public async Task ShouldBasicTransformWhenSpecClaim( string claim, string userName, string resource, string action, string userNameExpected, string resourceExpected, string actionExpected) { // Arrange const string testClaimType = ClaimTypes.Role; var transformer = new BasicRequestTransformer { PreferSubClaimType = testClaimType }; var httpContext = new TestUserBuilder() .AddClaim(new Claim(claim, userName)) .Build().CreateDefaultHttpContext(); var casbinContext = new CasbinAuthorizationContext( new CasbinAuthorizeAttribute(resource, action), httpContext); // Act object[] requestValues = (await transformer.TransformAsync(casbinContext, casbinContext.AuthorizationData.First())).ToArray(); // Assert Assert.Equal(userNameExpected, requestValues[0]); Assert.Equal(resourceExpected, requestValues[1]); Assert.Equal(actionExpected, requestValues[2]); }
public async Task ShouldBasicAuthorizeWhenSpecIssuerAsync( string issuer, string userName, string resource, string action, bool expectResult) { // Arrange const string testIssuer = "LOCAL"; var user = new TestUserBuilder() .AddClaim(new Claim(ClaimTypes.NameIdentifier, userName, ClaimValueTypes.String, issuer)) .Build(); var casbinEvaluator = _serviceProvider.GetRequiredService <ICasbinEvaluator>(); var casbinContext = _casbinAuthorizationContextFactory.CreateContext(user, new CasbinAuthorizeAttribute(resource, action) { Issuer = testIssuer }); var policy = _casbinPolicyCreator.Create(casbinContext.AuthorizationData); var httpContext = new DefaultHttpContext(); var result = AuthenticateResult.Success(new AuthenticationTicket(user, _defaultScheme)); // Act var authorizationResult = await casbinEvaluator.AuthorizeAsync( policy, result, httpContext, casbinContext, httpContext); // Assert Assert.Equal(expectResult, authorizationResult.Succeeded); }
public async Task ShouldRbacTransformWhenSpecIssuer( string issuer, string claim, string userName, string resource, string action, string userNameExpected, string resourceExpected, string actionExpected) { // Arrange const string testIssuer = "LOCAL"; var transformer = new RbacRequestTransformer { Issuer = testIssuer }; var httpContext = new TestUserBuilder() .AddClaim(new Claim(claim, userName, ClaimValueTypes.String, issuer)) .Build().CreateDefaultHttpContext(); var casbinContext = new CasbinAuthorizationContext( new CasbinAuthorizeAttribute(resource, action), httpContext); // Act object[] requestValues = (await transformer.TransformAsync(casbinContext, casbinContext.AuthorizationData.First())).ToArray(); // Assert Assert.Equal(userNameExpected, requestValues[0]); Assert.Equal(resourceExpected, requestValues[1]); Assert.Equal(actionExpected, requestValues[2]); }
public async Task ShouldBasicAuthorizeAsync() { // alice var user = new TestUserBuilder() .AddClaim(new Claim(ClaimTypes.NameIdentifier, "alice")) .Build(); // Success var casbinContext = _casbinAuthorizationContextFactory.CreateContext(user, new CasbinAuthorizationData { Resource = "data1", Action = "write" }); var result = await _authorizationService .AuthorizeAsync(user, casbinContext, _requirement); Assert.False(result.Succeeded); // Failed casbinContext = _casbinAuthorizationContextFactory.CreateContext(user, new CasbinAuthorizationData { Resource = "data1", Action = "read" }); result = await _authorizationService .AuthorizeAsync(user, casbinContext, _requirement); Assert.True(result.Succeeded); // bob user = new TestUserBuilder() .AddClaim(new Claim(ClaimTypes.NameIdentifier, "bob")) .Build(); // Success casbinContext = _casbinAuthorizationContextFactory.CreateContext(user, new CasbinAuthorizationData { Resource = "data2", Action = "write" }); result = await _authorizationService .AuthorizeAsync(user, casbinContext, _requirement); Assert.True(result.Succeeded); // Failed casbinContext = _casbinAuthorizationContextFactory.CreateContext(user, new CasbinAuthorizationData { Resource = "data2", Action = "read" }); result = await _authorizationService .AuthorizeAsync(user, casbinContext, _requirement); Assert.False(result.Succeeded); }
