public async Task fails_when_missing_claim()
        {
            _settings.AddPolicy("MyPolicy", builder => builder.RequireClaim("Admin"));

            var result = await _evaluator.Evaluate(
                ValidationTestBase.CreatePrincipal(),
                null,
                null,
                new[] { "MyPolicy" }
                );

            result.Succeeded.ShouldBeFalse();
        }
        public async Task no_errors_when_authenticated()
        {
            var req = new AuthenticatedUserRequirement();

            var context = new AuthorizationContext
            {
                User = ValidationTestBase.CreatePrincipal("jwt")
            };

            await req.Authorize(context);

            context.HasErrors.ShouldBeFalse();
        }
        public async Task produces_error_when_missing_claim_with_multiple_values()
        {
            var req = new ClaimAuthorizationRequirement("Admin", "true", "maybe");

            var context = new AuthorizationContext
            {
                User = ValidationTestBase.CreatePrincipal()
            };

            await req.Authorize(context);

            context.HasErrors.ShouldBeTrue();
            context.Errors.Single().ShouldBe("Required claim 'Admin' with any value of 'true, maybe' is not present.");
        }
        public async Task produces_error_when_not_authenticated()
        {
            var req = new AuthenticatedUserRequirement();

            var context = new AuthorizationContext
            {
                User = ValidationTestBase.CreatePrincipal()
            };

            await req.Authorize(context);

            context.HasErrors.ShouldBeTrue();
            context.Errors.Single().ShouldBe("An authenticated user is required.");
        }
        public async Task succeeds_when_claim_with_multiple_values()
        {
            var req = new ClaimAuthorizationRequirement("Admin", "true", "maybe");

            var context = new AuthorizationContext
            {
                User = ValidationTestBase.CreatePrincipal(claims: new Dictionary <string, string> {
                    { "Admin", "maybe" }
                })
            };

            await req.Authorize(context);

            context.HasErrors.ShouldBeFalse();
        }
        public async Task succeeds_with_claim_value()
        {
            _settings.AddPolicy("MyPolicy", builder => builder.RequireClaim("Admin", "true"));

            var result = await _evaluator.Evaluate(
                ValidationTestBase.CreatePrincipal(claims: new Dictionary <string, string>
            {
                { "Admin", "true" }
            }),
                null,
                null,
                new[] { "MyPolicy" }
                );

            result.Succeeded.ShouldBeTrue();
        }
        public async Task fails_when_missing_policy()
        {
            _settings.AddPolicy("MyPolicy", builder => builder.RequireClaim("Admin"));

            var result = await _evaluator.Evaluate(
                ValidationTestBase.CreatePrincipal(claims: new Dictionary <string, string>
            {
                { "Admin", "true" }
            }),
                null,
                null,
                new[] { "PolicyDoesNotExist" }
                );

            result.Succeeded.ShouldBeFalse();
        }
        public async Task succeeds_when_empty_policies()
        {
            _settings.AddPolicy("MyPolicy", _ => { });

            var result = await _evaluator.Evaluate(
                ValidationTestBase.CreatePrincipal(claims: new Dictionary <string, string>
            {
                { "Admin", "true" }
            }),
                null,
                null,
                Array.Empty <string>()
                );

            result.Succeeded.ShouldBeTrue();
        }