public async Task TestJwtMiddleware() { HttpContext context = new DefaultHttpContext(); JwtMiddleware middleware = new JwtMiddleware(httpContext => Task.CompletedTask); await middleware.Invoke(context); Assert.IsTrue(!context.User.Claims.Any(), "Are there any claims when there's no authentication header?"); Assert.IsNull(context.User.Identity.AuthenticationType, "Is the authenticationtype null when there's no auth header?"); // Create a test user instance User testUser = new User { confirmed = true, date_of_birth = DateTime.Now, email = "*****@*****.**", ID = 0, password = "******", plan = Plans.Basic, registration_timestamp = DateTime.Now, role = Roles.User, username = "******" }; ClaimsPrincipal userPrincipal = testUser.ClaimsPrincipal(TokenScope.UserLogin); context.Request.Headers.Add("Authorization", "Bearer " + Jwt.Sign((ClaimsIdentity)userPrincipal.Identity)); await middleware.Invoke(context); Assert.IsTrue(context.User.Claims.Any(), "Are there any claims when the authentication header is present?"); Assert.IsNotNull(context.User.Identity.AuthenticationType, "Is the authenticationtype no null when the authentication header is present?"); Assert.AreEqual(context.User.Identity.AuthenticationType, TokenScope.UserLogin, "Is the AuthenticationType the same as the one used to sign the Jwt token?"); }
public async Task InvokeNoHeadersShouldCallNext() { await _middleware.Invoke(_mockHttpContext.Object, _mockExecutionContext.Object, _mockExecutionContextHelper.Object); Assert.True(_nextWasCalled); _mockExecutionContextHelper.Verify( helper => helper.FillExecutionContextFromJwt(It.IsAny <string>(), It.IsAny <IExecutionContext>()), Times.Never); }
public async Task Invoke_returns_200_with_token_if_match([Frozen] IUserAuthenticator authenticator, [Frozen] IUserExtractor extractor, JwtMiddleware sut, [Frozen] IServiceProvider serviceProvider, HttpContext context, JwtOptions options, IActionResultExecutor <ObjectResult> executor, User user, ClaimsIdentity identity) { Mock.Get(extractor).Setup(p => p.TryExtractUser(It.IsAny <HttpContext>(), out user)).Returns(true); Mock.Get(authenticator).Setup(p => p.TryAuthenticateUserAsync(It.IsAny <User>(), out identity)).ReturnsAsync(true); Mock.Get(serviceProvider).Setup(p => p.GetService(typeof(IActionResultExecutor <ObjectResult>))).Returns(executor); await sut.Invoke(context, options); Mock.Get(executor).Verify(p => p.ExecuteAsync(It.IsAny <ActionContext>(), It.Is <ObjectResult>(or => or.StatusCode == 200 && or.Value is TokenModel))); }
public async Task Invoke_returns_401_if_no_match([Frozen] IUserExtractor extractor, JwtMiddleware sut, [Frozen] IServiceProvider serviceProvider, HttpContext context, JwtOptions options, IActionResultExecutor <ObjectResult> executor) { User user = null; Mock.Get(extractor).Setup(p => p.TryExtractUser(It.IsAny <HttpContext>(), out user)).Returns(false); Mock.Get(serviceProvider).Setup(p => p.GetService(typeof(IActionResultExecutor <ObjectResult>))).Returns(executor); await sut.Invoke(context, options); Mock.Get(executor).Verify(p => p.ExecuteAsync(It.IsAny <ActionContext>(), It.Is <ObjectResult>(or => or.StatusCode == 401))); }
public async Task JwtMiddleware_ValidUser() { username = "******"; _mockUserRepository.Setup(repo => repo.GetByUserName(username)). Returns(_testuser.Username == username ? _testuser : null); defaultContext = new DefaultHttpContext(); defaultContext.Request.Path = "/"; defaultContext.Request.Headers.Add("Ocp-Apim-Subscription-Key", "test"); var middlewareInstance = new JwtMiddleware(next: (innerHttpContext) => { return(Task.CompletedTask); }, _mockappsetting ); await middlewareInstance.Invoke(defaultContext, _mockUserRepository.Object); Assert.True(defaultContext.Request.Headers["Auth-User"].FirstOrDefault()?.Split(" ").Last() != null); }
public async Task JwtMiddleware_InValidUser() { username = "******"; _mockUserRepository.Setup(repo => repo.GetByUserName(username)).Returns(_testuser.Username == username ? _testuser : null); defaultContext = new DefaultHttpContext(); defaultContext.Request.Path = "/"; var middlewareInstance = new JwtMiddleware(next: (innerHttpContext) => { return(Task.CompletedTask); }, _mockappsetting ); await middlewareInstance.Invoke(defaultContext, _mockUserRepository.Object); var test = defaultContext.Request.Headers["Auth-User"].Count; Assert.True(defaultContext.Request.Headers["Auth-User"].Count == 0); }