public async Task WhenAuthCalledThenRedirectToSessionUrl()
{
var token = "token";
var claims = new List <Claim>
{
new Claim("customerId", "customerId"),
new Claim("email", "email"),
new Claim("given_name", "given_name"),
new Claim("family_name", "family_name"),
new Claim("exp", DateTimeOffset.Now.AddHours(2).ToUnixTimeSeconds().ToString()),
};
A.CallTo(() => authClient.ValidateToken(token)).Returns(new JwtSecurityToken("test", "test", claims));
using var controller = new AuthController(authClient, log, defaultsettings, defaultVersionedFiles, defaultConfiguration, baseUrlService)
{
ControllerContext = new ControllerContext
{
HttpContext = defaultContext,
},
};
defaultContext.HttpContext.Session.SetString(AuthController.RedirectSessionKey, AuthController.RedirectSessionKey);
controller.Url = new UrlHelper(
new ActionContext(defaultContext, new RouteData(),
new ActionDescriptor())
);
var result = await controller.Auth(token).ConfigureAwait(false) as RedirectResult;
Assert.Equal(result.Url, defaultsettings.Value.AuthDssEndpoint.Replace(AuthController.RedirectAttribute, AuthController.RedirectSessionKey, StringComparison.InvariantCultureIgnoreCase));
Assert.Null(session.GetString(AuthController.RedirectSessionKey));
}
public async Task WhenSignInCalledWithOutRedirectUrlAndRefererIsNotNullThenSetSessionToRefererUrl()
{
A.CallTo(() => authClient.GetSignInUrl()).Returns("test");
var session = new MockHttpSession();
var redirectUrl = "test.com";
var settings = Options.Create(new AuthSettings());
using var controller = new AuthController(authClient, log, settings, defaultVersionedFiles, defaultConfiguration, baseUrlService)
{
ControllerContext = new ControllerContext
{
HttpContext = new DefaultHttpContext
{
User = new ClaimsPrincipal(new ClaimsIdentity(new List <Claim>())),
Session = session,
Request = { Headers = { new KeyValuePair <string, StringValues>("Referer", redirectUrl) } },
},
},
};
var result = await controller.SignIn(string.Empty).ConfigureAwait(false) as RedirectResult;
Assert.Equal(redirectUrl, session.GetString(AuthController.RedirectSessionKey));
}
public async Task WhenResetPasswordCalledWithThenDoNotSetSessionRedirect()
{
A.CallTo(() => authClient.GetResetPasswordUrl()).Returns("test");
var settings = Options.Create(new AuthSettings());
var session = new MockHttpSession();
using var controller = new AuthController(authClient, log, settings, defaultVersionedFiles, defaultConfiguration, baseUrlService)
{
ControllerContext = new ControllerContext
{
HttpContext = new DefaultHttpContext
{
User = new ClaimsPrincipal(new ClaimsIdentity(new List <Claim>())),
Session = session,
},
},
};
var result = await controller.ResetPassword().ConfigureAwait(false) as RedirectResult;
A.CallTo(() => authClient.GetResetPasswordUrl()).MustHaveHappened();
Assert.Null(session.GetString(AuthController.RedirectSessionKey));
}