public async Task MiddlewareExtensionsBasicAuthenticationMiddlewareNotSignedIn()
{
// Arrange
var httpContext = new DefaultHttpContext();
var authMiddleware = new BasicAuthenticationMiddleware(next: (innerHttpContext) => Task.FromResult(0));
// Act
await authMiddleware.Invoke(httpContext);
Assert.IsNotNull(httpContext);
}
public async Task GivenNoAuthentication_ShouldReturn401()
{
var middleware = new BasicAuthenticationMiddleware(
ctx => Task.CompletedTask,
new BasicAuthenticationConfiguration("test", "token"));
var httpContext = new DefaultHttpContext();
httpContext.Request.Path = "/api/whatever";
await middleware.Invoke(httpContext);
httpContext.Response.StatusCode
.Should()
.Be(401);
}
public async Task GivenInValidAuthentication_ShouldReturn401()
{
var middleware = new BasicAuthenticationMiddleware(
ctx => Task.CompletedTask,
new BasicAuthenticationConfiguration("test", "token"));
var httpContext = new DefaultHttpContext();
httpContext.Request.Path = "/api/whatever";
// 'dGVzdDp0b2tlbg==' is 'test:token' base64 encoded
httpContext.Request.Headers.Add("Authorization", "Basic GVzdDp0b2tlbg==");
await middleware.Invoke(httpContext);
httpContext.Response.StatusCode
.Should()
.Be(401);
}
public async Task BasicAuthenticationMiddlewareLoginTest()
{
// Arrange
var iUserManager = _serviceProvider.GetRequiredService <IUserManager>();
var httpContext = _serviceProvider.GetRequiredService <IHttpContextAccessor>().HttpContext;
var userId = "TestUserA";
var claims = new List <Claim> {
new Claim(ClaimTypes.NameIdentifier, userId)
};
httpContext.User = new ClaimsPrincipal(new ClaimsIdentity(claims));
httpContext.RequestServices = _serviceProvider;
var schemeProvider = _serviceProvider.GetRequiredService <IAuthenticationSchemeProvider>();
var controller =
new AccountController(_userManager, new AppSettings(), new FakeAntiforgery(), new FakeSelectorStorage())
{
ControllerContext = { HttpContext = httpContext }
};
// Make new account;
var newAccount = new RegisterViewModel
{
Password = "******",
ConfirmPassword = "******",
Email = "test"
};
// Arange > new account
await iUserManager.SignUpAsync("test", "email", "test", "test");
// base64 dGVzdDp0ZXN0 > test:test
httpContext.Request.Headers["Authorization"] = "Basic dGVzdDp0ZXN0";
// Call the middleware app
var basicAuthMiddleware = new BasicAuthenticationMiddleware(_onNext);
await basicAuthMiddleware.Invoke(httpContext);
Assert.AreEqual(true, httpContext.User.Identity.IsAuthenticated);
}
public async Task GivenNoAuthentication_ShouldNotCallNext()
{
var wasCalled = false;
var middleware = new BasicAuthenticationMiddleware(
ctx => {
wasCalled = true;
return(Task.CompletedTask);
},
new BasicAuthenticationConfiguration("test", "token"));
var httpContext = new DefaultHttpContext();
httpContext.Request.Path = "/api/whatever";
await middleware.Invoke(httpContext);
wasCalled
.Should()
.BeFalse();
}
public async Task GivenInValidAuthentication_ShouldNotCallNext()
{
var wasCalled = false;
var middleware = new BasicAuthenticationMiddleware(
ctx => {
wasCalled = true;
return(Task.CompletedTask);
},
new BasicAuthenticationConfiguration("test", "token"));
var httpContext = new DefaultHttpContext();
httpContext.Request.Path = "/api/whatever";
// 'dGVzdDp0b2tlbg==' is 'test:token' base64 encoded
httpContext.Request.Headers.Add("Authorization", "Basic GVzdDp0b2tlbg==");
await middleware.Invoke(httpContext);
wasCalled
.Should()
.BeFalse();
}
