public void BadEggValidationInvalidRouteProvider() { ISettingsProvider settingsProvider = new pm.DefaultSettingProvider(Directory.GetCurrentDirectory()); TestHttpRequest httpRequest = new TestHttpRequest(); TestHttpResponse httpResponse = new TestHttpResponse(); IPluginClassesService pluginServices = new pm.PluginServices(_testPluginBadEgg) as IPluginClassesService; IPluginHelperService pluginHelperServices = _testPluginBadEgg.GetRequiredService <IPluginHelperService>(); IPluginTypesService pluginTypesService = _testPluginBadEgg.GetRequiredService <IPluginTypesService>(); INotificationService notificationService = _testPluginBadEgg.GetRequiredService <INotificationService>(); IIpValidation iPValidation = new TestIPValidation(); TestHttpContext httpContext = new TestHttpContext(httpRequest, httpResponse); httpRequest.SetContext(httpContext); MockLoginProvider loginProvider = new MockLoginProvider(); MockClaimsProvider claimsProvider = new MockClaimsProvider(pluginServices); TestAuthenticationService authenticationService = new TestAuthenticationService(); RequestDelegate requestDelegate = async(context) => { await Task.Delay(0); }; RouteDataServices routeDataServices = new RouteDataServices(); BadEggMiddleware badEgg = new BadEggMiddleware(requestDelegate, null, routeDataServices, pluginHelperServices, pluginTypesService, iPValidation, settingsProvider, notificationService); }
public void BadEggValidationInvalidRequestDelegate() { ISettingsProvider settingsProvider = new pm.DefaultSettingProvider(Directory.GetCurrentDirectory()); TestHttpRequest httpRequest = new TestHttpRequest(); TestHttpResponse httpResponse = new TestHttpResponse(); IPluginClassesService pluginServices = new pm.PluginServices(_testPluginBadEgg) as IPluginClassesService; IPluginHelperService pluginHelperServices = _testPluginBadEgg.GetRequiredService <IPluginHelperService>(); IPluginTypesService pluginTypesService = _testPluginBadEgg.GetRequiredService <IPluginTypesService>(); INotificationService notificationService = _testPluginBadEgg.GetRequiredService <INotificationService>(); IIpValidation iPValidation = new TestIPValidation(); TestHttpContext httpContext = new TestHttpContext(httpRequest, httpResponse); httpRequest.SetContext(httpContext); MockLoginProvider loginProvider = new MockLoginProvider(); MockClaimsProvider claimsProvider = new MockClaimsProvider(pluginServices); TestAuthenticationService authenticationService = new TestAuthenticationService(); ActionDescriptorCollection actionDescriptorCollection = new ActionDescriptorCollection(new List <ActionDescriptor>(), 1); TestActionDescriptorCollectionProvider testActionDescriptorCollectionProvider = new TestActionDescriptorCollectionProvider(actionDescriptorCollection); RouteDataServices routeDataServices = new RouteDataServices(); BadEggMiddleware badEgg = new BadEggMiddleware(null, testActionDescriptorCollectionProvider, routeDataServices, pluginHelperServices, pluginTypesService, iPValidation, settingsProvider, notificationService); }
public async Task UseAuthorization_HasRequiredSevices_RegistersMiddleware() { // Arrange var authenticationService = new TestAuthenticationService(); var services = CreateServices(authenticationService); var app = new ApplicationBuilder(services); app.UseAuthorization(); var appFunc = app.Build(); var endpoint = new Endpoint( null, new EndpointMetadataCollection(new AuthorizeAttribute()), "Test endpoint"); var httpContext = new DefaultHttpContext(); httpContext.RequestServices = services; httpContext.SetEndpoint(endpoint); // Act await appFunc(httpContext); // Assert Assert.True(authenticationService.ChallengeCalled); }
