public async Task PostSession_SessionFound_ConflictResult()
{
// Arrange
_authenticationRepositoryMock.Setup(m => m.AuthenticateUserAsync(Login, Password, false)).ReturnsAsync(_loginUser);
var httpClientProvider = new TestHttpClientProvider(request => new HttpResponseMessage(HttpStatusCode.OK));
var controller = new SessionsController(_authenticationRepositoryMock.Object, httpClientProvider, _logMock.Object);
// Act
IHttpActionResult result = await controller.PostSession(SystemEncryptions.EncodeTo64UTF8(Login), SystemEncryptions.EncodeTo64UTF8(Password));
// Assert
Assert.IsInstanceOfType(result, typeof(ConflictResult));
}
public async Task DeleteSession_SessionTokenIsNull_BadRequest()
{
// Arrange
var httpClientProvider = new TestHttpClientProvider(request => new HttpResponseMessage(HttpStatusCode.OK));
var controller = new SessionsController(new AuthenticationRepository(), httpClientProvider, _logMock.Object)
{
Request = new HttpRequestMessage()
};
// Act
IHttpActionResult result = await controller.DeleteSession();
// Assert
Assert.IsInstanceOfType(result, typeof(BadRequestResult));
}
public async Task DeleteSession_Exception_InternalServerErrorResult()
{
// Arrange
var httpRequestMessage = new HttpRequestMessage();
httpRequestMessage.Headers.Add("Session-Token", Guid.NewGuid().ToString());
var httpClientProvider = new TestHttpClientProvider(request => { throw new Exception(); });
var controller = new SessionsController(new AuthenticationRepository(), httpClientProvider, _logMock.Object)
{
Request = httpRequestMessage
};
// Act
IHttpActionResult result = await controller.DeleteSession();
// Assert
Assert.IsInstanceOfType(result, typeof(InternalServerErrorResult));
}
public async Task DeleteSession_SessionNotFound_ResponseMessageResult()
{
// Arrange
var httpRequestMessage = new HttpRequestMessage();
httpRequestMessage.Headers.Add("Session-Token", Guid.NewGuid().ToString());
var httpClientProvider = new TestHttpClientProvider(request => new HttpResponseMessage(HttpStatusCode.NotFound));
var controller = new SessionsController(new AuthenticationRepository(), httpClientProvider, _logMock.Object)
{
Request = httpRequestMessage
};
// Act
IHttpActionResult result = await controller.DeleteSession();
// Assert
Assert.IsInstanceOfType(result, typeof(ResponseMessageResult));
}
public async Task PostSession_FormatException_BadRequestResult()
{
// Arrange
var controller = new SessionsController(_authenticationRepositoryMock.Object, _httpClientProvider, _logMock.Object)
{
Request = new HttpRequestMessage()
};
// Act
try
{
await controller.PostSession(Login, Password, true);
}
catch (HttpResponseException ex)
{
Assert.IsTrue(ex.Response.StatusCode == HttpStatusCode.Unauthorized);
return;
}
// Assert
Assert.IsTrue(false);
}
public async Task PostSessionSingleSignOn_SessionFound_ConflictResult()
{
// Arrange
_authenticationRepositoryMock.Setup(m => m.AuthenticateSamlUserAsync(SamlResponse)).ReturnsAsync(_loginUser);
var token = Guid.NewGuid().ToString();
var httpClientProvider = new TestHttpClientProvider(request =>
{
var httpResponseMessage = new HttpResponseMessage(HttpStatusCode.OK);
httpResponseMessage.Headers.Add("Session-Token", token);
return(httpResponseMessage);
});
var controller = new SessionsController(_authenticationRepositoryMock.Object, httpClientProvider, _logMock.Object);
// Act
IHttpActionResult result = await controller.PostSessionSingleSignOn(SamlResponse);
// Assert
Assert.IsInstanceOfType(result, typeof(ConflictResult));
}
public async Task VerifyCredentials_Should_Throw_Bad_Request_Exception_When_Session_UserId_Doesnt_Match_User()
{
// Arrange
_authenticationRepositoryMock.Setup(repo => repo.AuthenticateUserAsync(It.IsAny <string>(), It.IsAny <string>(), true)).ReturnsAsync(new AuthenticationUser()
{
Id = 2
});
// Act
var controller = new SessionsController(_authenticationRepositoryMock.Object, _httpClientProvider, _logMock.Object)
{
Request = new HttpRequestMessage()
{
Properties =
{
{ ServiceConstants.SessionProperty, new Session()
{
UserId = 3
} }
}
}
};
try
{
await controller.VerifyCredentials(EncryptedUsername, EncryptedPassword);
}
catch (BadRequestException ex)
{
// Assert
Assert.AreEqual(ErrorCodes.InvalidCredentials, ex.ErrorCode);
return;
}
Assert.Fail("A BadRequestException was not thrown.");
}
