public void RequiresAuthenticationAttribute_Authorize_Allowed_Authenticated_User()
{
RequiresAuthenticationAttribute attr = new RequiresAuthenticationAttribute();
using (AuthorizationContext context = new AuthorizationContext(/*instance*/ null, "testOp", "testOpType", /*IServiceProvider*/ null, /*items*/ null))
{
AuthorizationResult result = attr.Authorize(this.CreateIPrincipal("name"), context);
Assert.AreSame(result, AuthorizationResult.Allowed, "Expected authorization to be allowed on new principal");
}
}
public void RequiresAuthentication_NullUser_ReturnsUnauthenticated()
{
var attr = new RequiresAuthenticationAttribute();
var httpCtx = new Fakes.FakeHttpContext();
var shouldContinue = attr.ShouldContinue(httpCtx);
Assert.False(shouldContinue.ShouldContinue);
Assert.Equal(ApiFilterRunResult.Unauthenticated.SetResponseCode, shouldContinue.SetResponseCode);
}
public void RequiresAuthentication_AuthenticatedUser_ReturnsContinue()
{
var attr = new RequiresAuthenticationAttribute();
var httpCtx = new Fakes.FakeHttpContext();
httpCtx.User = UserSetup.GetUser();
var shouldContinue = attr.ShouldContinue(httpCtx);
Assert.True(shouldContinue.ShouldContinue);
}
public void RequiresAuthenticationAttribute_Authorize_Allowed_Authenticated_User()
{
RequiresAuthenticationAttribute attr = new RequiresAuthenticationAttribute();
using (AuthorizationContext context = new AuthorizationContext(/*instance*/ null, "testOp", "testOpType", /*IServiceProvider*/ null, /*items*/ null))
{
AuthorizationResult result = attr.Authorize(this.CreateIPrincipal("name"), context);
Assert.AreSame(result, AuthorizationResult.Allowed, "Expected authorization to be allowed on new principal");
}
}
public void RequiresAuthenticationAttribute_Authorize_Denied_Anonymous_User()
{
RequiresAuthenticationAttribute attr = new RequiresAuthenticationAttribute();
using (AuthorizationContext context = new AuthorizationContext(/*instance*/ null, "testOp", "testOpType", /*IServiceProvider*/ null, /*items*/ null))
{
AuthorizationResult result = attr.Authorize(new GenericPrincipal(WindowsIdentity.GetAnonymous(), null), context);
Assert.AreNotSame(result, AuthorizationResult.Allowed, "Expected denied result for anon user");
string expectedMessage = String.Format(CultureInfo.CurrentCulture, Resource.AuthorizationAttribute_Default_Message, context.Operation);
Assert.AreEqual(expectedMessage, result.ErrorMessage, "Expected to see default denial error message");
}
}
public void RequiresAuthenticationAttribute_Authorize_Denied_Anonymous_User()
{
RequiresAuthenticationAttribute attr = new RequiresAuthenticationAttribute();
using (AuthorizationContext context = new AuthorizationContext(/*instance*/ null, "testOp", "testOpType", /*IServiceProvider*/ null, /*items*/ null))
{
AuthorizationResult result = attr.Authorize(new GenericPrincipal(WindowsIdentity.GetAnonymous(), null), context);
Assert.AreNotSame(result, AuthorizationResult.Allowed, "Expected denied result for anon user");
string expectedMessage = String.Format(CultureInfo.CurrentCulture, Resource.AuthorizationAttribute_Default_Message, context.Operation);
Assert.AreEqual(expectedMessage, result.ErrorMessage, "Expected to see default denial error message");
}
}
