public async Task Roles_Authorized() { // arrange TestServer server = CreateTestServer( services => { services.AddGraphQL(CreateExecutor()); }, context => { var identity = new ClaimsIdentity(); identity.AddClaim(new Claim( ClaimTypes.Role, "a")); context.User.AddIdentity(identity); }); var request = "{ roles }"; var contentType = "application/graphql"; // act HttpResponseMessage message = await server.SendPostRequestAsync(request, contentType, null); // assert Assert.Equal(HttpStatusCode.OK, message.StatusCode); var json = await message.Content.ReadAsStringAsync(); ClientQueryResult result = JsonConvert .DeserializeObject <ClientQueryResult>(json); Assert.Null(result.Errors); result.Snapshot(); }
public async Task PipedAuthorizeDirectives_Authorized() { // arrange TestServer server = CreateTestServer( services => { services.AddAuthorization(options => { options.AddPolicy("a", policy => policy.RequireAssertion(context => context.User.HasClaim(c => c.Type == ClaimTypes.DateOfBirth))); options.AddPolicy("b", policy => policy.RequireAssertion(context => context.User.HasClaim(c => c.Type == ClaimTypes.Country))); }); services.AddGraphQL(CreateExecutor()); }, context => { var identity = new ClaimsIdentity(); identity.AddClaim(new Claim( ClaimTypes.DateOfBirth, "2013-05-30")); identity.AddClaim(new Claim( ClaimTypes.Country, "US")); context.User.AddIdentity(identity); }); var request = "{ piped }"; var contentType = "application/graphql"; // act HttpResponseMessage message = await server.SendPostRequestAsync(request, contentType, null); // assert Assert.Equal(HttpStatusCode.OK, message.StatusCode); var json = await message.Content.ReadAsStringAsync(); ClientQueryResult result = JsonConvert .DeserializeObject <ClientQueryResult>(json); Assert.Null(result.Errors); result.Snapshot(); }
public async Task Policy_NotFound() { // arrange TestServer server = CreateTestServer( services => { services.AddAuthorization(options => { options.AddPolicy("FooBar", policy => policy.RequireAssertion(context => context.User.HasClaim(c => c.Type == ClaimTypes.DateOfBirth))); }); services.AddGraphQL(CreateExecutor()); }, context => { // no user }); var request = "{ age }"; var contentType = "application/graphql"; // act HttpResponseMessage message = await server.SendPostRequestAsync(request, contentType, null); // assert Assert.Equal(HttpStatusCode.OK, message.StatusCode); var json = await message.Content.ReadAsStringAsync(); ClientQueryResult result = JsonConvert .DeserializeObject <ClientQueryResult>(json); Assert.NotNull(result.Errors); result.Snapshot(); }