public void ShouldNotAuthPatientReadAsUserDelegationDisabled()
{
// Setup
string hdid = "The User HDID";
string resourceHDID = hdid;
string token = "Fake Access Token";
string userId = "User ID";
string username = "******";
string scopes = "system/Patient.read";
List <Claim> claims = new List <Claim>()
{
new Claim(ClaimTypes.Name, username),
new Claim(ClaimTypes.NameIdentifier, userId),
new Claim(GatewayClaims.Scope, scopes),
};
ClaimsIdentity identity = new ClaimsIdentity(claims, "TestAuth");
ClaimsPrincipal claimsPrincipal = new ClaimsPrincipal(identity);
IHeaderDictionary headerDictionary = new HeaderDictionary();
headerDictionary.Add("Authorization", token);
RouteValueDictionary routeValues = new RouteValueDictionary();
routeValues.Add("hdid", resourceHDID);
Mock <HttpRequest> httpRequestMock = new Mock <HttpRequest>();
httpRequestMock.Setup(s => s.Headers).Returns(headerDictionary);
httpRequestMock.Setup(s => s.RouteValues).Returns(routeValues);
Mock <HttpContext> httpContextMock = new Mock <HttpContext>();
httpContextMock.Setup(s => s.User).Returns(claimsPrincipal);
httpContextMock.Setup(s => s.Request).Returns(httpRequestMock.Object);
Mock <IHttpContextAccessor> httpContextAccessorMock = new Mock <IHttpContextAccessor>();
httpContextAccessorMock.Setup(s => s.HttpContext).Returns(httpContextMock.Object);
using ILoggerFactory loggerFactory = LoggerFactory.Create(builder => builder.AddConsole());
ILogger <FhirResourceDelegateAuthorizationHandler> logger =
loggerFactory.CreateLogger <FhirResourceDelegateAuthorizationHandler>();
FhirResourceDelegateAuthorizationHandler authHandler = new FhirResourceDelegateAuthorizationHandler(
logger,
this.GetConfiguration(),
httpContextAccessorMock.Object,
new Mock <IPatientService>().Object,
new Mock <IResourceDelegateDelegate>().Object
);
var requirements = new[] { new FhirRequirement(FhirResource.Patient, FhirAccessType.Read, supportsUserDelegation: false) };
AuthorizationHandlerContext context = new AuthorizationHandlerContext(requirements, claimsPrincipal, null);
authHandler.HandleAsync(context);
Assert.False(context.HasSucceeded);
Assert.False(context.HasFailed);
}
public void ShouldNotAuthExpiredDelegate()
{
string hdid = "The User HDID";
string resourceHDID = "The Resource HDID";
string token = "Fake Access Token";
string userId = "User ID";
string username = "******";
string scopes = "user/Observation.read";
List <Claim> claims = new List <Claim>()
{
new Claim(ClaimTypes.Name, username),
new Claim(ClaimTypes.NameIdentifier, userId),
new Claim(GatewayClaims.HDID, hdid),
new Claim(GatewayClaims.Scope, scopes),
};
ClaimsIdentity identity = new ClaimsIdentity(claims, "TestAuth");
ClaimsPrincipal claimsPrincipal = new ClaimsPrincipal(identity);
PatientModel patientModel = new PatientModel()
{
Birthdate = DateTime.Now
.AddYears(MaxDependentAge * -1)
};
RequestResult <PatientModel> getPatientResult =
new RequestResult <PatientModel>(patientModel, ResultType.Success);
IHeaderDictionary headerDictionary = new HeaderDictionary();
headerDictionary.Add("Authorization", token);
RouteValueDictionary routeValues = new RouteValueDictionary();
routeValues.Add("hdid", resourceHDID);
Mock <HttpRequest> httpRequestMock = new Mock <HttpRequest>();
httpRequestMock.Setup(s => s.Headers).Returns(headerDictionary);
httpRequestMock.Setup(s => s.RouteValues).Returns(routeValues);
Mock <HttpContext> httpContextMock = new Mock <HttpContext>();
httpContextMock.Setup(s => s.User).Returns(claimsPrincipal);
httpContextMock.Setup(s => s.Request).Returns(httpRequestMock.Object);
Mock <IHttpContextAccessor> httpContextAccessorMock = new Mock <IHttpContextAccessor>();
httpContextAccessorMock.Setup(s => s.HttpContext).Returns(httpContextMock.Object);
using ILoggerFactory loggerFactory = LoggerFactory.Create(builder => builder.AddConsole());
ILogger <FhirResourceDelegateAuthorizationHandler> logger = loggerFactory.CreateLogger <FhirResourceDelegateAuthorizationHandler>();
Mock <IResourceDelegateDelegate> mockDependentDelegate = new Mock <IResourceDelegateDelegate>();
mockDependentDelegate.Setup(s => s.Exists(resourceHDID, hdid)).Returns(true);
Mock <IPatientService> mockPatientService = new Mock <IPatientService>();
mockPatientService
.Setup(s => s.GetPatient(resourceHDID, PatientIdentifierType.HDID))
.ReturnsAsync(getPatientResult);
FhirResourceDelegateAuthorizationHandler authHandler = new FhirResourceDelegateAuthorizationHandler(
logger,
this.GetConfiguration(),
httpContextAccessorMock.Object,
mockPatientService.Object,
mockDependentDelegate.Object
);
var requirements = new[] { new FhirRequirement(FhirResource.Observation, FhirAccessType.Read, supportsUserDelegation: true) };
AuthorizationHandlerContext context = new AuthorizationHandlerContext(requirements, claimsPrincipal, null);
authHandler.HandleAsync(context);
Assert.False(context.HasSucceeded);
Assert.False(context.HasFailed);
}
