public void Setup() { _plantProviderMock = new Mock <IPlantProvider>(); _plantProviderMock.SetupGet(p => p.Plant).Returns(Plant1); _plantCacheMock = new Mock <IPlantCache>(); _plantCacheMock.Setup(p => p.HasUserAccessToPlantAsync(Plant1, Oid)).Returns(Task.FromResult(true)); _plantCacheMock.Setup(p => p.HasUserAccessToPlantAsync(Plant2, Oid)).Returns(Task.FromResult(true)); var permissionCacheMock = new Mock <IPermissionCache>(); permissionCacheMock.Setup(p => p.GetPermissionsForUserAsync(Plant1, Oid)) .Returns(Task.FromResult <IList <string> >(new List <string> { Permission1_Plant1, Permission2_Plant1 })); permissionCacheMock.Setup(p => p.GetProjectsForUserAsync(Plant1, Oid)) .Returns(Task.FromResult <IList <string> >(new List <string> { Project1_Plant1, Project2_Plant1 })); permissionCacheMock.Setup(p => p.GetPermissionsForUserAsync(Plant2, Oid)) .Returns(Task.FromResult <IList <string> >(new List <string> { Permission1_Plant2 })); permissionCacheMock.Setup(p => p.GetProjectsForUserAsync(Plant2, Oid)) .Returns(Task.FromResult <IList <string> >(new List <string> { Project1_Plant2 })); var loggerMock = new Mock <ILogger <ClaimsTransformation> >(); _principalWithOid = new ClaimsPrincipal(); var claimsIdentity = new ClaimsIdentity(); claimsIdentity.AddClaim(new Claim(ClaimsExtensions.Oid, Oid.ToString())); _principalWithOid.AddIdentity(claimsIdentity); _dut = new ClaimsTransformation( _plantProviderMock.Object, _plantCacheMock.Object, permissionCacheMock.Object, loggerMock.Object); }
public void AddDistinctionAsync_IfNotAdmin_ThrowsUnauthorizedAccessException() { //Arrange mockRepoWrapper .Setup(x => x.Distinction.CreateAsync(It.IsAny <Distinction>())); //Act ClaimsIdentity claimsIdentity = new ClaimsIdentity(); ClaimsPrincipal notAdmin = new ClaimsPrincipal(); claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, "Htos`")); notAdmin.AddIdentity(claimsIdentity); //Assert Exception exception = Assert.ThrowsAsync(typeof(UnauthorizedAccessException), async() => { await distinctionService.AddDistinctionAsync(It.IsAny <DistinctionDTO>(), notAdmin); }); Assert.AreEqual("Attempted to perform an unauthorized operation.", exception.Message); }
public Task <ClaimsPrincipal> TransformAsync(ClaimsPrincipal p) { string appCode = _config.GetValue <string>("appCode"); List <string> UserRights = new List <string>(); lock (dbLock) { UserRights = _usermanager.GetUserRights(p?.Identity?.Name, appCode); } var claims = new List <Claim>(); foreach (string item in UserRights) { claims.Add(new Claim(item, "true")); } p.AddIdentity(new ClaimsIdentity(claims)); return(Task.FromResult(p)); }
public async Task <Result <IAuthResponse> > SignIn(IAuthRequest request, ClaimsPrincipal principal) { try { Result <User> userResult = await _usersRepo.Get( u => request.Email.Equals(u.Email, StringComparison.OrdinalIgnoreCase)); User user = userResult.Data; if (user == null) { userResult.AddError(ErrorCodes.AUTH_EMAIL_NOT_FOUND); return(Result <IAuthResponse> .Error(userResult.ErrorCodes)); } if (!user.Password.SequenceEqual(GetHash(request.Password))) { userResult.AddError(ErrorCodes.AUTH_EMAIL_OR_PASSWORD_INCORRECT); return(Result <IAuthResponse> .Error(userResult.ErrorCodes)); } var claims = new Claim[] { new Claim(ClaimTypes.Sid, user.Id.ToString()) }; var identity = new ClaimsIdentity(claims); principal.AddIdentity(identity); var now = DateTime.UtcNow; JwtSecurityToken token = new JwtSecurityToken( issuer: _config.Issuer, audience: _config.Audience, claims: identity.Claims, notBefore: now, expires: now.Add(TimeSpan.FromHours(_config.Lifetime)), signingCredentials: new SigningCredentials(_key, SecurityAlgorithms.HmacSha256)); _logger.LogInformation($"User {user} signed in."); return(Result <IAuthResponse> .Success( new AuthResponse(new JwtSecurityTokenHandler().WriteToken(token)))); } catch (Exception ex) { _logger.LogError(ex.Message); } return(Result <IAuthResponse> .Error(ErrorCodes.UNEXPECTED)); }
