public void Login_ignores_return_url_if_it_is_not_valid([Frozen] ILoginLogoutManager loginLogoutManager,
[Frozen] IValidatesRedirectUrls redirectValidator,
Agiil.Web.Models.Auth.LoginCredentials credentials,
string username,
[NoAutoProperties] LoginController sut)
{
// Arrange
Mock.Get(loginLogoutManager)
.Setup(x => x.AttemptLogin(It.IsAny <ILoginRequest>()))
.Returns(new LoginResult(username));
credentials.ReturnUrl = "/Sample/Url";
Mock.Get(redirectValidator)
.Setup(x => x.IsValid(It.IsAny <string>()))
.Returns(false);
// Act
var result = sut.Login(credentials);
// Assert
Assert.IsInstanceOf <RedirectToRouteResult>(result, "Result is a redirect-to-URL");
var redirect = (RedirectToRouteResult)result;
Assert.AreEqual("Login", redirect.RouteValues["controller"], "Correct controller");
Assert.AreEqual(nameof(LoginController.Index), redirect.RouteValues["action"], "Correct action");
}
public void Login_redirects_to_return_url_after_successful_login([Frozen] ILoginLogoutManager loginLogoutManager,
[Frozen] IValidatesRedirectUrls redirectValidator,
Agiil.Web.Models.Auth.LoginCredentials credentials,
string username,
[NoAutoProperties] LoginController sut)
{
// Arrange
Mock.Get(loginLogoutManager)
.Setup(x => x.AttemptLogin(It.IsAny <ILoginRequest>()))
.Returns(new LoginResult(username));
credentials.ReturnUrl = "/Sample/Url";
Mock.Get(redirectValidator)
.Setup(x => x.IsValid(It.IsAny <string>()))
.Returns(true);
// Act
var result = sut.Login(credentials);
// Assert
Assert.IsInstanceOf <RedirectResult>(result, "Result is a redirect-to-URL");
var redirect = (RedirectResult)result;
Assert.AreEqual("/Sample/Url", redirect.Url, "Correct URL");
Assert.IsFalse(redirect.Permanent, "Non-permanent redirect");
}
public LoginController(LoginRequestCreator loginRequestCreator,
ILoginLogoutManager loginLogoutManager,
IValidatesRedirectUrls redirectUriValidator)
{
if (redirectUriValidator == null)
{
throw new ArgumentNullException(nameof(redirectUriValidator));
}
if (loginLogoutManager == null)
{
throw new ArgumentNullException(nameof(loginLogoutManager));
}
if (loginRequestCreator == null)
{
throw new ArgumentNullException(nameof(loginRequestCreator));
}
this.redirectUriValidator = redirectUriValidator;
this.loginRequestCreator = loginRequestCreator;
this.loginLogoutManager = loginLogoutManager;
}
