public void Apply(OpenApiOperation operation, OperationFilterContext context) { // Piggy back off of SecurityRequirementsOperationFilter from Swashbuckle.AspNetCore.Filters which has oauth2 as the default security scheme. var filter = new SecurityRequirementsOperationFilter(securitySchemaName: "ApiKey"); filter.Apply(operation, context); }
public void Apply_SetsAuthorize_WithMultipleSecuritySchemas() { // Arrange var operation = new OpenApiOperation { OperationId = "foobar", Responses = new OpenApiResponses() }; var filterContext = FilterContextFor(typeof(FakeActions), nameof(FakeActions.Authorize)); const string securitySchemaName = "customSchema"; var sut = new SecurityRequirementsOperationFilter(); var sut2 = new SecurityRequirementsOperationFilter(true, securitySchemaName); // Act sut.Apply(operation, filterContext); sut2.Apply(operation, filterContext); // Assert operation.Security.Count.ShouldBe(2); var securityScheme = operation.Security[0].SingleOrDefault(ss => ss.Key.Reference.Id == "oauth2"); securityScheme.Value.ShouldNotBeNull(); securityScheme.Value.Count().ShouldBe(0); var securityScheme2 = operation.Security[1].SingleOrDefault(ss => ss.Key.Reference.Id == securitySchemaName); securityScheme2.Value.ShouldNotBeNull(); securityScheme2.Value.Count().ShouldBe(0); }
public void ApplyMethodAllowAnonymousAttribute() { // Arrange var context = GetContext(typeof(Controller), nameof(Controller.MethodWithAllowAnonymous)); var filter = new SecurityRequirementsOperationFilter(); // Act filter.Apply(_operation, context); // Assert Assert.Empty(_operation.Responses); Assert.Null(_operation.Security); }
public void Apply_DoesNotAdds401And403_WhenConfiguredNotTo() { // Arrange var sut = new SecurityRequirementsOperationFilter(false); var operation = new Operation { OperationId = "foobar", Responses = new Dictionary <string, Response>() }; var filterContext = FilterContextFor(typeof(FakeActions), nameof(FakeActions.Authorize)); // Act sut.Apply(operation, filterContext); // Assert operation.Responses.ShouldNotContainKey("401"); operation.Responses.ShouldNotContainKey("403"); }
public void Apply_Controller_Policies() { // Arrange var context = GetContext(typeof(ControllerWithPolicies), nameof(ControllerWithRoles.Method)); var filter = new SecurityRequirementsOperationFilter(); // Act filter.Apply(_operation, context); // Assert AssertAuthorizeResponses(); var security = Assert.IsAssignableFrom <List <IDictionary <string, IEnumerable <string> > > >(_operation.Security); var attributes = Assert.Single(security); var policy = Assert.Single(attributes["Bearer"]); Assert.Equal("UserPolicy", policy); }
public void ApplyMethodRoles() { // Arrange var context = GetContext(typeof(Controller), nameof(Controller.MethodWithRoles)); var filter = new SecurityRequirementsOperationFilter(); // Act filter.Apply(_operation, context); // Assert AssertAuthorizeResponses(); var security = Assert.IsAssignableFrom <List <IDictionary <string, IEnumerable <string> > > >(_operation.Security); var attributes = Assert.Single(security); Assert.NotNull(attributes); var role = Assert.Single(attributes["Bearer"]); Assert.Equal("AdminRole", role); }
public void Apply_SetsAuthorize_WithNoPolicy_WhenCustomSecuritySchemaIsSet() { // Arrange const string securitySchemaName = "customSchema"; var sut = new SecurityRequirementsOperationFilter(true, securitySchemaName); var operation = new Operation { OperationId = "foobar", Responses = new Dictionary <string, Response>() }; var filterContext = FilterContextFor(typeof(FakeActions), nameof(FakeActions.Authorize)); // Act sut.Apply(operation, filterContext); // Assert operation.Security.Count.ShouldBe(1); var security = operation.Security[0]; security.ShouldContainKey(securitySchemaName); security[securitySchemaName].Count().ShouldBe(0); }
public void Apply(Operation operation, OperationFilterContext context) { _filter.Apply(operation, context); }
public void Apply(OpenApiOperation operation, OperationFilterContext context) { var filter = new SecurityRequirementsOperationFilter(securitySchemaName: ApiKeyAuthenticationOptions.DefaultScheme); filter.Apply(operation, context); }