public void GetIdentity_For_InExisting_Internal_Public_Client_User_Should_Return_Valid_Identity() { // arrange var controllerHelperMock = Mock.Of <IControllerHelper>(setup => setup.IsInternalUser()); var authenticationHelperMock = new Mock <IAuthenticationHelper>(); authenticationHelperMock .Setup(m => m.GetClaimsForRequest(It.IsAny <IPrincipal>(), It.IsAny <HttpRequestMessage>())) .Returns(new List <ClaimInfo> { new ClaimInfo { Type = "/identity/claims/e-id/profile/role", Value = "BVW" } }); var mockUserDataAccess = Mock.Of <IUserDataAccess>(); var sut = new AuthControllerHelper(null, mockUserDataAccess, controllerHelperMock, authenticationHelperMock.Object, null); // act var result = sut.GetIdentity(null, null, true); // assert result.AuthStatus.Should().Be(AuthStatus.NeuerBenutzer); result.Roles.Should().ContainInOrder(AccessRoles.RoleBVW); result.IssuedAccessTokens.Length.Should().Be(0); result.RedirectUrl.Should().BeEmpty(); }
public IHttpActionResult GetIdentity() { try { var identity = authControllerHelper.GetIdentity(Request, User, true); return(Ok(identity)); } catch (AuthenticationException e) { return(Content(HttpStatusCode.Forbidden, e.Message)); } }
public void GetIdentity_For_Existing_Oe3_User_With_Role_And_Correct_AuthenticationMethod_Should_Return_Valid_Identity() { // arrange var controllerHelperMock = new Mock <IControllerHelper>(); controllerHelperMock.Setup(m => m.IsInternalUser()).Returns(false); controllerHelperMock.Setup(m => m.IsMTanAuthentication()).Returns(false); controllerHelperMock.Setup(m => m.GetMgntRoleFromClaim()).Returns("ALLOW"); var authenticationHelperMock = new Mock <IAuthenticationHelper>(); authenticationHelperMock .Setup(m => m.GetClaimsForRequest(It.IsAny <IPrincipal>(), It.IsAny <HttpRequestMessage>())) .Returns(new List <ClaimInfo> { new ClaimInfo { Type = "/identity/claims/e-id/profile/role", Value = "Ö3" } }); var applicationRoleUserDataAccessMock = Mock.Of <IApplicationRoleUserDataAccess>(); var mockUserDataAccess = new Mock <IUserDataAccess>(); mockUserDataAccess.Setup(m => m.GetUser(It.IsAny <string>())).Returns( new User { Id = "1" }); mockUserDataAccess.Setup(m => m.GetRoleForClient(It.IsAny <string>())).Returns("Ö3"); var webCmiConfigProviderMock = new Mock <IWebCmiConfigProvider>(); webCmiConfigProviderMock.Setup(m => m.GetStringSetting(It.IsAny <string>(), It.IsAny <string>())) .Returns((string key, string defaultValue) => defaultValue); var sut = new AuthControllerHelper(applicationRoleUserDataAccessMock, mockUserDataAccess.Object, controllerHelperMock.Object, authenticationHelperMock.Object, webCmiConfigProviderMock.Object); // act var result = sut.GetIdentity(null, null, true); // assert result.AuthStatus.Should().Be(AuthStatus.KeineMTanAuthentication); result.Roles.Should().ContainInOrder("Ö3"); result.RedirectUrl.Should().Be("www.recherche.bar.admin.ch/_pep/myaccount?returnURI=/my-appl/private/welcome.html&op=reg-mobile"); }
public void GetIdentity_For_Existing_Public_Client_User_With_Role_And_Correct_AuthenticationMethod_Should_Return_Valid_Identity() { // arrange var controllerHelperMock = new Mock <IControllerHelper>(); controllerHelperMock.Setup(m => m.IsInternalUser()).Returns(false); controllerHelperMock.Setup(m => m.GetMgntRoleFromClaim()).Returns("ALLOW"); var authenticationHelperMock = new Mock <IAuthenticationHelper>(); authenticationHelperMock .Setup(m => m.GetClaimsForRequest(It.IsAny <IPrincipal>(), It.IsAny <HttpRequestMessage>())) .Returns(new List <ClaimInfo> { new ClaimInfo { Type = "/identity/claims/e-id/profile/role", Value = "Ö2" } }); var applicationRoleUserDataAccessMock = Mock.Of <IApplicationRoleUserDataAccess>(); var mockUserDataAccess = new Mock <IUserDataAccess>(); mockUserDataAccess.Setup(m => m.GetUser(It.IsAny <string>())).Returns( new User { Id = "1" }); mockUserDataAccess.Setup(m => m.GetRoleForClient(It.IsAny <string>())).Returns("Ö2"); var webCmiConfigProviderMock = new Mock <IWebCmiConfigProvider>(); webCmiConfigProviderMock.Setup(m => m.GetStringSetting(It.IsAny <string>(), It.IsAny <string>())) .Returns((string key, string defaultValue) => defaultValue); var sut = new AuthControllerHelper(applicationRoleUserDataAccessMock, mockUserDataAccess.Object, controllerHelperMock.Object, authenticationHelperMock.Object, webCmiConfigProviderMock.Object); // act var result = sut.GetIdentity(null, null, true); // assert result.AuthStatus.Should().Be(AuthStatus.Ok); result.Roles.Should().ContainInOrder("Ö2"); result.IssuedAccessTokens.Length.Should().Be(0); result.RedirectUrl.Should().BeEmpty(); }
