public void ApiAuthorizeAttributeReturns401() { var httpContext = new Mock <HttpContextBase>(); httpContext.SetupGet(c => c.Items).Returns(new Dictionary <object, object> { { "owin.Environment", new Dictionary <string, object>() } }); httpContext.SetupGet(c => c.User.Identity.IsAuthenticated).Returns(false); var actionDescriptor = new Mock <ActionDescriptor>(); var controllerDescriptor = new Mock <ControllerDescriptor>(); actionDescriptor.Setup(c => c.ControllerDescriptor).Returns(controllerDescriptor.Object); var mockAuthContext = new Mock <AuthorizationContext>(MockBehavior.Strict); mockAuthContext.SetupGet(c => c.ActionDescriptor).Returns(actionDescriptor.Object); mockAuthContext.SetupGet(c => c.HttpContext).Returns(httpContext.Object); mockAuthContext.SetupGet(c => c.Controller).Returns((Controller)null); var context = mockAuthContext.Object; var attribute = new ApiAuthorizeAttribute(); // Act attribute.OnAuthorization(context); var owinContext = context.HttpContext.GetOwinContext(); // Assert Assert.IsType <HttpUnauthorizedResult>(context.Result); Assert.Equal(401, owinContext.Response.StatusCode); Assert.Equal(AuthenticationTypes.ApiKey, owinContext.Authentication.AuthenticationResponseChallenge.AuthenticationTypes[0]); }
public void ApiAuthorizeAttributeReturns401() { var httpContext = new Mock<HttpContextBase>(); httpContext.SetupGet(c => c.Items).Returns(new Dictionary<object, object> { { "owin.Environment", new Dictionary<string, object>() } }); httpContext.SetupGet(c => c.User.Identity.IsAuthenticated).Returns(false); var actionDescriptor = new Mock<ActionDescriptor>(); var controllerDescriptor = new Mock<ControllerDescriptor>(); actionDescriptor.Setup(c => c.ControllerDescriptor).Returns(controllerDescriptor.Object); var mockAuthContext = new Mock<AuthorizationContext>(MockBehavior.Strict); mockAuthContext.SetupGet(c => c.ActionDescriptor).Returns(actionDescriptor.Object); mockAuthContext.SetupGet(c => c.HttpContext).Returns(httpContext.Object); mockAuthContext.SetupGet(c => c.Controller).Returns((Controller)null); var context = mockAuthContext.Object; var attribute = new ApiAuthorizeAttribute(); // Act attribute.OnAuthorization(context); var owinContext = context.HttpContext.GetOwinContext(); // Assert Assert.IsType<HttpUnauthorizedResult>(context.Result); Assert.Equal(401, owinContext.Response.StatusCode); Assert.Equal(AuthenticationTypes.ApiKey, owinContext.Authentication.AuthenticationResponseChallenge.AuthenticationTypes[0]); }
public void SucceedsForAuthenticatedUser() { var context = BuildAuthorizationContext(authenticated: true).Object; var attribute = new ApiAuthorizeAttribute(); // Act attribute.OnAuthorization(context); var owinContext = context.HttpContext.GetOwinContext(); // Assert Assert.Equal(200, owinContext.Response.StatusCode); }
public void Returns401ForUnauthenticatedUser() { var context = BuildAuthorizationContext(authenticated: false).Object; var attribute = new ApiAuthorizeAttribute(); // Act attribute.OnAuthorization(context); var owinContext = context.HttpContext.GetOwinContext(); // Assert Assert.IsType <HttpUnauthorizedResult>(context.Result); Assert.Equal(401, owinContext.Response.StatusCode); Assert.Equal(AuthenticationTypes.ApiKey, owinContext.Authentication.AuthenticationResponseChallenge.AuthenticationTypes[0]); }