public async Task GivenANonStandardSslPort_ItSpecifiesPortInUrl() { // Arrange var context = Fakes.CreateOwinContext(); var next = Fakes.CreateOwinMiddleware(); var app = new AppBuilder(); context.Request .SetUrl("http://nuget.local/foo/bar/baz?qux=qooz") .SetCookie("ForceSSL", "bogus"); var middleware = new ForceSslWhenAuthenticatedMiddleware(next.Object, app, "ForceSSL", 44300); // Act await middleware.Invoke(context); // Assert next.Verify(n => n.Invoke(It.IsAny <IOwinContext>()), Times.Never()); OwinAssert.WillRedirect(context, "https://nuget.local:44300/foo/bar/baz?qux=qooz"); }
public async Task GivenNextMiddlewareRevokesAuth_ItRemovesForceSslCookie() { // Arrange var context = Fakes.CreateOwinContext(); var next = Fakes.CreateOwinMiddleware(); var app = new AppBuilder(); var revoke = new AuthenticationResponseRevoke(new string[0]); next.Setup(n => n.Invoke(context)) .Returns <IOwinContext>(c => { c.Authentication.AuthenticationResponseRevoke = revoke; return(Task.FromResult <object>(null)); }); context.Request .SetUrl("http://nuget.local/foo/bar/baz?qux=qooz"); var middleware = new ForceSslWhenAuthenticatedMiddleware(next.Object, app, "ForceSSL", 443); // Act await middleware.Invoke(context); // Assert OwinAssert.DeletesCookie(context.Response, "ForceSSL"); }
public async Task GivenNextMiddlewareGrantsAuth_ItDropsForceSslCookie(string protocol, bool secure) { // Arrange var context = Fakes.CreateOwinContext(); var next = Fakes.CreateOwinMiddleware(); var app = new AppBuilder(); var grant = new AuthenticationResponseGrant(new ClaimsIdentity(), new AuthenticationProperties()); next.Setup(n => n.Invoke(context)) .Returns <IOwinContext>(c => { c.Authentication.AuthenticationResponseGrant = grant; return(Task.FromResult <object>(null)); }); context.Request .SetUrl(protocol + "://nuget.local/foo/bar/baz?qux=qooz"); var middleware = new ForceSslWhenAuthenticatedMiddleware(next.Object, app, "ForceSSL", 443); // Act await middleware.Invoke(context); // Assert OwinAssert.SetsCookie(context.Response, "ForceSSL", "true", secure); }