public void GetIdentity_For_Existing_User_Without_Role_Should_Throw_Exception() { // arrange var controllerHelperMock = new Mock <IControllerHelper>(); controllerHelperMock.Setup(m => m.IsInternalUser()).Returns(false); controllerHelperMock.Setup(m => m.GetMgntRoleFromClaim()).Returns("ALLOW"); var authenticationHelperMock = new Mock <IAuthenticationHelper>(); authenticationHelperMock .Setup(m => m.GetClaimsForRequest(It.IsAny <IPrincipal>(), It.IsAny <HttpRequestMessage>())) .Returns(new List <ClaimInfo> { new ClaimInfo { Type = "/identity/claims/e-id/profile/role", Value = "BVW" } }); var applicationRoleUserDataAccessMock = Mock.Of <IApplicationRoleUserDataAccess>(); var mockUserDataAccess = new Mock <IUserDataAccess>(); mockUserDataAccess.Setup(m => m.GetUser(It.IsAny <string>())).Returns( new User { Id = "1" }); var webCmiConfigProviderMock = new Mock <IWebCmiConfigProvider>(); webCmiConfigProviderMock.Setup(m => m.GetStringSetting(It.IsAny <string>(), It.IsAny <string>())) .Returns((string key, string defaultValue) => defaultValue); var sut = new AuthControllerHelper(applicationRoleUserDataAccessMock, mockUserDataAccess.Object, controllerHelperMock.Object, authenticationHelperMock.Object, webCmiConfigProviderMock.Object); // act var action = (Action)(() => { sut.GetIdentity(null, null, false); }); // assert action.Should().Throw <AuthenticationException>() .Where(ex => ex.Message.Contains( "Es wurde für den Benutzer keine Rolle definiert in der Datenbank oder Authentifikation hat fehlgeschlagen")); }
public void GetIdentity_For_User_Without_Role_Claim_Should_Throw_AuthenticationException() { // arrange var controllerHelperMock = Mock.Of <IControllerHelper>(); var authenticationHelperMock = new Mock <IAuthenticationHelper>(); authenticationHelperMock .Setup(m => m.GetClaimsForRequest(It.IsAny <IPrincipal>(), It.IsAny <HttpRequestMessage>())) .Returns(new List <ClaimInfo>()); var sut = new AuthControllerHelper(null, null, controllerHelperMock, authenticationHelperMock.Object, null); // act var action = (Action)(() => { sut.GetIdentity(null, null, false); }); // assert action.Should().Throw <AuthenticationException>().WithMessage("User hat noch keinen Antrag gestellt"); }
public void GetIdentity_For_InExisting_Internal_Management_Client_User_Should_Return_Valid_Identity() { // arrange var controllerHelperMock = new Mock <IControllerHelper>(); controllerHelperMock.Setup(m => m.IsInternalUser()).Returns(false); controllerHelperMock.Setup(m => m.GetMgntRoleFromClaim()).Returns("ALLOW"); var authenticationHelperMock = new Mock <IAuthenticationHelper>(); authenticationHelperMock .Setup(m => m.GetClaimsForRequest(It.IsAny <IPrincipal>(), It.IsAny <HttpRequestMessage>())) .Returns(new List <ClaimInfo> { new ClaimInfo { Type = "/identity/claims/e-id/profile/role", Value = "BVW" } }); var mockUserDataAccess = Mock.Of <IUserDataAccess>(); var webCmiConfigProviderMock = new Mock <IWebCmiConfigProvider>(); webCmiConfigProviderMock.Setup(m => m.GetStringSetting(It.IsAny <string>(), It.IsAny <string>())) .Returns((string key, string defaultValue) => defaultValue); var sut = new AuthControllerHelper(null, mockUserDataAccess, controllerHelperMock.Object, authenticationHelperMock.Object, webCmiConfigProviderMock.Object); // act var result = sut.GetIdentity(null, null, false); // assert result.AuthStatus.Should().Be(AuthStatus.NeuerBenutzer); result.Roles.Should().ContainInOrder("ALLOW"); result.IssuedAccessTokens.Length.Should().Be(0); result.RedirectUrl.Should().Be("www.recherche.bar.admin.ch/recherche"); }
public IHttpActionResult GetIdentity() { return(Ok(authControllerHelper.GetIdentity(Request, User, false))); }