public Task Invoke(HttpContext context) { const string authenticationHeaderName = "Authorization"; const string tokenSchemeName = "Bearer"; var result = context.Request.Headers.TryGetValue(authenticationHeaderName, out var header); if (result) { result = AuthenticationHeaderValue.TryParse(header, out var authenticationHeader); if (result) { var token = authenticationHeader.Parameter; if (token != null && authenticationHeader.Scheme == tokenSchemeName) { var user = _authenticationService.Authenticate(token); if (user != null) { var identity = new ClaimsIdentity(); var nameClaim = new Claim(nameof(User.Name), user.Name); var tokenClaim = new Claim(nameof(User.Token), user.Token); identity.AddClaim(nameClaim); identity.AddClaim(tokenClaim); var principal = new ClaimsPrincipal(); principal.AddIdentity(identity); context.User = new ClaimsPrincipal(principal); return(_next(context)); } } } } throw new AuthenticationException(); }
private static async Task AddUserIdClaim(ClaimsPrincipal user, HttpContext ctx) { var userBusiness = ctx.RequestServices.GetService <IUserBusiness>(); var email = user.Claims.First(c => c.Type == ClaimTypes.Email).Value; var userId = userBusiness.GetUserIdByEmail(email); if (userId == null) { userId = await CreateFirebaseUser(userBusiness, user, ctx); } var id = new ClaimsIdentity(); id.AddClaim(new Claim("id", userId.Value.ToString())); user.AddIdentity(id); }
private AuthenticationTicket CloneTicket(AuthenticationTicket ticket, ClaimsPrincipal replacedPrincipal) { var principal = replacedPrincipal ?? ticket.Principal; var newPrincipal = new ClaimsPrincipal(); foreach (var identity in principal.Identities) { newPrincipal.AddIdentity(identity.Clone()); } var newProperties = new AuthenticationProperties(); foreach (var item in ticket.Properties.Items) { newProperties.Items[item.Key] = item.Value; } return(new AuthenticationTicket(newPrincipal, newProperties, ticket.AuthenticationScheme)); }
public async void UpdateUserReturnUpdatedUserTest() { //Arrange User u = new User("1", "userName", "password", 1, 1, 1, "name", "surname", "address", "phoneNumber", "base64Profile", true); List <string> listRoles = new List <string>(); listRoles.Add("rol1"); listRoles.Add("rol2"); ClaimsIdentity Identity = new ClaimsIdentity(new Claim[] { new Claim("id", "1"), new Claim("http://schemas.microsoft.com/identity/claims/tenantid", "test"), new Claim("http://schemas.microsoft.com/identity/claims/objectidentifier", Guid.NewGuid().ToString()), new Claim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname", "test"), new Claim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname", "test"), new Claim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn", "test"), }, "test"); ClaimsPrincipal reqUser = new ClaimsPrincipal(); reqUser.AddIdentity(Identity); UserOutput uO = new UserOutput() { Id = "2", Username = "******", Name = "Name", Surname = "surname", PlantID = 1, Plant = "Plant", SectorID = 1, Sector = "Sector", JobID = 1, Job = "job", PhoneNumber = "phone", Address = "address", base64Profile = "base64", Roles = listRoles }; var mockUserRepository = new Mock <IUserRepository>(); var mockMapper = new Mock <IMapper>(); mockUserRepository.Setup(e => e.Update(It.IsAny <User>(), It.IsAny <List <string> >())).ReturnsAsync(u); mockMapper.Setup(e => e.Map <User, UserOutput>(It.IsAny <User>())).Returns(uO); var useCase = new UpdateUserUseCase(mockUserRepository.Object, mockMapper.Object); //Act var res = await useCase.Execute(reqUser, "1", "userName", "password", 1, 1, 1, "name", "surname", listRoles, "address", "phoneNumber", "base64Profile", true); //Assert Assert.IsType <UserOutput>(res); }
