public async Task ThenFailsIfEmployerAccountIdNotFoundEvenAfterAccountIdRefresh( [Frozen] Mock <IEmployerAccountService> employerAccountService, EmployerAccountRequirement requirement, AuthorizationFilterContext contextFilter, EmployerAccountAuthorizationHandler handler) { //Assign var employerAccounts = new Dictionary <string, EmployerIdentifier>(); var employerAccountClaim = new Claim(EmployerClaims.AccountsClaimsTypeIdentifier, JsonConvert.SerializeObject(employerAccounts)); var userId = Guid.NewGuid().ToString(); var userClaim = new Claim(EmployerClaims.IdamsUserIdClaimTypeIdentifier, userId); var claimsPrinciple = new ClaimsPrincipal(new[] { new ClaimsIdentity(new[] { employerAccountClaim, userClaim }) }); var context = new AuthorizationHandlerContext(new[] { requirement }, claimsPrinciple, contextFilter); var filter = context.Resource as AuthorizationFilterContext; filter.RouteData.Values.Add(RouteValues.EmployerAccountId, 1234); employerAccountService.Setup(s => s.GetClaim(It.IsAny <string>(), It.IsAny <string>())) .ReturnsAsync(employerAccountClaim); //Act await handler.HandleAsync(context); //Assert Assert.IsFalse(context.HasSucceeded); }
public async Task ThenFailsIfEmployerIdIsNotInUrl( EmployerAccountRequirement requirement, AuthorizationFilterContext contextFilter, EmployerAccountAuthorizationHandler handler) { //Assign var employerIdentifier = new EmployerIdentifier { AccountId = "1234", EmployerName = "Test Employer", Role = "Owner" }; var employerAccounts = new Dictionary <string, EmployerIdentifier> { { "1234", employerIdentifier } }; var claim = new Claim(EmployerClaims.AccountsClaimsTypeIdentifier, JsonConvert.SerializeObject(employerAccounts)); var claimsPrinciple = new ClaimsPrincipal(new[] { new ClaimsIdentity(new[] { claim }) }); var context = new AuthorizationHandlerContext(new[] { requirement }, claimsPrinciple, contextFilter); //Act await handler.HandleAsync(context); //Assert Assert.IsFalse(context.HasSucceeded); }
public void ThenReturnsFalseIfEmployerIdIsNotInUrl( EmployerAccountRequirement requirement, AuthorizationFilterContext contextFilter, EmployerAccountAuthorizationHandler handler) { //Assign var employerIdentifier = new EmployerIdentifier { AccountId = "1234", EmployerName = "Test Employer", Role = "Owner" }; var employerAccounts = new Dictionary <string, EmployerIdentifier> { { "1234", employerIdentifier } }; var claim = new Claim(EmployerClaims.AccountsClaimsTypeIdentifier, JsonConvert.SerializeObject(employerAccounts)); var claimsPrinciple = new ClaimsPrincipal(new[] { new ClaimsIdentity(new[] { claim }) }); var context = new AuthorizationHandlerContext(new[] { requirement }, claimsPrinciple, contextFilter); //Act var result = handler.IsEmployerAuthorised(context, false); //Assert Assert.IsFalse(result); }
public async Task ThenSucceedsIfEmployerIsAuthorised( EmployerAccountRequirement requirement, AuthorizationFilterContext contextFilter, EmployerAccountAuthorizationHandler handler) { //Assign var employerIdentifier = new EmployerIdentifier { AccountId = "1234", EmployerName = "Test Employer", Role = "Owner" }; var employerAccounts = new Dictionary <string, EmployerIdentifier> { { "1234", employerIdentifier } }; var claim = new Claim(EmployerClaims.AccountsClaimsTypeIdentifier, JsonConvert.SerializeObject(employerAccounts)); var claimsPrinciple = new ClaimsPrincipal(new[] { new ClaimsIdentity(new[] { claim }) }); var context = new AuthorizationHandlerContext(new[] { requirement }, claimsPrinciple, contextFilter); var filter = context.Resource as AuthorizationFilterContext; filter.RouteData.Values.Add(RouteValues.EmployerAccountId, 1234); //Act await handler.HandleAsync(context); //Assert Assert.IsTrue(context.HasSucceeded); }
