public void Create_NoAnyIdentity_CreatesFromEmptyContext()
{
// arrange
var fakeLoopbackIpFilter = new Mock <ILoopbackIpFilter>();
fakeLoopbackIpFilter.Setup(x => x.FilterIp(It.IsAny <string>()))
.Returns("123");
var fakeCallContextFactory = new Mock <ICallContextFactory>();
var fakeCallContext = new EmptyCallContext();
fakeCallContextFactory.Setup(x => x.Create())
.Returns(fakeCallContext);
var fakeJwtReadingService = new Mock <IJwtTokenReader>();
fakeJwtReadingService.Setup(x => x.Read(It.IsAny <string>()))
.Returns((ClaimsPrincipal)null);
// act
var factory = new JwtSecurityContextFactory(fakeCallContextFactory.Object, fakeLoopbackIpFilter.Object,
fakeJwtReadingService.Object);
var result = factory.Create();
// assert
Assert.Multiple(() =>
{
Assert.That(result.UserName, Is.EqualTo(Environment.UserName));
Assert.That(result.UserIp, Is.EqualTo("123"));
Assert.That(result.GetUserPermissionsAsync()
.Result.Any(), Is.False);
});
}
public void Create_UnauthenticatedIdentity_ReturnsHostContext()
{
// arrange
var fakeIdentity = new Mock <IIdentity>();
fakeIdentity.Setup(x => x.IsAuthenticated)
.Returns(false);
var fakePrincipal = new ClaimsPrincipal(fakeIdentity.Object);
var fakeContext = new Mock <HttpContext>();
fakeContext.Setup(x => x.User)
.Returns(fakePrincipal);
var fakeHttpContextAccessor = new Mock <IHttpContextAccessor>();
fakeHttpContextAccessor.Setup(x => x.HttpContext)
.Returns(fakeContext.Object);
var fakeLoopbackIpFilter = new Mock <ILoopbackIpFilter>();
// act
var factory = new JwtSecurityContextFactory(fakeHttpContextAccessor.Object,
fakeLoopbackIpFilter.Object);
var result = factory.Create();
// assert
Assert.That(result.UserName, Is.EqualTo(Environment.UserName));
}
public async Task Create_AuthenticatedIdentity_CorrectlyPutHeadersDataToContext()
{
// arrange
var fakeIdentity = new Mock <ClaimsIdentity>();
fakeIdentity.Setup(x => x.IsAuthenticated)
.Returns(true);
fakeIdentity.Setup(x => x.Claims)
.Returns(new List <Claim>()
{
new Claim(ClaimTypes.Role, "some Role")
});
var fakeLoopbackIpFilter = new Mock <ILoopbackIpFilter>();
fakeLoopbackIpFilter.Setup(x => x.FilterIp(It.IsAny <string>()))
.Returns((string s) => s);
var fakeCallContext = new Mock <ICallContext>();
fakeCallContext.Setup(x => x.AuthorizeInfo)
.Returns("token");
fakeCallContext.Setup(x => x.UserId)
.Returns("Hamster");
fakeCallContext.Setup(x => x.RequestCallerIp)
.Returns("123");
var fakeCallContextFactory = new Mock <ICallContextFactory>();
fakeCallContextFactory.Setup(x => x.Create())
.Returns(fakeCallContext.Object);
var fakeJwtReadingService = new Mock <IJwtTokenReader>();
fakeJwtReadingService.Setup(x => x.Read(It.IsAny <string>()))
.Returns(new ClaimsPrincipal(fakeIdentity.Object));
// act
var factory = new JwtSecurityContextFactory(fakeCallContextFactory.Object, fakeLoopbackIpFilter.Object,
fakeJwtReadingService.Object);
var result = factory.Create();
// assert
Assert.That(result.UserName, Is.EqualTo("Hamster"));
Assert.That(result.UserIp, Is.EqualTo("123"));
Assert.That(await result.GetUserPermissionsAsync(), Is.EquivalentTo(new List <string>()
{
"some Role"
}));
}
public async Task Create_AuthenticatedIdentity_CorrectlyPutHeadersDataToContext()
