private void attachUserToContext(HttpContext context, UsuariosController userService, string token) { try { var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appSettings.Secret); tokenHandler.ValidateToken(token, new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(key), ValidateIssuer = false, ValidateAudience = false, // set clockskew to zero so tokens expire exactly at token expiration time (instead of 5 minutes later) ClockSkew = TimeSpan.Zero }, out SecurityToken validatedToken); var jwtToken = (JwtSecurityToken)validatedToken; var userId = int.Parse(jwtToken.Claims.First(x => x.Type == "id").Value); // attach user to context on successful jwt validation context.Items["User"] = userService.GetById(userId); } catch { // do nothing if jwt validation fails // user is not attached to context so request won't have access to secure routes } }
public void UsuariosControllerBuscarPorId() { // Act var okResult = _controller.GetById("778df06e-142a-48ff-889c-102eb78c1ffb"); // Assert Assert.IsNotType <BadRequestResult>(okResult.Result); }
public void Altera_Usuario_ReturnsTrue() { #region Cria Usuário var usuView = new Business.View.UsuarioView() { Login = "******", Nome = "Usuário de teste 3", Email = "*****@*****.**" }; var retPost = (OkObjectResult)userTest.Post(usuView); #endregion #region Altera Usuário var retGet = userTest.GetByLogin("UsuarioTeste3"); usuView = JsonConvert.DeserializeObject <Business.View.UsuarioView>(retGet.ToString()); usuView.Nome = "Usuário de teste 4"; usuView.Email = "*****@*****.**"; var retPost2 = (OkResult)userTest.Post(usuView); Assert.True(retPost2.StatusCode == 200); #endregion #region Confirma alteração do usuário retGet = userTest.GetById(usuView.Id); usuView = JsonConvert.DeserializeObject <Business.View.UsuarioView>(retGet.ToString()); Assert.True(usuView.Nome == "Usuário de teste 4" && usuView.Email == "*****@*****.**"); #endregion if (usuView.Id != 0) { var retDel = userTest.Delete(usuView.Id); } #region Tenta alterar Usuário que não existe mais usuView.Nome = "Usuário de teste 3"; usuView.Email = "*****@*****.**"; var retPost3 = (BadRequestObjectResult)userTest.Post(usuView); Assert.True(retPost3.StatusCode == 400 && retPost3.Value.ToString() == "Ocorreu erro ao atualizar os dados, verifique com o suporte."); #endregion }