public void Should_Override_User_In_Owin_Environment() { //Given var fakeTokenValidator = A.Fake <ITokenValidator>(); var secureuser = new ClaimsPrincipal(); var claimsIdentity = new ClaimsIdentity("Token"); claimsIdentity.AddClaim(new Claim("http://schemas.microsoft.com/ws/2008/06/identity/claims/role", "DumbUser")); secureuser.AddIdentity(claimsIdentity); A.CallTo(() => fakeTokenValidator.ValidateUser(A <string> .Ignored)) .Returns(secureuser); var owinhttps = GetStatelessAuth(GetNextFunc(), tokenValidator: fakeTokenValidator); //TODO Tidy on 3.8 Mono release var overriddenUser = new ClaimsPrincipal(); var overriddenIdentity = new ClaimsIdentity("Token"); overriddenIdentity.AddClaim(new Claim("http://schemas.microsoft.com/ws/2008/06/identity/claims/role", "Administrator")); overriddenUser.AddIdentity(overriddenIdentity); var environment = new Dictionary <string, object> { { "owin.RequestHeaders", new Dictionary <string, string[]>() { { "Authorization", new[] { "mysecuretoken" } } } }, { "owin.RequestPath", "/" }, { ServerUser, overriddenUser } }; //When var task = owinhttps.Invoke(environment); //Then var user = environment[ServerUser] as ClaimsPrincipal; //TODO Tidy on 3.8 Mono release Assert.True(user.HasClaim(x => x.Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/role" && x.Value == "DumbUser")); }
public IActionResult Index() { var claimsIdentity = (ClaimsIdentity)User.Identity; var claims = claimsIdentity.FindFirst(ClaimTypes.NameIdentifier); claimsIdentity.AddClaim(new Claim(ClaimTypes.Sid, "id")); //Enum.GetName(typeof(ERole), ERole.uye)) claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, Enum.GetName(typeof(ERole), ERole.egitmen))); //Enum.GetName(typeof(ERole), ERole.uye)) //claimsIdentity.AddClaim(new Claim(ClaimTypes.Role,"admin")); ClaimsPrincipal claimsPrincipal = new ClaimsPrincipal(); claimsPrincipal.AddIdentity(claimsIdentity); string uyeid = User.Claims.FirstOrDefault(f => f.Type == System.Security.Claims.ClaimTypes.Sid).Value; var fromClaim = Convert.ToInt32(uyeid); // BURASINI KONTROL ET!! // int fromClaim = (int)Convert.ToUInt32(claims.Value); CartVM = new CartVM() { Order = new Order(), ListCart = rCart.GetAllLazy(u => u.MemberId == fromClaim, includeProperties: "Course").ToList() }; CartVM.Order.OrderTotal = 0; //int frmV = Convert.ToInt32(claims.Value) CartVM.Order.member = rMember.GetBy(u => u.ID == fromClaim); foreach (var cart in CartVM.ListCart) { //Eklenecek cart.Price = GetPriceBaseOnQuantity(cart.Course); CartVM.Order.OrderTotal += cart.Price; cart.Course.Description = ConvertToRawHtml(cart.Course.Description); if (cart.Course.Description.Length > 50) { cart.Course.Description = cart.Course.Description.Substring(0, 49) + "..."; } } return(View(CartVM)); }
public async Task PatchUser_ValidCall() { var mock = AutoMock.GetLoose(); var user = new UserUpdateDto(); mock.Mock <IUserService>().Setup(x => x.UserForUpdate("id")).ReturnsAsync(user); var controller = mock.Create <UserController>(); controller.ControllerContext = new ControllerContext { HttpContext = new DefaultHttpContext() }; var claims = new ClaimsPrincipal(); claims.AddIdentity(new ClaimsIdentity(new [] { new Claim(ClaimTypes.PrimarySid, "id") })); controller.ControllerContext.HttpContext.User = claims; var result = await controller.PatchUser(new JsonPatchDocument <UserUpdateDto>()); Assert.IsType <OkResult>(result); }
