public async Task TestJwtMiddleware()
{
HttpContext context = new DefaultHttpContext();
JwtMiddleware middleware = new JwtMiddleware(httpContext => Task.CompletedTask);
await middleware.Invoke(context);
Assert.IsTrue(!context.User.Claims.Any(), "Are there any claims when there's no authentication header?");
Assert.IsNull(context.User.Identity.AuthenticationType, "Is the authenticationtype null when there's no auth header?");
// Create a test user instance
User testUser = new User
{
confirmed = true,
date_of_birth = DateTime.Now,
email = "*****@*****.**",
ID = 0,
password = "******",
plan = Plans.Basic,
registration_timestamp = DateTime.Now,
role = Roles.User,
username = "******"
};
ClaimsPrincipal userPrincipal = testUser.ClaimsPrincipal(TokenScope.UserLogin);
context.Request.Headers.Add("Authorization", "Bearer " + Jwt.Sign((ClaimsIdentity)userPrincipal.Identity));
await middleware.Invoke(context);
Assert.IsTrue(context.User.Claims.Any(), "Are there any claims when the authentication header is present?");
Assert.IsNotNull(context.User.Identity.AuthenticationType, "Is the authenticationtype no null when the authentication header is present?");
Assert.AreEqual(context.User.Identity.AuthenticationType, TokenScope.UserLogin,
"Is the AuthenticationType the same as the one used to sign the Jwt token?");
}
public async Task InvokeNoHeadersShouldCallNext()
{
await _middleware.Invoke(_mockHttpContext.Object,
_mockExecutionContext.Object,
_mockExecutionContextHelper.Object);
Assert.True(_nextWasCalled);
_mockExecutionContextHelper.Verify(
helper => helper.FillExecutionContextFromJwt(It.IsAny <string>(), It.IsAny <IExecutionContext>()),
Times.Never);
}
public async Task Invoke_returns_200_with_token_if_match([Frozen] IUserAuthenticator authenticator, [Frozen] IUserExtractor extractor, JwtMiddleware sut, [Frozen] IServiceProvider serviceProvider, HttpContext context, JwtOptions options, IActionResultExecutor <ObjectResult> executor, User user, ClaimsIdentity identity)
{
Mock.Get(extractor).Setup(p => p.TryExtractUser(It.IsAny <HttpContext>(), out user)).Returns(true);
Mock.Get(authenticator).Setup(p => p.TryAuthenticateUserAsync(It.IsAny <User>(), out identity)).ReturnsAsync(true);
Mock.Get(serviceProvider).Setup(p => p.GetService(typeof(IActionResultExecutor <ObjectResult>))).Returns(executor);
await sut.Invoke(context, options);
Mock.Get(executor).Verify(p => p.ExecuteAsync(It.IsAny <ActionContext>(), It.Is <ObjectResult>(or => or.StatusCode == 200 && or.Value is TokenModel)));
}
public async Task Invoke_returns_401_if_no_match([Frozen] IUserExtractor extractor, JwtMiddleware sut, [Frozen] IServiceProvider serviceProvider, HttpContext context, JwtOptions options, IActionResultExecutor <ObjectResult> executor)
{
User user = null;
Mock.Get(extractor).Setup(p => p.TryExtractUser(It.IsAny <HttpContext>(), out user)).Returns(false);
Mock.Get(serviceProvider).Setup(p => p.GetService(typeof(IActionResultExecutor <ObjectResult>))).Returns(executor);
await sut.Invoke(context, options);
Mock.Get(executor).Verify(p => p.ExecuteAsync(It.IsAny <ActionContext>(), It.Is <ObjectResult>(or => or.StatusCode == 401)));
}
public async Task JwtMiddleware_ValidUser()
{
username = "******";
_mockUserRepository.Setup(repo => repo.GetByUserName(username)).
Returns(_testuser.Username == username ? _testuser : null);
defaultContext = new DefaultHttpContext();
defaultContext.Request.Path = "/";
defaultContext.Request.Headers.Add("Ocp-Apim-Subscription-Key", "test");
var middlewareInstance = new JwtMiddleware(next:
(innerHttpContext) => {
return(Task.CompletedTask);
},
_mockappsetting
);
await middlewareInstance.Invoke(defaultContext, _mockUserRepository.Object);
Assert.True(defaultContext.Request.Headers["Auth-User"].FirstOrDefault()?.Split(" ").Last() != null);
}
public async Task JwtMiddleware_InValidUser()
{
username = "******";
_mockUserRepository.Setup(repo => repo.GetByUserName(username)).Returns(_testuser.Username == username ? _testuser : null);
defaultContext = new DefaultHttpContext();
defaultContext.Request.Path = "/";
var middlewareInstance = new JwtMiddleware(next:
(innerHttpContext) => {
return(Task.CompletedTask);
},
_mockappsetting
);
await middlewareInstance.Invoke(defaultContext, _mockUserRepository.Object);
var test = defaultContext.Request.Headers["Auth-User"].Count;
Assert.True(defaultContext.Request.Headers["Auth-User"].Count == 0);
}
