public async Task WhenVerificationFails_ReturnsFailureResult()
{
var client = new Client(
_request.Signature.KeyId,
"Unit test app",
new HMACSignatureAlgorithm("s3cr3t", HashAlgorithmName.SHA256),
TimeSpan.FromMinutes(1),
TimeSpan.FromMinutes(1),
RequestTargetEscaping.RFC3986);
A.CallTo(() => _clientStore.Get(_request.Signature.KeyId))
.Returns(client);
var verificationResultCreator = A.Fake <IVerificationResultCreator>();
A.CallTo(() => _verificationResultCreatorFactory.Create(client, _request))
.Returns(verificationResultCreator);
var failure = SignatureVerificationFailure.SignatureExpired("Invalid signature.");
A.CallTo(() => _signatureVerifier.VerifySignature(A <HttpRequestForVerification> ._, A <Client> ._))
.Returns(failure);
A.CallTo(() => verificationResultCreator.CreateForFailure(failure))
.Returns(new RequestSignatureVerificationResultFailure(client, _request, failure));
var actual = await _sut.VerifySignature(_request);
actual.Should().BeAssignableTo <RequestSignatureVerificationResultFailure>();
actual.As <RequestSignatureVerificationResultFailure>().IsSuccess.Should().BeFalse();
actual.As <RequestSignatureVerificationResultFailure>().Failure.Should().Be(failure);
}
public async Task WhenAVerificationTaskFails_ReturnsFirstFailure_DoesNotRunSubsequentTasks()
{
var firstFailure = SignatureVerificationFailure.HeaderMissing("Invalid");
A.CallTo(() => _matchingAlgorithmVerificationTask.Verify(_signedRequest, _sanitizedSignature, _client))
.Returns(firstFailure);
var secondFailure = SignatureVerificationFailure.SignatureExpired("Invalid");
A.CallTo(() => _createdHeaderGuardVerificationTask.Verify(_signedRequest, _sanitizedSignature, _client))
.Returns(secondFailure);
var actual = await _sut.VerifySignature(_signedRequest, _signature, _client);
actual.Should().Be(firstFailure);
}