public async Task Test_AzureController_SecurityException_Fail() { //Arrange //Authorization Code absent AzureADAuthModel googleAuthModel = new AzureADAuthModel { APIKey = "<api key>" }; AzureAuthenticator authenticator = new AzureAuthenticator(this.SecuritySettings, this.MockAzureClient.Object); var controller = new AzureController(authenticator); try { //Act var result = await controller.Create(googleAuthModel); } catch (SecurityException ex) { //Assert Assert.IsType <SecurityException>(ex); this.MockAzureClient.Verify(x => x.PostSecurityRequest(), Times.Never); } }
public async Task Test_AzureController_AzureAuthorizeAttribute_InvalidAPIKey_ReturnsUnauthorizedResult() { var config = new ConfigurationBuilder() .AddJsonFile("securitySettings.json") .Build(); // Arrange var server = new TestServer(new WebHostBuilder() .UseConfiguration(config) .UseStartup <Startup>()); var client = server.CreateClient(); var url = "/azure"; var expected = HttpStatusCode.Unauthorized; AzureADAuthModel azureADAuthModel = new AzureADAuthModel { APIKey = "invalid api key" }; HttpContent httpContent = new StringContent(JsonConvert.SerializeObject(azureADAuthModel)); // Act var response = await client.PostAsync(url, httpContent); // Assert Assert.Equal(expected, response.StatusCode); //Arrange var bytes = new byte[2] { 103, 104 }; httpContent = new ByteArrayContent(bytes); try { // Act response = await client.PostAsync(url, httpContent); } catch (SecurityException ex) { // Assert Assert.IsType <SecurityException>(ex); } }
public async Task <IActionResult> Create([FromBody] AzureADAuthModel user) { try { var response = await this.authentication.IsValidUser(user); if (response.IsAuthenticated && !string.IsNullOrEmpty(response.AccessToken)) { return(new ObjectResult(response.AccessToken)); } return(BadRequest()); } catch (Exception ex) { throw new SecurityException(ex.Message); } }
public async Task Test_AzureController_Pass() { //Arrange AzureADAuthModel azureADAuthModel = new AzureADAuthModel { APIKey = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }; AzureAuthenticator azureAuthenticator = new AzureAuthenticator(this.SecuritySettings, this.MockAzureClient.Object); var controller = new AzureController(azureAuthenticator); //Act var result = await controller.Create(azureADAuthModel); //Assert Assert.IsType <ObjectResult>(result); Assert.True((result as ObjectResult).Value.ToString().IsValidJwtToken()); this.MockAzureClient.Verify(x => x.PostSecurityRequest(), Times.Once); }
public async Task Test_AzureController_InvalidAPIKey_Fail() { //Arrange //Invalid API Key AzureADAuthModel azureADAuthModel = new AzureADAuthModel { APIKey = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }; AzureAuthenticator azureAuthenticator = new AzureAuthenticator(this.SecuritySettings, this.MockAzureClient.Object); var controller = new AzureController(azureAuthenticator); //Act var result = await controller.Create(azureADAuthModel); //Assert Assert.IsType <BadRequestResult>(result); this.MockAzureClient.Verify(x => x.PostSecurityRequest(), Times.Never); }
public async Task Test_AzureController_AzureAuth_Fail() { //Arrange //Azure Client returns IsAuthenticated false this.MockAzureClient = this.InitMockAzureClient(this.SecuritySettings, false); AzureADAuthModel azureADAuthModel = new AzureADAuthModel { APIKey = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }; AzureAuthenticator azureAuthenticator = new AzureAuthenticator(this.SecuritySettings, this.MockAzureClient.Object); var controller = new AzureController(azureAuthenticator); //Act var result = await controller.Create(azureADAuthModel); //Assert Assert.IsType <BadRequestResult>(result); this.MockAzureClient.Verify(x => x.PostSecurityRequest(), Times.Once); }