public void DeniesAccessIfNoUserOrPassword() { var basicAuth = new BasicAuthHttpModule(CreateMockConfiguration()); var context = CreateMockContext(); context.Request.Headers.Add("Authorization", BuildAuthorizationHeader("", "")); basicAuth.AuthenticateRequest(context); Assert.Equal((int)HttpStatusCode.Unauthorized, context.Response.StatusCode); }
public void DeniesAccessIfNoAuthorizationHeader() { var basicAuth = new BasicAuthHttpModule(CreateMockConfiguration()); var context = CreateMockContext(); basicAuth.AuthenticateRequest(context); Assert.Equal((int)HttpStatusCode.Unauthorized, context.Response.StatusCode); }
public void DeniesAccessIfNotBasicAuth() { var basicAuth = new BasicAuthHttpModule(CreateMockConfiguration()); var context = CreateMockContext(); context.Request.Headers.Add("Authorization", "some other wacky auth scheme"); basicAuth.AuthenticateRequest(context); Assert.Equal((int)HttpStatusCode.Unauthorized, context.Response.StatusCode); }
public void DoesNotSetPrincipalWhenAccessIsDenied() { var basicAuth = new BasicAuthHttpModule(CreateMockConfiguration()); var context = CreateMockContext(); context.Request.Headers.Add("Authorization", BuildAuthorizationHeader("user", "badpassword")); Thread.CurrentPrincipal = null; basicAuth.AuthenticateRequest(context); Assert.Equal("", Thread.CurrentPrincipal.Identity.Name); Assert.Equal("", context.User.Identity.Name); }
public void GrantsAccessIfPasswordContainsColon() { var basicAuth = new BasicAuthHttpModule(CreateMockConfiguration("user", "pass:word")); var context = CreateMockContext(); context.Request.Headers.Add("Authorization", BuildAuthorizationHeader("user", "pass:word")); basicAuth.AuthenticateRequest(context); Assert.Equal(0, context.Response.StatusCode); }