public async Task BadEggValidationSuccess() { ISettingsProvider settingsProvider = new pm.DefaultSettingProvider(Directory.GetCurrentDirectory()); TestHttpRequest httpRequest = new TestHttpRequest(); TestHttpResponse httpResponse = new TestHttpResponse(); IPluginClassesService pluginServices = new pm.PluginServices(_testPluginBadEgg) as IPluginClassesService; IPluginHelperService pluginHelperServices = _testPluginBadEgg.GetRequiredService <IPluginHelperService>(); IPluginTypesService pluginTypesService = _testPluginBadEgg.GetRequiredService <IPluginTypesService>(); INotificationService notificationService = _testPluginBadEgg.GetRequiredService <INotificationService>(); IIpValidation iPValidation = new TestIPValidation(); TestHttpContext httpContext = new TestHttpContext(httpRequest, httpResponse); httpRequest.SetContext(httpContext); MockLoginProvider loginProvider = new MockLoginProvider(); MockClaimsProvider claimsProvider = new MockClaimsProvider(pluginServices); TestAuthenticationService authenticationService = new TestAuthenticationService(); bool nextDelegateCalled = false; RequestDelegate requestDelegate = async(context) => { nextDelegateCalled = true; await Task.Delay(0); }; ActionDescriptorCollection actionDescriptorCollection = new ActionDescriptorCollection(new List <ActionDescriptor>(), 1); TestActionDescriptorCollectionProvider testActionDescriptorCollectionProvider = new TestActionDescriptorCollectionProvider(actionDescriptorCollection); RouteDataServices routeDataServices = new RouteDataServices(); BadEggMiddleware badEgg = new BadEggMiddleware(requestDelegate, testActionDescriptorCollectionProvider, routeDataServices, pluginHelperServices, pluginTypesService, iPValidation, settingsProvider, notificationService); await badEgg.Invoke(httpContext); Assert.IsTrue(nextDelegateCalled); }
public async Task LoginAutoLoginFromHeadersInvalidEncoding() { ISettingsProvider settingsProvider = new pm.DefaultSettingProvider(Directory.GetCurrentDirectory()); LoginControllerSettings loginControllerSettings = settingsProvider.GetSettings <LoginControllerSettings>(nameof(LoginPlugin)); TestHttpRequest httpRequest = new TestHttpRequest(); TestHttpResponse httpResponse = new TestHttpResponse(); IPluginClassesService pluginServices = new pm.PluginServices(_testPluginLogin) as IPluginClassesService; TestHttpContext httpContext = new TestHttpContext(httpRequest, httpResponse); httpRequest.SetContext(httpContext); MockLoginProvider loginProvider = new MockLoginProvider(); MockClaimsProvider claimsProvider = new MockClaimsProvider(pluginServices); TestAuthenticationService authenticationService = new TestAuthenticationService(); RequestDelegate requestDelegate = async(context) => { await Task.Delay(0); }; httpRequest.Headers.Add(SharedPluginFeatures.Constants.HeaderAuthorizationName, "Basic blahblahblah"); LoginMiddleware login = new LoginMiddleware(requestDelegate, loginProvider, settingsProvider, claimsProvider); await login.Invoke(httpContext, authenticationService); Assert.AreEqual(400, httpContext.Response.StatusCode); Assert.IsFalse(authenticationService.SignInAsyncCalled); }
public async Task LoginAutoLoginFromHeadersInvalidUsernameAndPassword() { ISettingsProvider settingsProvider = new pm.DefaultSettingProvider(Directory.GetCurrentDirectory()); LoginControllerSettings loginControllerSettings = settingsProvider.GetSettings <LoginControllerSettings>(nameof(LoginPlugin)); TestHttpRequest httpRequest = new TestHttpRequest(); TestHttpResponse httpResponse = new TestHttpResponse(); IPluginClassesService pluginServices = new pm.PluginServices(_testPluginLogin) as IPluginClassesService; TestHttpContext httpContext = new TestHttpContext(httpRequest, httpResponse); httpRequest.SetContext(httpContext); MockLoginProvider loginProvider = new MockLoginProvider(); MockClaimsProvider claimsProvider = new MockClaimsProvider(pluginServices); TestAuthenticationService authenticationService = new TestAuthenticationService(); RequestDelegate requestDelegate = async(context) => { await Task.Delay(0); }; string encoded = Convert.ToBase64String(System.Text.Encoding.GetEncoding("ISO-8859-1").GetBytes("Miley:Cyrus")); httpRequest.Headers.Add(SharedPluginFeatures.Constants.HeaderAuthorizationName, "Basic " + encoded); LoginMiddleware login = new LoginMiddleware(requestDelegate, loginProvider, settingsProvider, claimsProvider); await login.Invoke(httpContext, authenticationService); Assert.IsFalse(authenticationService.SignInAsyncCalled); }
