public async Task AddClaimsAsync_WithoutAuthenticatedUser_ReturnsTrue()
{
var handler = new GraphApiClaimsHandler(_tokenAcquisition.Object, _graphApiClient.Object, _memoryCache, _options.Object);
var result = await handler.AddClaimsAsync(_anonHttpContext, CancellationToken.None);
result.Should().BeTrue();
}
public async Task AddClaimsAsync_WithoutHttpContext_ThrowsException()
{
var handler = new GraphApiClaimsHandler(_tokenAcquisition.Object, _graphApiClient.Object, _memoryCache, _options.Object);
Func <Task> task = async() => await handler.AddClaimsAsync(null, CancellationToken.None);
await task.Should().ThrowAsync <ArgumentNullException>();
}
public async Task AddClaimsAsync_AddsEntriesToCache()
{
var handler = new GraphApiClaimsHandler(_tokenAcquisition.Object, _graphApiClient.Object, _memoryCache, _options.Object);
await handler.AddClaimsAsync(_httpContext, CancellationToken.None);
_memoryCache.TryGetValue($"{UserOid1}:{_options.Object.Value.GroupsClaimType}", out _).Should().BeTrue();
}
public async Task AddClaimsAsync_WithValidAccessToken_AddsGroupsClaims()
{
_httpContext.User = new ClaimsPrincipal(new ClaimsIdentity("test"));
var handler = new GraphApiClaimsHandler(_tokenAcquisition.Object, _graphApiClient.Object, _memoryCache, _options.Object);
await handler.AddClaimsAsync(_httpContext, CancellationToken.None);
_httpContext.User.HasClaim(_options.Object.Value.GroupsClaimType, GroupId1).Should().BeTrue();
_httpContext.User.HasClaim(_options.Object.Value.GroupsClaimType, GroupId2).Should().BeTrue();
}
public async Task AddClaimsAsync_WithInvalidAccessToken_ReturnsFalse()
{
_httpContext.User = new ClaimsPrincipal(new ClaimsIdentity("test"));
_tokenAcquisition.Setup(x => x.GetAccessTokenOnBehalfOfUserAsync(It.IsAny <IEnumerable <string> >(), null))
.ThrowsAsync(new MsalUiRequiredException("test", "test"));
var handler = new GraphApiClaimsHandler(_tokenAcquisition.Object, _graphApiClient.Object, _memoryCache, _options.Object);
var result = await handler.AddClaimsAsync(_httpContext, CancellationToken.None);
result.Should().BeFalse();
}
public async Task AddClaimsAsync_WithCachedEntries_DoesNotCallGraphApi()
{
IEnumerable <string> groupIds = new[] { Guid.NewGuid().ToString(), Guid.NewGuid().ToString() };
_memoryCache.Set($"{UserOid1}:{_options.Object.Value.GroupsClaimType}", groupIds);
var handler = new GraphApiClaimsHandler(_tokenAcquisition.Object, _graphApiClient.Object, _memoryCache, _options.Object);
await handler.AddClaimsAsync(_httpContext, CancellationToken.None);
_graphApiClient.Verify(x => x.GetMemberGroupsAsync(It.IsAny <string>(), It.IsAny <GetMemberGroupsRequest>(), It.IsAny <CancellationToken>()), Times.Never());
}
public async Task AddClaimsAsync_WithCachedEntries_ReturnsCachedEntries()
{
IEnumerable <string> groupIds = new[] { Guid.NewGuid().ToString(), Guid.NewGuid().ToString() };
_memoryCache.Set($"{UserOid1}:{_options.Object.Value.GroupsClaimType}", groupIds);
var handler = new GraphApiClaimsHandler(_tokenAcquisition.Object, _graphApiClient.Object, _memoryCache, _options.Object);
await handler.AddClaimsAsync(_httpContext, CancellationToken.None);
_httpContext.User.FindAll(_options.Object.Value.GroupsClaimType).Select(x => x.Value)
.Should().BeEquivalentTo(groupIds);
}