/// <summary> /// add claims from db /// </summary> /// <param name="incommingPrincipal">principal from authenticateHttpMessageHandler</param> /// <returns>incommingPrincipal with new claims</returns> /// <exception>All exceptions will be caught in AuthenticateHttpMessageHandler</exception>" private ClaimsPrincipal AddClaimsToPrincipal(ClaimsPrincipal incommingPrincipal) { // get username from claims string username = incommingPrincipal.FindFirst(claim => claim.Type == "UserName").Value; // new identity for principal ClaimsIdentity ci = new ClaimsIdentity(); // get all claims List <Claim> allClaims = GetClaims(username); // Add Claims to identity ci.AddClaims(allClaims); // store new identity in principal incommingPrincipal.AddIdentity(ci); // return principal with all claims return(incommingPrincipal); }
public override ClaimsPrincipal Authenticate(string resourceName, ClaimsPrincipal incomingPrincipal) { var msClientPrincipalEncoded = WebOperationContext.Current?.IncomingRequest?.Headers["X-MS-CLIENT-PRINCIPAL"]; if (msClientPrincipalEncoded == null) { return(incomingPrincipal); } byte[] decodedBytes = Convert.FromBase64String(msClientPrincipalEncoded); string msClientPrincipalDecoded = System.Text.Encoding.Default.GetString(decodedBytes); MsClientPrincipal clientPrincipal = JsonConvert.DeserializeObject <MsClientPrincipal>(msClientPrincipalDecoded); ClaimsPrincipal principal = new ClaimsPrincipal(); IEnumerable <Claim> claims = clientPrincipal.Claims.Select(x => new Claim(x.Type, x.Value)); principal.AddIdentity(new ClaimsIdentity(claims, clientPrincipal.AuthenticationType, clientPrincipal.NameType, clientPrincipal.RoleType)); return(principal); }
Task <ClaimsPrincipal> IClaimsTransformation.TransformAsync(ClaimsPrincipal principal) { var userName = principal.Identity.Name; var ci = Cacher.FindOrCreateValue( userName, () => { var ci = new ClaimsIdentity("ulo"); foreach (var c in Db.AspNetUserClaims.Where(c => c.User.UserName == userName).AsNoTracking()) { ci.AddClaim(new Claim(c.ClaimType, c.ClaimValue)); } return(ci); }, ConfigOptions.Value.ClaimsCacheTimeout); LogInformation("Loaded {claimCount} for {principal}", ci.Claims.Count(), userName); principal.AddIdentity(ci); return(Task.FromResult(principal)); }
public void RoleCheckSingleDeny() { var identity = new ClaimsIdentity("Test"); identity.AddClaim(new Claim(identity.RoleClaimType, "NotValidRole")); var user = new ClaimsPrincipal(); user.AddIdentity(identity); var attributes = new AuthorizeAttribute[] { new AuthorizeAttribute() { Roles = "Allow" } }; Assert.False(HalcyonExtUtils.CheckRoles(user, attributes)); }
public static T WithUser <T>(this T c) where T : ControllerBase { var user = new ClaimsPrincipal(); user.AddIdentity(new ClaimsIdentity(new[] { new Claim(ClaimTypes.NameIdentifier, "test") })); c.ControllerContext = new ControllerContext { HttpContext = new DefaultHttpContext() { User = user } }; return(c); }
public Task <ClaimsPrincipal> TransformAsync(ClaimsPrincipal principal) { System.Collections.Generic.IEnumerable <Claim> customClaims = principal.Claims.Where(c => _sourceClaimType.Equals(c.Type, StringComparison.OrdinalIgnoreCase)); System.Collections.Generic.IEnumerable <Claim> roleClaims = customClaims.SelectMany(c => { return(c.Value.Split(' ').Select(s => new Claim(_roleType, s))); }); if (!roleClaims.Any()) { return(Task.FromResult(principal)); } ClaimsPrincipal transformed = new ClaimsPrincipal(principal); ClaimsIdentity rolesIdentity = new ClaimsIdentity(roleClaims, _authType, null, _roleType); transformed.AddIdentity(rolesIdentity); return(Task.FromResult(transformed)); }
public void RoleCheckMultipleOr() { var identity = new ClaimsIdentity("Test"); identity.AddClaim(new Claim(identity.RoleClaimType, "Allow")); var user = new ClaimsPrincipal(); user.AddIdentity(identity); var attributes = new AuthorizeAttribute[] { new AuthorizeAttribute() { Roles = "Allow,OtherAllow" } }; Assert.True(HalcyonExtUtils.CheckRoles(user, attributes)); }
