private async Task AssertSecureControllerAccess(ClaimsPrincipal user, string method, int expectedStatusCode, IAuthorizationPolicyStore policyStore = null) { var ctrl = new Fakes.FakeLimitedControllerDiscoverer(typeof(Controllers.SecureController)).GetControllers(null).Single(); if (policyStore != null) { var options = LiteApiOptions.Default; foreach (var policy in policyStore.GetPolicyNames()) { options.AuthorizationPolicyStore.SetPolicy(policy, policyStore.GetPolicy(policy)); } ctrl.Filters = null; // force refresh init with new policy store foreach (var action in ctrl.Actions) { action.Filters = null; } ctrl.Init(new LiteApiOptionsAccessor(options)); } var actionCtx = ctrl.Actions.Single(x => string.Compare(method, x.Name, StringComparison.OrdinalIgnoreCase) == 0); var invoker = new ActionInvoker(new ControllerBuilder((new Moq.Mock <IServiceProvider>()).Object), new ModelBinderCollection( new JsonSerializer(), Fakes.FakeServiceProvider.GetServiceProvider(), new Fakes.FakeDefaultLiteApiOptionsRetriever()), new JsonSerializer()); var httpCtx = new Fakes.FakeHttpContext(); httpCtx.User = user; httpCtx.Request.Path = "/api/secure/" + method; await invoker.Invoke(httpCtx, actionCtx); Assert.Equal(expectedStatusCode, httpCtx.Response.StatusCode); }
public void RequiresAuthentication_NullUser_ReturnsUnauthenticated() { var attr = new RequiresAuthenticationAttribute(); var httpCtx = new Fakes.FakeHttpContext(); var shouldContinue = attr.ShouldContinue(httpCtx); Assert.False(shouldContinue.ShouldContinue); Assert.Equal(ApiFilterRunResult.Unauthenticated.SetResponseCode, shouldContinue.SetResponseCode); }
public void RequiresAuthentication_AuthenticatedUser_ReturnsContinue() { var attr = new RequiresAuthenticationAttribute(); var httpCtx = new Fakes.FakeHttpContext(); httpCtx.User = UserSetup.GetUser(); var shouldContinue = attr.ShouldContinue(httpCtx); Assert.True(shouldContinue.ShouldContinue); }
public void RequiresClaimWithValues_UserClaimWithAllValues_ReturnsContinue() { var attr = new RequiresClaimWithValuesAttribute("a", "1", "2", "3"); var user = UserSetup.GetUserWithClaims("a:1", "a:2", "a:3"); var httpContext = new Fakes.FakeHttpContext(); httpContext.User = user; var shouldContinue = attr.ShouldContinue(httpContext); Assert.True(shouldContinue.ShouldContinue); }
public void RequiresAnyRole_UserWitAllRoles_ReturnsContinue() { var attr = new RequiresAnyRoleAttribute("a", "b"); var user = UserSetup.GetUser("a", "b"); var httpContext = new Fakes.FakeHttpContext(); httpContext.User = user; var shouldContinue = attr.ShouldContinue(httpContext); Assert.True(shouldContinue.ShouldContinue); }
public void RequiresAnyClaims_AuthorizedUserWithAllClaims_ReturnsAuthorized() { var attr = new RequiresAnyClaimAttribute("b", "c", "a"); var user = UserSetup.GetUserWithClaims("a:0", "b:1", "c:2"); var httpContext = new Fakes.FakeHttpContext(); httpContext.User = user; var shouldContinue = attr.ShouldContinue(httpContext); Assert.True(shouldContinue.ShouldContinue); }
public void RequiresClaimWithValues_UserClaimWithSomeValues_ReturnsUnauthorized() { var attr = new RequiresClaimWithValuesAttribute("a", "1", "2", "3"); var user = UserSetup.GetUserWithClaims("a:1", "a:2"); var httpContext = new Fakes.FakeHttpContext(); httpContext.User = user; var shouldContinue = attr.ShouldContinue(httpContext); Assert.False(shouldContinue.ShouldContinue); Assert.Equal(ApiFilterRunResult.Unauthorized.SetResponseCode, shouldContinue.SetResponseCode); }
public void RequiresClaimWithValues_UnauthenticatedUser_ReturnsUnauthenticated() { var attr = new RequiresClaimWithValuesAttribute("a", "1", "2", "3"); var user = new ClaimsPrincipal(); var httpContext = new Fakes.FakeHttpContext(); httpContext.User = user; var shouldContinue = attr.ShouldContinue(httpContext); Assert.False(shouldContinue.ShouldContinue); Assert.Equal(ApiFilterRunResult.Unauthenticated.SetResponseCode, shouldContinue.SetResponseCode); }
public void RequiresAnyRole_UserWithoutRoles_ReturnsUnauthorized() { var attr = new RequiresAnyRoleAttribute("a", "b"); var user = UserSetup.GetUser(); var httpContext = new Fakes.FakeHttpContext(); httpContext.User = user; var shouldContinue = attr.ShouldContinue(httpContext); Assert.False(shouldContinue.ShouldContinue); Assert.Equal(ApiFilterRunResult.Unauthorized.SetResponseCode, shouldContinue.SetResponseCode); }
private async Task AssertSecureControllerAccess(ClaimsPrincipal user, string method, int expectedStatusCode, IAuthorizationPolicyStore policyStore = null) { var ctrl = new Fakes.FakeLimitedControllerDiscoverer(typeof(Controllers.SecureController)).GetControllers(null).Single(); if (policyStore != null) { object[] methodCallProps = { policyStore }; typeof(ControllerContext) .GetTypeInfo() .GetProperty("AuthPolicyStore", BindingFlags.Instance | BindingFlags.NonPublic) .SetMethod.Invoke(ctrl, methodCallProps); } var actionCtx = ctrl.Actions.Single(x => string.Compare(method, x.Name, StringComparison.OrdinalIgnoreCase) == 0); var invoker = new ActionInvoker(new ControllerBuilder((new Moq.Mock <IServiceProvider>()).Object), new ModelBinderCollection(new JsonSerializer(), new Moq.Mock <IServiceProvider>().Object), new JsonSerializer()); var httpCtx = new Fakes.FakeHttpContext(); httpCtx.User = user; httpCtx.Request.Path = "/api/secure/" + method; await invoker.Invoke(httpCtx, actionCtx); Assert.Equal(expectedStatusCode, httpCtx.Response.StatusCode); }
private async Task AssertRequireHttps(bool useHttps, Type ctrlType, string actionName, ApiFilterRunResult expectedResult) { actionName = actionName.ToLower(); var ctrl = new Fakes.FakeLimitedControllerDiscoverer(ctrlType).GetControllers(null).Single(); var action = ctrl.Actions.Single(x => x.Name == actionName); var ctx = new Fakes.FakeHttpContext(); if (useHttps) { ctx.Request.IsHttps = true; } var result = await ActionInvoker.RunFiltersAndCheckIfShouldContinue(ctx, action); Assert.Equal(expectedResult.ShouldContinue, result.ShouldContinue); if (!expectedResult.ShouldContinue) { Assert.Equal(expectedResult.SetResponseCode, result.SetResponseCode); Assert.Equal(expectedResult.SetResponseMessage, result.SetResponseMessage); } }