public void DoisUnauthorizedResultDiferentesDevemRetornarEqualIgualAFalse()
{
UnauthorizedResult resultDest = new UnauthorizedResult("message");
UnauthorizedResult resultSource = new UnauthorizedResult("other message");
Assert.IsFalse(resultDest.Equals(resultSource));
}
public void TestUnauthorizedResult_should_work_as_expected_with_method_without_arguments()
{
ApiControllerHttpActionResultActionTester actionTester = _controllerTester.Action(x => x.HttpActionResultActionWithoutArguments);
_controller.HttpActionResult = new UnauthorizedResult(Enumerable.Empty <AuthenticationHeaderValue>(), _controller);
UnauthorizedResult result = null;
UnauthorizedResult validatedResult = null;
bool validateWasCalled = false;
Action action = () =>
{
result = actionTester.TestUnauthorizedResult(r =>
{
validatedResult = r;
validateWasCalled = true;
});
};
action.Should().NotThrow();
result.Should().Be(_controller.HttpActionResult);
validateWasCalled.Should().BeTrue();
validatedResult.Should().Be(_controller.HttpActionResult);
_controller.HttpActionResult = _okResult;
action.Should().Throw <ControllerTestException>().WithMessage(
"Expected IHttpActionResult type System.Web.Http.Results.UnauthorizedResult. Actual: System.Web.Http.Results.OkResult.");
}
private IActionResult CreateErrorResult(Result result)
{
ActionResult actionResult;
ModelStateDictionary modelState = GetErrors(result);
ValidationResult res = result.Notifications.FirstOrDefault(x => !x.IsValid);
if (res == null || res.Errors.Count == 0)
{
return(new BadRequestObjectResult(modelState));
}
switch (res.Errors.First().ErrorCode)
{
case nameof(ErrorType.NotFound):
actionResult = new NotFoundObjectResult(modelState);
break;
case nameof(ErrorType.BadRequest):
actionResult = new UnprocessableEntityObjectResult(modelState);
break;
case nameof(ErrorType.Unauthorized):
actionResult = new UnauthorizedResult();
break;
default:
actionResult = new BadRequestObjectResult(modelState);
break;
}
return(actionResult);
}
public void DoisUnauthorizedResultIguaisDevemRetornarEqualIgualATrue()
{
UnauthorizedResult resultDest = new UnauthorizedResult("message");
UnauthorizedResult resultSource = new UnauthorizedResult("message");
Assert.IsTrue(resultDest.Equals(resultSource));
}
private IHttpResponse PrepareResponse(IController controller, IActionResult actionResult)
{
IHttpResponse result = null;
if (actionResult is IViewable)
{
string content = actionResult.Invoke();
result = new HtmlResult(content, HttpResponseStatusCode.OK);
}
else if (actionResult is IRedirectable)
{
string location = actionResult.Invoke();
result = new RedirectResult(location);
}
else if (actionResult is IUnauthorized)
{
string content = actionResult.Invoke();
result = new UnauthorizedResult(content);
}
else
{
result = new BadRequestResult();
}
return(result);
}
public override void OnActionExecuting(ActionExecutingContext context)
{
if (CheckRole(context) == HttpStatusCode.BadRequest)
{
UnauthorizedResult unauthorized = new UnauthorizedResult();
context.Result = unauthorized;
}
else
{
base.OnActionExecuting(context);
}
//// TODO implement some business logic for this...
