public async Task JwtAuthenticationOption_GetSwaggerDocs_ContainsJwtSecurityScheme() { // Arrange string key = $"secret-{Guid.NewGuid()}"; string issuer = $"issuer-{Guid.NewGuid()}"; string audience = $"audience-{Guid.NewGuid()}"; string jwtToken = CreateToken(key, issuer, audience); var jwtHeader = AuthenticationHeaderValue.Parse("Bearer " + jwtToken); var options = new WebApiProjectOptions().WithJwtAuthentication(key, issuer, audience); using (var project = await WebApiProject.StartNewAsync(options, _outputWriter)) { // Act using (HttpResponseMessage response = await project.Swagger.GetSwaggerDocsAsync()) { // Assert Assert.Equal(HttpStatusCode.OK, response.StatusCode); var reader = new OpenApiStreamReader(); using (Stream json = await response.Content.ReadAsStreamAsync()) { OpenApiDocument document = reader.Read(json, out OpenApiDiagnostic diagnostic); Assert.NotNull(document.Components); (string schemeName, OpenApiSecurityScheme componentScheme) = Assert.Single(document.Components.SecuritySchemes); Assert.Equal(SecuritySchemeType.Http, componentScheme.Type); OpenApiSecurityRequirement requirement = Assert.Single(document.SecurityRequirements); Assert.NotNull(requirement); (OpenApiSecurityScheme requirementScheme, IList <string> scopes) = Assert.Single(requirement); Assert.Equal("jwt", requirementScheme.Reference.Id); } } } }
public async Task AppSettingsFile_GetsLoaded_WhenIncludeAppSettingsProjectOptionIsAdded(bool isToggled) { // Arrange var projectOptions = new WebApiProjectOptions().WithIncludeAppSettings(); using (var project = WebApiProject.CreateNew(projectOptions, _outputWriter)) { project.AddTypeAsFile <FeatureToggledController>(namespaces: "Controllers"); project.UpdateFileInProject( "appsettings.json", contents => AddJsonBoolValue(contents, key: FeatureToggle, value: isToggled)); await project.StartAsync(); // Act using (HttpResponseMessage response = await project.Root.GetAsync(Route)) { // Assert Assert.NotNull(response); Assert.True( response.IsSuccessStatusCode == isToggled, "Only when the feature toggle in the 'appsettings.json' is activated, should the controller response successful"); } } }
public async Task GetSwaggerDocs_ReturnsDocsWithHealthEndpointResponseExample() { // Arrange var options = new WebApiProjectOptions(); using (var project = await WebApiProject.StartNewAsync(options, _outputWriter)) // Act using (HttpResponseMessage response = await project.Swagger.GetSwaggerDocsAsync()) { // Assert Assert.Equal(HttpStatusCode.OK, response.StatusCode); string json = await response.Content.ReadAsStringAsync(); OpenApiDocument document = LoadOpenApiDocument(json); OpenApiOperation healthOperation = SelectGetHealthEndpoint(document); OpenApiResponse okResponse = healthOperation.Responses .Single(r => r.Key == "200").Value; OpenApiObject example = SelectHealthPointOkExample(okResponse); Assert.Contains("entries", example.Keys); var entriesCollection = (OpenApiObject)example["entries"]; Assert.Contains("api", entriesCollection.Keys); Assert.Contains("database", entriesCollection.Keys); } }
public async Task SharedAccessKeyAuthenticationOption_GetsSwaggerDocs_ContainsSharedAccessKeySecurityScheme() { // Arrange const string headerName = "x-shared-access-key"; const string secretKey = "MySecretKey"; string secretValue = Guid.NewGuid().ToString("N"); var authenticatedArguments = new WebApiProjectOptions() .WithSharedAccessAuthentication(headerName, secretKey, secretValue); using (var project = await WebApiProject.StartNewAsync(_configuration, authenticatedArguments, _outputWriter)) // Act using (HttpResponseMessage response = await project.Swagger.GetSwaggerDocsAsync()) { // Assert Assert.Equal(HttpStatusCode.OK, response.StatusCode); var reader = new OpenApiStreamReader(); using (Stream json = await response.Content.ReadAsStreamAsync()) { OpenApiDocument document = reader.Read(json, out OpenApiDiagnostic diagnostic); Assert.NotNull(document.Components); (string schemeName, OpenApiSecurityScheme componentScheme) = Assert.Single(document.Components.SecuritySchemes); Assert.Equal("shared-access-key", schemeName); Assert.Equal(ParameterLocation.Header, componentScheme.In); Assert.Equal(headerName, componentScheme.Name); OpenApiSecurityRequirement requirement = Assert.Single(document.SecurityRequirements); Assert.NotNull(requirement); (OpenApiSecurityScheme requirementScheme, IList <string> scopes) = Assert.Single(requirement); Assert.Equal(headerName, requirementScheme.Name); } } }
