public void CreateCookieThrowsExceptionWhenSessionNotValid()
{
// Arrange
A.CallTo(() => sessionIdGenerator.ValidateSessionId(A <DfcUserSession> .Ignored)).Returns(false);
var userSession = new DfcUserSession();
// Act
Assert.Throws <ArgumentException>(() => sessionClient.CreateCookie(userSession, true));
// Assert
A.CallTo(() => logger.Log(LogLevel.Warning, 0, A <FormattedLogValues> .Ignored, A <Exception> .Ignored, A <Func <object, Exception, string> > .Ignored)).MustHaveHappenedOnceExactly();
}
public void ValidateSessionReturnsTrueWhenValidSession()
{
// Arrange
var creationResult = sessionGenerator.CreateSession(DummySalt, currentDate);
var session = new DfcUserSession
{
Salt = $"{DummySalt}|{creationResult.Counter}",
CreatedDate = currentDate,
SessionId = creationResult.EncodedSessionId,
};
// Act
var validateResult = sessionGenerator.ValidateSessionId(session);
// Assert
Assert.True(validateResult);
}
public void CreateCookie(DfcUserSession userSession, bool validateSessionId)
{
if (validateSessionId)
{
if (sessionIdGenerator.ValidateSessionId(userSession))
{
CreateCookie(userSession);
}
else
{
var message = $"SessionId not valid for session '{userSession?.SessionId}'";
logger?.LogWarning(message);
throw new ArgumentException(message, nameof(userSession));
}
}
else
{
CreateCookie(userSession);
}
}