//if (context.HttpContext.Request.Method.Equals("GET"))
//{
// context.HttpContext.Response.StatusCode = (Int32)HttpStatusCode.BadRequest;
// Microsoft.AspNetCore.Mvc.ModelBinding.ModelStateDictionary modelState = new Microsoft.AspNetCore.Mvc.ModelBinding.ModelStateDictionary();
// modelState.AddModelError("Error", "Not Get");
// Microsoft.AspNetCore.Mvc.BadRequestObjectResult badRequest = new Microsoft.AspNetCore.Mvc.BadRequestObjectResult(modelState);
// context.Result = badRequest;
//}
//else
//{
// base.OnActionExecuting(context);
//}
}
protected override async Task HandleChallengeAsync(AuthenticationProperties properties)
{
Response.StatusCode = 401; // Unauthorized
Response.ContentType = _PROBLEM_DETAILS_CONTENT_TYPE;
var problemDetails = new UnauthorizedResult();
await Response.WriteAsync(JsonSerializer.Serialize(problemDetails));
}
public void UnauthorizedResult_InitializesStatusCode()
{
// Arrange & act
var result = new UnauthorizedResult();
// Assert
Assert.Equal(StatusCodes.Status401Unauthorized, result.StatusCode);
}
protected IViewResult Unauthorized(IViewModel viewModel = null, [CallerMemberName] string action = "")
{
UpdateViewData(viewModel);
string content = ViewEngine.RenderHtml(Name, action, ViewModel.Data);
IRenderable view = new View(content);
IUnauthorizedResult unauthorizedResult = new UnauthorizedResult(view);
return unauthorizedResult;
}
public void DeletePost_GivenWrongUser_ReturnUnauthorized()
{
var postId = 5;
var user = "******"UserId\" : \"sat\"}";
var expected = new UnauthorizedResult();
var actual = (StatusCodeResult)_topicController.DeletePost(postId, user).Result;
Assert.AreEqual(expected.StatusCode, actual.StatusCode);
}
protected IViewable Unauthorized(ViewModel viewModel = null, [CallerMemberName] string action = "")
{
string fullyQualifiedViewName = MvcContext.Get.AppPath
+ Constants.FolderSeparator + MvcContext.Get.ViewsFolderName
+ action + Constants.HtmlFileExtension;
IRenderable view = BuildView(fullyQualifiedViewName, viewModel);
IUnauthorized unauthorizedResult = new UnauthorizedResult(view);
return(unauthorizedResult);
}
public Task OnExceptionAsync(FunctionExceptionContext exceptionContext, CancellationToken cancellationToken)
{
if (exceptionContext.Exception is UnauthorizedAccessException)
{
logger.LogError(exceptionContext.Exception, exceptionContext.Exception.Message);
var r = new UnauthorizedResult();
httpContextAccessor.HttpContext.Response.StatusCode = r.StatusCode;
}
return(Task.CompletedTask);
}
protected async Task <IActionResult> ProcessRequest <T>(Func <Task <T> > func)
{
IActionResult result = null;
if (ModelState.IsValid)
{
try
{
Logger.LogDebug("Processing a request...");
var payload = await func();
result = payload != null
? (IActionResult) new JsonResult(payload, JsonSettings)
: new OkResult();
Logger.LogDebug("Request processing complete.");
}
catch (Exception ex)
{
Logger.LogError(ex, "An exception was caught by the API.\r\nMessage: {0}\r\nStack Trace:\r\n{1}", ex.Message, ex.StackTrace);
if (ex is AggregateException && ex.InnerException != null)
{
ex = ex.InnerException;
}
// if( ex is ValidationFailedException )
// {
// var modelStateDict = _CreateModelStateForValidationFailedException( ex as ValidationFailedException );
// result = new BadRequestObjectResult( modelStateDict );
// }
// else if( ex is UnauthorizedAccessException )
if (ex is UnauthorizedAccessException)
{
result = new UnauthorizedResult();
}
else if (ex is NotFoundException)
{
result = new NotFoundResult();
}
else
{
result = new StatusCodeResult(500);
}
}
}
else
{
result = new BadRequestObjectResult(ModelState);
}
