public async Task HandleAuthenticate_OnValidateCredentials_result_not_null()
{
using var server = TestServerBuilder.BuildTestServerWithService(options =>
{
options.Realm = TestServerBuilder.Realm;
options.Events.OnValidateCredentials = context =>
{
context.ValidationSucceeded(new List <Claim> {
FakeUsers.FakeRoleClaim, new Claim(ClaimTypes.Name, "my_test")
});
Assert.NotNull(context.Result);
return(Task.CompletedTask);
};
});
using var client = server.CreateClient();
using var request = new HttpRequestMessage(HttpMethod.Get, TestServerBuilder.ClaimsPrincipalUrl);
request.Headers.Authorization = FakeUsers.FakeUser.ToAuthenticationHeaderValue();
using var response = await client.SendAsync(request);
var principal = await DeserializeClaimsPrincipalAsync(response);
Assert.True(response.IsSuccessStatusCode);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
Assert.Contains(principal.Claims, c => c.Type == FakeUsers.FakeRoleClaim.Type && c.Value == FakeUsers.FakeRoleClaim.Value);
}
public async Task SuppressWWWAuthenticateHeader_verify_false()
{
var realm = TestServerBuilder.Realm;
using var server = TestServerBuilder.BuildTestServerWithService(options =>
{
options.Realm = realm;
options.SuppressWWWAuthenticateHeader = false;
});
using var client = server.CreateClient();
using var response = await client.GetAsync(TestServerBuilder.BaseUrl);
Assert.False(response.IsSuccessStatusCode);
var wwwAuthenticateHeader = response.Headers.WwwAuthenticate;
Assert.NotEmpty(wwwAuthenticateHeader);
var wwwAuthenticateHeaderToMatch = Assert.Single(wwwAuthenticateHeader);
Assert.NotNull(wwwAuthenticateHeaderToMatch);
Assert.Equal(BasicDefaults.AuthenticationScheme, wwwAuthenticateHeaderToMatch.Scheme);
Assert.Equal($"realm=\"{realm}\", charset=\"UTF-8\"", wwwAuthenticateHeaderToMatch.Parameter);
}
public BasicHandlerTests()
{
_server = TestServerBuilder.BuildTestServer();
_client = _server.CreateClient();
_serverWithService = TestServerBuilder.BuildTestServerWithService();
_clientWithService = _serverWithService.CreateClient();
}
private HttpClient BuildClient(Func <BasicAuthenticationSucceededContext, Task> onAuthenticationSucceeded)
{
var server = TestServerBuilder.BuildTestServerWithService(options =>
{
options.Realm = TestServerBuilder.Realm;
options.Events.OnAuthenticationSucceeded = onAuthenticationSucceeded;
});
_serversToDispose.Add(server);
return(server.CreateClient());
}
private HttpClient BuildClient(Func <BasicHandleChallengeContext, Task> onHandleChallenge)
{
var server = TestServerBuilder.BuildTestServerWithService(options =>
{
options.Realm = TestServerBuilder.Realm;
options.Events.OnHandleChallenge = onHandleChallenge;
});
_serversToDispose.Add(server);
return(server.CreateClient());
}
public async Task HandleChallange_using_SuppressWWWAuthenticateHeader()
{
using var server = TestServerBuilder.BuildTestServerWithService(options =>
{
options.Realm = TestServerBuilder.Realm;
options.SuppressWWWAuthenticateHeader = true;
});
using var client = server.CreateClient();
using var response = await client.GetAsync(TestServerBuilder.BaseUrl);
Assert.False(response.IsSuccessStatusCode);
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
Assert.Empty(response.Headers.WwwAuthenticate);
}
public async Task SuppressWWWAuthenticateHeader_verify_true()
{
var realm = TestServerBuilder.Realm;
using var server = TestServerBuilder.BuildTestServerWithService(options =>
{
options.Realm = realm;
options.SuppressWWWAuthenticateHeader = true;
});
using var client = server.CreateClient();
using var response = await client.GetAsync(TestServerBuilder.BaseUrl);
Assert.False(response.IsSuccessStatusCode);
Assert.Empty(response.Headers.WwwAuthenticate);
}
public void BasicUserValidationServiceType_verify_not_null()
{
using var server = TestServerBuilder.BuildTestServerWithService();
var services = server.Host.Services;
var apiKeyOptionsSnapshot = services.GetService <IOptionsSnapshot <BasicOptions> >();
var apiKeyOptions = apiKeyOptionsSnapshot.Get(BasicDefaults.AuthenticationScheme);
Assert.NotNull(apiKeyOptions);
Assert.NotNull(apiKeyOptions.BasicUserValidationServiceType);
Assert.Equal(typeof(FakeBasicUserValidationService), apiKeyOptions.BasicUserValidationServiceType);
