public void IsValidAuthRole_For_External_User_With_Internal_Authentication_Should_Throw_AuthenticationException(string role, bool isKerberosAuth) { // arrange var controllerHelperMock = new Mock <IControllerHelper>(); controllerHelperMock.Setup(m => m.IsInternalUser()).Returns(false); controllerHelperMock.Setup(m => m.GetMgntRoleFromClaim()).Returns("ALLOW"); controllerHelperMock.Setup(m => m.IsKerberosAuthentication()).Returns(isKerberosAuth); controllerHelperMock.Setup(m => m.IsSmartcartAuthentication()).Returns(!isKerberosAuth); var authenticationHelperMock = new Mock <IAuthenticationHelper>(); authenticationHelperMock .Setup(m => m.GetClaimsForRequest(It.IsAny <IPrincipal>(), It.IsAny <HttpRequestMessage>())) .Returns(new List <ClaimInfo> { new ClaimInfo { Type = "/identity/claims/e-id/profile/role", Value = role } }); var mockUserDataAccess = Mock.Of <IUserDataAccess>(); var webCmiConfigProviderMock = new Mock <IWebCmiConfigProvider>(); webCmiConfigProviderMock.Setup(m => m.GetStringSetting(It.IsAny <string>(), It.IsAny <string>())) .Returns((string key, string defaultValue) => defaultValue); var sut = new AuthControllerHelper(null, mockUserDataAccess, controllerHelperMock.Object, authenticationHelperMock.Object, webCmiConfigProviderMock.Object); // act var action = (Action)(() => { sut.IsValidAuthRole(role, true); }); // assert action.Should().Throw <AuthenticationException>() .WithMessage("Kerberos oder Smartcard dürfen nicht für Ö2 und Ö3 verwendet werden"); }
IsValidAuthRole_For_Management_Client_Roles_Allow_And_Appo_Should_Return_KeineKerberosAuthentication_When_Not_LoggedIn_With_Kerberos( string role) { // arrange var controllerHelperMock = new Mock <IControllerHelper>(); controllerHelperMock.Setup(m => m.IsInternalUser()).Returns(true); controllerHelperMock.Setup(m => m.IsKerberosAuthentication()).Returns(false); controllerHelperMock.Setup(m => m.IsSmartcartAuthentication()).Returns(false); var authenticationHelperMock = new Mock <IAuthenticationHelper>(); authenticationHelperMock .Setup(m => m.GetClaimsForRequest(It.IsAny <IPrincipal>(), It.IsAny <HttpRequestMessage>())) .Returns(new List <ClaimInfo> { new ClaimInfo { Type = "/identity/claims/e-id/profile/role", Value = role } }); var mockUserDataAccess = Mock.Of <IUserDataAccess>(); var webCmiConfigProviderMock = new Mock <IWebCmiConfigProvider>(); webCmiConfigProviderMock.Setup(m => m.GetStringSetting(It.IsAny <string>(), It.IsAny <string>())) .Returns((string key, string defaultValue) => defaultValue); var sut = new AuthControllerHelper(null, mockUserDataAccess, controllerHelperMock.Object, authenticationHelperMock.Object, webCmiConfigProviderMock.Object); // act var result = sut.IsValidAuthRole(role, false); // assert result.Should().Be(AuthStatus.KeineKerberosAuthentication); }
public void IsValidAuthRole_For_Public_Client_Roles_Oe1_Should_Throw_Exception() { // arrange var controllerHelperMock = new Mock <IControllerHelper>(); controllerHelperMock.Setup(m => m.IsInternalUser()).Returns(false); controllerHelperMock.Setup(m => m.IsKerberosAuthentication()).Returns(false); controllerHelperMock.Setup(m => m.IsSmartcartAuthentication()).Returns(false); var authenticationHelperMock = new Mock <IAuthenticationHelper>(); authenticationHelperMock .Setup(m => m.GetClaimsForRequest(It.IsAny <IPrincipal>(), It.IsAny <HttpRequestMessage>())) .Returns(new List <ClaimInfo> { new ClaimInfo { Type = "/identity/claims/e-id/profile/role", Value = "Ö1" } }); var mockUserDataAccess = Mock.Of <IUserDataAccess>(); var webCmiConfigProviderMock = new Mock <IWebCmiConfigProvider>(); webCmiConfigProviderMock.Setup(m => m.GetStringSetting(It.IsAny <string>(), It.IsAny <string>())) .Returns((string key, string defaultValue) => defaultValue); var sut = new AuthControllerHelper(null, mockUserDataAccess, controllerHelperMock.Object, authenticationHelperMock.Object, webCmiConfigProviderMock.Object); // act var action = (Action)(() => { sut.IsValidAuthRole("Ö1", true); }); // assert action.Should().Throw <InvalidOperationException>("Ö1 are not registered users, so they don't have a real session") .WithMessage("Nicht definiertes Rollen handling"); }