public void SetUp() { _userId = Guid.NewGuid(); _accountClaimValue = Guid.NewGuid().ToString(); _requirements = new List <IAuthorizationRequirement> { new EmployerAccountRequirement() }; _actionContext = new ActionContext { HttpContext = new DefaultHttpContext(), RouteData = new RouteData(), ActionDescriptor = new ActionDescriptor() }; _actionContext.RouteData.Values.Add("controller", "TestController"); _actionContext.RouteData.Values.Add("action", "TestAction"); _actionContext.RouteData.Values.Add(RouteValueKeys.AccountHashedId, _accountClaimValue); _resource = new AuthorizationFilterContext(_actionContext, new List <IFilterMetadata>()); var mvcContext = _resource as AuthorizationFilterContext; mvcContext.HttpContext.Request.Host = new HostString("https://employer-incentives.gov.uk"); _claims = new List <Claim> { new Claim(EmployerClaimTypes.UserId, _userId.ToString()), new Claim(EmployerClaimTypes.Account, _accountClaimValue) }; _identity = new ClaimsIdentity(_claims); _user = new ClaimsPrincipal(_identity); _sut = new EmployerAccountAuthorizationHandler(); }
public void ThenReturnsTrueIfEmployerIsAuthorised( [Frozen] Mock <IEmployerAccountService> employerAccountService, EmployerAccountRequirement requirement, AuthorizationFilterContext contextFilter, EmployerAccountAuthorizationHandler handler) { //Assign var employerIdentifier = new EmployerIdentifier { AccountId = "1234", EmployerName = "Test Employer", Role = "Owner" }; var employerAccounts = new Dictionary <string, EmployerIdentifier> { { "1234", employerIdentifier } }; var claim = new Claim(EmployerClaims.AccountsClaimsTypeIdentifier, JsonConvert.SerializeObject(employerAccounts)); var claimsPrinciple = new ClaimsPrincipal(new[] { new ClaimsIdentity(new[] { claim }) }); var context = new AuthorizationHandlerContext(new[] { requirement }, claimsPrinciple, contextFilter); var filter = context.Resource as AuthorizationFilterContext; filter.RouteData.Values.Add(RouteValues.EmployerAccountId, 1234); //Act var result = handler.IsEmployerAuthorised(context, false); //Assert Assert.IsTrue(result); }
public void ThenFailsIfUserDoesNotHaveAValidRole( EmployerAccountRequirement requirement, AuthorizationFilterContext contextFilter, EmployerAccountAuthorizationHandler handler) { //Assign var employerIdentifier = new EmployerIdentifier { AccountId = "1234", EmployerName = "Test Employer", Role = "I'm not a role" }; var employerAccounts = new Dictionary <string, EmployerIdentifier> { { "1234", employerIdentifier } }; var claim = new Claim(EmployerClaims.AccountsClaimsTypeIdentifier, JsonConvert.SerializeObject(employerAccounts)); var claimsPrinciple = new ClaimsPrincipal(new[] { new ClaimsIdentity(new[] { claim }) }); var context = new AuthorizationHandlerContext(new[] { requirement }, claimsPrinciple, contextFilter); var filter = context.Resource as AuthorizationFilterContext; filter.RouteData.Values.Add(RouteValues.EmployerAccountId, 1234); //Act var result = handler.IsEmployerAuthorised(context, false); //Assert Assert.IsFalse(result); }
public async Task ThenFailsIfEmployerClaimNotFound( EmployerAccountRequirement requirement, AuthorizationFilterContext contextFilter, EmployerAccountAuthorizationHandler handler) { //Assign var claimsPrinciple = new ClaimsPrincipal(new[] { new ClaimsIdentity(new Claim[0]) }); var context = new AuthorizationHandlerContext(new[] { requirement }, claimsPrinciple, contextFilter); var filter = context.Resource as AuthorizationFilterContext; filter.RouteData.Values.Add(RouteValues.EmployerAccountId, 1234); //Act await handler.HandleAsync(context); //Assert Assert.IsFalse(context.HasSucceeded); }
