public async Task EmptyApiKeyReturns401()
{
var client = TestBed.GetClientWithOptions(options => options.ApiKey = TestApiKey);
var response = await client.GetAsync("/");
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
Assert.Equal(string.Empty, await response.Content.ReadAsStringAsync());
}
public async Task ValidCredentialsAuthorize()
{
var client = TestBed.GetClientWithOptions(options => options.ApiKey = TestApiKey);
client.UseApiKey(TestApiKey);
var response = await client.GetAsync("/");
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
Assert.Equal(ApiKeyHeaderAuthenticationDefaults.AuthenticationClaimName, await response.Content.ReadAsStringAsync());
}
public async Task ValidCredentialsAndCustomHeaderAuthorize()
{
const string key = "testapi";
const string header = "X-API-KEY";
var client = TestBed.GetClientWithOptions(options => { options.ApiKey = key; options.Header = header; });
client.UseApiKey(key, header);
var response = await client.GetAsync("/");
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
Assert.Equal(ApiKeyHeaderAuthenticationDefaults.AuthenticationClaimName, await response.Content.ReadAsStringAsync());
}
public async Task InvalidCredentialsAndCustomHeaderReturns401()
{
const string key = "testapi";
const string wrongkey = "wrongkey";
const string header = "X-API-KEY";
var client = TestBed.GetClientWithOptions(options => { options.ApiKey = key; options.Header = header; });
client.UseApiKey(wrongkey, header);
var response = await client.GetAsync("/");
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
Assert.Equal(string.Empty, await response.Content.ReadAsStringAsync());
}
public async Task InvalidCredentialsAndCustomAuthenticationLogicReturns401()
{
const string key = "goodkey";
const string key2 = "badkey";
var client = TestBed.GetClientWithOptions(options => { options.CustomAuthenticationHandler = SimpleCustomAuthenticationLogic; });
client.UseApiKey(key);
var response = await client.GetAsync("/");
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
Assert.Equal(key, await response.Content.ReadAsStringAsync());
client.UseApiKey(key2);
response = await client.GetAsync("/");
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
Assert.Equal(string.Empty, await response.Content.ReadAsStringAsync());
}
public async Task ValidCredentialsAndCustomAuthenticationLogicAndCustomHeaderAuthorize()
{
const string key = "goodkey";
const string key2 = "goodkey2";
const string customHeader = "X-CUSTOM-HEADER";
var client = TestBed.GetClientWithOptions(options => { options.Header = customHeader; options.CustomAuthenticationHandler = SimpleCustomAuthenticationLogic; });
client.UseApiKey(key, customHeader);
var response = await client.GetAsync("/");
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
Assert.Equal(key, await response.Content.ReadAsStringAsync());
client.UseApiKey(key2, customHeader);
response = await client.GetAsync("/");
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
Assert.Equal(key2, await response.Content.ReadAsStringAsync());
}