public async Task fails_when_missing_claim()
{
_settings.AddPolicy("MyPolicy", builder => builder.RequireClaim("Admin"));
var result = await _evaluator.Evaluate(
ValidationTestBase.CreatePrincipal(),
null,
null,
new[] { "MyPolicy" }
);
result.Succeeded.ShouldBeFalse();
}
public async Task no_errors_when_authenticated()
{
var req = new AuthenticatedUserRequirement();
var context = new AuthorizationContext
{
User = ValidationTestBase.CreatePrincipal("jwt")
};
await req.Authorize(context);
context.HasErrors.ShouldBeFalse();
}
public async Task produces_error_when_missing_claim_with_multiple_values()
{
var req = new ClaimAuthorizationRequirement("Admin", "true", "maybe");
var context = new AuthorizationContext
{
User = ValidationTestBase.CreatePrincipal()
};
await req.Authorize(context);
context.HasErrors.ShouldBeTrue();
context.Errors.Single().ShouldBe("Required claim 'Admin' with any value of 'true, maybe' is not present.");
}
public async Task produces_error_when_not_authenticated()
{
var req = new AuthenticatedUserRequirement();
var context = new AuthorizationContext
{
User = ValidationTestBase.CreatePrincipal()
};
await req.Authorize(context);
context.HasErrors.ShouldBeTrue();
context.Errors.Single().ShouldBe("An authenticated user is required.");
}
public async Task succeeds_when_claim_with_multiple_values()
{
var req = new ClaimAuthorizationRequirement("Admin", "true", "maybe");
var context = new AuthorizationContext
{
User = ValidationTestBase.CreatePrincipal(claims: new Dictionary <string, string> {
{ "Admin", "maybe" }
})
};
await req.Authorize(context);
context.HasErrors.ShouldBeFalse();
}
public async Task succeeds_with_claim_value()
{
_settings.AddPolicy("MyPolicy", builder => builder.RequireClaim("Admin", "true"));
var result = await _evaluator.Evaluate(
ValidationTestBase.CreatePrincipal(claims: new Dictionary <string, string>
{
{ "Admin", "true" }
}),
null,
null,
new[] { "MyPolicy" }
);
result.Succeeded.ShouldBeTrue();
}
public async Task fails_when_missing_policy()
{
_settings.AddPolicy("MyPolicy", builder => builder.RequireClaim("Admin"));
var result = await _evaluator.Evaluate(
ValidationTestBase.CreatePrincipal(claims: new Dictionary <string, string>
{
{ "Admin", "true" }
}),
null,
null,
new[] { "PolicyDoesNotExist" }
);
result.Succeeded.ShouldBeFalse();
}
public async Task succeeds_when_empty_policies()
{
_settings.AddPolicy("MyPolicy", _ => { });
var result = await _evaluator.Evaluate(
ValidationTestBase.CreatePrincipal(claims: new Dictionary <string, string>
{
{ "Admin", "true" }
}),
null,
null,
Array.Empty <string>()
);
result.Succeeded.ShouldBeTrue();
}