public void EvaluateSucceedsWhenNotEnabled() { var mockActionDescriptor = new Mock <HttpActionDescriptor>(); var httpConfiguration = new HttpConfiguration(); var routeData = new HttpRouteData(new HttpRoute()); var request = new HttpRequestMessage(); var controllerDescriptor = new HttpControllerDescriptor { Configuration = httpConfiguration, ControllerName = "generic" }; var controllerContext = new HttpControllerContext(httpConfiguration, routeData, request) { ControllerDescriptor = controllerDescriptor }; var actionContext = new HttpActionContext(controllerContext, mockActionDescriptor.Object); var config = new AuthenticatedPrincipalAuthorizationPolicyConfiguration { Enabled = false }; var policy = new AuthenticatedPrincipalAuthorizationPolicy(config); mockActionDescriptor.SetupGet(descriptor => descriptor.ActionName).Returns("someAction"); request.SetConfiguration(httpConfiguration); request.SetRouteData(routeData); policy.Evaluate(actionContext).Should().BeNull("because the policy should always be satisfied if not enabled"); }
public void EvaluateFailsWhenThePrincipalIsNotAuthenticated() { var mockIdentity = new Mock <IIdentity>(); var mockActionDescriptor = new Mock <HttpActionDescriptor>(); var httpConfiguration = new HttpConfiguration(); var routeData = new HttpRouteData(new HttpRoute()); var request = new HttpRequestMessage(); var controllerDescriptor = new HttpControllerDescriptor { Configuration = httpConfiguration, ControllerName = "generic", ControllerType = this.GetType() }; var controllerContext = new HttpControllerContext(httpConfiguration, routeData, request) { ControllerDescriptor = controllerDescriptor }; var actionContext = new HttpActionContext(controllerContext, mockActionDescriptor.Object); var config = new AuthenticatedPrincipalAuthorizationPolicyConfiguration { Enabled = true }; var policy = new AuthenticatedPrincipalAuthorizationPolicy(config); mockIdentity.SetupGet(identity => identity.IsAuthenticated).Returns(false); mockActionDescriptor.SetupGet(descriptor => descriptor.ActionName).Returns("someAction"); mockActionDescriptor.Setup(descriptor => descriptor.GetCustomAttributes <AllowAnonymousAttribute>()).Returns(new Collection <AllowAnonymousAttribute>()); request.SetConfiguration(httpConfiguration); request.SetRouteData(routeData); actionContext.RequestContext.Principal = new ClaimsPrincipal(mockIdentity.Object); policy.Evaluate(actionContext).Should().Be(HttpStatusCode.Unauthorized, "because the policy should fail for a request that has no authentiected principal"); }
public void EvaluateSucceedsForAuthenticatedPrincipals() { var mockActionDescriptor = new Mock <HttpActionDescriptor>(); var httpConfiguration = new HttpConfiguration(); var routeData = new HttpRouteData(new HttpRoute()); var request = new HttpRequestMessage(); var controllerDescriptor = new HttpControllerDescriptor { Configuration = httpConfiguration, ControllerName = "generic", ControllerType = this.GetType() }; var controllerContext = new HttpControllerContext(httpConfiguration, routeData, request) { ControllerDescriptor = controllerDescriptor }; var actionContext = new HttpActionContext(controllerContext, mockActionDescriptor.Object); var config = new AuthenticatedPrincipalAuthorizationPolicyConfiguration { Enabled = true }; var policy = new AuthenticatedPrincipalAuthorizationPolicy(config); mockActionDescriptor.SetupGet(descriptor => descriptor.ActionName).Returns("someAction"); mockActionDescriptor.Setup(descriptor => descriptor.GetCustomAttributes <AllowAnonymousAttribute>()).Returns(new Collection <AllowAnonymousAttribute>()); request.SetConfiguration(httpConfiguration); request.SetRouteData(routeData); actionContext.RequestContext.Principal = new ClaimsPrincipal(new ClaimsIdentity("dummy auth")); policy.Evaluate(actionContext).Should().BeNull("because the policy should always be satisfied when an authenticated principal is present"); }
public void EvaluateSucceedsWhenTheControllerAllowsAnonymous() { var mockActionDescriptor = new Mock <HttpActionDescriptor>(); var httpConfiguration = new HttpConfiguration(); var routeData = new HttpRouteData(new HttpRoute()); var request = new HttpRequestMessage(); var controllerDescriptor = new HttpControllerDescriptor { Configuration = httpConfiguration, ControllerName = "generic", ControllerType = typeof(AllowAnonymousController) }; var controllerContext = new HttpControllerContext(httpConfiguration, routeData, request) { ControllerDescriptor = controllerDescriptor }; var actionContext = new HttpActionContext(controllerContext, mockActionDescriptor.Object); var config = new AuthenticatedPrincipalAuthorizationPolicyConfiguration { Enabled = true }; var policy = new AuthenticatedPrincipalAuthorizationPolicy(config); mockActionDescriptor.SetupGet(descriptor => descriptor.ActionName).Returns("someAction"); mockActionDescriptor.Setup(descriptor => descriptor.GetCustomAttributes <AllowAnonymousAttribute>()).Returns(new Collection <AllowAnonymousAttribute>()); request.SetConfiguration(httpConfiguration); request.SetRouteData(routeData); policy.Evaluate(actionContext).Should().BeNull("because the policy should always be satisfied when the controller allows anonymous access"); }
/// <summary> /// Initializes a new instance of the <see cref="AuthenticatedPrincipalAuthorizationPolicy"/> class. /// </summary> /// /// <param name="configuration">The configuration to use for the policy.</param> /// public AuthenticatedPrincipalAuthorizationPolicy(AuthenticatedPrincipalAuthorizationPolicyConfiguration configuration) { if (configuration == null) { throw new ArgumentNullException(nameof(configuration)); } this.configuration = configuration; }
public void EnabledPropertyIsConfigured() { var config = new AuthenticatedPrincipalAuthorizationPolicyConfiguration { Enabled = true }; var policy = new AuthenticatedPrincipalAuthorizationPolicy(config); policy.Enabled.Should().Be(config.Enabled, "because the Enabled property should be driven by configuration"); }