return(result);
}
public IActionResult Login([FromBody] User user)
{
IActionResult result = new UnauthorizedResult();
if (AuthenticationService.TryAuthenticateUser(user, out string token))
{
result = Ok(token);
}
return(result);
}
public async Task TestLoginUser_Failed_Unauthorized()
{
userController = new UserController(mockUserManager.Object, mockSignInManager.Object, mockUserValidator.Object, mockPasswordValidator.Object, mockPasswordHasher.Object);
var loginUserResult = await userController.LoginUser(userHelper.loginModel);
Assert.NotNull(loginUserResult);
UnauthorizedResult result = loginUserResult as UnauthorizedResult;
Assert.NotNull(result);
Assert.AreEqual(401, result.StatusCode);
}
public override void OnActionExecuting(ActionExecutingContext context)
{
var isValid = false;
//write my validation and authorization logic here
if (!isValid)
{
var unauthResult = new UnauthorizedResult();
context.Result = unauthResult;
}
base.OnActionExecuting(context);
}
public static bool TryParseBasicAuthentication(string authorization,
[NotNullWhen(false)] out IActionResult?failure,
[NotNullWhen(true)] out string?username,
[NotNullWhen(true)] out string?password)
{
username = null;
password = null;
if (!authorization.StartsWith("Basic "))
{
failure = new UnauthorizedResult();
return(false);
}
var split = Base64Util.Utf8Base64ToString(authorization[6..]).Split(':');
public dynamic Post([FromBody] LoginViewmodel login)
{
IActionResult response = new UnauthorizedResult();
var user = Authenticate(login);
if (user != null)
{
var tokenString = BuildToken(user);
//response = new OkResult(tokenString);
response = new OkResult();
}
return(response);
}
public async Task ChallengeAsync(HttpAuthenticationChallengeContext context, CancellationToken cancellationToken)
{
var response = await context.Result.ExecuteAsync(cancellationToken);
if (response.StatusCode == HttpStatusCode.Unauthorized)
{
// Add challenge to header
var errorResult = new UnauthorizedResult(new List <AuthenticationHeaderValue> {
new AuthenticationHeaderValue("Basic")
}, new HttpRequestMessage());
context.Result = errorResult;
}
return;
}
public IActionResult Login([FromBody] SignInModel singIn)
{
SignInModel signInModel = new SignInModel()
{
Login = singIn.Login,
Password = singIn.Password
};
IActionResult response = new UnauthorizedResult();
var user = AuthenticateUser(signInModel);
if (user != null)
{
var tokenStr = GenerateJSONWebToken(user);
response = Ok(new { token = tokenStr });
}
return(response);
}
private IActionResult AuthorizationCheck(ActionExecutingContext context)
{
IActionResult result = null;
ControllerBase controller = context.Controller as ControllerBase;
if (controller?.User != null)
{
if (controller.User.Claims.Count() > 0)
{
if (_Context.IsTokenBlackList(_Context.GetCurrentToken(controller.Request)))
{
result = new UnauthorizedResult();
}
}
}
return(result);
}
public IActionResult Login(string username, string pass)
{
UserModel login = new UserModel();
login.UserName = username;
login.Password = pass;
IActionResult response = new UnauthorizedResult();
var user = AuthenticateUser(login);
if (user != null)
{
var tokenStr = GenerateJSONWebToken(user);
response = new OkObjectResult(new { token = tokenStr });
}
return(response);
}
public async Task TestLoginUser_Failed_Unauthorized2()
{
mockUserManager.Setup(x => x.FindByEmailAsync(userHelper.user.Email))
.Returns(Task.FromResult(userHelper.user));
mockUserManager.Setup(x => x.FindByNameAsync(userHelper.user.UserName))
.Returns(Task.FromResult(userHelper.user));
mockSignInManager.Setup(x => x.PasswordSignInAsync(It.IsAny <User>(), It.IsAny <string>(), It.IsAny <bool>(),
