Beispiel #1
        /// <summary>
        /// The reason this is not in the constructor is solely for the purpose of exception handling.
        /// If you leave this in the controller and someone who is not authenticated calls the API you will not get a tenantId not found error.
        /// The error will be ugly and be hard to figure out you are not authorized.
        /// This way if the all methods have the ClaimsAuthorize attribute on them they will first be authenticated if not get a nice error message of not authorized.
        /// </summary>
        /// <exception cref="System.Exception">No Tenant Id Found.</exception>
        private void Setup()
            //var isAllowed = ClaimsAuthorization.CheckAccess("Get", "CustomerId", "00");
            //isAllowed = true;
            //Get the current claims principal
            var identity = (ClaimsPrincipal)Thread.CurrentPrincipal;
            var tenant   = identity.Claims.Where(c => c.Type == ClaimsConstants.TenantIdClaimType).Select(c => c.Value).SingleOrDefault();

            if (string.IsNullOrEmpty(tenant))
                throw new Exception("No Tenant Id Found.");

            _tenantId    = Guid.Parse(tenant);
            _user        = identity.Identity.Name;
            _serviceName = DispatcherServiceFactory.RetrieveServiceName(_tenantId);

            _iProvisioningEngineService = ProvisioningEngineServiceFactory.Create(_tenantId);
            _iOrderService = OrderServiceFactory.Create(_tenantId);
 public void TestInitialize()
     _container = BootStrapper.Initialize();
     _iProvisioningEngineService = _container.Resolve <IProvisioningEngineService>();