Example #1
0
        public async Task HeadersAndNoSignatureSecretKey_ShouldReturn500AndNotInvokeNext()
        {
            const string tenantIdFromHeader      = "a12be5";
            const string systemBaseUriFromHeader = "https://sample.mydomain.de";

            var context = new DefaultHttpContext();

            context.Request.Headers.Add(TenantIdHeader, new[] { tenantIdFromHeader });
            context.Request.Headers.Add(SystemBaseUriHeader, new[] { systemBaseUriFromHeader });
            context.Request.Headers.Add(SignatureHeader,
                                        new[]
            {
                GetBase64SignatureFor(systemBaseUriFromHeader + tenantIdFromHeader, _signatureKey)
            });

            var nextMiddleware = new MiddlewarMock(null);
            var onTenantIdentifiedHasBeenInvoked = false;

            await new TenantMiddleware(nextMiddleware.InvokeAsync,
                                       new TenantMiddlewareOptions
            {
                DefaultTenantId      = DefaultTenantId,
                DefaultSystemBaseUri = DefaultSystemBaseUri,
                OnTenantIdentified   = (tenantId, systemBaseUri) => { onTenantIdentifiedHasBeenInvoked = true; }
            })
            .InvokeAsync(context).ConfigureAwait(false);

            context.Response.StatusCode.Should().Be(500);
            onTenantIdentifiedHasBeenInvoked.Should().BeFalse("onTenantIdentified should not have been invoked if signature is wrong");
            nextMiddleware.HasBeenInvoked.Should().BeFalse("next middleware should not have been invoked if signature is wrong");
        }
Example #2
0
        public async Task TenantIdHeaderAndWrongSignatureWithValidSignatureKey_ShouldReturn403AndNotInvokeNext()
        {
            const string tenantIdFromHeader = "a12be5";

            var context = new DefaultHttpContext();

            context.Request.Headers.Add(TenantIdHeader, new[] { tenantIdFromHeader });
            context.Request.Headers.Add(SignatureHeader,
                                        new[] { GetBase64SignatureFor("wrong data", _signatureKey) });

            var nextMiddleware = new MiddlewarMock(null);
            var onTenantIdentifiedHasBeenInvoked = false;

            await new TenantMiddleware(nextMiddleware.InvokeAsync,
                                       new TenantMiddlewareOptions
            {
                DefaultTenantId      = DefaultTenantId,
                DefaultSystemBaseUri = DefaultSystemBaseUri,
                SignatureSecretKey   = _signatureKey,
                OnTenantIdentified   = (tenantId, systemBaseUri) => { onTenantIdentifiedHasBeenInvoked = true; }
            })
            .InvokeAsync(context).ConfigureAwait(false);

            context.Response.StatusCode.Should().Be(403);
            onTenantIdentifiedHasBeenInvoked.Should().BeFalse("onTenantIdentified should not have been invoked if signature is wrong");
            nextMiddleware.HasBeenInvoked.Should().BeFalse("next middleware should not have been invoked if signature is wrong");
        }
Example #3
0
        public async Task NoHeadersButDefaultsAndNoSignatureSecretKey_ShouldUseDefaultsAndInvokeNext()
        {
            var context = new DefaultHttpContext();

            var tenantIdSetByMiddleware      = "null";
            var systemBaseUriSetByMiddleware = "null";
            var nextMiddleware = new MiddlewarMock(null);

            await new TenantMiddleware(nextMiddleware.InvokeAsync,
                                       new TenantMiddlewareOptions
            {
                DefaultTenantId      = DefaultTenantId,
                DefaultSystemBaseUri = DefaultSystemBaseUri,
                SignatureSecretKey   = null,
                OnTenantIdentified   = (tenantId, systemBaseUri) =>
                {
                    tenantIdSetByMiddleware      = tenantId;
                    systemBaseUriSetByMiddleware = systemBaseUri;
                }
            })
            .InvokeAsync(context).ConfigureAwait(false);

