public async Task Test_api_key_requirement_handler_fail() { var context = new DefaultHttpContext(); context.Request.Headers.Add("X-API-KEY", "INVALIDKEY"); var requirements = new[] { new ApiKeyRequirement(new[] { "TESTAPIKEY" }) }; var actionContext = new ActionContext(context, new RouteData(), new ActionDescriptor()); var filters = new List <IFilterMetadata>() { new ApiControllerAttribute(), }; var authFilterContext = new AuthorizationFilterContext(actionContext, filters); var authHandlerContext = new AuthorizationHandlerContext(requirements, ClaimsPrincipal.Current, authFilterContext); var keyService = new ApiKeyRequirementHandler(); await keyService.HandleAsync(authHandlerContext); Assert.IsTrue(authHandlerContext.HasFailed); }
public async Task Test_api_key_requirement_handler_succeed() { var context = new DefaultHttpContext(); context.Request.Headers.Add("X-API-KEY", "TESTAPIKEY"); var requirements = new [] { new ApiKeyRequirement(new[] { "TESTAPIKEY" }) }; // we need to create a shell of the AuthorizationHandlerContext, that contains the header information var actionContext = new ActionContext(context, new RouteData(), new ActionDescriptor()); // we need to include the ApiControllerAttribute here to mimic the call to the API var filters = new List <IFilterMetadata>() { new ApiControllerAttribute(), }; var authFilterContext = new AuthorizationFilterContext(actionContext, filters); var authHandlerContext = new AuthorizationHandlerContext(requirements, ClaimsPrincipal.Current, authFilterContext); var keyService = new ApiKeyRequirementHandler(); await keyService.HandleAsync(authHandlerContext); Assert.IsTrue(authHandlerContext.HasSucceeded); }