public async Task OneSessionShouldOnlyValidateOnce() { var claimsUser = await _unit.GetClaimsPrincipalAsync("a&1").ConfigureAwait(false); Assert.IsNotNull(claimsUser); claimsUser = await _unit.GetClaimsPrincipalAsync("a&1").ConfigureAwait(false); Assert.IsNotNull(claimsUser); _fakeHttpMessageHandler.Verify(h => h.Send(It.IsAny <HttpRequestMessage>()), Times.Once); }
public async Task Invoke(HttpContext context) { var sessionId = context.GetAuthSessionId(); var bearerTokenReceived = string.IsNullOrWhiteSpace(sessionId); if (!bearerTokenReceived) { context.User = await _identityProviderClient.GetClaimsPrincipalAsync(sessionId); } context.Response.OnStarting(state => { if (context.Response.StatusCode != (int)HttpStatusCode.Unauthorized) { return(Task.FromResult(false)); } return(Task.FromResult(RequestRedirectedToLogin(context, bearerTokenReceived))); }, context.Response); await _next.Invoke(context); }