public async Task HeadersAndNoSignatureSecretKey_ShouldReturn500AndNotInvokeNext()
{
const string tenantIdFromHeader = "a12be5";
const string systemBaseUriFromHeader = "https://sample.mydomain.de";
var context = new DefaultHttpContext();
context.Request.Headers.Add(TenantIdHeader, new[] { tenantIdFromHeader });
context.Request.Headers.Add(SystemBaseUriHeader, new[] { systemBaseUriFromHeader });
context.Request.Headers.Add(SignatureHeader,
new[]
{
GetBase64SignatureFor(systemBaseUriFromHeader + tenantIdFromHeader, _signatureKey)
});
var nextMiddleware = new MiddlewarMock(null);
var onTenantIdentifiedHasBeenInvoked = false;
await new TenantMiddleware(nextMiddleware.InvokeAsync,
new TenantMiddlewareOptions
{
DefaultTenantId = DefaultTenantId,
DefaultSystemBaseUri = DefaultSystemBaseUri,
OnTenantIdentified = (tenantId, systemBaseUri) => { onTenantIdentifiedHasBeenInvoked = true; }
})
.InvokeAsync(context).ConfigureAwait(false);
context.Response.StatusCode.Should().Be(500);
onTenantIdentifiedHasBeenInvoked.Should().BeFalse("onTenantIdentified should not have been invoked if signature is wrong");
nextMiddleware.HasBeenInvoked.Should().BeFalse("next middleware should not have been invoked if signature is wrong");
}
public async Task TenantIdHeaderAndWrongSignatureWithValidSignatureKey_ShouldReturn403AndNotInvokeNext()
{
const string tenantIdFromHeader = "a12be5";
var context = new DefaultHttpContext();
context.Request.Headers.Add(TenantIdHeader, new[] { tenantIdFromHeader });
context.Request.Headers.Add(SignatureHeader,
new[] { GetBase64SignatureFor("wrong data", _signatureKey) });
var nextMiddleware = new MiddlewarMock(null);
var onTenantIdentifiedHasBeenInvoked = false;
await new TenantMiddleware(nextMiddleware.InvokeAsync,
new TenantMiddlewareOptions
{
DefaultTenantId = DefaultTenantId,
DefaultSystemBaseUri = DefaultSystemBaseUri,
SignatureSecretKey = _signatureKey,
OnTenantIdentified = (tenantId, systemBaseUri) => { onTenantIdentifiedHasBeenInvoked = true; }
})
.InvokeAsync(context).ConfigureAwait(false);
context.Response.StatusCode.Should().Be(403);
onTenantIdentifiedHasBeenInvoked.Should().BeFalse("onTenantIdentified should not have been invoked if signature is wrong");
nextMiddleware.HasBeenInvoked.Should().BeFalse("next middleware should not have been invoked if signature is wrong");
}
public async Task NoHeadersButDefaultsAndNoSignatureSecretKey_ShouldUseDefaultsAndInvokeNext()
{
var context = new DefaultHttpContext();
var tenantIdSetByMiddleware = "null";
var systemBaseUriSetByMiddleware = "null";
var nextMiddleware = new MiddlewarMock(null);
await new TenantMiddleware(nextMiddleware.InvokeAsync,
new TenantMiddlewareOptions
{
DefaultTenantId = DefaultTenantId,
DefaultSystemBaseUri = DefaultSystemBaseUri,
SignatureSecretKey = null,
OnTenantIdentified = (tenantId, systemBaseUri) =>
{
tenantIdSetByMiddleware = tenantId;
systemBaseUriSetByMiddleware = systemBaseUri;
}
})
.InvokeAsync(context).ConfigureAwait(false);
tenantIdSetByMiddleware.Should().Be(DefaultTenantId);
systemBaseUriSetByMiddleware.Should().Be(DefaultSystemBaseUri);
nextMiddleware.HasBeenInvoked.Should().BeTrue("next middleware should have been invoked");
}
public async Task SystemBaseUriHeaderAndNoTenantIdHeader_ShouldUseSystemBaseUriHeaderAndDefaultTenantIdAndInvokeNext()
{
const string systemBaseUriFromHeader = "https://sample.mydomain.de";
var context = new DefaultHttpContext();
context.Request.Headers.Add(SystemBaseUriHeader, new[] { systemBaseUriFromHeader });
context.Request.Headers.Add(SignatureHeader,
new[] { GetBase64SignatureFor(systemBaseUriFromHeader, _signatureKey) });
var tenantIdSetByMiddleware = "null";
var systemBaseUriSetByMiddleware = "null";
var nextMiddleware = new MiddlewarMock(null);
await new TenantMiddleware(nextMiddleware.InvokeAsync,
new TenantMiddlewareOptions
{
DefaultTenantId = DefaultTenantId,
DefaultSystemBaseUri = DefaultSystemBaseUri,
SignatureSecretKey = _signatureKey,
OnTenantIdentified = (tenantId, systemBaseUri) =>
{
tenantIdSetByMiddleware = tenantId;
systemBaseUriSetByMiddleware = systemBaseUri;
}
})
.InvokeAsync(context).ConfigureAwait(false);
tenantIdSetByMiddleware.Should().Be(DefaultTenantId);
systemBaseUriSetByMiddleware.Should().Be(systemBaseUriFromHeader);
nextMiddleware.HasBeenInvoked.Should().BeTrue("next middleware should have been invoked");
}
public async Task NoBaseUriHeaderAndDefaultBaseUri_ShouldUseDefaultBaseUriAndInvokeNext()
{
var context = new DefaultHttpContext();
var systemBaseUriSetByMiddleware = "null";
var nextMiddleware = new MiddlewarMock(null);
await new TenantMiddleware(nextMiddleware.InvokeAsync,
new TenantMiddlewareOptions
