public void Test_ApiKey_Invalid(string apiKey, HttpStatusCode expectedHttpCode) { string tenantName = RunAsDefaultTenant.DefaultTenantName; Mock <IConnectorService> mockService; Mock <IEndpointResolver> mockEndpointResolver; IConnectorService apiKeyService; ConnectorRequest request; ConnectorResponse response; // Define service and mock mockService = new Mock <IConnectorService>(MockBehavior.Strict); mockEndpointResolver = new Mock <IEndpointResolver>(MockBehavior.Strict); apiKeyService = new ApiKeySecurity(mockService.Object, mockEndpointResolver.Object, Factory.EntityRepository); // Define request request = new ConnectorRequest { TenantName = tenantName, QueryString = new Dictionary <string, string> { { "key", apiKey } } }; // Place request response = apiKeyService.HandleRequest(request); Assert.That(response.StatusCode, Is.EqualTo(expectedHttpCode)); mockService.VerifyAll( ); }
public void Test_Tenant_Invalid(string tenantName, HttpStatusCode expectedCode) { string apiKey = "6cb36a1cd60e460bbbfce5af03eb9507"; // or whatever Mock <IConnectorService> mockService; Mock <IEndpointResolver> mockEndpointResolver; IConnectorService apiKeyService; ConnectorRequest request; ConnectorResponse response; // Define service and mock mockService = new Mock <IConnectorService>(MockBehavior.Strict); mockEndpointResolver = new Mock <IEndpointResolver>(MockBehavior.Strict); apiKeyService = new ApiKeySecurity(mockService.Object, mockEndpointResolver.Object, Factory.EntityRepository); // Define request request = new ConnectorRequest { TenantName = tenantName, QueryString = new Dictionary <string, string> { { "key", apiKey } } }; // Place request response = apiKeyService.HandleRequest(request); // This is to avoid tenant discovery. // See notes in ApiKeySecurity.HandleRequest Assert.That(response.StatusCode, Is.EqualTo(expectedCode)); mockService.VerifyAll( ); }
public void IConnectorService_Instance( ) { IConnectorService instance = Factory.Current.Resolve <IConnectorService>( ); Assert.That(instance, Is.TypeOf <ExceptionServiceLayer>( )); instance = (instance as ExceptionServiceLayer).InnerService; Assert.That(instance, Is.TypeOf <ApiKeySecurity>()); ApiKeySecurity apiKeySecurity = ( ApiKeySecurity )instance; Assert.That(apiKeySecurity.InnerService, Is.TypeOf <ConnectorService>( )); }
public void Test_UserAccount_Invalid(UserAccountStatusEnum_Enumeration accountStatus) { string apiKey = "6cb36a1cd60e460bbbfce5af03eb9507"; // or whatever string tenantName = RunAsDefaultTenant.DefaultTenantName; Mock <IConnectorService> mockService; Mock <IEndpointResolver> mockEndpointResolver; IConnectorService apiKeyService; ConnectorRequest request; ConnectorResponse response; UserAccount userAccount; ApiKey key; // Define key and user using (new TenantAdministratorContext(tenantName)) { userAccount = new UserAccount( ); userAccount.Name = "Test user " + Guid.NewGuid( ); userAccount.AccountStatus_Enum = accountStatus; userAccount.Password = "******"; userAccount.Save( ); key = new ApiKey( ); key.Name = apiKey; key.ApiKeyEnabled = true; key.Save( ); } // Define service and mock mockService = new Mock <IConnectorService>(MockBehavior.Strict); mockEndpointResolver = new Mock <IEndpointResolver>(MockBehavior.Strict); apiKeyService = new ApiKeySecurity(mockService.Object, mockEndpointResolver.Object, Factory.EntityRepository); // Define request request = new ConnectorRequest { TenantName = tenantName, QueryString = new Dictionary <string, string> { { "key", apiKey } } }; // Place request response = apiKeyService.HandleRequest(request); Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.Unauthorized)); mockService.VerifyAll( ); }
public void Test_ApiKey_Disabled( ) { string apiKey = "6cb36a1cd60e460bbbfce5af03eb9507"; // or whatever string tenantName = RunAsDefaultTenant.DefaultTenantName; Mock <IConnectorService> mockService; Mock <IEndpointResolver> mockEndpointResolver; IConnectorService apiKeyService; ConnectorRequest request; ConnectorResponse response; ApiKey key; // Define key and user using (new TenantAdministratorContext(tenantName)) { key = new ApiKey( ); key.Name = apiKey; key.Save( ); } // Define service and mock mockService = new Mock <IConnectorService>(MockBehavior.Strict); mockEndpointResolver = new Mock <IEndpointResolver>(MockBehavior.Strict); apiKeyService = new ApiKeySecurity(mockService.Object, mockEndpointResolver.Object, Factory.EntityRepository); // Define request request = new ConnectorRequest { TenantName = tenantName, QueryString = new Dictionary <string, string> { { "key", apiKey } } }; // Place request response = apiKeyService.HandleRequest(request); Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.Unauthorized)); mockService.VerifyAll( ); }
public void Test_Successful_Impersonation(bool apiKeyCanSeeApi, HttpStatusCode expectCode) { string apiKey = "6cb36a1cd60e460bbbfce5af03eb9507"; // or whatever string tenantName = RunAsDefaultTenant.DefaultTenantName; Mock <IConnectorService> mockService; Mock <IEndpointResolver> mockEndpointResolver; IConnectorService apiKeyService; ConnectorRequest request; ConnectorResponse response; UserAccount userAccount; ApiKey key; Api api; long tenantId; EndpointAddressResult endpoint; // Define key and user using (new TenantAdministratorContext(tenantName)) { tenantId = RequestContext.TenantId; userAccount = new UserAccount( ); userAccount.Name = "Test user " + Guid.NewGuid( ); userAccount.AccountStatus_Enum = UserAccountStatusEnum_Enumeration.Active; userAccount.Password = "******"; userAccount.Save( ); api = new Api(); api.Name = "Test API"; api.Save( ); key = new ApiKey(); key.Name = apiKey; key.ApiKeyEnabled = true; key.ApiKeyUserAccount = userAccount; if (apiKeyCanSeeApi) { key.KeyForApis.Add(api); } key.Save(); } // Define service and mock mockService = new Mock <IConnectorService>(MockBehavior.Strict); mockEndpointResolver = new Mock <IEndpointResolver>(MockBehavior.Strict); apiKeyService = new ApiKeySecurity(mockService.Object, mockEndpointResolver.Object, Factory.EntityRepository); // Define request request = new ConnectorRequest { TenantName = tenantName, QueryString = new Dictionary <string, string> { { "key", apiKey } }, ApiPath = new[] { "whatever" } }; // Setup if (apiKeyCanSeeApi) { mockService.Setup(connector => connector.HandleRequest(request)).Returns(() => { Assert.That(RequestContext.TenantId, Is.EqualTo(tenantId)); return(new ConnectorResponse(HttpStatusCode.OK)); }).Verifiable( ); } endpoint = new EndpointAddressResult(api.Id, 0); mockEndpointResolver.Setup(resolver => resolver.ResolveEndpoint(request.ApiPath, true)).Returns(endpoint).Verifiable( ); // Place request response = apiKeyService.HandleRequest(request); Assert.That(response.StatusCode, Is.EqualTo(expectCode)); mockService.VerifyAll( ); }