            tenantIdSetByMiddleware.Should().Be(DefaultTenantId);
            systemBaseUriSetByMiddleware.Should().Be(DefaultSystemBaseUri);
            nextMiddleware.HasBeenInvoked.Should().BeTrue("next middleware should have been invoked");
        }
Example #4
0
        public async Task SystemBaseUriHeaderAndNoTenantIdHeader_ShouldUseSystemBaseUriHeaderAndDefaultTenantIdAndInvokeNext()
        {
            const string systemBaseUriFromHeader = "https://sample.mydomain.de";

            var context = new DefaultHttpContext();

            context.Request.Headers.Add(SystemBaseUriHeader, new[] { systemBaseUriFromHeader });
            context.Request.Headers.Add(SignatureHeader,
                                        new[] { GetBase64SignatureFor(systemBaseUriFromHeader, _signatureKey) });

            var tenantIdSetByMiddleware      = "null";
            var systemBaseUriSetByMiddleware = "null";
            var nextMiddleware = new MiddlewarMock(null);

            await new TenantMiddleware(nextMiddleware.InvokeAsync,
                                       new TenantMiddlewareOptions
            {
                DefaultTenantId      = DefaultTenantId,
                DefaultSystemBaseUri = DefaultSystemBaseUri,
                SignatureSecretKey   = _signatureKey,
                OnTenantIdentified   = (tenantId, systemBaseUri) =>
                {
                    tenantIdSetByMiddleware      = tenantId;
                    systemBaseUriSetByMiddleware = systemBaseUri;
                }
            })
            .InvokeAsync(context).ConfigureAwait(false);

            tenantIdSetByMiddleware.Should().Be(DefaultTenantId);
            systemBaseUriSetByMiddleware.Should().Be(systemBaseUriFromHeader);
            nextMiddleware.HasBeenInvoked.Should().BeTrue("next middleware should have been invoked");
        }
Example #5
0
        public async Task NoBaseUriHeaderAndDefaultBaseUri_ShouldUseDefaultBaseUriAndInvokeNext()
        {
            var context = new DefaultHttpContext();

            var systemBaseUriSetByMiddleware = "null";
            var nextMiddleware = new MiddlewarMock(null);

            await new TenantMiddleware(nextMiddleware.InvokeAsync,
                                       new TenantMiddlewareOptions
            {
                DefaultSystemBaseUri = DefaultSystemBaseUri,
                OnTenantIdentified   = (tenantId, systemBaseUri) => { systemBaseUriSetByMiddleware = systemBaseUri; }
            })
            .InvokeAsync(context).ConfigureAwait(false);

            systemBaseUriSetByMiddleware.Should().Be(DefaultSystemBaseUri);
            nextMiddleware.HasBeenInvoked.Should().BeTrue("next middleware should have been invoked");
        }
Example #6
0
        public async Task NoTenantIdHeaderAndNullDefaultTenantId_ShouldUseNullAndInvokeNext()
        {
            var context = new DefaultHttpContext();

            var tenantIdSetByMiddleware = "null";
            var nextMiddleware          = new MiddlewarMock(null);

            await new TenantMiddleware(nextMiddleware.InvokeAsync,
                                       new TenantMiddlewareOptions
            {
                DefaultTenantId    = null,
                OnTenantIdentified = (tenantId, systemBaseUri) => { tenantIdSetByMiddleware = tenantId; }
            })
            .InvokeAsync(context).ConfigureAwait(false);

            tenantIdSetByMiddleware.Should().BeNull();
            nextMiddleware.HasBeenInvoked.Should().BeTrue("next middleware should have been invoked");
        }
Example #7
0
        public async Task WrongSignatureKey_ShouldReturn403AndNotInvokeNext()
        {
            const string tenantIdFromHeader      = "a12be5";
            const string systemBaseUriFromHeader = "https://sample.mydomain.de";

            var wrongSignatureKey = new byte[]
            {
                167, 219, 144, 209, 189, 1, 178, 73, 139, 47, 21, 236, 142, 56, 71, 245, 43, 188, 163, 52, 239, 102, 94, 153, 255, 159, 199, 149, 163,
                145, 161, 24
            };

            var context = new DefaultHttpContext();