var apiKeyProvider = services.GetService <IBasicUserValidationService>();
Assert.NotNull(apiKeyProvider);
Assert.Equal(typeof(FakeBasicUserValidationService), apiKeyProvider.GetType());
}
public async Task IgnoreAuthenticationIfAllowAnonymous_verify_true()
{
var realm = TestServerBuilder.Realm;
using var server = TestServerBuilder.BuildTestServerWithService(options =>
{
options.Realm = realm;
options.IgnoreAuthenticationIfAllowAnonymous = true;
});
using var client = server.CreateClient();
using var request = new HttpRequestMessage(HttpMethod.Get, TestServerBuilder.AnonymousUrl);
request.Headers.Authorization = FakeUsers.FakeUserIgnoreAuthenticationIfAllowAnonymous.ToAuthenticationHeaderValue();
using var response = await client.SendAsync(request);
Assert.True(response.IsSuccessStatusCode);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
}
public async Task IgnoreAuthenticationIfAllowAnonymous_verify_false()
{
var realm = TestServerBuilder.Realm;
using var server = TestServerBuilder.BuildTestServerWithService(options =>
{
options.Realm = realm;
options.IgnoreAuthenticationIfAllowAnonymous = false;
});
using var client = server.CreateClient();
using var request = new HttpRequestMessage(HttpMethod.Get, TestServerBuilder.AnonymousUrl);
request.Headers.Authorization = FakeUsers.FakeUserIgnoreAuthenticationIfAllowAnonymous.ToAuthenticationHeaderValue();
var exception = await Assert.ThrowsAsync <InvalidOperationException>(() => client.SendAsync(request));
Assert.Equal(nameof(BasicOptions.IgnoreAuthenticationIfAllowAnonymous), exception.Message);
}
public async Task HandleAuthenticate_OnAuthenticationSucceeded_result_null()
{
using var server = TestServerBuilder.BuildTestServerWithService(options =>
{
options.Realm = TestServerBuilder.Realm;
options.Events.OnAuthenticationSucceeded = context =>
{
Assert.Null(context.Result);
return(Task.CompletedTask);
};
});
using var client = server.CreateClient();
using var request = new HttpRequestMessage(HttpMethod.Get, TestServerBuilder.BaseUrl);
request.Headers.Authorization = FakeUsers.FakeUser.ToAuthenticationHeaderValue();
using var response = await client.SendAsync(request);
Assert.True(response.IsSuccessStatusCode);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
}
public async Task HandleChallange_using_OnHandleChallenge()
{
using var server = TestServerBuilder.BuildTestServerWithService(options =>
{
options.Realm = TestServerBuilder.Realm;
options.Events.OnHandleChallenge = context =>
{
context.HttpContext.Response.Headers.Add(HeaderFromEventsKey, HeaderFromEventsValue);
return(Task.CompletedTask);
};
});
using var client = server.CreateClient();
using var response = await client.GetAsync(TestServerBuilder.BaseUrl);
Assert.False(response.IsSuccessStatusCode);
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
Assert.NotEmpty(response.Headers.WwwAuthenticate);
Assert.True(response.Headers.Contains(HeaderFromEventsKey));
Assert.Contains(HeaderFromEventsValue, response.Headers.GetValues(HeaderFromEventsKey));
}
public async Task HandleForbidden_using_OnHandleForbidden()
{
using var server = TestServerBuilder.BuildTestServerWithService(options =>
{
options.Realm = TestServerBuilder.Realm;
options.Events.OnHandleForbidden = context =>
{
context.HttpContext.Response.Headers.Add(HeaderFromEventsKey, HeaderFromEventsValue);
return(Task.CompletedTask);
};
});
using var client = server.CreateClient();
using var request = new HttpRequestMessage(HttpMethod.Get, TestServerBuilder.ForbiddenUrl);
request.Headers.Authorization = FakeUsers.FakeUser.ToAuthenticationHeaderValue();
using var response = await client.SendAsync(request);
Assert.False(response.IsSuccessStatusCode);
Assert.Equal(HttpStatusCode.Forbidden, response.StatusCode);
Assert.True(response.Headers.Contains(HeaderFromEventsKey));
Assert.Contains(HeaderFromEventsValue, response.Headers.GetValues(HeaderFromEventsKey));
}
private async Task RunAuthInitWithServiceAsync(Action <BasicOptions> configureOptions)
{
var server = TestServerBuilder.BuildTestServerWithService(configureOptions);
await server.CreateClient().GetAsync(TestServerBuilder.BaseUrl);
}