public void IsInRole_Is_False_When_User_Is_Not_In_Role()
{
var acc = MockAccessor.With("tester",
new Claim(ClaimTypes.Role, Role.Admin));
var ctx = new HttpUserContext(acc, GetJwtVerifyingOptions());
Assert.False(ctx.IsInRole(Role.Fed));
}
public void IsInstitutional_Is_False_When_Issues_Do_Not_Match()
{
var acc = MockAccessor.With("tester",
new Claim(JwtRegisteredClaimNames.Iss, "urn:leaf:iss:test.tld"));
var ctx = new HttpUserContext(acc, GetJwtVerifyingOptions("urn:leaf:iss:failTest.tld"));
Assert.False(ctx.IsInstitutional);
}
public void Roles_Contains_All_Role_Claims()
{
var acc = MockAccessor.With("user",
new Claim(ClaimTypes.Role, Role.Admin));
var ctx = new HttpUserContext(acc, GetJwtVerifyingOptions());
Assert.Contains(ctx.Roles, r => r.Equals(Role.Admin));
}
public void UUID_Does_Not_Return_Null()
{
var acc = MockAccessor.With("tester",
new Claim(JwtRegisteredClaimNames.Iss, "urn:leaf:iss:test.tld"));
var ctx = new HttpUserContext(acc, GetJwtVerifyingOptions());
Assert.Equal("tester@urn:leaf:iss:test.tld", ctx.UUID);
}
public void IsQuarantined_Is_True_When_User_Is_Not_In_Fed_Role()
{
var acc = MockAccessor.With("tester",
new Claim(ClaimTypes.Role, Role.Admin));
var ctx = new HttpUserContext(acc, GetJwtVerifyingOptions());
Assert.True(ctx.IsQuarantined);
}
public void Groups_Contains_All_Group_Claims()
{
var acc = MockAccessor.With("user@localhost",
new Claim(Group.Key, "test-group-1"),
new Claim(JwtRegisteredClaimNames.Iss, "urn:leaf:iss:test.tld"));
var ctx = new HttpUserContext(acc, GetJwtVerifyingOptions());
Assert.Contains(ctx.Groups, g => g.Equals("test-group-1@localhost@urn:leaf:iss:test.tld"));
}
public void SessionNonce_Returns_A_Guid_If_Session_Exists()
{
var sess = Guid.NewGuid();
var acc = MockAccessor.With("tester",
new Claim(Nonce.Access, sess.ToString()));
var ctx = new HttpUserContext(acc, GetJwtVerifyingOptions());
Assert.Equal(sess, ctx.SessionNonce);
}
public void IdNonce_Returns_A_Guid()
{
var id = Guid.NewGuid();
var acc = MockAccessor.With("tester",
new Claim(Nonce.Id, id.ToString()));
var ctx = new HttpUserContext(acc, GetJwtVerifyingOptions());
Assert.Equal(id, ctx.IdNonce);
}
public void IsAdmin_Is_False_When_User_Is_Not_In_Admin_Role()
{
var acc = MockAccessor.With("tester",
new Claim(ClaimTypes.Role, Role.Fed),
new Claim(JwtRegisteredClaimNames.Iss, "urn:leaf:iss:test.tld"));
var ctx = new HttpUserContext(acc, GetJwtVerifyingOptions("urn:leaf:iss:test.tld"));
Assert.False(ctx.IsAdmin);
}
public void SessionNonce_Returns_Default_If_Session_Does_Not_Exist()
{
var acc = MockAccessor.With("tester");
var ctx = new HttpUserContext(acc, GetJwtVerifyingOptions());
Assert.Equal(default, ctx.SessionNonce);