public void WhenTheBasicCredentialsHaveInvalidValues_ThenTheResultIsHttpBasicUnauthorizedResult() { userService.Setup(u => u.GetRegisteredUser()).Returns(new User { Salt = "saltsalt", Name = "name", Password = "******" }); configurationManager.Setup(c => c.AppSetting("keyphrase")).Returns("key"); var filterContext = new AuthorizationContext(); var attr = new BasicAuthorizeAttribute(); attr.UserService = userService.Object; attr.ConfigurationManager = configurationManager.Object; attr.RequireSsl = false; var request = new FakeRequest { SecureConnection = false, Local = false }; httpContext.Setup(h => h.Request).Returns(request); httpContext.Setup(h => h.Response).Returns(new FakeResponse()); httpContext.SetupProperty(h => h.User); request.Values["Authorization"] = "Basic: "; filterContext.HttpContext = httpContext.Object; attr.OnAuthorization(filterContext); filterContext.Result.Should().BeOfType<HttpBasicUnauthorizedResult>(); }
public void WhenThereIsNoSSL_AndThereIsNoSecureConnection_AndTheRequestIsNotLocal_ThenTheResultIsHttpBasicUnauthorizedResult() { var filterContext = new AuthorizationContext(); var attr = new BasicAuthorizeAttribute(); httpContext.Setup(h => h.Request).Returns(new FakeRequest { SecureConnection = false, Local = false }); attr.RequireSsl = true; filterContext.HttpContext = httpContext.Object; attr.OnAuthorization(filterContext); filterContext.Result.Should().BeOfType<HttpBasicUnauthorizedResult>(); }
public void GivenANullFilterContext_ThenAnExceptionIsThrown() { var attr = new BasicAuthorizeAttribute(); Action act = () => attr.OnAuthorization(null); act.ShouldThrow<ArgumentNullException>(); }
public void WhenThereIsAPrinciple_ThenTheUserIsStoredInTheContext() { userService.Setup(u => u.GetRegisteredUser()).Returns(new User { Salt = "saltsalt", Name = "name", Password = "******" }); configurationManager.Setup(c => c.AppSetting("keyphrase")).Returns("key"); var filterContext = new AuthorizationContext(); var attr = new BasicAuthorizeAttribute(); attr.UserService = userService.Object; attr.ConfigurationManager = configurationManager.Object; attr.RequireSsl = false; var request = new FakeRequest { SecureConnection = false, Local = false }; httpContext.Setup(h => h.Request).Returns(request); httpContext.Setup(h => h.Response).Returns(new FakeResponse()); httpContext.SetupProperty(h => h.User); request.Values["Authorization"] = "Basic: " + ToBase64("name", "password"); filterContext.HttpContext = httpContext.Object; attr.OnAuthorization(filterContext); filterContext.HttpContext.User.Should().BeOfType<GenericPrincipal>(); }