public async Task AuthTypes_AuthenticateWithUser_OneResult(AuthenticationSchemes authType) { string address; var authTypeList = authType.ToString().Split(new char[] { ',', ' ' }, StringSplitOptions.RemoveEmptyEntries); using (Utilities.CreateHttpAuthServer(authType, out address, async httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); Assert.True(httpContext.User.Identity.IsAuthenticated); var count = 0; foreach (var scheme in authTypeList) { var authResults = await httpContext.Authentication.AuthenticateAsync(scheme); if (authResults != null) { count++; } } Assert.Equal(1, count); })) { var response = await SendRequestAsync(address, useDefaultCredentials : true); Assert.Equal(HttpStatusCode.OK, response.StatusCode); } }
public async Task AuthTypes_GetSingleDescriptions(AuthenticationSchemes authType) { string address; using (Utilities.CreateHttpAuthServer(authType | AuthenticationSchemes.AllowAnonymous, out address, httpContext => { var resultList = httpContext.Authentication.GetAuthenticationSchemes(); if (authType == AuthenticationSchemes.AllowAnonymous) { Assert.Equal(0, resultList.Count()); } else { Assert.Equal(1, resultList.Count()); var result = resultList.First(); Assert.Equal(authType.ToString(), result.AuthenticationScheme); Assert.Equal("Windows:" + authType.ToString(), result.DisplayName); } return(Task.FromResult(0)); })) { var response = await SendRequestAsync(address); Assert.Equal(HttpStatusCode.OK, response.StatusCode); Assert.Equal(0, response.Headers.WwwAuthenticate.Count); } }
public async Task AuthTypes_AllowAnonymousButSpecify401_Success(AuthenticationSchemes authType) { string address; int requestId = 0; using (Utilities.CreateHttpAuthServer(authType | AuthenticationSchemes.AllowAnonymous, out address, httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); if (requestId == 0) { Assert.False(httpContext.User.Identity.IsAuthenticated); httpContext.Response.StatusCode = 401; } else if (requestId == 1) { Assert.True(httpContext.User.Identity.IsAuthenticated); } else { throw new NotImplementedException(); } requestId++; return(Task.FromResult(0)); })) { var response = await SendRequestAsync(address, useDefaultCredentials : true); Assert.Equal(HttpStatusCode.OK, response.StatusCode); } }
public async Task AuthType_RequireAuth_ChallengesAdded(AuthenticationSchemes authType) { string address; using (Utilities.CreateHttpAuthServer(authType, out address, httpContext => { throw new NotImplementedException(); })) { var response = await SendRequestAsync(address); Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode); Assert.Equal(authType.ToString(), response.Headers.WwwAuthenticate.ToString(), StringComparer.OrdinalIgnoreCase); } }
public async Task AuthTypes_RequireAuth_Success(AuthenticationSchemes authType) { string address; using (Utilities.CreateHttpAuthServer(authType, out address, httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); Assert.True(httpContext.User.Identity.IsAuthenticated); return(Task.FromResult(0)); })) { var response = await SendRequestAsync(address, useDefaultCredentials : true); Assert.Equal(HttpStatusCode.OK, response.StatusCode); } }
public async Task AuthTypes_AllowAnonymous_NoChallenge(AuthenticationSchemes authType) { string address; using (Utilities.CreateHttpAuthServer(authType | AuthenticationSchemes.AllowAnonymous, out address, httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); Assert.False(httpContext.User.Identity.IsAuthenticated); return(Task.FromResult(0)); })) { var response = await SendRequestAsync(address); Assert.Equal(HttpStatusCode.OK, response.StatusCode); Assert.Equal(0, response.Headers.WwwAuthenticate.Count); } }
public async Task AuthType_AllowAnonymousButSpecify401_ChallengesAdded(AuthenticationSchemes authType) { string address; using (Utilities.CreateHttpAuthServer(authType | AuthenticationSchemes.AllowAnonymous, out address, httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); Assert.False(httpContext.User.Identity.IsAuthenticated); httpContext.Response.StatusCode = 401; return(Task.FromResult(0)); })) { var response = await SendRequestAsync(address); Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode); Assert.Equal(authType.ToString(), response.Headers.WwwAuthenticate.ToString(), StringComparer.OrdinalIgnoreCase); } }
// [InlineData(AuthenticationSchemes.Digest)] // Not implemented // [InlineData(AuthenticationSchemes.Basic)] // Can't log in with UseDefaultCredentials public async Task AuthTypes_UnathorizedAuthenticatedAuthType_Unauthorized(AuthenticationSchemes authType) { string address; using (Utilities.CreateHttpAuthServer(authType, out address, httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); Assert.True(httpContext.User.Identity.IsAuthenticated); return(httpContext.Authentication.ChallengeAsync(authType.ToString(), null, ChallengeBehavior.Unauthorized)); })) { var response = await SendRequestAsync(address, useDefaultCredentials : true); Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode); Assert.Equal(1, response.Headers.WwwAuthenticate.Count); Assert.Equal(authType.ToString(), response.Headers.WwwAuthenticate.First().Scheme); } }