{
DefaultSystemBaseUri = DefaultSystemBaseUri,
OnTenantIdentified = (tenantId, systemBaseUri) => { systemBaseUriSetByMiddleware = systemBaseUri; }
})
.InvokeAsync(context).ConfigureAwait(false);
systemBaseUriSetByMiddleware.Should().Be(DefaultSystemBaseUri);
nextMiddleware.HasBeenInvoked.Should().BeTrue("next middleware should have been invoked");
}
public async Task NoTenantIdHeaderAndNullDefaultTenantId_ShouldUseNullAndInvokeNext()
{
var context = new DefaultHttpContext();
var tenantIdSetByMiddleware = "null";
var nextMiddleware = new MiddlewarMock(null);
await new TenantMiddleware(nextMiddleware.InvokeAsync,
new TenantMiddlewareOptions
{
DefaultTenantId = null,
OnTenantIdentified = (tenantId, systemBaseUri) => { tenantIdSetByMiddleware = tenantId; }
})
.InvokeAsync(context).ConfigureAwait(false);
tenantIdSetByMiddleware.Should().BeNull();
nextMiddleware.HasBeenInvoked.Should().BeTrue("next middleware should have been invoked");
}
public async Task WrongSignatureKey_ShouldReturn403AndNotInvokeNext()
{
const string tenantIdFromHeader = "a12be5";
const string systemBaseUriFromHeader = "https://sample.mydomain.de";
var wrongSignatureKey = new byte[]
{
167, 219, 144, 209, 189, 1, 178, 73, 139, 47, 21, 236, 142, 56, 71, 245, 43, 188, 163, 52, 239, 102, 94, 153, 255, 159, 199, 149, 163,
145, 161, 24
};
var context = new DefaultHttpContext();
context.Request.Headers.Add(TenantIdHeader, new[] { tenantIdFromHeader });
context.Request.Headers.Add(SystemBaseUriHeader, new[] { systemBaseUriFromHeader });
context.Request.Headers.Add(SignatureHeader,
new[]
{
GetBase64SignatureFor(systemBaseUriFromHeader + tenantIdFromHeader,
wrongSignatureKey)
});
var nextMiddleware = new MiddlewarMock(null);
var onTenantIdentifiedHasBeenInvoked = false;
await new TenantMiddleware(nextMiddleware.InvokeAsync,
new TenantMiddlewareOptions
{
DefaultTenantId = DefaultTenantId,
DefaultSystemBaseUri = DefaultSystemBaseUri,
SignatureSecretKey = _signatureKey,
OnTenantIdentified = (tenantId, systemBaseUri) => { onTenantIdentifiedHasBeenInvoked = true; }
})
.InvokeAsync(context).ConfigureAwait(false);
context.Response.StatusCode.Should().Be(403);
onTenantIdentifiedHasBeenInvoked.Should().BeFalse("onTenantIdentified should not have been invoked if signature is wrong");
nextMiddleware.HasBeenInvoked.Should().BeFalse("next middleware should not have been invoked if signature is wrong");
}
public async Task TenantIdHeaderAndWrongSignatureButIgnoredSignature_ShouldReturn200AndInvokeNext()
{
const string tenantIdFromHeader = "a12be5";
var context = new DefaultHttpContext();
context.Request.Headers.Add(TenantIdHeader, new[] { tenantIdFromHeader });
context.Request.Headers.Add(SignatureHeader,
new[] { GetBase64SignatureFor("wrong data", _signatureKey) });
var nextMiddleware = new MiddlewarMock(null);
var onTenantIdentifiedHasBeenInvoked = false;
var logIsWorking = false;
await new TenantMiddleware(nextMiddleware.InvokeAsync,
new TenantMiddlewareOptions
{
LogCallback = (level, message) =>
{
if (level == TenantMiddlewareLogLevel.Error)
{
logIsWorking = true;
}
},
IgnoreSignature = true,
DefaultTenantId = DefaultTenantId,
DefaultSystemBaseUri = DefaultSystemBaseUri,
SignatureSecretKey = _signatureKey,
OnTenantIdentified = (tenantId, systemBaseUri) => { onTenantIdentifiedHasBeenInvoked = true; }
})
.InvokeAsync(context).ConfigureAwait(false);
context.Response.StatusCode.Should().Be(200);
onTenantIdentifiedHasBeenInvoked.Should().BeTrue("onTenantIdentified should not have been invoked if wrong signature is ignored");
nextMiddleware.HasBeenInvoked.Should().BeTrue("next middleware should have been invoked if wrong signature is ignored");
logIsWorking.Should().BeTrue("log callback has not been invoked");
}
public async Task TenantIdHeaderAndDefaultTenantId_ShouldUseHeaderAndInvokeNext()
{
const string tenantIdFromHeader = "a12be5";
var context = new DefaultHttpContext();
context.Request.Headers.Add(TenantIdHeader, new StringValues(new[] { tenantIdFromHeader }));
context.Request.Headers.Add(SignatureHeader, new[] { GetBase64SignatureFor(tenantIdFromHeader, _signatureKey) });
var tenantIdSetByMiddleware = "null";
var nextMiddleware = new MiddlewarMock(null);
await new TenantMiddleware(nextMiddleware.InvokeAsync,
new TenantMiddlewareOptions
{
DefaultTenantId = DefaultTenantId,
SignatureSecretKey = _signatureKey,
OnTenantIdentified = (tenantId, systemBaseUri) => { tenantIdSetByMiddleware = tenantId; }
})
.InvokeAsync(context).ConfigureAwait(false);
tenantIdSetByMiddleware.Should().Be(tenantIdFromHeader);
nextMiddleware.HasBeenInvoked.Should().BeTrue("next middleware should have been invoked");
}
