private HttpContext GetHttpContext(IAntiforgeryFeature antiforgeryFeature = null)
{
var httpContext = new DefaultHttpContext();
antiforgeryFeature = antiforgeryFeature ?? new AntiforgeryFeature();
httpContext.Features.Set(antiforgeryFeature);
httpContext.RequestServices = GetServices();
httpContext.User = new ClaimsPrincipal(new ClaimsIdentity("some-auth"));
return(httpContext);
}
private AntiforgeryMockContext CreateMockContext(
AntiforgeryOptions options,
bool useOldCookie = false,
bool isOldCookieValid = true,
IAntiforgeryFeature antiforgeryFeature = null)
{
// Arrange
var httpContext = GetHttpContext(antiforgeryFeature);
var testTokenSet = GetTokenSet();
var mockSerializer = GetTokenSerializer(testTokenSet);
var mockTokenStore = GetTokenStore(httpContext, testTokenSet, !useOldCookie);
var mockGenerator = new Mock <IAntiforgeryTokenGenerator>(MockBehavior.Strict);
mockGenerator
.Setup(o => o.GenerateRequestToken(
httpContext,
useOldCookie ? testTokenSet.OldCookieToken : testTokenSet.NewCookieToken))
.Returns(testTokenSet.RequestToken);
mockGenerator
.Setup(o => o.GenerateCookieToken())
.Returns(useOldCookie ? testTokenSet.OldCookieToken : testTokenSet.NewCookieToken);
mockGenerator
.Setup(o => o.IsCookieTokenValid(null))
.Returns(false);
mockGenerator
.Setup(o => o.IsCookieTokenValid(testTokenSet.OldCookieToken))
.Returns(isOldCookieValid);
mockGenerator
.Setup(o => o.IsCookieTokenValid(testTokenSet.NewCookieToken))
.Returns(!isOldCookieValid);
return(new AntiforgeryMockContext()
{
Options = options,
HttpContext = httpContext,
TokenGenerator = mockGenerator,
TokenSerializer = mockSerializer,
TokenStore = mockTokenStore,
TestTokenSet = testTokenSet
});
}
private AntiforgeryTokenSet Serialize(IAntiforgeryFeature antiforgeryFeature)
{
// Should only be called after new tokens have been generated.
Debug.Assert(antiforgeryFeature.HaveGeneratedNewCookieToken);
Debug.Assert(antiforgeryFeature.NewRequestToken != null);
if (antiforgeryFeature.NewRequestTokenString == null)
{
antiforgeryFeature.NewRequestTokenString =
_tokenSerializer.Serialize(antiforgeryFeature.NewRequestToken);
}
if (antiforgeryFeature.NewCookieTokenString == null && antiforgeryFeature.NewCookieToken != null)
{
antiforgeryFeature.NewCookieTokenString =
_tokenSerializer.Serialize(antiforgeryFeature.NewCookieToken);
}
return(new AntiforgeryTokenSet(
antiforgeryFeature.NewRequestTokenString,
antiforgeryFeature.NewCookieTokenString !,
_options.FormFieldName,
_options.HeaderName));
}
private AntiforgeryTokenSet Serialize(IAntiforgeryFeature antiforgeryFeature)
{
// Should only be called after new tokens have been generated.
Debug.Assert(antiforgeryFeature.HaveGeneratedNewCookieToken);
Debug.Assert(antiforgeryFeature.NewRequestToken != null);
if (antiforgeryFeature.NewRequestTokenString == null)
{
antiforgeryFeature.NewRequestTokenString =
_tokenSerializer.Serialize(antiforgeryFeature.NewRequestToken);
}
if (antiforgeryFeature.NewCookieTokenString == null && antiforgeryFeature.NewCookieToken != null)
{
antiforgeryFeature.NewCookieTokenString =
_tokenSerializer.Serialize(antiforgeryFeature.NewCookieToken);
}
return new AntiforgeryTokenSet(
antiforgeryFeature.NewRequestTokenString,
antiforgeryFeature.NewCookieTokenString,
_options.FormFieldName,
_options.HeaderName);
}
