public void IsRequestAuthorized_rawUrlIsIncludedInvalidQueryString_shouldDisallowRequest()
{
// Arrange
var service = new HmacHttpService(ServiceId.ToString(), CreatePathCollection(), "signature")
{
UserRepository = new Mock<IUserRepository>().Object,
AppRepository = new Mock<IAppRepository>().Object,
HmacService = new HmacSha256Service()
};
// Act
var actual = service.IsRequestAuthorized(GetValidRawUrl(), CreateInvalidQueryString());
// Assert
Assert.AreEqual(StatusCode.ParameterMissing, actual);
}
public void IsRequestAuthorized_rawUrlIsExcludedButIncludedBeforeThat_shouldDisallowRequest()
{
// Arrange
var pathCollection = new PathCollection
{
new PathConfig {Name = "included", Path = ".*", Type = PathConfig.PathType.Include},
new PathConfig {Name = "excluded", Path = "/public/.*", Type = PathConfig.PathType.Exclude}
};
var service = new HmacHttpService(ServiceId.ToString(), pathCollection, "signature")
{
UserRepository = new Mock<IUserRepository>().Object,
AppRepository = new Mock<IAppRepository>().Object,
HmacService = new HmacSha256Service()
};
// Act
var actual = service.IsRequestAuthorized(GetValidRawUrl(false), CreateInvalidQueryString());
// Assert
Assert.AreEqual(StatusCode.ParameterMissing, actual);
}
public void IsRequestAuthorized_mismatchingServiceId_shouldDisallowRequest()
{
// Arrange
var service = new HmacHttpService(Guid.NewGuid().ToString(), CreatePathCollection(), "signature");
// Act
var actual = service.IsRequestAuthorized(GetValidRawUrl(), CreateValidQueryString());
// Assert
Assert.AreEqual(StatusCode.InvalidOrDisabledServiceId, actual);
}
