private void Apply_HasRequirement_Adds403Response(IAuthorizationRequirement authorizationRequirement)
{
var requirements = new List <IAuthorizationRequirement>()
{
authorizationRequirement
};
var policy = new AuthorizationPolicy(requirements, new List <string>());
var filterDescriptor = new FilterDescriptor(new AuthorizeFilter(policy), 30);
this.context.ApiDescription.ActionDescriptor.FilterDescriptors.Add(filterDescriptor);
this.operationFilter.Apply(this.operation, this.context);
Assert.True(this.operation.Responses.ContainsKey("403"));
}
public void Apply_HasPolicyWithNoClaimsAuthorizationRequirements_DoesNothing()
{
var requirement = new DenyAnonymousAuthorizationRequirement();
var requirements = new List <IAuthorizationRequirement>()
{
requirement
};
var policy = new AuthorizationPolicy(requirements, new List <string>());
var filterDescriptor = new FilterDescriptor(new AuthorizeFilter(policy), 30);
this.operationFilterContext.ApiDescription.ActionDescriptor.FilterDescriptors.Add(filterDescriptor);
this.operationFilter.Apply(this.operation, this.operationFilterContext);
Assert.Null(this.operation.Security);
}
public void Apply_HasDenyAnonymousAuthorizationRequirement_DoesNothing()
{
var requirement = new DenyAnonymousAuthorizationRequirement();
var requirements = new List <IAuthorizationRequirement>()
{
requirement
};
var policy = new AuthorizationPolicy(requirements, new List <string>());
var filterDescriptor = new FilterDescriptor(new AuthorizeFilter(policy), 30);
this.context.ApiDescription.ActionDescriptor.FilterDescriptors.Add(filterDescriptor);
this.operationFilter.Apply(this.operation, this.context);
Assert.Empty(this.operation.Responses);
}
public void Apply_HasDenyAnonymousAuthorizationRequirement_Adds401Response()
{
var requirement = new DenyAnonymousAuthorizationRequirement();
var requirements = new List <IAuthorizationRequirement>()
{
requirement
};
var policy = new AuthorizationPolicy(requirements, new List <string>());
var filterDescriptor = new FilterDescriptor(new AuthorizeFilter(policy), 30);
this.operationFilterContext.ApiDescription.ActionDescriptor.FilterDescriptors.Add(filterDescriptor);
this.operationFilter.Apply(this.operation, this.operationFilterContext);
Assert.True(this.operation.Responses.ContainsKey("401"));
}
public void Apply_HasClaimsAuthorizationRequirements_AddsClaimsToOperation()
{
var requirement = new ClaimsAuthorizationRequirement("Type", new string[0]);
var requirements = new List <IAuthorizationRequirement>()
{
requirement
};
var policy = new AuthorizationPolicy(requirements, new List <string>());
var filterDescriptor = new FilterDescriptor(new AuthorizeFilter(policy), 30);
this.operationFilterContext.ApiDescription.ActionDescriptor.FilterDescriptors.Add(filterDescriptor);
this.operationFilter.Apply(this.operation, this.operationFilterContext);
Assert.NotNull(this.operation.Security);
Assert.Equal(1, this.operation.Security.Count);
Assert.Equal(1, this.operation.Security.First().Count);
Assert.Equal("oauth2", this.operation.Security.First().First().Key);
Assert.Equal(new string[] { "Type" }, this.operation.Security.First().First().Value);
}
