public async Task OneSessionShouldOnlyValidateOnce()
{
var claimsUser = await _unit.GetClaimsPrincipalAsync("a&1").ConfigureAwait(false);
Assert.IsNotNull(claimsUser);
claimsUser = await _unit.GetClaimsPrincipalAsync("a&1").ConfigureAwait(false);
Assert.IsNotNull(claimsUser);
_fakeHttpMessageHandler.Verify(h => h.Send(It.IsAny <HttpRequestMessage>()), Times.Once);
}
public async Task Invoke(HttpContext context)
{
var sessionId = context.GetAuthSessionId();
var bearerTokenReceived = string.IsNullOrWhiteSpace(sessionId);
if (!bearerTokenReceived)
{
context.User = await _identityProviderClient.GetClaimsPrincipalAsync(sessionId);
}
context.Response.OnStarting(state =>
{
if (context.Response.StatusCode != (int)HttpStatusCode.Unauthorized)
{
return(Task.FromResult(false));
}
return(Task.FromResult(RequestRedirectedToLogin(context, bearerTokenReceived)));
}, context.Response);
await _next.Invoke(context);
}