public async Task LoginFromCookieValueCookieValidLoginUserFound() { ISettingsProvider settingsProvider = new pm.DefaultSettingProvider(Directory.GetCurrentDirectory()); LoginControllerSettings loginControllerSettings = settingsProvider.GetSettings <LoginControllerSettings>(nameof(LoginPlugin)); TestRequestCookieCollection cookies = new TestRequestCookieCollection(); cookies.AddCookie("RememberMe", Shared.Utilities.Encrypt("123", loginControllerSettings.EncryptionKey)); TestHttpRequest httpRequest = new TestHttpRequest(cookies); TestHttpResponse httpResponse = new TestHttpResponse(); IPluginClassesService pluginServices = new pm.PluginServices(_testPluginLogin) as IPluginClassesService; TestHttpContext httpContext = new TestHttpContext(httpRequest, httpResponse); httpRequest.SetContext(httpContext); MockLoginProvider loginProvider = new MockLoginProvider(); MockClaimsProvider claimsProvider = new MockClaimsProvider(pluginServices); TestAuthenticationService authenticationService = new TestAuthenticationService(); RequestDelegate requestDelegate = async(context) => { await Task.Delay(0); }; LoginMiddleware login = new LoginMiddleware(requestDelegate, loginProvider, settingsProvider, claimsProvider); await login.Invoke(httpContext, authenticationService); TestResponseCookies responseCookies = httpResponse.Cookies as TestResponseCookies; Assert.IsNotNull(responseCookies); Assert.IsTrue(authenticationService.SignInAsyncCalled); }
public async Task LoginNullContextValue() { IPluginClassesService pluginServices = new pm.PluginServices(_testPluginLogin) as IPluginClassesService; MockLoginProvider loginProvider = new MockLoginProvider(); ISettingsProvider settingsProvider = new pm.DefaultSettingProvider(Directory.GetCurrentDirectory()); MockClaimsProvider claimsProvider = new MockClaimsProvider(pluginServices); TestAuthenticationService authenticationService = new TestAuthenticationService(); RequestDelegate requestDelegate = async(context) => { await Task.Delay(0); }; LoginMiddleware login = new LoginMiddleware(requestDelegate, loginProvider, settingsProvider, claimsProvider); await login.Invoke(null, authenticationService); }
public void UseAuthorization_MissingRequiredSevices_FriendlyErrorMessage() { // Arrange var authenticationService = new TestAuthenticationService(); var app = new ApplicationBuilder(new ServiceCollection().BuildServiceProvider()); // Act var ex = Assert.Throws <InvalidOperationException>(() => { app.UseAuthorization(); }); // Assert Assert.Equal( "Unable to find the required services. Please add all the required services by calling " + "'IServiceCollection.AddAuthorization' in the application startup code.", ex.Message); }
public async Task BadEggValidationIgnoreValidation() { ISettingsProvider settingsProvider = new pm.DefaultSettingProvider(Directory.GetCurrentDirectory()); BadEggSettings badEggSettings = settingsProvider.GetSettings <BadEggSettings>(SharedPluginFeatures.Constants.BadEggSettingsName); TestHttpRequest httpRequest = new TestHttpRequest(); TestHttpResponse httpResponse = new TestHttpResponse(); IPluginClassesService pluginServices = new pm.PluginServices(_testPluginBadEgg) as IPluginClassesService; IPluginHelperService pluginHelperServices = _testPluginBadEgg.GetRequiredService <IPluginHelperService>(); IPluginTypesService pluginTypesService = _testPluginBadEgg.GetRequiredService <IPluginTypesService>(); INotificationService notificationService = _testPluginBadEgg.GetRequiredService <INotificationService>(); IIpValidation iPValidation = new TestIPValidation(); IIpManagement ipManagement = _testPluginBadEgg.GetRequiredService <IIpManagement>(); TestHttpContext httpContext = new TestHttpContext(httpRequest, httpResponse); httpRequest.SetContext(httpContext); MockLoginProvider loginProvider = new MockLoginProvider(); MockClaimsProvider claimsProvider = new MockClaimsProvider(pluginServices); TestAuthenticationService authenticationService = new TestAuthenticationService(); bool nextDelegateCalled = false; RequestDelegate requestDelegate = async(context) => { nextDelegateCalled = true; await Task.Delay(0); }; ActionDescriptorCollection actionDescriptorCollection = new ActionDescriptorCollection(new List <ActionDescriptor>(), 1); TestActionDescriptorCollectionProvider testActionDescriptorCollectionProvider = new TestActionDescriptorCollectionProvider(actionDescriptorCollection); RouteDataServices routeDataServices = new RouteDataServices(); httpRequest.Headers.Add(SharedPluginFeatures.Constants.BadEggValidationIgnoreHeaderName, badEggSettings.IgnoreValidationHeaderCode); BadEggMiddleware badEgg = new BadEggMiddleware(requestDelegate, testActionDescriptorCollectionProvider, routeDataServices, pluginHelperServices, pluginTypesService, iPValidation, settingsProvider, notificationService); await badEgg.Invoke(httpContext); Assert.IsTrue(httpContext.Response.Headers.ContainsKey(Constants.BadEggValidationIgnoreHeaderName)); Assert.AreEqual(httpContext.Response.Headers[Constants.BadEggValidationIgnoreHeaderName], Boolean.TrueString); Assert.IsTrue(nextDelegateCalled); Assert.AreEqual(200, httpContext.Response.StatusCode); }
public async Task Invoke_RequireUnknownRole_ForbidPerScheme() { // Arrange var policy = new AuthorizationPolicyBuilder().RequireRole("Wut").AddAuthenticationSchemes("Basic", "Bearer").Build(); var policyProvider = new Mock <IAuthorizationPolicyProvider>(); policyProvider.Setup(p => p.GetDefaultPolicyAsync()).ReturnsAsync(policy); var next = new TestRequestDelegate(); var authenticationService = new TestAuthenticationService(); var middleware = CreateMiddleware(next.Invoke, policyProvider.Object); var context = GetHttpContext(endpoint: CreateEndpoint(new AuthorizeAttribute()), authenticationService: authenticationService); // Act await middleware.Invoke(context); // Assert Assert.False(next.Called); Assert.Equal(2, authenticationService.ForbidCount); }
public async Task HasEndpointWithAuth_AuthenticatedUser_Allows() { // Arrange var policy = new AuthorizationPolicyBuilder().RequireAuthenticatedUser().Build(); var policyProvider = new Mock <IAuthorizationPolicyProvider>(); policyProvider.Setup(p => p.GetDefaultPolicyAsync()).ReturnsAsync(policy); var next = new TestRequestDelegate(); var authenticationService = new TestAuthenticationService(); var middleware = CreateMiddleware(next.Invoke, policyProvider.Object); var context = GetHttpContext(endpoint: CreateEndpoint(new AuthorizeAttribute()), authenticationService: authenticationService); // Act await middleware.Invoke(context); // Assert Assert.True(next.Called); Assert.False(authenticationService.ChallengeCalled); }
public async Task HasEndpointWithAuth_AnonymousUser_ChallengePerScheme() { // Arrange var policy = new AuthorizationPolicyBuilder().RequireAuthenticatedUser().AddAuthenticationSchemes("schema1", "schema2").Build(); var policyProvider = new Mock <IAuthorizationPolicyProvider>(); policyProvider.Setup(p => p.GetDefaultPolicyAsync()).ReturnsAsync(policy); var next = new TestRequestDelegate(); var authenticationService = new TestAuthenticationService(); var middleware = CreateMiddleware(next.Invoke, policyProvider.Object); var context = GetHttpContext(anonymous: true, endpoint: CreateEndpoint(new AuthorizeAttribute()), authenticationService: authenticationService); // Act await middleware.Invoke(context); // Assert Assert.False(next.Called); Assert.Equal(2, authenticationService.ChallengeCount); }
