private async Task AppendRoles(string username, List <Claim> claims)
{
BaatAuthzUserRolesResponse response = await _baatAuthzApi.GetRoles(username);
if (response.Services != null)
{
response.Services
.Where(role => role.StartsWith(GeonorgeRoleNamePrefix))
.ToList()
.ForEach(role => claims.Add(new Claim(ClaimIdentifierRole, role)));
}
}
public async Task ShouldReturnClaimsForUser()
{
var baatMock = new Mock <IBaatAuthzApi>();
var response = new BaatAuthzUserInfoResponse()
{
Email = "*****@*****.**",
Name = "John Doe",
User = Username,
AuthorizedFrom = "20090101",
AuthorizedUntil = "20301231"
};
baatMock.Setup(b => b.Info(Username)).ReturnsAsync(response);
var rolesResponse = new BaatAuthzUserRolesResponse
{
Services = new List <string>
{
GeonorgeRoles.MetadataAdmin, GeonorgeRoles.MetadataEditor
}
};
baatMock.Setup(b => b.GetRoles(Username)).ReturnsAsync(rolesResponse);
var authorizationService = new GeonorgeAuthorizationService(baatMock.Object);
ClaimsIdentity identity = new ClaimsIdentity(new List <Claim>()
{
new Claim(GeonorgeAuthorizationService.ClaimIdentifierUsername, Username)
});
List <Claim> claims = await authorizationService.GetClaims(identity);
GetValue(claims, GeonorgeClaims.Name).Should().Be("John Doe");
GetValue(claims, GeonorgeClaims.Email).Should().Be("*****@*****.**");
GetValue(claims, GeonorgeClaims.AuthorizedFrom).Should().Be("20090101");
GetValue(claims, GeonorgeClaims.AuthorizedUntil).Should().Be("20301231");
List <Claim> roles = claims.FindAll(c => c.Type == GeonorgeAuthorizationService.ClaimIdentifierRole);
roles.FirstOrDefault(r => r.Value == GeonorgeRoles.MetadataAdmin).Should().NotBeNull();
roles.FirstOrDefault(r => r.Value == GeonorgeRoles.MetadataEditor).Should().NotBeNull();
}
