Exemplo n.º 1
0
        public async Task CanCombineAuthorizeAttributes()
        {
            // Arrange
            var attributes = new AuthorizeAttribute[] {
                new AuthorizeAttribute(),
                new AuthorizeAttribute("1") { ActiveAuthenticationSchemes = "dupe" },
                new AuthorizeAttribute("2") { ActiveAuthenticationSchemes = "dupe" },
                new AuthorizeAttribute { Roles = "r1,r2", ActiveAuthenticationSchemes = "roles" },
            };
            var options = new AuthorizationOptions();
            options.AddPolicy("1", policy => policy.RequireClaim("1"));
            options.AddPolicy("2", policy => policy.RequireClaim("2"));

            var provider = new DefaultAuthorizationPolicyProvider(Options.Create(options));

            // Act
            var combined = await AuthorizationPolicy.CombineAsync(provider, attributes);

            // Assert
            Assert.Equal(2, combined.AuthenticationSchemes.Count());
            Assert.True(combined.AuthenticationSchemes.Contains("dupe"));
            Assert.True(combined.AuthenticationSchemes.Contains("roles"));
            Assert.Equal(4, combined.Requirements.Count());
            Assert.True(combined.Requirements.Any(r => r is DenyAnonymousAuthorizationRequirement));
            Assert.Equal(2, combined.Requirements.OfType<ClaimsAuthorizationRequirement>().Count());
            Assert.Equal(1, combined.Requirements.OfType<RolesAuthorizationRequirement>().Count());
        }
Exemplo n.º 2
0
        public void CombineMustTrimRoles()
        {
            // Arrange
            var attributes = new AuthorizeAttribute[] {
                new AuthorizeAttribute() { Roles = "r1 , r2" }
            };
            var options = new AuthorizationOptions();

            // Act
            var combined = AuthorizationPolicy.Combine(options, attributes);

            // Assert
            Assert.True(combined.Requirements.Any(r => r is RolesAuthorizationRequirement));
            var rolesAuthorizationRequirement = combined.Requirements.OfType<RolesAuthorizationRequirement>().First();
            Assert.Equal(2, rolesAuthorizationRequirement.AllowedRoles.Count());
            Assert.True(rolesAuthorizationRequirement.AllowedRoles.Any(r => r.Equals("r1")));
            Assert.True(rolesAuthorizationRequirement.AllowedRoles.Any(r => r.Equals("r2")));
        }
Exemplo n.º 3
0
        public async Task CombineMustTrimRoles()
        {
            // Arrange
            var attributes = new AuthorizeAttribute[] {
                new AuthorizeAttribute() { Roles = "r1 , r2" }
            };
            var options = new AuthorizationOptions();
            var provider = new DefaultAuthorizationPolicyProvider(Options.Create(options));

            // Act
            var combined = await AuthorizationPolicy.CombineAsync(provider, attributes);

            // Assert
            Assert.True(combined.Requirements.Any(r => r is RolesAuthorizationRequirement));
            var rolesAuthorizationRequirement = combined.Requirements.OfType<RolesAuthorizationRequirement>().First();
            Assert.Equal(2, rolesAuthorizationRequirement.AllowedRoles.Count());
            Assert.True(rolesAuthorizationRequirement.AllowedRoles.Any(r => r.Equals("r1")));
            Assert.True(rolesAuthorizationRequirement.AllowedRoles.Any(r => r.Equals("r2")));
        }
Exemplo n.º 4
0
        public void CanReplaceDefaultPolicy()
        {
            // Arrange
            var attributes = new AuthorizeAttribute[] {
                new AuthorizeAttribute(),
                new AuthorizeAttribute("2") { ActiveAuthenticationSchemes = "dupe" }
            };
            var options = new AuthorizationOptions();
            options.DefaultPolicy = new AuthorizationPolicyBuilder("default").RequireClaim("default").Build();
            options.AddPolicy("2", policy => policy.RequireClaim("2"));

            // Act
            var combined = AuthorizationPolicy.Combine(options, attributes);

            // Assert
            Assert.Equal(2, combined.AuthenticationSchemes.Count());
            Assert.True(combined.AuthenticationSchemes.Contains("dupe"));
            Assert.True(combined.AuthenticationSchemes.Contains("default"));
            Assert.Equal(2, combined.Requirements.Count());
            Assert.False(combined.Requirements.Any(r => r is DenyAnonymousAuthorizationRequirement));
            Assert.Equal(2, combined.Requirements.OfType<ClaimsAuthorizationRequirement>().Count());
        }
Exemplo n.º 5
0
        public async Task CombineMustTrimAuthenticationScheme()
        {
            // Arrange
            var attributes = new AuthorizeAttribute[] {
                new AuthorizeAttribute() { ActiveAuthenticationSchemes = "a1 , a2" }
            };
            var options = new AuthorizationOptions();

            var provider = new DefaultAuthorizationPolicyProvider(Options.Create(options));

            // Act
            var combined = await AuthorizationPolicy.CombineAsync(provider, attributes);

            // Assert
            Assert.Equal(2, combined.AuthenticationSchemes.Count());
            Assert.True(combined.AuthenticationSchemes.Any(a => a.Equals("a1")));
            Assert.True(combined.AuthenticationSchemes.Any(a => a.Equals("a2")));
        }
Exemplo n.º 6
0
        public void CombineMustTrimAuthenticationScheme()
        {
            // Arrange
            var attributes = new AuthorizeAttribute[] {
                new AuthorizeAttribute() { ActiveAuthenticationSchemes = "a1 , a2" }
            };
            var options = new AuthorizationOptions();

            // Act
            var combined = AuthorizationPolicy.Combine(options, attributes);

            // Assert
            Assert.Equal(2, combined.AuthenticationSchemes.Count());
            Assert.True(combined.AuthenticationSchemes.Any(a => a.Equals("a1")));
            Assert.True(combined.AuthenticationSchemes.Any(a => a.Equals("a2")));
        }