Esempio n. 1
0
        public async Task TestForbidFlowNoPolicySet()
        {
            var nextDelegateMock = new Mock <RequestDelegate>();

            var mw = new ActorLayerTestMiddleware(nextDelegateMock.Object, new ActorLayerTestMiddlewareOptions(),
                                                  Mock.Of <IBigBrother>());

            var testContext = CreateTestHttpContext();
            await mw.Invoke(testContext);

            testContext.Response.StatusCode.Should().Be((int)HttpStatusCode.Forbidden);
        }
Esempio n. 2
0
        public async Task TestForbidFlowNonExistentPolicySet()
        {
            var nextDelegateMock = new Mock <RequestDelegate>();

            var testContext = CreateTestHttpContext();

            var mw = new ActorLayerTestMiddleware(nextDelegateMock.Object, new ActorLayerTestMiddlewareOptions {
                AuthorizationPolicyName = "blah"
            },
                                                  testContext.RequestServices.GetService <IBigBrother>());

            await mw.Invoke(testContext);

            testContext.Response.StatusCode.Should().Be((int)HttpStatusCode.Forbidden);
        }
Esempio n. 3
0
        public async Task TestForbidFlowInvalidToken()
        {
            var nextDelegateMock = new Mock <RequestDelegate>();

            var testContext = CreateTestHttpContext();

            testContext.Request.Headers.Add("Authentication", new StringValues("Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IkQwQTM4OTU4RjlEMjFGQkE1RTQ3RDg3N0MxMTA3MkM5Q0MwQzdERUEiLCJ0eXAiOiJKV1QiLCJ4NXQiOiIwS09KV1BuU0g3cGVSOWgzd1JCeXljd01mZW8ifQ.eyJuYmYiOjE1NTE5NTI4NjgsImV4cCI6MTU1MTk1NjQ2OCwiaXNzIjoiaHR0cHM6Ly9zZWN1cml0eS1zdHMuY2kuZXNob3B3b3JsZC5uZXQiLCJhdWQiOlsiaHR0cHM6Ly9zZWN1cml0eS1zdHMuY2kuZXNob3B3b3JsZC5uZXQvcmVzb3VyY2VzIiwic2llcnJhLmFwaSJdLCJjbGllbnRfaWQiOiJlc3cuc2llcnJhLmFwaS50ZXN0LmNsaWVudCIsInNjb3BlIjpbImVzdy5zaWVycmEuYXBpLmFsbCJdfQ.nM7tDRDaA8mhCY6eyOqAFjFvnMTY0u49hFAj8lwsXk6KfbD_SOcVmaw9r90g95B38OAJ2WHS536mZjQjZh6QSWIu2nkLJqyDcInEuS77Yxu0nYOX6x4lmqB5D-XY8J4zBl0BA7KHC1-MSJ6VSNP90RF9903V9eMxIN0c_fV9pgU7Asqq86TiU8a9Szug-0EoW-kkcO_zFUCt-IzOEe-HDzY2kFVrxGZuPIptmOcUKlB_kL8SeSgScQggEefEHV-48zQ3yQPyfVo-8vt4-dgcCHVZ76upYAXJnlDvhuVHCnK30QfirtmU6cDZ2Mq1RfdP1z-quxIrAdEAzU2KoXGYxQ"));

            var mw = new ActorLayerTestMiddleware(nextDelegateMock.Object, new ActorLayerTestMiddlewareOptions {
                AuthorizationPolicyName = "AssertScope"
            },
                                                  testContext.RequestServices.GetService <IBigBrother>());

            await mw.Invoke(testContext);

            testContext.Response.StatusCode.Should().Be((int)HttpStatusCode.Unauthorized);
        }