public async Task TransformAsyncMapsAuth0RoleClaimToStandardRoleClaimTest() { var logger = _output.BuildLoggerFor <ClaimsTransformer>(); var identity = new ClaimsIdentity("Bearer", ClaimType.Subject, ClaimType.Role); var principal = new ClaimsPrincipal(identity); var account = Model.Create <Account>(); var expectedRole = Guid.NewGuid().ToString(); identity.AddClaim(new Claim(ClaimType.Subject, Guid.NewGuid().ToString())); identity.AddClaim(new Claim(ClaimType.Auth0Roles, expectedRole)); var manager = Substitute.For <IAccountQuery>(); manager.GetAccount(Arg.Is <User>(x => x.Username == identity.Name), Arg.Any <CancellationToken>()) .Returns(account); var target = new ClaimsTransformer(manager, logger); await target.TransformAsync(principal).ConfigureAwait(false); var expected = identity.GetClaimValue <string>(ClaimType.Role); expected.Should().Be(expectedRole); identity.Claims.Should().NotContain(x => x.Type == ClaimType.Auth0Roles); }
public async Task TransformAsyncSkipsProcessingWhenUserNotAuthenticatedTest() { var logger = _output.BuildLoggerFor <ClaimsTransformer>(); var identity = new ClaimsIdentity(); var principal = new ClaimsPrincipal(identity); var manager = Substitute.For <IAccountQuery>(); var target = new ClaimsTransformer(manager, logger); await target.TransformAsync(principal).ConfigureAwait(false); await manager.DidNotReceive().GetAccount(Arg.Any <User>(), Arg.Any <CancellationToken>()) .ConfigureAwait(false); }
public async Task TransformAsyncDoesNotAddProfileIdClaimWhenStoreReturnsNullAccountTest() { var logger = _output.BuildLoggerFor <ClaimsTransformer>(); var identity = new ClaimsIdentity("Bearer", ClaimType.Subject, ClaimType.Role); var principal = new ClaimsPrincipal(identity); identity.AddClaim(new Claim(ClaimType.Subject, Guid.NewGuid().ToString())); var manager = Substitute.For <IAccountQuery>(); var target = new ClaimsTransformer(manager, logger); await target.TransformAsync(principal).ConfigureAwait(false); principal.HasClaim(x => x.Type == ClaimType.ProfileId).Should().BeFalse(); }
public async Task TransformAsyncAddsProfileIdClaimFromStoreToIdentityTest() { var logger = _output.BuildLoggerFor <ClaimsTransformer>(); var identity = new ClaimsIdentity("Bearer", ClaimType.Subject, ClaimType.Role); var principal = new ClaimsPrincipal(identity); var account = Model.Create <Account>(); identity.AddClaim(new Claim(ClaimType.Subject, Guid.NewGuid().ToString())); var manager = Substitute.For <IAccountQuery>(); manager.GetAccount(Arg.Is <User>(x => x.Username == identity.Name), Arg.Any <CancellationToken>()) .Returns(account); var target = new ClaimsTransformer(manager, logger); await target.TransformAsync(principal).ConfigureAwait(false); var expected = principal.Identity.As <ClaimsIdentity>().GetClaimValue <string>(ClaimType.ProfileId); expected.Should().Be(account.Id.ToString()); }
public async Task TransformAsyncDoesNotAddProfileIdClaimWhenAlreadyPresentTest() { var logger = _output.BuildLoggerFor <ClaimsTransformer>(); var claims = new[] { new Claim(ClaimType.Subject, Guid.NewGuid().ToString()), new Claim(ClaimTypes.Name, Guid.NewGuid().ToString()), new Claim(ClaimType.ProfileId, Guid.NewGuid().ToString()) }; var identity = new ClaimsIdentity(claims, "Bearer", ClaimType.Subject, ClaimType.Role); var principal = new ClaimsPrincipal(identity); var manager = Substitute.For <IAccountQuery>(); var target = new ClaimsTransformer(manager, logger); await target.TransformAsync(principal).ConfigureAwait(false); var expected = principal.Identity.As <ClaimsIdentity>().Claims.Where(x => x.Type == ClaimType.ProfileId); expected.Should().HaveCount(1); await manager.DidNotReceive().GetAccount(Arg.Any <User>(), CancellationToken.None).ConfigureAwait(false); }
public async Task TransformAsyncProvidesAdditionalClaimsToManagerWhenGettingAccountTest() { var email = Guid.NewGuid().ToString(); var firstName = Guid.NewGuid().ToString(); var lastName = Guid.NewGuid().ToString(); var logger = _output.BuildLoggerFor <ClaimsTransformer>(); var identity = new ClaimsIdentity("Bearer", ClaimType.Subject, ClaimType.Role); identity.AddClaim(new Claim(ClaimType.Subject, Guid.NewGuid().ToString())); identity.AddClaim(new Claim(ClaimType.Email, email)); identity.AddClaim(new Claim(ClaimType.GivenName, firstName)); identity.AddClaim(new Claim(ClaimType.Surname, lastName)); var principal = new ClaimsPrincipal(identity); var account = Model.Create <Account>(); var manager = Substitute.For <IAccountQuery>(); manager.GetAccount(Arg.Is <User>(x => x.Username == identity.Name), Arg.Any <CancellationToken>()) .Returns(account); var target = new ClaimsTransformer(manager, logger); await target.TransformAsync(principal).ConfigureAwait(false); await manager.Received(1).GetAccount(Arg.Any <User>(), CancellationToken.None).ConfigureAwait(false); await manager.Received().GetAccount(Arg.Is <User>(x => x.Email == email), CancellationToken.None) .ConfigureAwait(false); await manager.Received().GetAccount(Arg.Is <User>(x => x.FirstName == firstName), CancellationToken.None) .ConfigureAwait(false); await manager.Received().GetAccount(Arg.Is <User>(x => x.LastName == lastName), CancellationToken.None) .ConfigureAwait(false); }