public void ThenReturnsFalseIfEmployerClaimNotFound( EmployerAccountRequirement requirement, AuthorizationFilterContext contextFilter, EmployerAccountAuthorizationHandler handler) { //Assign var claimsPrinciple = new ClaimsPrincipal(new[] { new ClaimsIdentity(new Claim[0]) }); var context = new AuthorizationHandlerContext(new[] { requirement }, claimsPrinciple, contextFilter); var filter = context.Resource as AuthorizationFilterContext; filter.RouteData.Values.Add(RouteValues.EmployerAccountId, 1234); //Act var result = handler.IsEmployerAuthorised(context, false); //Assert Assert.IsFalse(result); }
public void ThenSucceedsIfEmployerAccountIdIsFoundAfterAccountIdRefresh( [Frozen] Mock <IEmployerAccountService> employerAccountService, EmployerAccountRequirement requirement, AuthorizationFilterContext contextFilter, EmployerAccountAuthorizationHandler handler) { //Assign var employerAccounts = new Dictionary <string, EmployerIdentifier>(); var employerAccountClaim = new Claim(EmployerClaims.AccountsClaimsTypeIdentifier, JsonConvert.SerializeObject(employerAccounts)); var userId = Guid.NewGuid().ToString(); var userClaim = new Claim(EmployerClaims.IdamsUserIdClaimTypeIdentifier, userId); var claimsPrinciple = new ClaimsPrincipal(new[] { new ClaimsIdentity(new[] { employerAccountClaim, userClaim }) }); var context = new AuthorizationHandlerContext(new[] { requirement }, claimsPrinciple, contextFilter); var filter = context.Resource as AuthorizationFilterContext; filter.RouteData.Values.Add(RouteValues.EmployerAccountId, 1234); var employerIdentifier = new EmployerIdentifier { AccountId = "1234", EmployerName = "Test Corp", Role = "Owner" }; var refreshedEmployerAccounts = new Dictionary <string, EmployerIdentifier> { { "1234", employerIdentifier } }; var refreshedEmployerAccountClaim = new Claim(EmployerClaims.AccountsClaimsTypeIdentifier, JsonConvert.SerializeObject(refreshedEmployerAccounts)); employerAccountService.Setup(s => s.GetClaim(It.IsAny <string>(), It.IsAny <string>())) .ReturnsAsync(refreshedEmployerAccountClaim); //Act var result = handler.IsEmployerAuthorised(context, false); //Assert Assert.IsTrue(result); }
public async Task ThenFailsIfEmployerAccountIdNotFoundAndUserIdNotFound( EmployerAccountRequirement requirement, AuthorizationFilterContext contextFilter, EmployerAccountAuthorizationHandler handler) { //Assign var employerAccounts = new Dictionary <string, EmployerIdentifier>(); var claim = new Claim(EmployerClaims.AccountsClaimsTypeIdentifier, JsonConvert.SerializeObject(employerAccounts)); var claimsPrinciple = new ClaimsPrincipal(new[] { new ClaimsIdentity(new[] { claim }) }); var context = new AuthorizationHandlerContext(new[] { requirement }, claimsPrinciple, contextFilter); var filter = context.Resource as AuthorizationFilterContext; filter.RouteData.Values.Add(RouteValues.EmployerAccountId, 1234); //Act await handler.HandleAsync(context); //Assert Assert.IsFalse(context.HasSucceeded); }
public void ThenReturnsFalseIfEmployerAccountIdNotFoundAndUserIdNotFound( EmployerAccountRequirement requirement, AuthorizationFilterContext contextFilter, EmployerAccountAuthorizationHandler handler) { //Assign var employerAccounts = new Dictionary <string, EmployerIdentifier>(); var claim = new Claim(EmployerClaims.AccountsClaimsTypeIdentifier, JsonConvert.SerializeObject(employerAccounts)); var claimsPrinciple = new ClaimsPrincipal(new[] { new ClaimsIdentity(new[] { claim }) }); var context = new AuthorizationHandlerContext(new[] { requirement }, claimsPrinciple, contextFilter); var filter = context.Resource as AuthorizationFilterContext; filter.RouteData.Values.Add(RouteValues.EmployerAccountId, 1234); //Act var result = handler.IsEmployerAuthorised(context, false); //Assert Assert.IsFalse(result); }