public async Task GetEffectivePolicyAsync_CombinesPoliciesFromEndpoint() { // Arrange var policy1 = new AuthorizationPolicyBuilder() .RequireClaim("Claim1") .Build(); var policy2 = new AuthorizationPolicyBuilder() .RequireClaim("Claim2") .Build(); var filter = new AuthorizeFilter(policy1); var options = new AuthorizationOptions(); options.AddPolicy("policy2", policy2); var policyProvider = new DefaultAuthorizationPolicyProvider(Options.Create(options)); ActionContext.HttpContext.RequestServices = new ServiceCollection() .AddSingleton <IAuthorizationPolicyProvider>(policyProvider) .BuildServiceProvider(); ActionContext.HttpContext.SetEndpoint(new Endpoint( _ => null, new EndpointMetadataCollection(new AuthorizeAttribute("policy2")), "test")); var context = new AuthorizationFilterContext(ActionContext, new[] { filter, }); // Act var effectivePolicy = await filter.GetEffectivePolicyAsync(context); // Assert Assert.NotSame(policy1, effectivePolicy); Assert.NotSame(policy2, effectivePolicy); Assert.Equal(new[] { "Claim1", "Claim2" }, effectivePolicy.Requirements.Cast <ClaimsAuthorizationRequirement>().Select(c => c.ClaimType)); }
public async Task GetEffectivePolicyAsync_ReturnsCurrentPolicy_WhenNoEndpointMetadataIsAvailable() { // Arrange var policy = new AuthorizationPolicyBuilder() .RequireAssertion(_ => true) .Build(); var filter = new AuthorizeFilter(policy); var context = new AuthorizationFilterContext(ActionContext, new[] { filter }); // Act var effectivePolicy = await filter.GetEffectivePolicyAsync(context); // Assert // // Verify the policy is cached Assert.Same(effectivePolicy, await filter.GetEffectivePolicyAsync(context)); }
public async Task GetEffectivePolicyAsync_CombinesPoliciesFromAuthFilters() { // Arrange var policy1 = new AuthorizationPolicyBuilder() .RequireClaim("Claim1") .Build(); var policy2 = new AuthorizationPolicyBuilder() .RequireClaim("Claim2") .Build(); var filter1 = new AuthorizeFilter(policy1); var filter2 = new AuthorizeFilter(policy2); var context = new AuthorizationFilterContext(ActionContext, new[] { filter1, filter2 }); // Act var effectivePolicy = await filter1.GetEffectivePolicyAsync(context); // Assert Assert.NotSame(policy1, effectivePolicy); Assert.NotSame(policy2, effectivePolicy); Assert.Equal(new[] { "Claim1", "Claim2" }, effectivePolicy.Requirements.Cast <ClaimsAuthorizationRequirement>().Select(c => c.ClaimType)); }