public async Task GetSabotagedEndpoint_TracksFailedResponse_ReturnsFailedResponse() { // Arrange var optionsWithSerilogLogging = new WebApiProjectOptions().WithSerilogLogging(ApplicationInsightsConfig.InstrumentationKey); using (var project = WebApiProject.CreateNew(Configuration, optionsWithSerilogLogging, Logger)) { project.AddTypeAsFile <SaboteurController>(); await project.StartAsync(); // Act using (HttpResponseMessage response = await project.Root.GetAsync(SaboteurController.Route)) { // Assert Assert.Equal(HttpStatusCode.InternalServerError, response.StatusCode); await RetryAssertUntilTelemetryShouldBeAvailableAsync(async client => { EventsResults <EventsRequestResult> results = await client.Events.GetRequestEventsAsync(ApplicationInsightsConfig.ApplicationId, filter: OnlyLastHourFilter); Assert.Contains(results.Value, result => { return(result.Request.Url.Contains("sabotage") && result.Request.ResultCode == "500"); }); }); } } }
public async Task CertificateAuthenticationOption_GetHealthAuthenticated_ResultsOk() { // Arrange string subject = $"subject-{Guid.NewGuid()}"; var authenticatedProjectArguments = new WebApiProjectOptions() .WithCertificateSubjectAuthentication($"CN={subject}"); using (var project = await WebApiProject.StartNewAsync(authenticatedProjectArguments, _outputWriter)) using (var certificate = SelfSignedCertificate.CreateWithSubject(subject)) { project.TearDownOptions = TearDownOptions.KeepProjectDirectory; var clientCertificate = Convert.ToBase64String(certificate.RawData); // Act using (HttpResponseMessage response = await project.Health.GetAsync( request => request.Headers.Add("X-ARR-ClientCert", clientCertificate))) { // Assert Assert.NotNull(response); Assert.Equal(HttpStatusCode.OK, response.StatusCode); } } }
public async Task ExampleProvidersIncluded_WithoutExcludeOpenApiDocs() { var options = new WebApiProjectOptions(); using (var project = await WebApiProject.StartNewAsync(options, _outputWriter)) { Assert.True(project.ContainsFile(Path.Combine("ExampleProviders", "HealthReportResponseExampleProvider.cs"))); } }
public async Task GetSwaggerDocs_WithoutOpenApiAndCorrelation_ReturnsNoSwaggerDocs() { // Arrange var options = new WebApiProjectOptions().WithExcludeOpenApiDocs().WithExcludeCorrelation(); using (var project = await WebApiProject.StartNewAsync(options, _outputWriter)) // Act using (HttpResponseMessage response = await project.Swagger.GetSwaggerDocsAsync()) { // Assert Assert.Equal(HttpStatusCode.NotFound, response.StatusCode); } }
public async Task GetHealth_WithConsoleLoggingProjectOption_ReturnsOk() { // Arrange var optionsWithDefaultLogging = new WebApiProjectOptions().WithConsoleLogging(); using (var project = await WebApiProject.StartNewAsync(optionsWithDefaultLogging, _outputWriter)) // Act using (HttpResponseMessage response = await project.Health.GetAsync()) { // Assert Assert.NotNull(response); Assert.Equal(HttpStatusCode.OK, response.StatusCode); } }
public async Task GetHealth_WithoutCorrelationProjectOption_ReturnsOkWithoutCorrelationHeaders() { // Arrange var optionsWithCorrelation = new WebApiProjectOptions().WithExcludeCorrelation(); using (var project = await WebApiProject.StartNewAsync(optionsWithCorrelation, _outputWriter)) // Act using (HttpResponseMessage response = await project.Health.GetAsync()) { // Assert Assert.NotNull(response); Assert.DoesNotContain(response.Headers, h => h.Key == OperationHeaderName); Assert.DoesNotContain(response.Headers, h => h.Key == TransactionHeaderName); } }
public async Task GetHealth_WithSerilogLoggingProjectOption_ReturnsOk() { // Arrange string instrumentationKey = _configuration.GetApplicationInsightsInstrumentationKey(); var optionsWithSerilogLogging = new WebApiProjectOptions().WithSerilogLogging(instrumentationKey); using (var project = await WebApiProject.StartNewAsync(optionsWithSerilogLogging, _outputWriter)) // Act using (HttpResponseMessage response = await project.Health.GetAsync()) { // Assert Assert.NotNull(response); Assert.Equal(HttpStatusCode.OK, response.StatusCode); } }
public async Task GetHealthWithoutBearerToken_WithJwtAuthenticationOption_ReturnsUnauthorized() { // Arrange string key = $"secret-{Guid.NewGuid()}"; string issuer = $"issuer-{Guid.NewGuid()}"; string audience = $"audience-{Guid.NewGuid()}"; var options = new WebApiProjectOptions().WithJwtAuthentication(key, issuer, audience); using (var project = await WebApiProject.StartNewAsync(options, _outputWriter)) // Act using (HttpResponseMessage response = await project.Health.GetAsync()) { // Assert Assert.NotNull(response); Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode); } }
