public async Task OnValidateIdentityThrowsWithEmptyServiceCollection() { var httpContext = new Mock <HttpContext>(); httpContext.Setup(c => c.RequestServices).Returns(new ServiceCollection().BuildServiceProvider()); var id = new ClaimsIdentity(IdentityOptions.ApplicationCookieAuthenticationType); var ticket = new AuthenticationTicket(id, new AuthenticationProperties { IssuedUtc = DateTimeOffset.UtcNow }); var context = new CookieValidateIdentityContext(httpContext.Object, ticket, new CookieAuthenticationOptions()); var ex = await Assert.ThrowsAsync <InvalidOperationException>(() => SecurityStampValidator.ValidateIdentityAsync(context)); Assert.True(ex.Message.Contains("No service for type 'Microsoft.Framework.OptionsModel.IOptions")); }
public async Task OnValidateIdentityTestSuccess(bool isPersistent) { var user = new IdentityUser("test"); var userManager = MockHelpers.MockUserManager <IdentityUser>(); var claimsManager = new Mock <IClaimsIdentityFactory <IdentityUser> >(); var identityOptions = new IdentityOptions { SecurityStampValidationInterval = TimeSpan.Zero }; var options = new Mock <IOptions <IdentityOptions> >(); options.Setup(a => a.Options).Returns(identityOptions); var httpContext = new Mock <HttpContext>(); var contextAccessor = new Mock <IContextAccessor <HttpContext> >(); contextAccessor.Setup(a => a.Value).Returns(httpContext.Object); var signInManager = new Mock <SignInManager <IdentityUser> >(userManager.Object, contextAccessor.Object, claimsManager.Object, options.Object); signInManager.Setup(s => s.ValidateSecurityStampAsync(It.IsAny <ClaimsIdentity>(), user.Id, CancellationToken.None)).ReturnsAsync(user).Verifiable(); signInManager.Setup(s => s.SignInAsync(user, isPersistent, null, CancellationToken.None)).Returns(Task.FromResult(0)).Verifiable(); var services = new ServiceCollection(); services.AddInstance(options.Object); services.AddInstance(signInManager.Object); services.AddInstance <ISecurityStampValidator>(new SecurityStampValidator <IdentityUser>()); httpContext.Setup(c => c.RequestServices).Returns(services.BuildServiceProvider()); var id = new ClaimsIdentity(IdentityOptions.ApplicationCookieAuthenticationType); id.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id)); var ticket = new AuthenticationTicket(id, new AuthenticationProperties { IssuedUtc = DateTimeOffset.UtcNow, IsPersistent = isPersistent }); var context = new CookieValidateIdentityContext(httpContext.Object, ticket, new CookieAuthenticationOptions()); Assert.NotNull(context.Properties); Assert.NotNull(context.Options); Assert.NotNull(context.Identity); await SecurityStampValidator.ValidateIdentityAsync(context); Assert.NotNull(context.Identity); signInManager.VerifyAll(); }
public async Task OnValidateIdentityDoesNotRejectsWhenNotExpired() { var user = new IdentityUser("test"); var httpContext = new Mock <HttpContext>(); var userManager = MockHelpers.MockUserManager <IdentityUser>(); var claimsManager = new Mock <IClaimsIdentityFactory <IdentityUser> >(); var identityOptions = new IdentityOptions { SecurityStampValidationInterval = TimeSpan.FromDays(1) }; var options = new Mock <IOptions <IdentityOptions> >(); options.Setup(a => a.Options).Returns(identityOptions); var contextAccessor = new Mock <IContextAccessor <HttpContext> >(); contextAccessor.Setup(a => a.Value).Returns(httpContext.Object); var signInManager = new Mock <SignInManager <IdentityUser> >(userManager.Object, contextAccessor.Object, claimsManager.Object, options.Object); signInManager.Setup(s => s.ValidateSecurityStampAsync(It.IsAny <ClaimsIdentity>(), user.Id, CancellationToken.None)).Throws(new Exception("Shouldn't be called")); signInManager.Setup(s => s.SignInAsync(user, false, null, CancellationToken.None)).Throws(new Exception("Shouldn't be called")); var services = new ServiceCollection(); services.AddInstance(options.Object); services.AddInstance(signInManager.Object); services.AddInstance <ISecurityStampValidator>(new SecurityStampValidator <IdentityUser>()); httpContext.Setup(c => c.RequestServices).Returns(services.BuildServiceProvider()); var id = new ClaimsIdentity(IdentityOptions.ApplicationCookieAuthenticationType); id.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id)); var ticket = new AuthenticationTicket(id, new AuthenticationProperties { IssuedUtc = DateTimeOffset.UtcNow }); var context = new CookieValidateIdentityContext(httpContext.Object, ticket, new CookieAuthenticationOptions()); Assert.NotNull(context.Properties); Assert.NotNull(context.Options); Assert.NotNull(context.Identity); await SecurityStampValidator.ValidateIdentityAsync(context); Assert.NotNull(context.Identity); }