public async Task ForbidsNonGetHead(string method) { var context = CreateOwinContext(method, new Uri("http://localhost")); var next = CreateOwinMiddleware(); var middleware = new ForceSslMiddleware(next.Object, 443); await middleware.Invoke(context); next.Verify(n => n.Invoke(It.IsAny <IOwinContext>()), Times.Never()); Assert.Equal((int)HttpStatusCode.BadRequest, context.Response.StatusCode); }
public async Task RedirectsGetHeadToHttps(string method, int sslPort) { var uri = new Uri("http://localhost:8080/somepath/somedocument?somequery=somevalue"); var context = CreateOwinContext(method, uri); var next = CreateOwinMiddleware(); var middleware = new ForceSslMiddleware(next.Object, sslPort); await middleware.Invoke(context); next.Verify(n => n.Invoke(It.IsAny <IOwinContext>()), Times.Never()); Assert.Equal((int)HttpStatusCode.Found, context.Response.StatusCode); Uri targetUri = new Uri(context.Response.Headers["Location"]); Assert.Equal(Uri.UriSchemeHttps, targetUri.Scheme); Assert.Equal(sslPort, targetUri.Port); Assert.Equal(uri.Host, targetUri.Host); Assert.Equal(uri.PathAndQuery, targetUri.PathAndQuery); }