public void WhenDeleteWithUnknownId_ThenThrowsNotFound() { store.Setup(s => s.Find("auserid")) .Returns(new List <WebhookSubscription>()); Assert.That(() => service.Delete(new DeleteSubscription { Id = "anunknownid" }), ThrowsHttpError.WithStatusCode(HttpStatusCode.NotFound)); }
public void WhenUpdateWithUnknownId_ThenThrowsNotFound() { store.Setup(s => s.Get(It.IsAny <string>())) .Returns((WebhookSubscription)null); Assert.That(() => service.Put(new UpdateSubscription { Id = "anunknownid" }), ThrowsHttpError.WithStatusCode(HttpStatusCode.NotFound)); }
public void WhenPostAndSameUserIdSameEventAndSameUrl_ThenThrowsConflict() { store.Setup(s => s.Get("auserid", "anevent1")) .Returns(new WebhookSubscription { CreatedById = "auserid", Event = "anevent1" }); Assert.That(() => service.Post(new CreateSubscription { Name = "aname", Events = new List <string> { "anevent1" }, Config = new SubscriptionConfig { Url = "aurl" } }), ThrowsHttpError.WithStatusCode(HttpStatusCode.Conflict)); store.Verify(s => s.Add(It.IsAny <WebhookSubscription>()), Times.Never); }
public void WhenPreAuthenticateAndWrongSignature_ThenThrowsUnauthorized() { var body = Encoding.UTF8.GetBytes("abody"); var signature = Webhooks.Security.HmacUtils.CreateHmacSignature(body, "awrongsecret"); using (var stream = MemoryStreamFactory.GetStream(body)) { var request = new MockHttpRequest { InputStream = stream, Headers = new NameValueCollection { { WebhookEventConstants.SecretSignatureHeaderName, signature } }, IsSecureConnection = true }; provider.Secret = "asecret"; Assert.That(() => provider.PreAuthenticate(request, new MockHttpResponse(request)), ThrowsHttpError.WithStatusCode(HttpStatusCode.Unauthorized)); } }
public void WhenPreAuthenticateAndRequestNotSecureConnection_ThenThrowsForbidden() { var body = Encoding.UTF8.GetBytes("abody"); var signature = Webhooks.Security.HmacUtils.CreateHmacSignature(body, "asecret"); using (var stream = MemoryStreamFactory.GetStream(body)) { var request = new MockHttpRequest { InputStream = stream, Headers = new NameValueCollectionWrapper(new NameValueCollection { { WebhookEventConstants.SecretSignatureHeaderName, signature } }), IsSecureConnection = false }; provider.Secret = null; Assert.That(() => provider.PreAuthenticate(request, new MockHttpResponse(request)), ThrowsHttpError.WithStatusCode(HttpStatusCode.Forbidden)); } }
public void WhenAuthorizeSubscriptionServiceRequestsAndForUpdateHistorySubscriptionAndAuthenticatedInWrongRole_ThenThrowsForbidden() { var feature = new WebhookFeature(); feature.Register(appHost); var request = new MockHttpRequest { PathInfo = new UpdateSubscriptionHistory().ToPutUrl(), Dto = new UpdateSubscriptionHistory() }; request.Items.Add(Keywords.Session, new AuthUserSession { IsAuthenticated = true, UserAuthId = "auserid", Roles = new List <string> { "anotherrole" } }); var response = new MockHttpResponse(request); Assert.That(() => feature.AuthorizeSubscriptionServiceRequests(request, response, new TestDto()), ThrowsHttpError.WithStatusCode(HttpStatusCode.Forbidden)); }
public void WhenAuthorizeSubscriptionServiceRequestsAndForSubscriptionServiceAndUnauthenticated_ThenThrowsUnauthorized() { var feature = new WebhookFeature(); feature.Register(appHost); var request = new MockHttpRequest { Dto = new GetSubscription() }; var response = new MockHttpResponse(request); Assert.That(() => feature.AuthorizeSubscriptionServiceRequests(request, response, new TestDto()), ThrowsHttpError.WithStatusCode(HttpStatusCode.Unauthorized)); }