public async Task returns_not_authorised_for_requests_without_username_header() { var request = HttpRequestMessageBuilder.Instance().Build(); var result = await authenticateRequest.IsAuthenticated(request); Assert.That(result, Is.False); }
public async Task returns_false_if_retrieved_secret_is_null() { var mockGetSecretFromUsername = new Mock <IGetSecretFromUsername>(); mockGetSecretFromUsername.Setup(x => x.Secret(It.IsAny <string>())) .Returns((string)null); var request = HttpRequestMessageBuilder.Instance().Build(); request.Headers.Authorization = new AuthenticationHeaderValue(HeaderNames.AuthenticationScheme, "signature_hash"); authenticateRequest = new AuthenticateRequest(mockGetSecretFromUsername.Object); var result = await authenticateRequest.IsAuthenticated(request); Assert.That(result, Is.False); }
public async Task returns_true_if_signatures_match() { var request = HttpRequestMessageBuilder.Instance().Build(); request.Headers.Authorization = new AuthenticationHeaderValue(HeaderNames.AuthenticationScheme, "signature_hash"); request.Headers.Add(HeaderNames.UsernameHeader, "username"); var mockBuildRequestSignature = new Mock <IBuildRequestSignature>(); mockBuildRequestSignature.Setup(x => x.Build("secret", request)) .Returns("signature_hash"); authenticateRequest = new AuthenticateRequest(new HashCalculator(), mockBuildRequestSignature.Object, mockGetSecretFromUsername.Object); var result = await authenticateRequest.IsAuthenticated(request); Assert.That(result, Is.True); }
public void if_secret_is_not_returned_does_not_build_request_signature() { var mockBuildRequestSignature = new Mock <IBuildRequestSignature>(); mockBuildRequestSignature.Setup(x => x.Build(It.IsAny <string>(), It.IsAny <HttpRequestMessage>())); mockGetSecretFromUsername.Setup(x => x.Secret(It.IsAny <string>())) .Returns((string)null); var request = HttpRequestMessageBuilder.Instance().Build(); request.Headers.Authorization = new AuthenticationHeaderValue(HeaderNames.AuthenticationScheme, "signature_hash"); request.Headers.Add(HeaderNames.UsernameHeader, "username"); authenticateRequest = new AuthenticateRequest(new HashCalculator(), mockBuildRequestSignature.Object, mockGetSecretFromUsername.Object); var result = authenticateRequest.IsAuthenticated(request); mockBuildRequestSignature.Verify(x => x.Build(It.IsAny <string>(), It.IsAny <HttpRequestMessage>()), Times.Never()); }