public void Nonlocal_requests_should_require_secure_connection()
{
var context = GetTestFilterContext(false);
var filter = new RequreSecureConnectionFilter();
var exception = Assert.Throws <InvalidOperationException>(() => filter.OnAuthorization(context));
exception.Message.ShouldBe("The requested resource can only be accessed via SSL.");
}
public void OnAuthorization_should_not_redirect_local_requests()
{
var context = GetTestFilterContext(true);
var filter = new RequreSecureConnectionFilter();
filter.OnAuthorization(context);
var redirectResult = context.Result as RedirectResult;
Assert.Null(redirectResult);
}
public void OnAuthorisation_NonLocalRequest_RedirectedToHttps()
{
//Arrange
request.IsLocal.Returns(false);
var sut = new RequreSecureConnectionFilter();
// Act && Assert
// here we check if controll is passed down to RequireHttpsAttribute code
// and we are not testing for Microsoft code.
Assert.Throws <InvalidOperationException>(() => sut.OnAuthorization(filterContext));
}
public void OnAuthorisation_LocalRequest_RequestNotRedirected()
{
//Arrange
request.IsLocal.Returns(true);
var sut = new RequreSecureConnectionFilter();
// Act
sut.OnAuthorization(filterContext);
// Assert - checking if we are not being redirected
var redirectResult = filterContext.Result as RedirectResult;
Assert.Null(redirectResult);
}
public void OnAuthorization_nocontext_should_throw()
{
var filter = new RequreSecureConnectionFilter();
Assert.Throws <ArgumentNullException>(() => filter.OnAuthorization(null));
}
public void OnAuthorisation_NoContext_ThrowsException()
{
var sut = new RequreSecureConnectionFilter();
Assert.Throws <ArgumentNullException>(() => sut.OnAuthorization(null));
}