public void RendersNothingIfAuthorizedButNoChildContentOrAuthorizedProvided()
{
// Arrange
var authorizationService = new TestAuthorizationService();
authorizationService.NextResult = AuthorizationResult.Success();
var renderer = CreateTestRenderer(authorizationService);
var rootComponent = WrapInAuthorizeView();
rootComponent.AuthenticationState = CreateAuthenticationState("Nellie");
// Act
renderer.AssignRootComponentId(rootComponent);
rootComponent.TriggerRender();
// Assert
var diff = renderer.Batches.Single().GetComponentDiffs <AuthorizeView>().Single();
Assert.Empty(diff.Edits);
// Assert: The IAuthorizationService was given expected criteria
Assert.Collection(authorizationService.AuthorizeCalls, call =>
{
Assert.Equal("Nellie", call.user.Identity.Name);
Assert.Null(call.resource);
Assert.Collection(call.requirements,
req => Assert.IsType <DenyAnonymousAuthorizationRequirement>(req));
});
}
public void RendersNothingIfNotAuthorized()
{
// Arrange
var authorizationService = new TestAuthorizationService();
var renderer = CreateTestRenderer(authorizationService);
var rootComponent = WrapInAuthorizeView(
childContent:
context => builder => builder.AddContent(0, "This should not be rendered"));
// Act
renderer.AssignRootComponentId(rootComponent);
rootComponent.TriggerRender();
// Assert
var diff = renderer.Batches.Single().GetComponentDiffs <AuthorizeView>().Single();
Assert.Empty(diff.Edits);
// Assert: The IAuthorizationService was given expected criteria
Assert.Collection(authorizationService.AuthorizeCalls, call =>
{
Assert.Null(call.user.Identity);
Assert.Null(call.resource);
Assert.Collection(call.requirements,
req => Assert.IsType <DenyAnonymousAuthorizationRequirement>(req));
});
}
public void RendersNotAuthorizedIfNotAuthorized()
{
// Arrange
var authorizationService = new TestAuthorizationService();
var renderer = CreateTestRenderer(authorizationService);
var rootComponent = WrapInAuthorizeView(
notAuthorized:
context => builder => builder.AddContent(0, $"You are not authorized, even though we know you are {context.User.Identity.Name}"));
rootComponent.AuthenticationState = CreateAuthenticationState("Nellie");
// Act
renderer.AssignRootComponentId(rootComponent);
rootComponent.TriggerRender();
// Assert
var diff = renderer.Batches.Single().GetComponentDiffs <AuthorizeView>().Single();
Assert.Collection(diff.Edits, edit =>
{
Assert.Equal(RenderTreeEditType.PrependFrame, edit.Type);
AssertFrame.Text(
renderer.Batches.Single().ReferenceFrames[edit.ReferenceFrameIndex],
"You are not authorized, even though we know you are Nellie");
});
// Assert: The IAuthorizationService was given expected criteria
Assert.Collection(authorizationService.AuthorizeCalls, call =>
{
Assert.Equal("Nellie", call.user.Identity.Name);
Assert.Null(call.resource);
Assert.Collection(call.requirements,
req => Assert.IsType <DenyAnonymousAuthorizationRequirement>(req));
});
}
public void RespondsToChangeInAuthorizationState()
{
// Arrange
var authorizationService = new TestAuthorizationService();
authorizationService.NextResult = AuthorizationResult.Success();
var renderer = CreateTestRenderer(authorizationService);
var rootComponent = WrapInAuthorizeView(
childContent: context => builder =>
builder.AddContent(0, $"You are authenticated as {context.User.Identity.Name}"));
rootComponent.AuthenticationState = CreateAuthenticationState("Nellie");
// Render in initial state. From other tests, we know this renders
// a single batch with the correct output.
renderer.AssignRootComponentId(rootComponent);
rootComponent.TriggerRender();
var authorizeViewComponentId = renderer.Batches.Single()
.GetComponentFrames <AuthorizeView>().Single().ComponentId;
authorizationService.AuthorizeCalls.Clear();
// Act
rootComponent.AuthenticationState = CreateAuthenticationState("Ronaldo");
rootComponent.TriggerRender();
// Assert: It's only one new diff. We skip the intermediate "await" render state
// because the task was completed synchronously.
