public void GivenTokenIsNotPresent_WhenMakingARequestToFunction_ThenFunctionReturnsUnauthorized()
{
SetEnvironmentVariables();
var httpRequest = CreateDefaultHttpRequest();
IActionResult response = PackageAuditor.Run(httpRequest);
Assert.That(response, Is.TypeOf<UnauthorizedResult>());
}
public void GivenValidToken_WhenMakingARequestToFunction_ThenFunctionReturnsUnauthorized()
{
SetEnvironmentVariables();
var httpRequest = CreateDefaultHttpRequest();
httpRequest.Headers.Add("Authorization", _token);
IActionResult response = PackageAuditor.Run(httpRequest);
Assert.That(response, Is.TypeOf<OkObjectResult>());
}
public void GivenUnknownAudienceOnToken_WhenMakingARequestToFunction_ThenFunctionReturnsUnauthorized()
{
SetEnvironmentVariables(audience: "https://example.com/");
var httpRequest = CreateDefaultHttpRequest();
httpRequest.Headers.Add("Authorization", _unknownAudianceToken);
IActionResult response = PackageAuditor.Run(httpRequest);
Assert.That(response, Is.TypeOf<UnauthorizedResult>());
}
