public void GetEntitlement_Single_Should_Return_Entitlement_Ok() { var headerDigestion = new HeaderDigestionOptions { Name = "iam-groups", Delimiter = ";" }; var roleMapping = new RolesMappingOptions { User = "******", Super = "leaf_supers", Identified = "leaf_phi", Admin = "leaf_admin" }; var opts = GetAuthOptions(headerDigestion, roleMapping); var eProvider = new SAML2EntitlementProvider(opts, Options.Create(new AuthorizationOptions())); var ctx = HttpHelper.GetHttpContext(("iam-groups", "leaf_users")); var identity = GetUserContext("*****@*****.**"); var entitlement = eProvider.GetEntitlement(ctx, identity); Assert.True(entitlement.Mask.HasFlag(RoleMask.User)); Assert.False(entitlement.Mask.HasFlag(RoleMask.Admin)); Assert.False(entitlement.Mask.HasFlag(RoleMask.Super)); Assert.False(entitlement.Mask.HasFlag(RoleMask.Identified)); }
public void GetEntitlement_Should_Throw_If_Header_Not_Found() { var headerDigestion = new HeaderDigestionOptions { Name = "iam-group", Delimiter = ";" }; var roleMapping = new RolesMappingOptions { User = "******", Super = "leaf_supers", Identified = "leaf_phi", Admin = "leaf_admin" }; var opts = GetAuthOptions(headerDigestion, roleMapping); var eProvider = new SAML2EntitlementProvider(opts, Options.Create(new AuthorizationOptions())); var ctx = HttpHelper.GetHttpContext(("iam-groups", "leaf_users")); var identity = GetUserContext("*****@*****.**"); Assert.Throws <LeafAuthenticationException>(() => eProvider.GetEntitlement(ctx, identity)); }