public void Invalid_Header_SspInterationId_Missing()
{
var requestMock = new Mock <HttpRequest>();
requestMock.Setup(x => x.Method).Returns("GET");
requestMock.Setup(x => x.Headers).Returns(new HeaderDictionary() //Removed SspInterationId Header
{
{ HeaderNames.Authorization, "we-are-not-validating-jwt-here" },
{ FhirConstants.HeaderFromAsid, "000" },
{ FhirConstants.HeaderToAsid, "999" }
});
var contextMock = new Mock <HttpContext>();
contextMock.Setup(x => x.Request).Returns(requestMock.Object);
var sspAuthorizationMiddleware = new SspAuthorizationMiddleware(next: (innerHttpContext) => Task.FromResult(0), spineSettings: _spineSettings, memoryCache: _cache, nrlsValidation: _nrlsValidation);
Assert.ThrowsAsync <HttpFhirException>(async delegate
{
await sspAuthorizationMiddleware.Invoke(contextMock.Object, _nrlsSettings);
});
}
public async void Valid_Headers()
{
var requestMock = new Mock <HttpRequest>();
requestMock.Setup(x => x.Method).Returns("GET");
requestMock.Setup(x => x.Headers).Returns(new HeaderDictionary()
{
{ HeaderNames.Authorization, "we-are-not-validating-jwt-here" },
{ FhirConstants.HeaderFromAsid, "000" },
{ FhirConstants.HeaderToAsid, "999" },
{ FhirConstants.HeaderSspInterationId, FhirConstants.ReadInteractionId }
});
var contextMock = new Mock <HttpContext>();
contextMock.Setup(x => x.Request).Returns(requestMock.Object);
var sspAuthorizationMiddleware = new SspAuthorizationMiddleware(next: (innerHttpContext) => Task.FromResult(0), spineSettings: _spineSettings, memoryCache: _cache, nrlsValidation: _nrlsValidation);
//Test will fail if invalid
await sspAuthorizationMiddleware.Invoke(contextMock.Object, _nrlsSettings);
}