public void IsValidAuthRole_For_Public_Client_Roles_Oe3_Should_Return_KeineMTanAuthentication_When_User_Is_Missing_MTan_Claim() { // arrange var controllerHelperMock = new Mock <IControllerHelper>(); controllerHelperMock.Setup(m => m.IsInternalUser()).Returns(false); controllerHelperMock.Setup(m => m.IsKerberosAuthentication()).Returns(false); controllerHelperMock.Setup(m => m.IsSmartcartAuthentication()).Returns(false); controllerHelperMock.Setup(m => m.IsMTanAuthentication()).Returns(false); var authenticationHelperMock = new Mock <IAuthenticationHelper>(); authenticationHelperMock .Setup(m => m.GetClaimsForRequest(It.IsAny <IPrincipal>(), It.IsAny <HttpRequestMessage>())) .Returns(new List <ClaimInfo> { new ClaimInfo { Type = "/identity/claims/e-id/profile/role", Value = "Ö3" } }); var mockUserDataAccess = Mock.Of <IUserDataAccess>(); var webCmiConfigProviderMock = new Mock <IWebCmiConfigProvider>(); webCmiConfigProviderMock.Setup(m => m.GetStringSetting(It.IsAny <string>(), It.IsAny <string>())) .Returns((string key, string defaultValue) => defaultValue); var sut = new AuthControllerHelper(null, mockUserDataAccess, controllerHelperMock.Object, authenticationHelperMock.Object, webCmiConfigProviderMock.Object); // act var result = sut.IsValidAuthRole("Ö3", true); // assert result.Should().Be(AuthStatus.KeineMTanAuthentication); }
public void IsValidAuthRole_For_Public_Client_Roles_Oe2_And_Bvw_Should_Return_Ok(string role, bool isInternalUser) { // arrange var controllerHelperMock = new Mock <IControllerHelper>(); controllerHelperMock.Setup(m => m.IsInternalUser()).Returns(isInternalUser); controllerHelperMock.Setup(m => m.GetMgntRoleFromClaim()).Returns("ALLOW"); controllerHelperMock.Setup(m => m.IsKerberosAuthentication()).Returns(isInternalUser); controllerHelperMock.Setup(m => m.IsSmartcartAuthentication()).Returns(isInternalUser); var authenticationHelperMock = new Mock <IAuthenticationHelper>(); authenticationHelperMock .Setup(m => m.GetClaimsForRequest(It.IsAny <IPrincipal>(), It.IsAny <HttpRequestMessage>())) .Returns(new List <ClaimInfo> { new ClaimInfo { Type = "/identity/claims/e-id/profile/role", Value = role } }); var mockUserDataAccess = Mock.Of <IUserDataAccess>(); var webCmiConfigProviderMock = new Mock <IWebCmiConfigProvider>(); webCmiConfigProviderMock.Setup(m => m.GetStringSetting(It.IsAny <string>(), It.IsAny <string>())) .Returns((string key, string defaultValue) => defaultValue); var sut = new AuthControllerHelper(null, mockUserDataAccess, controllerHelperMock.Object, authenticationHelperMock.Object, webCmiConfigProviderMock.Object); // act var result = sut.IsValidAuthRole(role, true); // assert result.Should().Be(AuthStatus.Ok); }
public void IsValidAuthRole_For_Management_Client_With_Unknown_Roles_Should_Throw_Exception() { // arrange var controllerHelperMock = new Mock <IControllerHelper>(); controllerHelperMock.Setup(m => m.IsInternalUser()).Returns(true); controllerHelperMock.Setup(m => m.IsKerberosAuthentication()).Returns(false); controllerHelperMock.Setup(m => m.IsSmartcartAuthentication()).Returns(false); var authenticationHelperMock = new Mock <IAuthenticationHelper>(); authenticationHelperMock .Setup(m => m.GetClaimsForRequest(It.IsAny <IPrincipal>(), It.IsAny <HttpRequestMessage>())) .Returns(new List <ClaimInfo> { new ClaimInfo { Type = "/identity/claims/e-id/profile/role", Value = "X-UNKNOWN" } }); var mockUserDataAccess = Mock.Of <IUserDataAccess>(); var webCmiConfigProviderMock = new Mock <IWebCmiConfigProvider>(); webCmiConfigProviderMock.Setup(m => m.GetStringSetting(It.IsAny <string>(), It.IsAny <string>())) .Returns((string key, string defaultValue) => defaultValue); var sut = new AuthControllerHelper(null, mockUserDataAccess, controllerHelperMock.Object, authenticationHelperMock.Object, webCmiConfigProviderMock.Object); // act var action = (Action)(() => { sut.IsValidAuthRole("X-UNKNOWN", false); }); // assert action.Should().Throw <ArgumentOutOfRangeException>().WithMessage("*Nicht definiertes Rollen handling*"); }