Assert.Equal(2, renderer.Batches.Count);
var batch = renderer.Batches.Last();
var diff = batch.DiffsByComponentId[authorizeViewComponentId].Single();
Assert.Collection(diff.Edits, edit =>
{
Assert.Equal(RenderTreeEditType.UpdateText, edit.Type);
AssertFrame.Text(
batch.ReferenceFrames[edit.ReferenceFrameIndex],
"You are authenticated as Ronaldo");
});
// Assert: The IAuthorizationService was given expected criteria
Assert.Collection(authorizationService.AuthorizeCalls, call =>
{
Assert.Equal("Ronaldo", call.user.Identity.Name);
Assert.Null(call.resource);
Assert.Collection(call.requirements,
req => Assert.IsType <DenyAnonymousAuthorizationRequirement>(req));
});
}
public void ThrowsIfBothChildContentAndAuthorizedProvided()
{
// Arrange
var authorizationService = new TestAuthorizationService();
var renderer = CreateTestRenderer(authorizationService);
var rootComponent = WrapInAuthorizeView(
authorized: context => builder => { },
childContent: context => builder => { });
// Act/Assert
renderer.AssignRootComponentId(rootComponent);
var ex = Assert.Throws <InvalidOperationException>(() =>
rootComponent.TriggerRender());
Assert.Equal("Do not specify both 'Authorized' and 'ChildContent'.", ex.Message);
}
public void RejectsNonemptyScheme()
{
// Arrange
var authorizationService = new TestAuthorizationService();
var renderer = CreateTestRenderer(authorizationService);
var rootComponent = new TestAuthStateProviderComponent(builder =>
{
builder.OpenComponent <AuthorizeViewCoreWithScheme>(0);
builder.CloseComponent();
});
renderer.AssignRootComponentId(rootComponent);
// Act/Assert
var ex = Assert.Throws <NotSupportedException>(rootComponent.TriggerRender);
Assert.Equal("The authorization data specifies an authentication scheme with value 'test scheme'. Authentication schemes cannot be specified for components.", ex.Message);
}
public void RendersNothingUntilAuthorizationCompleted()
{
// Arrange
var @event = new ManualResetEventSlim();
var authorizationService = new TestAuthorizationService();
var renderer = CreateTestRenderer(authorizationService);
renderer.OnUpdateDisplayComplete = () => { @event.Set(); };
var rootComponent = WrapInAuthorizeView(
notAuthorized:
context => builder => builder.AddContent(0, "You are not authorized"));
var authTcs = new TaskCompletionSource <AuthenticationState>();
rootComponent.AuthenticationState = authTcs.Task;
// Act/Assert 1: Auth pending
renderer.AssignRootComponentId(rootComponent);
rootComponent.TriggerRender();
var batch1 = renderer.Batches.Single();
var authorizeViewComponentId = batch1.GetComponentFrames <AuthorizeView>().Single().ComponentId;
var diff1 = batch1.DiffsByComponentId[authorizeViewComponentId].Single();
Assert.Empty(diff1.Edits);
// Act/Assert 2: Auth process completes asynchronously
@event.Reset();
authTcs.SetResult(new AuthenticationState(new ClaimsPrincipal()));
// We need to wait here because the continuations of SetResult will be scheduled to run asynchronously.
@event.Wait(Timeout);
Assert.Equal(2, renderer.Batches.Count);
var batch2 = renderer.Batches[1];
var diff2 = batch2.DiffsByComponentId[authorizeViewComponentId].Single();
Assert.Collection(diff2.Edits, edit =>
{
Assert.Equal(RenderTreeEditType.PrependFrame, edit.Type);
AssertFrame.Text(
batch2.ReferenceFrames[edit.ReferenceFrameIndex],
"You are not authorized");
});
}
public AuthorizeRouteViewTest()
{
_authenticationStateProvider = new TestAuthenticationStateProvider();
_authenticationStateProvider.CurrentAuthStateTask = Task.FromResult(
new AuthenticationState(new ClaimsPrincipal(new ClaimsIdentity())));
_testAuthorizationService = new TestAuthorizationService();
var serviceCollection = new ServiceCollection();
serviceCollection.AddSingleton <AuthenticationStateProvider>(_authenticationStateProvider);
serviceCollection.AddSingleton <IAuthorizationPolicyProvider, TestAuthorizationPolicyProvider>();
serviceCollection.AddSingleton <IAuthorizationService>(_testAuthorizationService);
serviceCollection.AddSingleton <NavigationManager, TestNavigationManager>();
_renderer = new TestRenderer(serviceCollection.BuildServiceProvider());
_authorizeRouteViewComponent = new AuthorizeRouteView();
_authorizeRouteViewComponentId = _renderer.AssignRootComponentId(_authorizeRouteViewComponent);
