public void Should_ReturnNull_When_UserIsInvalid_NotAuthenticationToken()
        {
            // Arrange
            var gateway  = new AuthenticationGateway();
            var username = "******";

            // Act
            var result = gateway.GetAuthenticationToken(username);

            //Assert
            result.Data.Should().BeNull();
        }
        public void Should_ReturnAuthenticationToken_When_UserIsValid()
        {
            // Arrange
            var gateway  = new AuthenticationGateway();
            var username = "******";

            // Act
            var result = gateway.GetAuthenticationToken(username);

            //Assert
            result.Data.Should().NotBeNull();
            result.Data.Id.Should().NotBeNull();
        }
Exemple #3
0
        protected override async Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
        {
            try
            {
                AuthenticationTokenManager tokenManager = new AuthenticationTokenManager();
                AuthenticationToken        authenticationToken;
                TokenService tokenService = new TokenService();

                // Check if the request URI absolute path should skip authentication
                if (CheckIfSkippedUri(request.RequestUri.AbsolutePath.ToLower()))
                {
                    return(await base.SendAsync(request, cancellationToken));
                }

                // Send request when request has no token
                if (request.Headers.Authorization == null)
                {
                    return(await base.SendAsync(request, cancellationToken));
                }

                // Extracting the tokenString from the Header
                var tokenString = tokenService.ExtractToken(request);

                // Checking if there is an empty or a null value to the token
                if (string.IsNullOrEmpty(tokenString))
                {
                    // This is done incase the request does not require authentication
                    return(await base.SendAsync(request, cancellationToken));
                }


                // Extract username from  the token
                var username = tokenService.GetTokenUsername(tokenString);

                // Checking if the Username is empty or null
                if (string.IsNullOrEmpty(username))
                {
                    return(await Task <HttpResponseMessage> .Factory.StartNew(() => new HttpResponseMessage(HttpStatusCode.Unauthorized), cancellationToken));
                }

                using (AuthenticationGateway gateway = new AuthenticationGateway())
                {
                    // Getting the Authentication Token Associated with the username
                    var gatewayResult = gateway.GetAuthenticationToken(username);

                    if (gatewayResult.Error != null || gatewayResult.Data.TokenString != tokenString || gatewayResult.Data.ExpiresOn.CompareTo(DateTime.Now) < 0)
                    {
                        return(await Task <HttpResponseMessage> .Factory.StartNew(() => new HttpResponseMessage(HttpStatusCode.Unauthorized), cancellationToken));
                    }

                    authenticationToken = gatewayResult.Data;
                }

                var tokenPrincipal = tokenManager.GetTokenPrincipal(authenticationToken, out _);

                Thread.CurrentPrincipal = tokenPrincipal;

                return(await base.SendAsync(request, cancellationToken));
            }
            catch (Exception)
            {
                return(await Task <HttpResponseMessage> .Factory.StartNew(() => new HttpResponseMessage(HttpStatusCode.Unauthorized), cancellationToken));
            }
        }