// [InlineData(AuthenticationSchemes.Digest)] // Not implemented // [InlineData(AuthenticationSchemes.Basic)] // Can't log in with UseDefaultCredentials public async Task AuthTypes_ChallengeAuthenticatedAuthType_Forbidden(AuthenticationSchemes authType) { string address; using (Utilities.CreateHttpAuthServer(authType, out address, httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); Assert.True(httpContext.User.Identity.IsAuthenticated); return(httpContext.Authentication.ChallengeAsync(authType.ToString())); })) { var response = await SendRequestAsync(address, useDefaultCredentials : true); Assert.Equal(HttpStatusCode.Forbidden, response.StatusCode); // for some reason Kerberos and Negotiate include a 2nd stage challenge. // Assert.Equal(0, response.Headers.WwwAuthenticate.Count); } }
public async Task AuthTypes_Forbid_Forbidden(AuthenticationSchemes authType) { string address; var authTypes = AuthenticationSchemes.AllowAnonymous | AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic; using (Utilities.CreateHttpAuthServer(authTypes, out address, httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); Assert.False(httpContext.User.Identity.IsAuthenticated); return(httpContext.Authentication.ForbidAsync(authType.ToString())); })) { var response = await SendRequestAsync(address); Assert.Equal(HttpStatusCode.Forbidden, response.StatusCode); Assert.Equal(0, response.Headers.WwwAuthenticate.Count); } }
public async Task AuthTypes_ChallengeWithoutAuthTypes_AllChallengesSent(AuthenticationSchemes authType) { string address; var authTypeList = authType.ToString().Split(new char[] { ',', ' ' }, StringSplitOptions.RemoveEmptyEntries); using (Utilities.CreateHttpAuthServer(authType | AuthenticationSchemes.AllowAnonymous, out address, httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); Assert.False(httpContext.User.Identity.IsAuthenticated); return(httpContext.Authentication.ChallengeAsync()); })) { var response = await SendRequestAsync(address); Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode); Assert.Equal(authTypeList.Count(), response.Headers.WwwAuthenticate.Count); } }
public async Task AuthTypes_ChallengeDisabledAuthType_Error(AuthenticationSchemes authType) { string address; var authTypes = AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic; authTypes = authTypes & ~authType; var authTypeList = authType.ToString().Split(new char[] { ',', ' ' }, StringSplitOptions.RemoveEmptyEntries); using (Utilities.CreateHttpAuthServer(authTypes | AuthenticationSchemes.AllowAnonymous, out address, httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); Assert.False(httpContext.User.Identity.IsAuthenticated); return(Assert.ThrowsAsync <InvalidOperationException>(() => httpContext.Authentication.ChallengeAsync(authType.ToString()))); })) { var response = await SendRequestAsync(address); Assert.Equal(HttpStatusCode.OK, response.StatusCode); Assert.Equal(0, response.Headers.WwwAuthenticate.Count); } }
public async Task AuthTypes_GetMultipleDescriptions() { string address; AuthenticationSchemes authType = AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/AuthenticationSchemes.Basic; using (Utilities.CreateHttpAuthServer(authType | AuthenticationSchemes.AllowAnonymous, out address, httpContext => { var resultList = httpContext.Authentication.GetAuthenticationSchemes(); Assert.Equal(3, resultList.Count()); return(Task.FromResult(0)); })) { var response = await SendRequestAsync(address); Assert.Equal(HttpStatusCode.OK, response.StatusCode); Assert.Equal(0, response.Headers.WwwAuthenticate.Count); } }
public async Task AuthTypes_AuthenticateWithNoUser_NoResults(AuthenticationSchemes authType) { string address; var authTypeList = authType.ToString().Split(new char[] { ',', ' ' }, StringSplitOptions.RemoveEmptyEntries); using (Utilities.CreateHttpAuthServer(authType | AuthenticationSchemes.AllowAnonymous, out address, async httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); Assert.False(httpContext.User.Identity.IsAuthenticated); foreach (var scheme in authTypeList) { var authResults = await httpContext.Authentication.AuthenticateAsync(scheme); Assert.Null(authResults); } })) { var response = await SendRequestAsync(address); Assert.Equal(HttpStatusCode.OK, response.StatusCode); Assert.Equal(0, response.Headers.WwwAuthenticate.Count); } }