public void CanRoundTripData()
{
// Arrange
AntiForgeryDataSerializer serializer = new AntiForgeryDataSerializer
{
Decoder = value => Convert.FromBase64String(value),
Encoder = bytes => Convert.ToBase64String(bytes),
};
AntiForgeryData input = new AntiForgeryData
{
Salt = "The Salt",
Username = "******",
Value = "The Value",
CreationDate = DateTime.Now,
};
// Act
AntiForgeryData output = serializer.Deserialize(serializer.Serialize(input));
// Assert
Assert.NotNull(output);
Assert.Equal(input.Salt, output.Salt);
Assert.Equal(input.Username, output.Username);
Assert.Equal(input.Value, output.Value);
Assert.Equal(input.CreationDate, output.CreationDate);
}
public void DeserializeThrowsIfSerializedTokenIsNull()
{
// Arrange
AntiForgeryDataSerializer serializer = new AntiForgeryDataSerializer();
// Act & assert
ExceptionHelper.ExpectArgumentExceptionNullOrEmpty(
delegate {
serializer.Deserialize(null);
}, "serializedToken");
}
public void GuardClauses()
{
// Arrange
AntiForgeryDataSerializer serializer = new AntiForgeryDataSerializer();
// Act & assert
Assert.ThrowsArgumentNull(
() => serializer.Serialize(null),
"token"
);
Assert.ThrowsArgumentNullOrEmptyString(
() => serializer.Deserialize(null),
"serializedToken"
);
Assert.ThrowsArgumentNullOrEmptyString(
() => serializer.Deserialize(String.Empty),
"serializedToken"
);
Assert.Throws <HttpAntiForgeryException>(
() => serializer.Deserialize("Corrupted Base-64 Value"),
"A required anti-forgery token was not supplied or was invalid."
);
}
public void DeserializationExceptionDoesNotContainInnerException()
{
// Arrange
AntiForgeryDataSerializer serializer = new AntiForgeryDataSerializer();
// Act & assert
HttpAntiForgeryException exception = null;
try
{
serializer.Deserialize("Can't deserialize this.");
}
catch (HttpAntiForgeryException ex)
{
exception = ex;
}
Assert.NotNull(exception);
Assert.Null(exception.InnerException);
}
public void DeserializeReturnsDeserializedToken()
{
// Arrange
Mock <IStateFormatter> mockFormatter = new Mock <IStateFormatter>();
mockFormatter.Expect(f => f.Deserialize("serialized value")).Returns(new Triplet("the salt", "the value", new DateTime(2001, 1, 1)));
AntiForgeryDataSerializer serializer = new AntiForgeryDataSerializer()
{
Formatter = mockFormatter.Object
};
// Act
AntiForgeryData token = serializer.Deserialize("serialized value");
// Assert
Assert.IsNotNull(token);
Assert.AreEqual(new DateTime(2001, 1, 1), token.CreationDate);
Assert.AreEqual("the salt", token.Salt);
Assert.AreEqual("the value", token.Value);
}
public void DeserializeThrowsIfFormatterThrows()
{
// Arrange
Exception innerException = new Exception();
Mock <IStateFormatter> mockFormatter = new Mock <IStateFormatter>();
mockFormatter.Expect(f => f.Deserialize("bad value")).Throws(innerException);
AntiForgeryDataSerializer serializer = new AntiForgeryDataSerializer()
{
Formatter = mockFormatter.Object
};
// Act
HttpAntiForgeryException ex = ExceptionHelper.ExpectException <HttpAntiForgeryException>(
delegate {
serializer.Deserialize("bad value");
}, "A required anti-forgery token was not supplied or was invalid.");
// Assert
Assert.AreEqual(innerException, ex.InnerException);
}
