Beispiel #1
0
        public async Task Instance_Post_WithQueryParamInvalidCsrf_AuthCookie()
        {
            string token = PrincipalUtil.GetToken(1);

            HttpClient         client = SetupUtil.GetTestClient(_factory, "tdd", "endring-av-navn");
            HttpRequestMessage httpRequestMessageHome = new HttpRequestMessage(HttpMethod.Get, "/tdd/endring-av-navn/")
            {
            };

            SetupUtil.AddAuthCookie(httpRequestMessageHome, token);

            HttpResponseMessage responseHome = await client.SendAsync(httpRequestMessageHome);

            string             xsrfToken          = SetupUtil.GetXsrfCookieValue(responseHome);
            HttpRequestMessage httpRequestMessage = new HttpRequestMessage(HttpMethod.Post, "/tdd/endring-av-navn/instances?instanceOwnerPartyId=1000")
            {
            };

            xsrfToken = xsrfToken + "THIS_MAKE_THE_TOKEN_INVALID";
            SetupUtil.AddAuthCookie(httpRequestMessage, token, xsrfToken);

            HttpResponseMessage response = await client.SendAsync(httpRequestMessage);

            string responseContent = await response.Content.ReadAsStringAsync();

            Assert.Equal(HttpStatusCode.BadRequest, response.StatusCode);
        }
Beispiel #2
0
        public async Task Instance_Post_WithQueryParamOk_AuthCookie()
        {
            string token = PrincipalUtil.GetToken(1337);

            HttpClient         client = SetupUtil.GetTestClient(_factory, "tdd", "endring-av-navn");
            HttpRequestMessage httpRequestMessageHome = new HttpRequestMessage(HttpMethod.Get, "/tdd/endring-av-navn/")
            {
            };

            SetupUtil.AddAuthCookie(httpRequestMessageHome, token);

            HttpResponseMessage responseHome = await client.SendAsync(httpRequestMessageHome);

            string             xsrfToken          = SetupUtil.GetXsrfCookieValue(responseHome);
            HttpRequestMessage httpRequestMessage = new HttpRequestMessage(HttpMethod.Post, "/tdd/endring-av-navn/instances?instanceOwnerPartyId=1337")
            {
            };

            SetupUtil.AddAuthCookie(httpRequestMessage, token, xsrfToken);

            HttpResponseMessage response = await client.SendAsync(httpRequestMessage);

            string responseContent = await response.Content.ReadAsStringAsync();

            Instance instance = JsonConvert.DeserializeObject <Instance>(responseContent);

            Assert.Equal(HttpStatusCode.Created, response.StatusCode);
            Assert.NotNull(instance);
            Assert.Equal("1337", instance.InstanceOwner.PartyId);

            TestDataUtil.DeleteInstanceAndData("tdd", "endring-av-navn", 1337, new Guid(instance.Id.Split('/')[1]));
        }