}
public void IncludesPolicyInAuthorizeCall()
{
// Arrange
var authorizationService = new TestAuthorizationService();
var renderer = CreateTestRenderer(authorizationService);
var rootComponent = WrapInAuthorizeView(policy: "MyTestPolicy");
rootComponent.AuthenticationState = CreateAuthenticationState("Nellie");
// Act
renderer.AssignRootComponentId(rootComponent);
rootComponent.TriggerRender();
// Assert
Assert.Collection(authorizationService.AuthorizeCalls, call =>
{
Assert.Equal("Nellie", call.user.Identity.Name);
Assert.Null(call.resource);
Assert.Collection(call.requirements,
req => Assert.Equal("MyTestPolicy", ((TestPolicyRequirement)req).PolicyName));
});
}
public void IncludesResourceInAuthorizeCall()
{
// Arrange
var authorizationService = new TestAuthorizationService();
var renderer = CreateTestRenderer(authorizationService);
var resource = new object();
var rootComponent = WrapInAuthorizeView(resource: resource);
rootComponent.AuthenticationState = CreateAuthenticationState("Nellie");
// Act
renderer.AssignRootComponentId(rootComponent);
rootComponent.TriggerRender();
// Assert
Assert.Collection(authorizationService.AuthorizeCalls, call =>
{
Assert.Equal("Nellie", call.user.Identity.Name);
Assert.Same(resource, call.resource);
Assert.Collection(call.requirements, req =>
Assert.IsType <DenyAnonymousAuthorizationRequirement>(req));
});
}
public void IncludesRolesInAuthorizeCall()
{
// Arrange
var authorizationService = new TestAuthorizationService();
var renderer = CreateTestRenderer(authorizationService);
var rootComponent = WrapInAuthorizeView(roles: "SuperTestRole1, SuperTestRole2");
rootComponent.AuthenticationState = CreateAuthenticationState("Nellie");
// Act
renderer.AssignRootComponentId(rootComponent);
rootComponent.TriggerRender();
// Assert
Assert.Collection(authorizationService.AuthorizeCalls, call =>
{
Assert.Equal("Nellie", call.user.Identity.Name);
Assert.Null(call.resource);
Assert.Collection(call.requirements, req => Assert.Equal(
new[] { "SuperTestRole1", "SuperTestRole2" },
((RolesAuthorizationRequirement)req).AllowedRoles));
});
}
public void RendersAuthorizingUntilAuthorizationCompleted()
{
// Arrange
var @event = new ManualResetEventSlim();
var authorizationService = new TestAuthorizationService();
authorizationService.NextResult = AuthorizationResult.Success();
var renderer = CreateTestRenderer(authorizationService);
renderer.OnUpdateDisplayComplete = () => { @event.Set(); };
var rootComponent = WrapInAuthorizeView(
authorizing: builder => builder.AddContent(0, "Auth pending..."),
authorized: context => builder => builder.AddContent(0, $"Hello, {context.User.Identity.Name}!"));
var authTcs = new TaskCompletionSource <AuthenticationState>();
rootComponent.AuthenticationState = authTcs.Task;
// Act/Assert 1: Auth pending
renderer.AssignRootComponentId(rootComponent);
rootComponent.TriggerRender();
var batch1 = renderer.Batches.Single();
var authorizeViewComponentId = batch1.GetComponentFrames <AuthorizeView>().Single().ComponentId;
var diff1 = batch1.DiffsByComponentId[authorizeViewComponentId].Single();
Assert.Collection(diff1.Edits, edit =>
{
Assert.Equal(RenderTreeEditType.PrependFrame, edit.Type);
AssertFrame.Text(
batch1.ReferenceFrames[edit.ReferenceFrameIndex],
"Auth pending...");
});
// Act/Assert 2: Auth process completes asynchronously
@event.Reset();
authTcs.SetResult(CreateAuthenticationState("Monsieur").Result);
// We need to wait here because the continuations of SetResult will be scheduled to run asynchronously.
@event.Wait(Timeout);
Assert.Equal(2, renderer.Batches.Count);
var batch2 = renderer.Batches[1];
var diff2 = batch2.DiffsByComponentId[authorizeViewComponentId].Single();
Assert.Collection(diff2.Edits, edit =>
{
Assert.Equal(RenderTreeEditType.UpdateText, edit.Type);
Assert.Equal(0, edit.SiblingIndex);
AssertFrame.Text(
batch2.ReferenceFrames[edit.ReferenceFrameIndex],
"Hello, Monsieur!");
});
// Assert: The IAuthorizationService was given expected criteria
Assert.Collection(authorizationService.AuthorizeCalls, call =>
{
Assert.Equal("Monsieur", call.user.Identity.Name);
Assert.Null(call.resource);
Assert.Collection(call.requirements,
req => Assert.IsType <DenyAnonymousAuthorizationRequirement>(req));
});
}
