public void IsRequestAuthorized_rawUrlIsIncludedInvalidQueryString_shouldDisallowRequest() { // Arrange var service = new HmacHttpService(ServiceId.ToString(), CreatePathCollection(), "signature") { UserRepository = new Mock<IUserRepository>().Object, AppRepository = new Mock<IAppRepository>().Object, HmacService = new HmacSha256Service() }; // Act var actual = service.IsRequestAuthorized(GetValidRawUrl(), CreateInvalidQueryString()); // Assert Assert.AreEqual(StatusCode.ParameterMissing, actual); }
public void IsRequestAuthorized_rawUrlIsExcludedButIncludedBeforeThat_shouldDisallowRequest() { // Arrange var pathCollection = new PathCollection { new PathConfig {Name = "included", Path = ".*", Type = PathConfig.PathType.Include}, new PathConfig {Name = "excluded", Path = "/public/.*", Type = PathConfig.PathType.Exclude} }; var service = new HmacHttpService(ServiceId.ToString(), pathCollection, "signature") { UserRepository = new Mock<IUserRepository>().Object, AppRepository = new Mock<IAppRepository>().Object, HmacService = new HmacSha256Service() }; // Act var actual = service.IsRequestAuthorized(GetValidRawUrl(false), CreateInvalidQueryString()); // Assert Assert.AreEqual(StatusCode.ParameterMissing, actual); }
public void IsRequestAuthorized_mismatchingServiceId_shouldDisallowRequest() { // Arrange var service = new HmacHttpService(Guid.NewGuid().ToString(), CreatePathCollection(), "signature"); // Act var actual = service.IsRequestAuthorized(GetValidRawUrl(), CreateValidQueryString()); // Assert Assert.AreEqual(StatusCode.InvalidOrDisabledServiceId, actual); }