public void ShouldRequestAuthorizationFromUserDomain()
{
using (AadAuthProviderTest.TestAppHost())
{
var request = new MockHttpRequest("myapp", "GET", "text", "/myapp", new NameValueCollection
{
{ "redirect", "http://localhost/myapp/secure-resource" }
}, Stream.Null, null);
var mockAuthService = MockAuthService(_directoryRepository, request);
var session = new AuthUserSession();
var username = "******" + OrmLiteDirectoryRepositoryTest.Directory1.DirectoryDomain;
var response = Subject.Authenticate(mockAuthService.Object, session, new Authenticate()
{
UserName = username,
provider = AadMultiTenantAuthProvider.Name
});
var result = (IHttpResult)response;
var codeRequest = new Uri(result.Headers["Location"]);
var query = PclExportClient.Instance.ParseQueryString(codeRequest.Query);
var d = OrmLiteDirectoryRepositoryTest.Directory1;
query["client_id"].Should().Be(d.ClientId);
query["domain_hint"].Should().Be(d.DomainHint);
query["login_hint"].Should().Be(username);
codeRequest.Authority.Should().Be("login.microsoftonline.com");
codeRequest.LocalPath.Should().Be($"/{d.TenantId}/oauth2/authorize");
codeRequest.Scheme.Should().Be(Uri.UriSchemeHttps);
session.ReferrerUrl.Should().Be("http://localhost/myapp/secure-resource");
}
}
public void ShouldNotAttemptAuthenticationAgainstUnRegisteredDirectory()
{
using (AadAuthProviderTest.TestAppHost())
{
var request = new MockHttpRequest("myapp", "GET", "text", "/myapp", new NameValueCollection
{
{ "redirect", "http://localhost/myapp/secure-resource" }
}, Stream.Null, null);
var mockAuthService = MockAuthService(_directoryRepository, request);
var session = new AuthUserSession();
var username = "******";
var exception = Assert.Throws <UnauthorizedAccessException>(() => Subject.Authenticate(mockAuthService.Object, session, new Authenticate()
{
UserName = username,
provider = AadMultiTenantAuthProvider.Name
}));
Assert.AreEqual($"Directory not found: @notregistered.com", exception.Message);
}
}
