public void OnAuthorization_AdminLevel_ValidHeader_Succeeds()
{
AuthorizationLevelAttribute attribute = new AuthorizationLevelAttribute(AuthorizationLevel.Admin);
HttpRequestMessage request = new HttpRequestMessage();
request.Headers.Add(AuthorizationLevelAttribute.FunctionsKeyHeaderName, "abc123");
_actionContext.ControllerContext.Request = request;
attribute.OnAuthorization(_actionContext);
Assert.Null(_actionContext.Response);
}
public void OnAuthorization_AdminLevel_InvalidHeader_ReturnsUnauthorized(string headerValue)
{
AuthorizationLevelAttribute attribute = new AuthorizationLevelAttribute(AuthorizationLevel.Admin);
HttpRequestMessage request = new HttpRequestMessage();
if (headerValue != null)
{
request.Headers.Add(AuthorizationLevelAttribute.FunctionsKeyHeaderName, headerValue);
}
_actionContext.ControllerContext.Request = request;
attribute.OnAuthorization(_actionContext);
HttpResponseMessage response = _actionContext.Response;
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
}
public void OnAuthorization_AnonymousLevel_Succeeds()
{
AuthorizationLevelAttribute attribute = new AuthorizationLevelAttribute(AuthorizationLevel.Anonymous);
_actionContext.ControllerContext.Request = new HttpRequestMessage();
attribute.OnAuthorization(_actionContext);
Assert.Null(_actionContext.Response);
}
public void OnAuthorization_AdminLevel_NoMasterKeySet_ReturnsUnauthorized()
{
AuthorizationLevelAttribute attribute = new AuthorizationLevelAttribute(AuthorizationLevel.Admin);
_hostSecrets.MasterKey = null;
HttpRequestMessage request = new HttpRequestMessage();
request.Headers.Add(AuthorizationLevelAttribute.FunctionsKeyHeaderName, TestMasterKeyValue);
_actionContext.ControllerContext.Request = request;
attribute.OnAuthorization(_actionContext);
HttpResponseMessage response = _actionContext.Response;
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
}