguration = new CryptographyConfiguration(fakeEncrypter, mockHmac);
FormsAuthentication.Enable(A.Fake <IPipelines>(), this.config);
// When
FormsAuthentication.UserLoggedInResponse(userGuid, DateTime.Now.AddDays(1));
// Then
A.CallTo(() => mockHmac.GenerateHmac(fakeCryptoText))
.MustHaveHappened(Repeated.Exactly.Once);
}