public async Task ChallengeAsync_AddsAuthenticationType_WhenOwinChallengeAlreadyExists()
{
// Arrange
string expectedAuthenticationType = "AuthenticationType";
IAuthenticationFilter filter = CreateProductUnderTest(expectedAuthenticationType);
IHttpActionResult result = CreateDummyActionResult();
string originalAuthenticationType = "FirstChallenge";
AuthenticationProperties originalExtra = CreateExtra();
AuthenticationResponseChallenge originalChallenge = new AuthenticationResponseChallenge(
new string[] { originalAuthenticationType }, originalExtra);
IAuthenticationManager authenticationManager = CreateAuthenticationManager(originalChallenge);
IOwinContext owinContext = CreateOwinContext(authenticationManager);
using (HttpRequestMessage request = CreateRequest(owinContext))
{
HttpAuthenticationChallengeContext context = CreateChallengeContext(request, result);
// Act
await filter.ChallengeAsync(context, CancellationToken.None);
}
// Assert
AuthenticationResponseChallenge challenge = authenticationManager.AuthenticationResponseChallenge;
Assert.NotNull(challenge);
string[] authenticationTypes = challenge.AuthenticationTypes;
Assert.NotNull(authenticationTypes);
Assert.Equal(2, authenticationTypes.Length);
Assert.Same(originalAuthenticationType, authenticationTypes[0]);
Assert.Same(expectedAuthenticationType, authenticationTypes[1]);
AuthenticationProperties extra = challenge.Properties;
Assert.Same(originalExtra, extra);
}
public async Task ChallengeAsync_CreatesOwinChallengeWithAuthenticationType_WhenNoChallengeExists()
{
// Arrange
string expectedAuthenticationType = "AuthenticationType";
IAuthenticationFilter filter = CreateProductUnderTest(expectedAuthenticationType);
IHttpActionResult result = CreateDummyActionResult();
IAuthenticationManager authenticationManager = CreateAuthenticationManager(
(AuthenticationResponseChallenge)null);
IOwinContext owinContext = CreateOwinContext(authenticationManager);
using (HttpRequestMessage request = CreateRequest(owinContext))
{
HttpAuthenticationChallengeContext context = CreateChallengeContext(request, result);
// Act
await filter.ChallengeAsync(context, CancellationToken.None);
}
// Assert
AuthenticationResponseChallenge challenge = authenticationManager.AuthenticationResponseChallenge;
Assert.NotNull(challenge);
string[] authenticationTypes = challenge.AuthenticationTypes;
Assert.NotNull(authenticationTypes);
Assert.Equal(1, authenticationTypes.Length);
Assert.Same(expectedAuthenticationType, authenticationTypes[0]);
AuthenticationProperties extra = challenge.Properties;
Assert.NotNull(extra);
}
public async Task ChallengeAsync_Traces()
{
// Arrange
CancellationToken cancellationToken = CreateCancellationToken();
IAuthenticationFilter filter = CreateStubFilter();
TraceRecord record = null;
ITraceWriter tracer = CreateTracer((r) => { record = r; });
IAuthenticationFilter product = CreateProductUnderTest(filter, tracer);
IHttpActionResult innerResult = CreateDummyActionResult();
using (HttpRequestMessage expectedRequest = CreateRequest())
{
HttpAuthenticationChallengeContext context = CreateChallengeContext(expectedRequest, innerResult);
// Act
await product.ChallengeAsync(context, cancellationToken);
// Assert
Assert.NotNull(record);
Assert.Same(expectedRequest, record.Request);
Assert.Same(TraceCategories.FiltersCategory, record.Category);
Assert.Equal(TraceLevel.Info, record.Level);
Assert.Equal(TraceKind.End, record.Kind);
Assert.Equal(filter.GetType().Name, record.Operator);
Assert.Equal("ChallengeAsync", record.Operation);
Assert.Null(record.Exception);
Assert.Null(record.Message);
}
}
/// <inheritdoc />
public Task ChallengeAsync(
HttpAuthenticationChallengeContext context,
CancellationToken cancellationToken
)
{
return(_innerFilter.ChallengeAsync(context, cancellationToken));
}
public void ChallengeAsync_DelegatesToInnerFilter()
{
// Arrange
HttpAuthenticationChallengeContext expectedChallengeContext = CreateChallengeContext();
CancellationToken expectedCancellationToken = CreateCancellationToken();
IHttpActionResult expectedInnerResult = CreateDummyActionResult();
IHttpActionResult expectedResult = CreateDummyActionResult();
Mock <IAuthenticationFilter> mock = new Mock <IAuthenticationFilter>();
int calls = 0;
mock.Setup(f => f.ChallengeAsync(expectedChallengeContext, expectedCancellationToken))
.Callback(() => { calls++; })
.Returns(() => Task.FromResult(expectedResult));
IAuthenticationFilter filter = mock.Object;
ITraceWriter tracer = CreateStubTracer();
IAuthenticationFilter product = CreateProductUnderTest(filter, tracer);
// Act
Task task = product.ChallengeAsync(expectedChallengeContext, expectedCancellationToken);
// Assert
Assert.NotNull(task);
task.Wait();
Assert.Equal(1, calls);
}
public Task ChallengeAsync_Throws_WhenContextIsNull()
{
// Arrange
IAuthenticationFilter filter = CreateProductUnderTest();
// Act & Assert
return(Assert.ThrowsArgumentNullAsync(() => filter.ChallengeAsync(null, CancellationToken.None), "context"));
}
public void ChallengeAsync_Throws_WhenContextIsNull()
{
// Arrange
IAuthenticationFilter filter = CreateProductUnderTest();
// Act & Assert
Assert.ThrowsArgumentNull(() =>
{
filter.ChallengeAsync(null, CancellationToken.None).ThrowIfFaulted();
}, "context");
}
public Task ChallengeAsync_Throws_WhenRequestIsNull()
{
// Arrange
IAuthenticationFilter filter = CreateProductUnderTest();
IHttpActionResult result = CreateDummyActionResult();
HttpAuthenticationChallengeContext context = new HttpAuthenticationChallengeContext(
new HttpActionContext(), result);
Assert.Null(context.Request);
// Act & Assert
return(Assert.ThrowsAsync <InvalidOperationException>(
() => filter.ChallengeAsync(context, CancellationToken.None),
"HttpAuthenticationChallengeContext.Request must not be null."));
}
public async Task <HttpResponseMessage> ExecuteAsync(CancellationToken cancellationToken)
{
IHttpActionResult result = _innerResult;
IPrincipal originalPrincipal = _principalService.GetCurrentPrincipal(_request);
HttpAuthenticationContext authenticationContext = new HttpAuthenticationContext(_context,
originalPrincipal);
for (int i = 0; i < _filters.Length; i++)
{
IAuthenticationFilter filter = _filters[i];
await filter.AuthenticateAsync(authenticationContext, cancellationToken);
IHttpActionResult error = authenticationContext.ErrorResult;
// Short-circuit on the first authentication filter to provide an error result.