public void ShouldBasicTransformWhenSpecIssuer() { const string testIssuer = "LOCAL"; var transformer = new BasicRequestTransformer { Issuer = testIssuer }; // Success var user = new TestUserBuilder() .AddClaim(new Claim(ClaimTypes.NameIdentifier, "alice", ClaimValueTypes.String, testIssuer)) .Build(); var casbinContext = new CasbinAuthorizationContext(user, new CasbinAuthorizationData { Resource = "data1", Action = "write" }); // Act string sub = transformer.SubTransform(casbinContext); object obj = transformer.ObjTransform(casbinContext); string act = transformer.ActTransform(casbinContext); // Assert Assert.Equal("alice", sub); Assert.Equal("data1", obj); Assert.Equal("write", act); // Failed user = new TestUserBuilder() .AddClaim(new Claim(ClaimTypes.NameIdentifier, "alice")) .Build(); casbinContext = new CasbinAuthorizationContext(user, new CasbinAuthorizationData { Resource = "data1", Action = "write" }); // Act sub = transformer.SubTransform(casbinContext); obj = transformer.ObjTransform(casbinContext); act = transformer.ActTransform(casbinContext); // Assert Assert.NotEqual("alice", sub); Assert.Equal("data1", obj); Assert.Equal("write", act); }
public async Task ShouldBasicAuthorizeAsync( string userName, string resource, string action, bool expectResult) { // Arrange var httpContext = new TestUserBuilder() .AddClaim(new Claim(ClaimTypes.NameIdentifier, userName)) .Build().CreateDefaultHttpContext(); // Act var casbinContext = _casbinAuthorizationContextFactory.CreateContext( new CasbinAuthorizeAttribute(resource, action), httpContext); var result = await _authorizationService .AuthorizeAsync(httpContext.User, casbinContext, _requirement); // Assert Assert.Equal(expectResult, result.Succeeded); }
public async Task ShouldBasicAuthorizeAsync( string userName, string resource, string action, bool expectResult) { // Arrange var httpContext = new TestUserBuilder() .AddClaim(new Claim(ClaimTypes.NameIdentifier, userName)) .Build().CreateDefaultHttpContext(); var casbinEvaluator = _serviceProvider.GetRequiredService <ICasbinEvaluator>(); var casbinContext = _casbinAuthorizationContextFactory.CreateContext( new CasbinAuthorizeAttribute(resource, action), httpContext); var policy = _casbinPolicyCreator.GetAuthorizationPolicy(casbinContext.AuthorizationData); var result = AuthenticateResult.Success(new AuthenticationTicket(httpContext.User, s_defaultScheme)); // Act var authorizationResult = await casbinEvaluator.AuthorizeAsync(casbinContext, policy, result); // Assert Assert.Equal(expectResult, authorizationResult.Succeeded); }
public async Task ShouldBasicAuthorizeWhenSpecSubClaimTypeAsync( string claim, string userName, string resource, string action, bool expectResult) { // Arrange const string testClaimType = ClaimTypes.Role; var user = new TestUserBuilder() .AddClaim(new Claim(claim, userName)) .Build(); // Assert var casbinContext = _casbinAuthorizationContextFactory.CreateContext(user, new CasbinAuthorizeAttribute(resource, action) { PreferSubClaimType = testClaimType }); var result = await _authorizationService .AuthorizeAsync(user, casbinContext, _requirement); // Act Assert.Equal(expectResult, result.Succeeded); }
public async Task ShouldBasicAuthorizeWhenSpecIssuerAsync( string issuer, string userName, string resource, string action, bool expectResult) { // Arrange const string testIssuer = "LOCAL"; var user = new TestUserBuilder() .AddClaim(new Claim(ClaimTypes.NameIdentifier, userName, ClaimValueTypes.String, issuer)) .Build(); // Act var casbinContext = _casbinAuthorizationContextFactory.CreateContext(user, new CasbinAuthorizeAttribute(resource, action) { Issuer = testIssuer }); var result = await _authorizationService .AuthorizeAsync(user, casbinContext, _requirement); // Assert Assert.Equal(expectResult, result.Succeeded); }
public async Task ShouldBasicTransform( string claim, string userName, string resource, string action, string userNameExpected, string resourceExpected, string actionExpected) { // Arrange var transformer = new BasicRequestTransformer(); var user = new TestUserBuilder() .AddClaim(new Claim(claim, userName)) .Build(); var casbinContext = new CasbinAuthorizationContext(user, new CasbinAuthorizeAttribute(resource, action)); // Act var requestValues = (await transformer.TransformAsync(casbinContext, casbinContext.AuthorizationData.First())).ToArray(); // Assert Assert.Equal(userNameExpected, requestValues[0]); Assert.Equal(resourceExpected, requestValues[1]); Assert.Equal(actionExpected, requestValues[2]); }