public void Can_auth_async_with_wrong_username_and_password() { var request = new HttpRequestMessage(); var controllerContext = new HttpControllerContext { Request = request }; var context = new HttpActionContext { ControllerContext = controllerContext }; var headers = request.Headers; var authorization = new AuthenticationHeaderValue("Basic", "qqq"); headers.Authorization = authorization; var authenticationContext = new HttpAuthenticationContext(context, null); var claims = new List <Claim> { new Claim(ClaimTypes.Name, "Alex"), new Claim(ClaimTypes.Role, "111") }; var id = new ClaimsIdentity(claims, "Token"); var mockService = new Mock <IIdentityService>(); var mockPrincipal = new Mock <IPrincipal>(); mockPrincipal.Setup(s => s.Identity).Returns(id); mockService.Setup(s => s.AssignClaim("Alex", "111")).Returns(mockPrincipal.Object); var attribute = new IdentityBasicAuthenticationAttribute(mockService.Object); attribute.AuthenticateAsync(authenticationContext, CancellationToken.None); Assert.IsInstanceOfType(authenticationContext.ErrorResult, typeof(UnauthorizedResult)); }
public void Can_auth_async_with_correct_name_and_password() { var request = new HttpRequestMessage(); var controllerContext = new HttpControllerContext { Request = request }; var context = new HttpActionContext { ControllerContext = controllerContext }; var headers = request.Headers; var authorization = new AuthenticationHeaderValue("Basic", "QWxleDoxMTE="); headers.Authorization = authorization; var authenticationContext = new HttpAuthenticationContext(context, null); var claims = new List <Claim> { new Claim(ClaimTypes.Name, "Alex"), new Claim(ClaimTypes.Role, "111") }; var id = new ClaimsIdentity(claims, "Token"); var mockService = new Mock <IIdentityService>(); var mockPrincipal = new Mock <IPrincipal>(); mockPrincipal.Setup(s => s.Identity).Returns(id); mockService.Setup(s => s.AssignClaim("Alex", "111")).Returns(mockPrincipal.Object); var attribute = new IdentityBasicAuthenticationAttribute(mockService.Object); attribute.AuthenticateAsync(authenticationContext, CancellationToken.None); var expected = id; Assert.AreEqual(expected, authenticationContext.Principal.Identity); }