public async Task WithoutAuthHeader_ReturnsNonAuthorized() { // Arrange HttpContext context = new DefaultHttpContext(); context.Response.Body = new MemoryStream(); // Act await _middleware.Invoke(context); // Assert context.Response.Body.Seek(0, SeekOrigin.Begin); using (var reader = new StreamReader(context.Response.Body)) { var response = await reader.ReadToEndAsync(); Assert.Equal((int)HttpStatusCode.Unauthorized, context.Response.StatusCode); Assert.Equal("application/json", context.Response.ContentType); Assert.Equal("{\"message\":\"unauthorized\"}", response); } }
public static IApplicationBuilder UseAuthorization(this IApplicationBuilder app) { if (app == null) { throw new ArgumentNullException(nameof(app)); } return(app.Use(next => async(context) => { var services = context.RequestServices; var policyProvider = services.GetRequiredService <IAuthorizationPolicyProvider>(); var policyEvaluator = services.GetRequiredService <IPolicyEvaluator>(); var middleware = new AuthorizationMiddleware(next, policyProvider); await middleware.Invoke(context); })); }
public async void Invoke_ShouldInvokeNext_WhenUserIsValid() { var httpContext = new Mock <HttpContext>(); var user = GetAnUser(new List <Claim> { new Claim("UserStatus", "Alive") }); RequestDelegate next = (a) => { return(Task.Run(() => { })); }; httpContext.Setup(a => a.User).Returns(user); var classUnderTest = new AuthorizationMiddleware(next); await classUnderTest.Invoke(httpContext.Object); httpContext.Verify(a => a.Response, Times.Never); }
public async void Invoke_ShouldAssambleUnauthorized_WhenUserIsBlocked() { var httpContext = new Mock <HttpContext>(); var httpResponse = new Mock <HttpResponse>(); var user = GetAnUser(new List <Claim> { new Claim("UserStatus", "Blocked") }); httpResponse.Setup(a => a.Body).Returns(new MemoryStream()); httpContext.Setup(a => a.Response).Returns(httpResponse.Object); httpContext.Setup(a => a.User).Returns(user); var classUnderTest = new AuthorizationMiddleware(null); await classUnderTest.Invoke(httpContext.Object); httpResponse.VerifySet(a => a.StatusCode = It.Is <int>(s => s == 401), Times.Once); httpResponse.VerifySet(a => a.ContentType = It.Is <string>(s => s.ToLower() == "application/json"), Times.Once); }
private void WhenICallTheMiddleware() { _middleware.Invoke(_httpContext).GetAwaiter().GetResult(); }