public void CreateSessionID_UserUnauthenticated_ReturnsAspNetSessionID()
{
var mock = Mock.Get(_httpContext);
mock.Setup(c => c.User.Identity.IsAuthenticated).Returns(false);
var sessionIdManager = new AuthenticatedSessionIDManager(_httpContext, _configEnabled, _sessionIDHelper);
Mock.Get(_sessionIDHelper).Setup(s => s.Create(It.IsAny <String>())).Throws <NotImplementedException>();
Assert.True(sessionIdManager.CreateSessionID(null).Length == 24, "Generated session id was not length 24, and propably not an ASP.NET session ID.");
}
public void CreateSessionID_UserAuthenticated_ReturnsUserSpecificAuthenticatedSessionID()
{
var mock = Mock.Get(_httpContext);
mock.Setup(c => c.User.Identity.IsAuthenticated).Returns(true);
mock.Setup(c => c.User.Identity.Name).Returns("klings");
var sessionIdManager = new AuthenticatedSessionIDManager(_httpContext, _configEnabled, _sessionIDHelper);
Mock.Get(_sessionIDHelper).Setup(s => s.Create("klings")).Returns("secureid");
Assert.AreEqual("secureid", sessionIdManager.CreateSessionID(null));
}
public void CreateSessionID_DisabledInConfigUserAuthenticated_ReturnsAspNetSessionID()
{
var mock = Mock.Get(_httpContext);
mock.Setup(c => c.User.Identity.IsAuthenticated).Returns(true);
mock.Setup(c => c.User.Identity.Name).Returns("klings");
var config = new SessionSecurityConfigurationSection {
SessionIDAuthentication = { Enabled = false }
};
var sessionIdManager = new AuthenticatedSessionIDManager(_httpContext, config, _sessionIDHelper);
Mock.Get(_sessionIDHelper).Setup(s => s.Create("klings")).Returns("secureid");
Assert.True(sessionIdManager.CreateSessionID(null).Length == 24, "Generated session id was not length 24, and propably not an ASP.NET session ID.");
}