It.IsAny <bool>())).Returns(Task.FromResult(SignInResult.Failed));
mockSignInManager.Setup(x => x.SignOutAsync());
userController = new UserController(mockUserManager.Object, mockSignInManager.Object, mockUserValidator.Object, mockPasswordValidator.Object, mockPasswordHasher.Object);
var loginUserResult = await userController.LoginUser(userHelper.loginModel);
Assert.NotNull(loginUserResult);
UnauthorizedResult result = loginUserResult as UnauthorizedResult;
Assert.NotNull(result);
Assert.AreEqual(401, result.StatusCode);
}
public async Task Reserve_ReturnUnAuthorized()
{
// Act
controller.ControllerContext = new ControllerContext();
ReservationTimeSlot timeSlot = new ReservationTimeSlot()
{
startReservation = new DateTime(2021, 1, 1, 12, 0, 0),
endReservation = new DateTime(2021, 1, 1, 13, 0, 0),
licensePlateNumber = "AA-12-AA"
};
var result = await controller.Reservation(timeSlot);
// Assert
UnauthorizedResult actionResult = Assert.IsType <UnauthorizedResult>(result.Result);
Assert.NotNull(actionResult);
Dispose();
}
public IActionResult Excute()
{
//Customer login = new Customer();
//login.UserName = CustomerLogin.UserName;
//login.Password = CustomerLogin.Password;
IActionResult response = new UnauthorizedResult();
Customer customer = SecurityUtils.AuthenticateCustomer(CustomerLogin);
if (customer != null)
{
var tokenStr = SecurityUtils.GenerateJSONWebToken(customer);
response = new OkObjectResult(new { token = tokenStr, user = customer });
}
else
{
//return StatusCode(403);
return(new StatusCodeResult(403));
}
return(response);
}
public void ImplicitOperatorTests()
{
// Arrange
var result = new OperationResult <Value>();
// Act
OperationResult <Value> fromBadRequest = new BadRequestResult();
OperationResult <Value> fromConflict = new ConflictResult();
OperationResult <Value> fromNoContent = new NoContentResult();
OperationResult <Value> fromNotFound = new NotFoundResult();
OperationResult <Value> fromOk = new OkResult();
OperationResult <Value> fromUnauthorized = new UnauthorizedResult();
OperationResult <Value> fromUnprocessableEntity = new UnprocessableEntityResult();
OperationResult <Value> unsupportedMediaType = new UnprocessableEntityResult();
Assert.NotNull(fromBadRequest);
Assert.NotNull(fromConflict);
Assert.NotNull(fromNoContent);
Assert.NotNull(fromNotFound);
Assert.NotNull(fromOk);
Assert.NotNull(fromUnauthorized);
Assert.NotNull(fromUnprocessableEntity);
Assert.NotNull(unsupportedMediaType);
}
public TestUnauthorizedResult(UnauthorizedResult innerResult)
: base(innerResult)
{
}
private void HandleUnauthorizedRequest(ActionExecutingContext actionContext)
{
var unAthuorized = new UnauthorizedResult();
actionContext.Result = unAthuorized;
}
public override UnauthorizedResult Unauthorized()
{
var result = new UnauthorizedResult();
return(result);
}
public static IEndpointConventionBuilder UseFilteredAutoForeignKeys(this IEndpointRouteBuilder builder, string explicitTenantParam, bool forAreas, bool withAuthorization = true)
{
bool forExplicitTenants = !string.IsNullOrEmpty(explicitTenantParam);
ContextExtensions.Init();
RequestDelegate dlg = async context =>
{
//{{connection:regex(^[\\w_]+$)}}/{{table:regex(^[\\w_]+$)}}
RouteData routeData = context.GetRouteData();
ActionDescriptor actionDescriptor = new ActionDescriptor();
ActionContext actionContext = new ActionContext(context, routeData, actionDescriptor);
var ok = !withAuthorization || context.RequestServices.VerifyCurrentUser();
if (ok)
{
if (context.Request.RouteValues.ContainsKey("dataResolveHint"))
{
var baseHint = ((string)context.Request.RouteValues["dataResolveHint"])?.Split("/")