public async Task GetHealth_WithSerilogAndCertificateAuthentication_ReturnsUnauthorized() { // Arrange string subject = $"subject-{Guid.NewGuid()}"; string instrumentationKey = _configuration.GetApplicationInsightsInstrumentationKey(); var optionsWithSerilogAndCertificateAuth = new WebApiProjectOptions() .WithSerilogLogging(instrumentationKey) .WithCertificateSubjectAuthentication($"CN={subject}"); using (var project = await WebApiProject.StartNewAsync(_configuration, optionsWithSerilogAndCertificateAuth, _outputWriter)) // Act using (HttpResponseMessage response = await project.Health.GetAsync()) { // Assert Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode); } }
public async Task GetHealthWithBearerToken_WithJwtAuthenticationOption_ReturnsOk() { // Arrange string key = $"secret-{Guid.NewGuid()}"; string issuer = $"issuer-{Guid.NewGuid()}"; string audience = $"audience-{Guid.NewGuid()}"; string jwtToken = CreateToken(key, issuer, audience); var jwtHeader = AuthenticationHeaderValue.Parse("Bearer " + jwtToken); var options = new WebApiProjectOptions().WithJwtAuthentication(key, issuer, audience); using (var project = await WebApiProject.StartNewAsync(options, _outputWriter)) // Act using (HttpResponseMessage response = await project.Health.GetAsync(request => request.Headers.Authorization = jwtHeader)) { // Assert Assert.NotNull(response); Assert.Equal(HttpStatusCode.OK, response.StatusCode); } }
public async Task CertificateAuthenticationOption_GetHealthUnauthenticated_ResultsUnauthorized() { // Arrange string subject = $"subject-{Guid.NewGuid()}"; var authenticatedProjectArguments = new WebApiProjectOptions() .WithCertificateSubjectAuthentication($"CN={subject}"); using (var project = await WebApiProject.StartNewAsync(authenticatedProjectArguments, _outputWriter)) { // Act using (HttpResponseMessage response = await project.Health.GetAsync()) { // Assert Assert.NotNull(response); Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode); } } }
public async Task GetSwaggerDocs_WithExcludeCorrelation_ReturnsDocsWithoutCorrelationHeaders() { // Arrange var options = new WebApiProjectOptions().WithExcludeCorrelation(); using (var project = await WebApiProject.StartNewAsync(options, _outputWriter)) // Act using (HttpResponseMessage response = await project.Swagger.GetSwaggerDocsAsync()) { // Assert Assert.Equal(HttpStatusCode.OK, response.StatusCode); string json = await response.Content.ReadAsStringAsync(); OpenApiDocument document = LoadOpenApiDocument(json); IDictionary <string, OpenApiHeader> headers = SelectHealthCorrelationResponseHeaders(document); Assert.Empty(headers); IList <OpenApiParameter> parameters = SelectHealthCorrelationParameters(document); Assert.Empty(parameters); } }
public async Task SharedAccessKeyAuthenticationOption_GetHealthUnauthenticated_ResultsUnauthorized() { // Arrange const string headerName = "x-shared-access-key"; const string secretKey = "MySecretKey"; string secretValue = Guid.NewGuid().ToString("N"); var unauthenticatedArguments = new WebApiProjectOptions() .WithSharedAccessAuthentication(headerName, secretKey, secretValue); using (var project = await WebApiProject.StartNewAsync(_configuration, unauthenticatedArguments, _outputWriter)) { // Act using (HttpResponseMessage response = await project.Health.GetAsync()) { // Assert Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode); } } }
public async Task CertificateAuthenticationOption_GetSwaggerDocs_ContainsCertificateSecurityScheme() { // Arrange string subject = $"subject-{Guid.NewGuid()}"; var authenticatedProjectArguments = new WebApiProjectOptions() .WithCertificateSubjectAuthentication($"CN={subject}"); using (var project = await WebApiProject.StartNewAsync(authenticatedProjectArguments, _outputWriter)) { // Act using (HttpResponseMessage response = await project.Swagger.GetSwaggerDocsAsync()) { // Assert Assert.Equal(HttpStatusCode.OK, response.StatusCode); var reader = new OpenApiStreamReader(); const string headerName = "X-ARR-ClientCert"; using (Stream json = await response.Content.ReadAsStreamAsync()) { OpenApiDocument document = reader.Read(json, out OpenApiDiagnostic diagnostic); Assert.NotNull(document.Components); (string schemeName, OpenApiSecurityScheme componentScheme) = Assert.Single(document.Components.SecuritySchemes); Assert.Equal("certificate", schemeName); Assert.Equal(ParameterLocation.Header, componentScheme.In); Assert.Equal(headerName, componentScheme.Name); OpenApiSecurityRequirement requirement = Assert.Single(document.SecurityRequirements); Assert.NotNull(requirement); (OpenApiSecurityScheme requirementScheme, IList <string> scopes) = Assert.Single(requirement); Assert.Equal(headerName, requirementScheme.Name); } } } }