public async Task UpdateAvailabilityRecordCommandHandler_Handle_AvailabilityRecordUpdated() { var accountId = Guid.NewGuid(); var claimsIdentity = new ClaimsIdentity(); claimsIdentity.AddClaim(new Claim(ClaimTypes.NameIdentifier, accountId.ToString())); var claimsPrincipal = new ClaimsPrincipal(); claimsPrincipal.AddIdentity(claimsIdentity); var createAvailabilityRecordCommandHandler = new UpdateAvailabilityRecordCommandHandler(_availabilityRecordRepository, _claimConverter); var record = new AvailabilityRecord(accountId, "name", "url", 200, "{}", 1); await _availabilityRecordRepository.AddAsync(record, CancellationToken.None); await _availabilityRecordRepository.UnitOfWork.SaveEntitiesAsync(CancellationToken.None); await createAvailabilityRecordCommandHandler.Handle(new UpdateAvailabilityRecordCommand(claimsPrincipal, record.Id, "test name", "http://google.com/", 200, "{}", 12), CancellationToken.None).ConfigureAwait(false); Assert.Equal(accountId, record.AccountId); Assert.Equal("test name", record.Name); Assert.Equal("http://google.com/", record.Url); Assert.Equal(200, record.ExpectedStatusCode); Assert.Equal("{}", record.ExpectedResponse); Assert.Equal(12, record.LogLifetimeThresholdInHours); }
public async Task <string> Login(LoginViewModel model) { var gambler = await _dbContext.Gamblers.Include(g => g.Roles).ThenInclude(r => r.Role).FirstOrDefaultAsync(g => g.UserName.Equals(model.UserName, StringComparison.InvariantCultureIgnoreCase)); if (gambler == null) { return(null); } if (_passwordHasher.VerifyHashedPassword(gambler, gambler.Password, model.Password) != PasswordVerificationResult.Failed) { var roles = gambler.Roles.Select(r => r.Role); var rolesNames = string.Join(',', roles.Select(r => r.Name)); var claims = new ClaimsPrincipal(); claims.AddIdentity(new ClaimsIdentity(new List <Claim> { new Claim("Id", gambler.Id.ToString()), new Claim("DisplayName", gambler.DisplayName), new Claim(ClaimsIdentity.DefaultNameClaimType, gambler.UserName), new Claim(ClaimsIdentity.DefaultRoleClaimType, rolesNames) }, JwtBearerDefaults.AuthenticationScheme)); var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_authSettings.Key)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken(_authSettings.Issuer, _authSettings.Audience, claims: claims.Claims, expires: DateTime.Now.AddMinutes(_authSettings.TokenLifeTimeInMinutes), signingCredentials: creds); return(new JwtSecurityTokenHandler().WriteToken(token)); } else { return(null); } }
public void Should_GetCustomer_ForAuthorizedUser() { Customer testCustomer = new Customer { Id = 1, UserId = "test_user", Address1 = "Addr1", Address2 = "Addr2", Address3 = "Addr3", Address4 = "Addr4", Address5 = "Addr5", ContactEmail = "*****@*****.**", ContactPhone = "01234567898", FirstName = "First", LastName = "Last", }; Mock <IUnitOfWork> mockUOW = new Mock <IUnitOfWork>(); mockUOW.Setup(f => f.Customers.Get()).Returns(new[] { testCustomer }.AsQueryable()); var userStore = new Mock <IUserStore <User> >(); Mock <UserManager <User> > mockUserManager = new Mock <UserManager <User> >(userStore.Object, null, null, null, null, null, null, null, null); mockUserManager.Setup(f => f.GetUserId(It.IsAny <ClaimsPrincipal>())).Returns("test_user"); mockUserManager.Setup(f => f.FindByNameAsync(It.IsAny <string>())).Returns(Task.FromResult(new User { Id = "test_user" })); CustomersController controller = new CustomersController(mockUOW.Object, mockUserManager.Object); var userClaimsIdentity = new ClaimsPrincipal(); userClaimsIdentity.AddIdentity(new ClaimsIdentity(new[] { new Claim("sub", "*****@*****.**") })); controller.ControllerContext.HttpContext = new DefaultHttpContext() { User = userClaimsIdentity }; var customer = controller.GetCustomer(); Assert.IsType <OkObjectResult>(customer); }