.Select(n => HttpUtility.UrlDecode(n)).ToArray();
if (baseHint is { Length : 2 })
{
string area = null;
if (context.Request.RouteValues.ContainsKey("area"))
{
area = (string)context.Request.RouteValues["area"];
}
var connection =
RegexValidate(baseHint[0], "^[\\w_]+$")
? baseHint[0]
: null; //(string) context.Request.RouteValues["connection"];
var dbContext = context.RequestServices.ContextForFkQuery(connection, area);
if (dbContext != null)
{
var table = RegexValidate(baseHint[1], dbContext.CustomFkSettings?.CustomTableValidation ?? "^[\\w_]+$")
? baseHint[1]
: null; //(string) context.Request.RouteValues["table"];
FormReader former = new FormReader(context.Request.Body);
var formsDictionary = await former.ReadFormAsync();
//LogEnvironment.LogEvent(Stringify(formsDictionary), LogSeverity.Report);
var newDic = TranslateForm(formsDictionary, true);
JsonResult result = null;
bool authorized = true;
try
{
result = new JsonResult(dbContext.ReadForeignKey(table, postedFilter: newDic)
.ToDummyDataSourceResult());
}
catch (SecurityException)
{
authorized = false;
}
if (authorized)
{
await result.ExecuteResultAsync(actionContext);
return;
}
UnauthorizedResult ill = new UnauthorizedResult();
await ill.ExecuteResultAsync(actionContext);
return;
}
}
}
public IActionResult CreateAccessToken([FromForm] OAuthTokenRequest tokenRequest)
{
IActionResult result = null;
if (string.Compare(tokenRequest.grant_type, "password", true) == 0)
{
Model.AccessKey accessKey = BusinessLogicFactory.AccessKeys.GetAccessKey(tokenRequest.username);
if (accessKey != null)
{
if (string.Compare(tokenRequest.password, accessKey.Secret) == 0)
{
OAuthToken token = CreateOAuthToken(accessKey.OrganisationID);
result = new ObjectResult(token)
{
StatusCode = (int)HttpStatusCode.Created
};
}
else
{
_logger.LogDebug($"Incorrect Secret for Organisation {accessKey.OrganisationID} with access key: {accessKey.Name}");
result = new UnauthorizedResult();
}
}
else
{
_logger.LogDebug($"No organisation with key: {tokenRequest.username}");
result = new UnauthorizedResult();
}
}
else if (string.Compare(tokenRequest.grant_type, "refresh_token", true) == 0)
{
OrganisationSecurityTokenHandler handler = _AuthOptions.SecurityTokenValidators.OfType <OrganisationSecurityTokenHandler>().FirstOrDefault();
JwtSecurityToken securityToken = handler.ReadJwtToken(tokenRequest.refresh_token);
if (securityToken != null)
{
Claim organisationClaim = securityToken.Claims.ToList().Find(c => c.Type.Equals(OrganisationIdentity.OrganisationClaim));
Claim refreshTokenClaim = securityToken.Claims.ToList().Find(c => c.Type.Equals(RefreshTokenClaim));
if (organisationClaim != null && refreshTokenClaim != null && refreshTokenClaim.Value.Equals(RefreshTokenExists))
{
int organisationID;
if (int.TryParse(organisationClaim.Value, out organisationID) && organisationID > 0)
{
OAuthToken token = CreateOAuthToken(organisationID);
result = new ObjectResult(token)
{
StatusCode = (int)HttpStatusCode.Created
};
}
else
{
_logger.LogDebug($"Failed to parse organisationID in refresh token: {tokenRequest.refresh_token}");
result = new BadRequestResult();
}
}
else
{
_logger.LogDebug($"Refresh token does not have expected claims: {tokenRequest.refresh_token}");
result = new BadRequestResult();
}
}
else
{
_logger.LogDebug($"Invalid refresh token: {tokenRequest.refresh_token}");
result = new BadRequestResult();
}
}
else
{
result = new BadRequestResult();
}
return(result);
}
public void BeUnauthorizedResult_GivenUnauthorized_ShouldPass()
{
ActionResult result = new UnauthorizedResult();
result.Should().BeUnauthorizedResult();
}