if (error != null)
{
result = error;
break;
}
}
IPrincipal newPrincipal = authenticationContext.Principal;
if (newPrincipal != originalPrincipal)
{
_principalService.SetCurrentPrincipal(newPrincipal, _request);
}
_controller.User = newPrincipal;
// Run challenge on all filters (passing the result of each into the next). If a filter failed, the
// challenges run on the failure result. If no filter failed, the challenges run on the original inner
// result.
HttpAuthenticationChallengeContext challengeContext = new HttpAuthenticationChallengeContext(_context,
result);
for (int i = 0; i < _filters.Length; i++)
{
IAuthenticationFilter filter = _filters[i];
await filter.ChallengeAsync(challengeContext, cancellationToken);
}
Contract.Assert(challengeContext.Result != null);
result = challengeContext.Result;
return(await result.ExecuteAsync(cancellationToken));
}
public async Task ChallengeAsync_Throws_WhenOwinContextIsNull()
{
// Arrange
IAuthenticationFilter filter = CreateProductUnderTest();
IHttpActionResult result = CreateDummyActionResult();
using (HttpRequestMessage request = CreateRequest())
{
HttpAuthenticationChallengeContext context = CreateChallengeContext(request, result);
// Act & Assert
await Assert.ThrowsAsync <InvalidOperationException>(
() => filter.ChallengeAsync(context, CancellationToken.None),
"No OWIN authentication manager is associated with the request.");
}
}
public async Task ChallengeAsync_Traces_WhenContextIsNull()
{
// Arrange
CancellationToken cancellationToken = CreateCancellationToken();
IAuthenticationFilter filter = CreateStubFilter();
TraceRecord record = null;
ITraceWriter tracer = CreateTracer((r) => { record = r; });
IAuthenticationFilter product = CreateProductUnderTest(filter, tracer);
HttpAuthenticationChallengeContext context = null;
// Act
await product.ChallengeAsync(context, cancellationToken);
// Assert
Assert.NotNull(record);
Assert.Null(record.Request);
}
public void ChallengeAsync_DelegatesToInnerFilter()
{
// Arrange
Task expectedTask = CreateTask();
HttpAuthenticationChallengeContext context = CreateChallengeContext();
CancellationToken cancellationToken = CreateCancellationToken();
Mock <IAuthenticationFilter> spyMock = new Mock <IAuthenticationFilter>(MockBehavior.Strict);
spyMock.Setup(f => f.ChallengeAsync(context, cancellationToken)).Returns(expectedTask);
IAuthenticationFilter spy = spyMock.Object;
IAuthenticationFilter product = CreateProductUnderTest(spy);
// Act
Task task = product.ChallengeAsync(context, cancellationToken);
// Assert
Assert.Same(expectedTask, task);
}
public void ChallengeAsync_Throws_WhenOwinContextIsNull()
{
// Arrange
IAuthenticationFilter filter = CreateProductUnderTest();
IHttpActionResult result = CreateDummyActionResult();
using (HttpRequestMessage request = CreateRequest())
{
HttpAuthenticationChallengeContext context = CreateChallengeContext(request, result);
// Act & Assert
InvalidOperationException exception = Assert.Throws <InvalidOperationException>(() =>
{
filter.ChallengeAsync(context, CancellationToken.None).ThrowIfFaulted();
});
Assert.Equal("No OWIN authentication manager is associated with the request.", exception.Message);
}
}
public void ChallengeAsync_Throws_WhenRequestIsNull()
{
// Arrange
IAuthenticationFilter filter = CreateProductUnderTest();
IHttpActionResult result = CreateDummyActionResult();
HttpAuthenticationChallengeContext context = new HttpAuthenticationChallengeContext(
new HttpActionContext(), result);
Assert.Null(context.Request);
// Act & Assert
InvalidOperationException exception = Assert.Throws <InvalidOperationException>(() =>
{
filter.ChallengeAsync(context, CancellationToken.None).ThrowIfFaulted();
});
Assert.Equal("HttpAuthenticationChallengeContext.Request must not be null.", exception.Message);
}
public async Task ChallengeAsync_DoesntCrash()
{
await m_authenticationFilter
.ChallengeAsync(null, new CancellationToken())
.SafeAsync();
}
public async Task ChallengeAsync_DoesntCrash()
{
await m_authenticationFilter
.ChallengeAsync(null, new CancellationToken())
.ConfigureAwait(false);
}