static void Verify_OnAuthorization_Response(bool isAuthenticated, string actionName, bool isAuthorized, HttpStatusCode expectedStatusCode, string expectedMessage)
{
//------------Setup for test--------------------------
var authorizationProvider = new Mock <IAuthorizationService>();
authorizationProvider.Setup(p => p.IsAuthorized(It.IsAny <IAuthorizationRequest>())).Returns(isAuthorized);
var attribute = new AuthorizeWebAttribute(authorizationProvider.Object);
var actionContext = CreateActionContext(isAuthenticated, actionName);
//------------Execute Test---------------------------
attribute.OnAuthorization(actionContext);
//------------Assert Results-------------------------
if (isAuthorized && isAuthenticated)
{
Assert.IsNull(actionContext.Response);
}
else
{
Assert.AreEqual(expectedStatusCode, actionContext.Response.StatusCode);
Assert.AreEqual(expectedStatusCode.ToString(), actionContext.Response.ReasonPhrase);
var task = actionContext.Response.Content.ReadAsStringAsync();
task.Wait();
Assert.AreEqual(string.Format("{{\"Message\":\"{0}\"}}", expectedMessage), task.Result);
}
}
public void AuthorizeWebAttribute_Constructor_Default_ProviderIsAuthorizationProviderInstance()
{
//------------Setup for test--------------------------
//------------Execute Test---------------------------
var attribute = new AuthorizeWebAttribute();
//------------Assert Results-------------------------
Assert.AreSame(ServerAuthorizationService.Instance, attribute.Service);
}
public void AuthorizeWebAttribute_OnAuthorization_ActionContextIsNull_ThrowsArgumentNullException()
{
//------------Setup for test--------------------------
var provider = new Mock <IAuthorizationService>();
var attribute = new AuthorizeWebAttribute(provider.Object);
//------------Execute Test---------------------------
attribute.OnAuthorization(null);
//------------Assert Results-------------------------
}
public void AuthorizeWebAttribute_OnAuthorization_GivenUserIsNotAuthenticated_ShouldReturn401JSON()
{
//------------Setup for test--------------------------
var provider = new Mock <IAuthorizationService>();
var attribute = new AuthorizeWebAttribute(provider.Object);
var httpActionContext = CreateActionContext(false, "http://localhost:8080/Examples/Workflow_One.json");
//------------Execute Test---------------------------
attribute.OnAuthorization(httpActionContext);
//------------Assert Results-------------------------
var result = httpActionContext.Response;
Assert.IsFalse(result.IsSuccessStatusCode);
var responseMessage = result.Content.ReadAsStringAsync().Result;
Assert.AreEqual("{\r\n \"Error\": {\r\n \"Status\": 401,\r\n \"Title\": \"user_unauthorized\",\r\n \"Message\": \"Authorization has been denied for this user.\"\r\n }\r\n}", responseMessage);
}
public void AuthorizeWebAttribute_OnAuthorization_GivenServicedIsNotAuthenticated_ShouldReturn403XML()
{
//------------Setup for test--------------------------
var provider = new Mock <IAuthorizationService>();
var attribute = new AuthorizeWebAttribute(provider.Object);
var httpActionContext = CreateActionContext(true, "http://localhost:8080/Examples/Workflow_One.xml");
//------------Execute Test---------------------------
attribute.OnAuthorization(httpActionContext);
//------------Assert Results-------------------------
var result = httpActionContext.Response;
Assert.IsFalse(result.IsSuccessStatusCode);
var responseMessage = result.Content.ReadAsStringAsync().Result;
Assert.AreEqual("<Error>\r\n <Status>403</Status>\r\n <Title>user_forbidden</Title>\r\n <Message>Authorization has been denied for this request.</Message>\r\n</Error>", responseMessage);
}
static void Verify_OnAuthorization_Response(bool isAuthenticated, string actionName, bool isAuthorized, HttpStatusCode expectedStatusCode, string title, string expectedMessage, EmitionTypes emitionTypes = EmitionTypes.JSON)
{
//------------Setup for test--------------------------
var authorizationProvider = new Mock <IAuthorizationService>();
authorizationProvider.Setup(p => p.IsAuthorized(It.IsAny <IAuthorizationRequest>())).Returns(isAuthorized);
var attribute = new AuthorizeWebAttribute(authorizationProvider.Object);
var actionContext = CreateActionContext(isAuthenticated, actionName);
//------------Execute Test---------------------------
attribute.OnAuthorization(actionContext);
//------------Assert Results-------------------------
if (isAuthorized && isAuthenticated)
{
Assert.IsNull(actionContext.Response);
}
else
{
Assert.AreEqual(expectedStatusCode, actionContext.Response.StatusCode);
var errorObject = new Error
{
Status = (int)expectedStatusCode,
Title = title,
Message = expectedMessage
};
var actualResponse = actionContext.Response.Content.ReadAsStringAsync().Result;
if (emitionTypes.Equals(EmitionTypes.XML))
{
Assert.AreEqual(errorObject.ToXML(), actualResponse);
}
Assert.AreEqual(errorObject.ToJSON(), actualResponse);
}
}
