public static void LogOut(string key) { if (authorizedList.ContainsKey(key)) { authorizedList.Remove(key); } AuthorizationMiddleware.SetPrincipal(null); }
public AuthorizationMiddlewareTests() { _httpContext = new DefaultHttpContext(); _authService = new Mock <IClaimsAuthorizer>(); _authScopesService = new Mock <IScopesAuthorizer>(); _loggerFactory = new Mock <IOcelotLoggerFactory>(); _logger = new Mock <IOcelotLogger>(); _loggerFactory.Setup(x => x.CreateLogger <AuthorizationMiddleware>()).Returns(_logger.Object); _next = context => Task.CompletedTask; _middleware = new AuthorizationMiddleware(_next, _authService.Object, _authScopesService.Object, _loggerFactory.Object); }
public static void LogIn(Principal principal) { string key = principal.GetKey(); if (!authorizedList.ContainsKey(key)) { authorizedList.Add(key, principal); } else { authorizedList[key] = principal; } AuthorizationMiddleware.SetPrincipal(principal); }
public void Setup() { var policyProvider = new DefaultAuthorizationPolicyProvider(Options.Create(new AuthorizationOptions())); _authorizationMiddleware = new AuthorizationMiddleware((context) => Task.CompletedTask, policyProvider); _httpContextNoEndpoint = new DefaultHttpContext(); var feature = new EndpointFeature { Endpoint = new Endpoint((context) => Task.CompletedTask, EndpointMetadataCollection.Empty, "Test endpoint") }; _httpContextHasEndpoint = new DefaultHttpContext(); _httpContextHasEndpoint.Features.Set <IEndpointFeature>(feature); }
public static IApplicationBuilder UseAuthorization(this IApplicationBuilder app) { if (app == null) { throw new ArgumentNullException(nameof(app)); } return(app.Use(next => async(context) => { var services = context.RequestServices; var policyProvider = services.GetRequiredService <IAuthorizationPolicyProvider>(); var policyEvaluator = services.GetRequiredService <IPolicyEvaluator>(); var middleware = new AuthorizationMiddleware(next, policyProvider); await middleware.Invoke(context); })); }
public void AuthorizationMiddleware_Inject_AllowsAllowedPaths(ClaimsPrincipal claimsPrincipal, string method, string pathValue, string[] allowedPaths, HttpStatusCode statusCode) { var ctx = new OwinContext { Request = { Scheme = LibOwin.Infrastructure.Constants.Https, Path = new PathString(pathValue), Method = method, User = claimsPrincipal } }; var pipeline = AuthorizationMiddleware.Inject(_noOp, new[] { "api1.read", "api1.write" }, allowedPaths); pipeline(ctx.Environment); Assert.Equal((int)statusCode, ctx.Response.StatusCode); }
public void AuthorizationMiddleware_Inject_ReturnsForbiddenResponse(ClaimsPrincipal claimsPrincipal, string method, HttpStatusCode statusCode) { var ctx = new OwinContext { Request = { Scheme = LibOwin.Infrastructure.Constants.Https, Path = new PathString("/authtest"), Method = method, User = claimsPrincipal } }; var pipeline = AuthorizationMiddleware.Inject(_noOp, new[] { "api1.read", "api1.write" }); pipeline(ctx.Environment); Assert.Equal((int)statusCode, ctx.Response.StatusCode); }
public async void Invoke_ShouldInvokeNext_WhenUserIsValid() { var httpContext = new Mock <HttpContext>(); var user = GetAnUser(new List <Claim> { new Claim("UserStatus", "Alive") }); RequestDelegate next = (a) => { return(Task.Run(() => { })); }; httpContext.Setup(a => a.User).Returns(user); var classUnderTest = new AuthorizationMiddleware(next); await classUnderTest.Invoke(httpContext.Object); httpContext.Verify(a => a.Response, Times.Never); }
public async void Invoke_ShouldAssambleUnauthorized_WhenUserIsBlocked() { var httpContext = new Mock <HttpContext>(); var httpResponse = new Mock <HttpResponse>(); var user = GetAnUser(new List <Claim> { new Claim("UserStatus", "Blocked") }); httpResponse.Setup(a => a.Body).Returns(new MemoryStream()); httpContext.Setup(a => a.Response).Returns(httpResponse.Object); httpContext.Setup(a => a.User).Returns(user); var classUnderTest = new AuthorizationMiddleware(null); await classUnderTest.Invoke(httpContext.Object); httpResponse.VerifySet(a => a.StatusCode = It.Is <int>(s => s == 401), Times.Once); httpResponse.VerifySet(a => a.ContentType = It.Is <string>(s => s.ToLower() == "application/json"), Times.Once); }
public AuthorizationMiddlewareTests() { _middleware = new AuthorizationMiddleware(Next); _authHeader = new KeyValuePair <string, string>("Authorization", "Bearer pkR9vfZ9QdER53mf"); }