public async Task Invoke_AuthSchemesFailShouldSetEmptyPrincipalOnContext() { // Arrange var policy = new AuthorizationPolicyBuilder("Fails").RequireAuthenticatedUser().Build(); var policyProvider = new Mock <IAuthorizationPolicyProvider>(); policyProvider.Setup(p => p.GetDefaultPolicyAsync()).ReturnsAsync(policy); var next = new TestRequestDelegate(); var authenticationService = new TestAuthenticationService(); var middleware = CreateMiddleware(next.Invoke, policyProvider.Object); var context = GetHttpContext(endpoint: CreateEndpoint(new AuthorizeAttribute()), authenticationService: authenticationService); // Act await middleware.Invoke(context); // Assert Assert.False(next.Called); Assert.NotNull(context.User?.Identity); Assert.True(authenticationService.AuthenticateCalled); Assert.True(authenticationService.ChallengeCalled); }
public async Task IAuthenticateResultFeature_NotSetOnUnsuccessfulAuthorize() { // Arrange var policy = new AuthorizationPolicyBuilder().RequireRole("Wut").AddAuthenticationSchemes("NotImplemented").Build(); var policyProvider = new Mock <IAuthorizationPolicyProvider>(); policyProvider.Setup(p => p.GetDefaultPolicyAsync()).ReturnsAsync(policy); var next = new TestRequestDelegate(); var authenticationService = new TestAuthenticationService(); var middleware = CreateMiddleware(next.Invoke, policyProvider.Object); var context = GetHttpContext(endpoint: CreateEndpoint(new AuthorizeAttribute(), new AllowAnonymousAttribute()), authenticationService: authenticationService); // Act await middleware.Invoke(context); // Assert Assert.True(next.Called); var authenticateResultFeature = context.Features.Get <IAuthenticateResultFeature>(); Assert.Null(authenticateResultFeature); Assert.True(authenticationService.AuthenticateCalled); }
public async Task Invoke_InvalidClaimShouldForbid() { // Arrange var policy = new AuthorizationPolicyBuilder() .RequireClaim("Permission", "CanViewComment") .Build(); var policyProvider = new Mock <IAuthorizationPolicyProvider>(); policyProvider.Setup(p => p.GetDefaultPolicyAsync()).ReturnsAsync(policy); var next = new TestRequestDelegate(); var authenticationService = new TestAuthenticationService(); var middleware = CreateMiddleware(next.Invoke, policyProvider.Object); var context = GetHttpContext(endpoint: CreateEndpoint(new AuthorizeAttribute()), authenticationService: authenticationService); // Act await middleware.Invoke(context); // Assert Assert.False(next.Called); Assert.False(authenticationService.ChallengeCalled); Assert.True(authenticationService.ForbidCalled); }
public async Task LoginFromCookieValueCookieValueNotEncrypted() { TestRequestCookieCollection cookies = new TestRequestCookieCollection(); cookies.AddCookie("RememberMe", "1"); TestHttpRequest httpRequest = new TestHttpRequest(cookies); TestHttpResponse httpResponse = new TestHttpResponse(); IPluginClassesService pluginServices = new pm.PluginServices(_testPluginLogin) as IPluginClassesService; TestHttpContext httpContext = new TestHttpContext(httpRequest, httpResponse); MockLoginProvider loginProvider = new MockLoginProvider(); ISettingsProvider settingsProvider = new pm.DefaultSettingProvider(Directory.GetCurrentDirectory()); MockClaimsProvider claimsProvider = new MockClaimsProvider(pluginServices); TestAuthenticationService authenticationService = new TestAuthenticationService(); RequestDelegate requestDelegate = async(context) => { await Task.Delay(0); }; LoginMiddleware login = new LoginMiddleware(requestDelegate, loginProvider, settingsProvider, claimsProvider); await login.Invoke(httpContext, authenticationService); }