{
// arrange
var fakeIdentity = new Mock <ClaimsIdentity>();
fakeIdentity.Setup(x => x.IsAuthenticated)
.Returns(true);
fakeIdentity.Setup(x => x.Claims)
.Returns(new List <Claim>()
{
new Claim(ClaimTypes.NameIdentifier, "Hamster"), new Claim(ClaimTypes.Role, "some Role")
});
var fakePrincipal = new ClaimsPrincipal(fakeIdentity.Object);
var fakeContext = new Mock <HttpContext>();
fakeContext.Setup(x => x.User)
.Returns(fakePrincipal);
var fakeRequest = new Mock <HttpRequest>();
var fakeHeaderDictionary = new HeaderDictionary();
fakeHeaderDictionary.Add(CompanyHttpHeaders.RequestHeaderCallerIp, "123");
fakeRequest.Setup(x => x.Headers)
.Returns(fakeHeaderDictionary);
fakeContext.Setup(x => x.Request)
.Returns(fakeRequest.Object);
var fakeLoopbackIpFilter = new Mock <ILoopbackIpFilter>();
fakeLoopbackIpFilter.Setup(x => x.FilterIp(It.IsAny <string>()))
.Returns((string s) => s);
var fakeHttpContextAccessor = new Mock <IHttpContextAccessor>();
fakeHttpContextAccessor.Setup(x => x.HttpContext)
.Returns(fakeContext.Object);
// act
var factory = new JwtSecurityContextFactory(fakeHttpContextAccessor.Object,
fakeLoopbackIpFilter.Object);
var result = factory.Create();
// assert
Assert.That(result.UserName, Is.EqualTo("Hamster"));
Assert.That(result.UserIp, Is.EqualTo("123"));
Assert.That(await result.GetUserPermissionsAsync(), Is.EquivalentTo(new List <string>()
{
"some Role"
}));
}
public void Create_NoAnyIdentity_ReturnsHostContext()
{
// arrange
var fakeContext = new Mock <HttpContext>();
var fakeHttpContextAccessor = new Mock <IHttpContextAccessor>();
fakeHttpContextAccessor.Setup(x => x.HttpContext)
.Returns(fakeContext.Object);
var fakeLoopbackIpFilter = new Mock <ILoopbackIpFilter>();
// act
var factory = new JwtSecurityContextFactory(fakeHttpContextAccessor.Object,
fakeLoopbackIpFilter.Object);
var result = factory.Create();
// assert
Assert.That(result.UserName, Is.EqualTo(Environment.UserName));
}
public void Create_NoIpInIncomingHeader_TakeLocalIp()
{
// arrange
var fakeIdentity = new Mock <ClaimsIdentity>();
fakeIdentity.Setup(x => x.IsAuthenticated)
.Returns(true);
fakeIdentity.Setup(x => x.Claims)
.Returns(new List <Claim>()
{
new Claim(ClaimTypes.NameIdentifier, "Hamster"), new Claim(ClaimTypes.Role, "some Role")
});
var fakePrincipal = new ClaimsPrincipal(fakeIdentity.Object);
var fakeContext = new Mock <HttpContext>();
fakeContext.Setup(x => x.User)
.Returns(fakePrincipal);
var fakeRequest = new Mock <HttpRequest>();
var fakeHeaderDictionary = new HeaderDictionary();
fakeRequest.Setup(x => x.Headers)
.Returns(fakeHeaderDictionary);
fakeContext.Setup(x => x.Request)
.Returns(fakeRequest.Object);
var fakeLoopbackIpFilter = new Mock <ILoopbackIpFilter>();
fakeLoopbackIpFilter.Setup(x => x.FilterIp(It.IsAny <string>()))
.Returns("10.10.10.10");
var fakeHttpContextAccessor = new Mock <IHttpContextAccessor>();
fakeHttpContextAccessor.Setup(x => x.HttpContext)
.Returns(fakeContext.Object);
// act
var factory = new JwtSecurityContextFactory(fakeHttpContextAccessor.Object,
fakeLoopbackIpFilter.Object);
var result = factory.Create();
// assert
var expectedIp = "10.10.10.10";
Assert.That(result.UserIp, Is.EqualTo(expectedIp));
}
