private async Task RunTest(
string request_authorizationHeader,
Type expectedExceptionType = null,
PrincipalType? expected_principalType = null
) {
IAccessToken token = AccessTokenMock.Create().Object;
IAccessTokenValidator tokenValidator = AccessTokenValidatorMock.Create(
accessToken: ACCESS_TOKEN,
accessTokenAfterValidation: token,
expectedExceptionType: expectedExceptionType
).Object;
IRequestAuthenticator authenticator = new RequestAuthenticator( tokenValidator );
var httpRequestMessage = new HttpRequestMessage()
.WithAuthHeader( request_authorizationHeader );
ID2LPrincipal principal = null;
Exception exception = null;
try {
principal = await authenticator.AuthenticateAsync(
httpRequestMessage
).SafeAsync();
} catch( Exception e ) {
exception = e;
}
CheckExpectations(
principal,
exception,
expectedExceptionType,
expected_principalType );
exception = null;
HttpRequest httpRequest = RequestBuilder
.Create()
.WithAuthHeader( request_authorizationHeader );
try {
principal = await authenticator.AuthenticateAsync(
httpRequest
).SafeAsync();
} catch( Exception e ) {
exception = e;
}
CheckExpectations(
principal,
exception,
expectedExceptionType,
expected_principalType );
}
private async Task RunTest(
string request_authorizationHeader,
Type expectedExceptionType = null,
PrincipalType?expected_principalType = null
)
{
IAccessToken token = AccessTokenMock.Create().Object;
IAccessTokenValidator tokenValidator = AccessTokenValidatorMock.Create(
accessToken: ACCESS_TOKEN,
accessTokenAfterValidation: token,
expectedExceptionType: expectedExceptionType
).Object;
IRequestAuthenticator authenticator = new RequestAuthenticator(tokenValidator);
var httpRequestMessage = new HttpRequestMessage();
httpRequestMessage.Headers.Authorization = new AuthenticationHeaderValue(
"Bearer",
request_authorizationHeader
);
ID2LPrincipal principal = null;
Exception exception = null;
try {
principal = await authenticator.AuthenticateAsync(
httpRequestMessage
).ConfigureAwait(false);
} catch (Exception e) {
exception = e;
}
CheckExpectations(
principal,
exception,
expectedExceptionType,
expected_principalType);
exception = null;
var httpRequest = new HttpRequestMessage();
httpRequest.Headers.Authorization = new AuthenticationHeaderValue(
"Bearer",
request_authorizationHeader
);
try {
principal = await authenticator.AuthenticateAsync(
httpRequest
).ConfigureAwait(false);
} catch (Exception e) {
exception = e;
}
CheckExpectations(
principal,
exception,
expectedExceptionType,
expected_principalType);
}
private async Task RunTest(
string request_xsrfHeader,
string request_d2lApiCookie,
string request_authorizationHeader,
string accessToken_xsrfClaim,
AuthenticationMode authMode,
Type expectedExceptionType = null,
PrincipalType? expected_principalType = null
) {
IAccessToken token = AccessTokenMock.Create(
xsrfClaim: accessToken_xsrfClaim
).Object;
IAccessTokenValidator tokenValidator = AccessTokenValidatorMock.Create(
accessToken: ACCESS_TOKEN,
accessTokenAfterValidation: token,
expectedExceptionType: expectedExceptionType
).Object;
IRequestAuthenticator authenticator = new RequestAuthenticator( tokenValidator );
var httpRequestMessage = new HttpRequestMessage()
.WithAuthHeader( request_authorizationHeader )
.WithXsrfHeader( request_xsrfHeader )
.WithCookie( RequestValidationConstants.D2L_AUTH_COOKIE_NAME, request_d2lApiCookie );
ID2LPrincipal principal = null;
Exception exception = null;
try {
principal = await authenticator.AuthenticateAsync(
httpRequestMessage,
authMode: authMode
).SafeAsync();
} catch( Exception e ) {
exception = e;
}
CheckExpectations(
principal,
exception,
expectedExceptionType,
expected_principalType );
exception = null;
HttpRequest httpRequest = RequestBuilder.Create()
.WithAuthHeader( request_authorizationHeader )
.WithXsrfHeader( request_xsrfHeader )
.WithCookie( RequestValidationConstants.D2L_AUTH_COOKIE_NAME, request_d2lApiCookie );
try {
principal = await authenticator.AuthenticateAsync(
httpRequest,
authMode: authMode
).SafeAsync();
} catch( Exception e ) {
exception = e;
}
CheckExpectations(
principal,
exception,
expectedExceptionType,
expected_principalType );
}
public async Task WhenBothCookieAndHeaderSupplied_HeaderIsPreferred() {
const string HEADER_TOKEN = "header";
const string COOKIE_TOKEN = "cookie";
var httpRequestMessage = new HttpRequestMessage()
.WithAuthHeader( HEADER_TOKEN )
.WithXsrfHeader( "xsrf" )
.WithCookie( RequestValidationConstants.D2L_AUTH_COOKIE_NAME, COOKIE_TOKEN );
IAccessToken token = AccessTokenMock.Create(
xsrfClaim: "xsrf"
).Object;
Mock<IAccessTokenValidator> mock = new Mock<IAccessTokenValidator>();
mock.Setup( v => v.ValidateAsync( HEADER_TOKEN ) ).ReturnsAsync( token );
IRequestAuthenticator authenticator = new RequestAuthenticator( mock.Object );
ID2LPrincipal result = await authenticator.AuthenticateAsync( httpRequestMessage ).SafeAsync();
mock.Verify( v => v.ValidateAsync( HEADER_TOKEN ), Times.Exactly( 1 ) );
Assert.NotNull( result );
}
/// <summary>
/// Creates an <see cref="IRequestAuthenticator"/> instance.
/// </summary>
public static IRequestAuthenticator Create(
IAccessTokenValidator accessTokenValidator
) {
IRequestAuthenticator authenticator = new RequestAuthenticator( accessTokenValidator );
return authenticator;
}