/// <summary> /// Sets the user principal /// </summary> /// <param name="ctx"></param> /// <returns></returns> private async Task SetPrincipal(TokenValidatedContext ctx) { if (ctx.Principal != null && ctx.Principal.Identity.IsAuthenticated) { try { // Set user principal. Replace with your custom logic if needed var identity = ctx.Principal.Identity as ClaimsIdentity; var user = new ClaimsPrincipal(identity); user.AddIdentity(identity); ctx.Principal = user; } catch (Exception ex) { var logger = ctx.HttpContext.RequestServices.GetRequiredService <ILogger <JwtEventHelper> >(); logger.LogError(ex, "Setting user principal failed."); ctx.Fail("Setting user principal failed."); } } }
/// <summary> /// Clones a principal by filtering its identities. /// </summary> /// <param name="principal">The <see cref="ClaimsPrincipal"/> instance to filter.</param> /// <param name="filter"> /// The delegate filtering the claims: return <c>true</c> /// to accept the claim, <c>false</c> to remove it. /// </param> public static ClaimsPrincipal Clone(this ClaimsPrincipal principal, Func <Claim, bool> filter) { if (principal == null) { throw new ArgumentNullException(nameof(principal)); } if (filter == null) { throw new ArgumentNullException(nameof(filter)); } var clone = new ClaimsPrincipal(); foreach (var identity in principal.Identities) { clone.AddIdentity(identity.Clone(filter)); } return(clone); }
public void GetDataPolicies_GivenFindableDataPolicyClaim_ReturnsEmptyList() { // Arrange user.AddIdentity(new ClaimsIdentity( new Claim[] { new Claim(ClaimTypes.Name, "example name"), new Claim(ClaimTypes.NameIdentifier, userId), new Claim("custom-claim", "example claim value"), new Claim("dataPolicy", "data policy value 1"), new Claim("dataPolicy", "data policy value 2") })); // Act List <string> lookupList = ClaimsHelper.GetDataPolicies(user); // Assert Assert.True(lookupList.Count == 2, "With findable datapolicy claim a populated list must be returned."); Assert.True(string.Compare(lookupList[0], "data policy value 1") == 0, $"Expected datapolicy value 'data policy value 1' not found. Found value: '{lookupList[0]}'."); Assert.True(string.Compare(lookupList[1], "data policy value 2") == 0, $"Expected datapolicy value 'data policy value 2' not found. Found value: '{lookupList[1]}'."); }
public void DeleteUserDistinctionAsync_IfAdmin_ThrowsNotImplementedException() { //Arrange mockRepoWrapper .Setup(x => x.UserDistinction.GetFirstAsync(It.IsAny <Expression <Func <UserDistinction, bool> > >(), It.IsAny <Func <IQueryable <UserDistinction>, IIncludableQueryable <UserDistinction, object> > >())) .ReturnsAsync(() => null); //Act ClaimsIdentity claimsIdentity = new ClaimsIdentity(); ClaimsPrincipal Admin = new ClaimsPrincipal(); claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, "Admin")); Admin.AddIdentity(claimsIdentity); //Assert Exception exception = Assert.ThrowsAsync(typeof(NotImplementedException), async() => { await distinctionService.DeleteUserDistinctionAsync(It.IsAny <int>(), Admin); }); Assert.AreEqual("The method or operation is not implemented.", exception.Message); }
