public void DeniesAccessIfNoUserOrPassword()
        {
            var basicAuth = new BasicAuthHttpModule(CreateMockConfiguration());
            var context = CreateMockContext();
            context.Request.Headers.Add("Authorization", BuildAuthorizationHeader("", ""));
            basicAuth.AuthenticateRequest(context);

            Assert.Equal((int)HttpStatusCode.Unauthorized, context.Response.StatusCode);
        }
        public void DeniesAccessIfNoAuthorizationHeader()
        {
            var basicAuth = new BasicAuthHttpModule(CreateMockConfiguration());
            var context = CreateMockContext();

            basicAuth.AuthenticateRequest(context);

            Assert.Equal((int)HttpStatusCode.Unauthorized, context.Response.StatusCode);
        }
        public void DeniesAccessIfNotBasicAuth()
        {
            var basicAuth = new BasicAuthHttpModule(CreateMockConfiguration());
            var context = CreateMockContext();
            context.Request.Headers.Add("Authorization", "some other wacky auth scheme");
            basicAuth.AuthenticateRequest(context);

            Assert.Equal((int)HttpStatusCode.Unauthorized, context.Response.StatusCode);
        }
        public void DoesNotSetPrincipalWhenAccessIsDenied()
        {
            var basicAuth = new BasicAuthHttpModule(CreateMockConfiguration());
            var context = CreateMockContext();
            context.Request.Headers.Add("Authorization", BuildAuthorizationHeader("user", "badpassword"));
            Thread.CurrentPrincipal = null;
            basicAuth.AuthenticateRequest(context);

            Assert.Equal("", Thread.CurrentPrincipal.Identity.Name);
            Assert.Equal("", context.User.Identity.Name);
        }
        public void GrantsAccessIfPasswordContainsColon()
        {
            var basicAuth = new BasicAuthHttpModule(CreateMockConfiguration("user", "pass:word"));
            var context = CreateMockContext();
            context.Request.Headers.Add("Authorization", BuildAuthorizationHeader("user", "pass:word"));
            basicAuth.AuthenticateRequest(context);

            Assert.Equal(0, context.Response.StatusCode);
        }