public async Task CanUseDynamicPolicyProvider()
{
var authorizationService = new DefaultAuthorizationService(new DynamicPolicyProvider(), Enumerable.Empty <IAuthorizationHandler>());
var id = new ClaimsIdentity();
id.AddClaim(new Claim("1", "1"));
id.AddClaim(new Claim("2", "2"));
var user = new ClaimsPrincipal(id);
Assert.IsFalse(await authorizationService.AuthorizeAsync(user, "0"));
Assert.IsTrue(await authorizationService.AuthorizeAsync(user, "1"));
Assert.IsTrue(await authorizationService.AuthorizeAsync(user, "2"));
Assert.IsFalse(await authorizationService.AuthorizeAsync(user, "3"));
}
public async Task AuthorizeAsyncShouldThrowWhenPolicyIsNotFound()
{
var policyProvider = Repository.Create <IAuthorizationPolicyProvider>();
policyProvider.Setup(x => x.GetPolicyAsync(It.IsAny <string>()))
.Returns(Task.FromResult <AuthorizationPolicy>(null));
var service = new DefaultAuthorizationService(policyProvider.Object, Enumerable.Empty <IAuthorizationHandler>());
await service.AuthorizeAsync(CreateAnonymousUser(), null, "fake policy");
}
public async Task AuthorizationServiceShouldAddPassThroughIfNotPresent()
{
var options = new AuthorizationOptions();
var policyProvider = new DefaultAuthorizationPolicyProvider(options);
var handler = Repository.Create <IAuthorizationHandler>();
handler.Setup(x => x.HandleAsync(It.IsAny <AuthorizationHandlerContext>())).Returns(Task.FromResult(0));
var requirement = handler.As <IAuthorizationRequirement>();
var service = new DefaultAuthorizationService(policyProvider, Enumerable.Empty <IAuthorizationHandler>());
// the next line should cause the requirement to be called as a handler if Passthrough is working
var authorized = await service.AuthorizeAsync(CreateAnonymousUser(), null, new[] { requirement.Object });
Assert.IsFalse(authorized, "authorized");
handler.Verify(x => x.HandleAsync(It.IsAny <AuthorizationHandlerContext>()));
}