            context.Request.Headers.Add(TenantIdHeader, new[] { tenantIdFromHeader });
            context.Request.Headers.Add(SystemBaseUriHeader, new[] { systemBaseUriFromHeader });
            context.Request.Headers.Add(SignatureHeader,
                                        new[]
            {
                GetBase64SignatureFor(systemBaseUriFromHeader + tenantIdFromHeader,
                                      wrongSignatureKey)
            });

            var nextMiddleware = new MiddlewarMock(null);
            var onTenantIdentifiedHasBeenInvoked = false;

            await new TenantMiddleware(nextMiddleware.InvokeAsync,
                                       new TenantMiddlewareOptions
            {
                DefaultTenantId      = DefaultTenantId,
                DefaultSystemBaseUri = DefaultSystemBaseUri,
                SignatureSecretKey   = _signatureKey,
                OnTenantIdentified   = (tenantId, systemBaseUri) => { onTenantIdentifiedHasBeenInvoked = true; }
            })
            .InvokeAsync(context).ConfigureAwait(false);

            context.Response.StatusCode.Should().Be(403);
            onTenantIdentifiedHasBeenInvoked.Should().BeFalse("onTenantIdentified should not have been invoked if signature is wrong");
            nextMiddleware.HasBeenInvoked.Should().BeFalse("next middleware should not have been invoked if signature is wrong");
        }
Example #8
0
        public async Task TenantIdHeaderAndWrongSignatureButIgnoredSignature_ShouldReturn200AndInvokeNext()
        {
            const string tenantIdFromHeader = "a12be5";

            var context = new DefaultHttpContext();

            context.Request.Headers.Add(TenantIdHeader, new[] { tenantIdFromHeader });
            context.Request.Headers.Add(SignatureHeader,
                                        new[] { GetBase64SignatureFor("wrong data", _signatureKey) });

            var nextMiddleware = new MiddlewarMock(null);
            var onTenantIdentifiedHasBeenInvoked = false;
            var logIsWorking = false;

            await new TenantMiddleware(nextMiddleware.InvokeAsync,
                                       new TenantMiddlewareOptions
            {
                LogCallback = (level, message) =>
                {
                    if (level == TenantMiddlewareLogLevel.Error)
                    {
                        logIsWorking = true;
                    }
                },
                IgnoreSignature      = true,
                DefaultTenantId      = DefaultTenantId,
                DefaultSystemBaseUri = DefaultSystemBaseUri,
                SignatureSecretKey   = _signatureKey,
                OnTenantIdentified   = (tenantId, systemBaseUri) => { onTenantIdentifiedHasBeenInvoked = true; }
            })
            .InvokeAsync(context).ConfigureAwait(false);

            context.Response.StatusCode.Should().Be(200);
            onTenantIdentifiedHasBeenInvoked.Should().BeTrue("onTenantIdentified should not have been invoked if wrong signature is ignored");
            nextMiddleware.HasBeenInvoked.Should().BeTrue("next middleware should have been invoked if wrong signature is ignored");
            logIsWorking.Should().BeTrue("log callback has not been invoked");
        }
Example #9
0
        public async Task TenantIdHeaderAndDefaultTenantId_ShouldUseHeaderAndInvokeNext()
        {
            const string tenantIdFromHeader = "a12be5";
            var          context            = new DefaultHttpContext();

            context.Request.Headers.Add(TenantIdHeader, new StringValues(new[] { tenantIdFromHeader }));
            context.Request.Headers.Add(SignatureHeader, new[] { GetBase64SignatureFor(tenantIdFromHeader, _signatureKey) });


            var tenantIdSetByMiddleware = "null";
            var nextMiddleware          = new MiddlewarMock(null);

            await new TenantMiddleware(nextMiddleware.InvokeAsync,
                                       new TenantMiddlewareOptions
            {
                DefaultTenantId    = DefaultTenantId,
                SignatureSecretKey = _signatureKey,
                OnTenantIdentified = (tenantId, systemBaseUri) => { tenantIdSetByMiddleware = tenantId; }
            })
            .InvokeAsync(context).ConfigureAwait(false);

            tenantIdSetByMiddleware.Should().Be(tenantIdFromHeader);
            nextMiddleware.HasBeenInvoked.Should().BeTrue("next middleware should have been invoked");
        }