public async Task Returns_failure_for_unauthorized_token(string exceptionTypeToThrow)
{
const string AudienceForTest = "AudienceForTest";
const string IssuerUrlForTest = "https://issuerUrl.for.test/";
const string ExtractedTokenForTest = "ExtractedTokenForTest";
Exception exceptionToThrow = exceptionTypeToThrow == "SecurityTokenException"
? new SecurityTokenException()
: new Exception();
var fakeApiAuthorizationSettingsOptions
= new FakeOptions <OidcApiAuthorizationSettings>()
{
Value = new OidcApiAuthorizationSettings()
{
Audience = AudienceForTest,
IssuerUrl = IssuerUrlForTest
}
};
var fakeAuthorizationHeaderBearerTokenExractor = new FakeAuthorizationHeaderBearerTokenExractor()
{
TokenToReturn = ExtractedTokenForTest
};
var fakeJwtSecurityTokenHandlerWrapper = new FakeJwtSecurityTokenHandlerWrapper()
{
// Throw for unauthrorized token.
ExceptionToThrow = exceptionToThrow
};
var fakeOidcConfigurationManager = new FakeOidcConfigurationManager()
{
SecurityKeysForTest = new List <SecurityKey>()
};
IHeaderDictionary httpRequestHeaders = null;
var service = new OidcApiAuthorizationService(
fakeApiAuthorizationSettingsOptions,
fakeAuthorizationHeaderBearerTokenExractor,
fakeJwtSecurityTokenHandlerWrapper,
fakeOidcConfigurationManager);
ApiAuthorizationResult result = await service.AuthorizeAsync(
httpRequestHeaders);
Assert.True(result.Failed);
Assert.Equal(1, fakeJwtSecurityTokenHandlerWrapper.ValidateTokenCalledCount);
Assert.Equal(0, fakeOidcConfigurationManager.RequestRefreshCalledCount);
}
public async Task Retrys_once_if_SecurityTokenSignatureKeyNotFoundException()
{
const string AudianceForTest = "AudianceForTest";
const string IssuerUrlForTest = "https://issuerUrl.for.test/";
const string ExtractedTokenForTest = "ExtractedTokenForTest";
var fakeApiAuthorizationSettingsOptions
= new FakeOptions <OidcApiAuthorizationSettings>()
{
Value = new OidcApiAuthorizationSettings()
{
Audience = AudianceForTest,
IssuerUrl = IssuerUrlForTest
}
};
var fakeAuthorizationHeaderBearerTokenExractor = new FakeAuthorizationHeaderBearerTokenExractor()
{
TokenToReturn = ExtractedTokenForTest
};
var fakeJwtSecurityTokenHandlerWrapper = new FakeJwtSecurityTokenHandlerWrapper()
{
ThrowFirstTime = true
};
var fakeOidcConfigurationManager = new FakeOidcConfigurationManager()
{
SecurityKeysForTest = new List <SecurityKey>()
};
IHeaderDictionary httpRequestHeaders = null;
var service = new OidcApiAuthorizationService(
fakeApiAuthorizationSettingsOptions,
fakeAuthorizationHeaderBearerTokenExractor,
fakeJwtSecurityTokenHandlerWrapper,
fakeOidcConfigurationManager);
ApiAuthorizationResult result = await service.AuthorizeAsync(
httpRequestHeaders);
Assert.True(result.Success);
Assert.Equal(2, fakeJwtSecurityTokenHandlerWrapper.ValidateTokenCalledCount);
Assert.Equal(1, fakeOidcConfigurationManager.RequestRefreshCalledCount);
}
public async Task Returns_success_for_happy_path()
{
const string AudianceForTest = "AudianceForTest";
const string IssuerUrlForTest = "https://issuerUrl.for.test/";
const string ExtractedTokenForTest = "ExtractedTokenForTest";
var fakeApiAuthorizationSettingsOptions
= new FakeOptions <OidcApiAuthorizationSettings>()
{
Value = new OidcApiAuthorizationSettings()
{
Audience = AudianceForTest,
IssuerUrl = IssuerUrlForTest
}
};
var fakeAuthorizationHeaderBearerTokenExractor = new FakeAuthorizationHeaderBearerTokenExractor()
{
TokenToReturn = ExtractedTokenForTest
};
var fakeJwtSecurityTokenHandlerWrapper = new FakeJwtSecurityTokenHandlerWrapper();
var fakeOidcConfigurationManager = new FakeOidcConfigurationManager()
{
SecurityKeysForTest = new List <SecurityKey>()
};
IHeaderDictionary httpRequestHeaders = null;
var service = new OidcApiAuthorizationService(
fakeApiAuthorizationSettingsOptions,
fakeAuthorizationHeaderBearerTokenExractor,
fakeJwtSecurityTokenHandlerWrapper,
fakeOidcConfigurationManager);
ApiAuthorizationResult result = await service.AuthorizeAsync(
httpRequestHeaders);
Assert.True(result.Success);
}