public void DeleteUserDistinctionAsync_IfNotAdmin_ThrowsUnauthorizedAccessException() { //Arrange mockRepoWrapper .Setup(x => x.UserDistinction.GetFirstAsync(It.IsAny <Expression <Func <UserDistinction, bool> > >(), It.IsAny <Func <IQueryable <UserDistinction>, IIncludableQueryable <UserDistinction, object> > >())) .ReturnsAsync(new UserDistinction()); //Act ClaimsIdentity claimsIdentity = new ClaimsIdentity(); ClaimsPrincipal notAdmin = new ClaimsPrincipal(); claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, "Htos`")); notAdmin.AddIdentity(claimsIdentity); //Assert Exception exception = Assert.ThrowsAsync(typeof(UnauthorizedAccessException), async() => { await distinctionService.DeleteUserDistinctionAsync(It.IsAny <int>(), notAdmin); }); Assert.AreEqual("Attempted to perform an unauthorized operation.", exception.Message); }
public async Task SignIn(Guid usuarioId) { Usuario usuario = _usuarioService.ObterPorId(usuarioId).Result; string encryptedUsuarioId = _securityService.EncryptValue(usuario.Id); IEnumerable <Claim> claims = new List <Claim>() { new Claim(ClaimTypes.Role, usuario.Grupo.Role), new Claim(ClaimTypes.NameIdentifier, encryptedUsuarioId) }; ClaimsIdentity claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); ClaimsPrincipal principal = new ClaimsPrincipal(); principal.AddIdentity(claimsIdentity); CriarCacheUsuario(usuario); await _httpContextAccessor.HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal); }
/// <summary> /// This creates an http context. /// </summary> /// <param name="cognitoUser">The Cognito User to link to the context</param> /// <param name="scheme">The scheme to signin the user into</param> /// <returns></returns> public static DefaultHttpContext MockContext(CognitoUser cognitoUser, string scheme) { var context = new DefaultHttpContext(); var authMock = new Mock <IAuthenticationService>(); var userPrincipal = new ClaimsPrincipal(); userPrincipal.AddIdentity(new ClaimsIdentity(new List <Claim>() { new Claim(ClaimTypes.Name, cognitoUser.UserID), new Claim(providerKey, loginProvider), new Claim(ClaimTypes.AuthenticationMethod, providerKey) })); var authenticationTicket = new AuthenticationTicket(userPrincipal, scheme); var authenticateResult = AuthenticateResult.Success(authenticationTicket); context.RequestServices = new ServiceCollection().AddSingleton(authMock.Object).BuildServiceProvider(); authMock.Setup(a => a.AuthenticateAsync(context, scheme)).Returns(Task.FromResult(authenticateResult)).Verifiable(); return(context); }
private async Task AddTokenClaimsToPrincipal(string authenticationScheme, ClaimsPrincipal principal, string tokenName) { var jwtToken = await HttpContext.GetTokenAsync("External", tokenName); if (!string.IsNullOrWhiteSpace(jwtToken)) { var token = new JwtSecurityToken(jwtToken); var claimsIdentity = new ClaimsIdentity(token.Claims, tokenName); // die OpenIdConnectOptions zum authenticationScheme ermittteln var options = _optionsFactory.Create(authenticationScheme); // Alle Claimsctions ausführen, diese löschen z.b. nicht benötigte Claims für Cookies. foreach (var action in options.ClaimActions) { action.Run(null, claimsIdentity, null); } principal.AddIdentity(claimsIdentity); } }
public void DeleteDistinctionAsync_IfAdmin_ThrowsArgumentNullException() { //Arrange mockRepoWrapper .Setup(x => x.Distinction.GetFirstAsync(It.IsAny <Expression <Func <Distinction, bool> > >(), It.IsAny <Func <IQueryable <Distinction>, IIncludableQueryable <Distinction, object> > >())) .ReturnsAsync(nullDistinction); //Act ClaimsIdentity claimsIdentity = new ClaimsIdentity(); ClaimsPrincipal Admin = new ClaimsPrincipal(); claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, "Admin")); Admin.AddIdentity(claimsIdentity); //Assert Exception exception = Assert.ThrowsAsync(typeof(ArgumentNullException), async() => { await distinctionService.DeleteDistinctionAsync(It.IsAny <int>(), Admin); }); Assert.AreEqual("Value cannot be null. (Parameter 'Distinction with 0 not found')", exception.Message); }