public async Task EmptyApiKeyReturns401() { var client = TestBed.GetClientWithOptions(options => options.ApiKey = TestApiKey); var response = await client.GetAsync("/"); Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode); Assert.Equal(string.Empty, await response.Content.ReadAsStringAsync()); }
public async Task ValidCredentialsAuthorize() { var client = TestBed.GetClientWithOptions(options => options.ApiKey = TestApiKey); client.UseApiKey(TestApiKey); var response = await client.GetAsync("/"); Assert.Equal(HttpStatusCode.OK, response.StatusCode); Assert.Equal(ApiKeyHeaderAuthenticationDefaults.AuthenticationClaimName, await response.Content.ReadAsStringAsync()); }
public async Task ValidCredentialsAndCustomHeaderAuthorize() { const string key = "testapi"; const string header = "X-API-KEY"; var client = TestBed.GetClientWithOptions(options => { options.ApiKey = key; options.Header = header; }); client.UseApiKey(key, header); var response = await client.GetAsync("/"); Assert.Equal(HttpStatusCode.OK, response.StatusCode); Assert.Equal(ApiKeyHeaderAuthenticationDefaults.AuthenticationClaimName, await response.Content.ReadAsStringAsync()); }
public async Task ValidCredentialsAndNoRegisteredAuthenticationServiceReturns401() { var client = TestBed.GetClientWithBuilder(builder => { builder.AddApiKeyHeaderAuthentication(options => options.UseRegisteredAuthenticationHandler = true); }); client.UseApiKey("testapi"); var response = await client.GetAsync("/"); Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode); Assert.Equal(string.Empty, await response.Content.ReadAsStringAsync()); }
public async Task InvalidCredentialsAndCustomHeaderReturns401() { const string key = "testapi"; const string wrongkey = "wrongkey"; const string header = "X-API-KEY"; var client = TestBed.GetClientWithOptions(options => { options.ApiKey = key; options.Header = header; }); client.UseApiKey(wrongkey, header); var response = await client.GetAsync("/"); Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode); Assert.Equal(string.Empty, await response.Content.ReadAsStringAsync()); }
public async Task InvalidCredentialsAndCustomAuthenticationServiceReturns401() { const string key = "badapi"; var client = TestBed.GetClientWithBuilder(builder => { builder.AddApiKeyHeaderAuthentication(options => options.UseRegisteredAuthenticationHandler = true); builder.Services.AddSingleton <IApiKeyCustomAuthenticator, TestApiKeyService>(); }); client.UseApiKey(key); var response = await client.GetAsync("/"); Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode); Assert.Equal(string.Empty, await response.Content.ReadAsStringAsync()); }
public async Task InvalidCredentialsAndCustomAuthenticationLogicReturns401() { const string key = "goodkey"; const string key2 = "badkey"; var client = TestBed.GetClientWithOptions(options => { options.CustomAuthenticationHandler = SimpleCustomAuthenticationLogic; }); client.UseApiKey(key); var response = await client.GetAsync("/"); Assert.Equal(HttpStatusCode.OK, response.StatusCode); Assert.Equal(key, await response.Content.ReadAsStringAsync()); client.UseApiKey(key2); response = await client.GetAsync("/"); Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode); Assert.Equal(string.Empty, await response.Content.ReadAsStringAsync()); }
public async Task ValidCredentialsAndCustomAuthenticationLogicAndCustomHeaderAuthorize() { const string key = "goodkey"; const string key2 = "goodkey2"; const string customHeader = "X-CUSTOM-HEADER"; var client = TestBed.GetClientWithOptions(options => { options.Header = customHeader; options.CustomAuthenticationHandler = SimpleCustomAuthenticationLogic; }); client.UseApiKey(key, customHeader); var response = await client.GetAsync("/"); Assert.Equal(HttpStatusCode.OK, response.StatusCode); Assert.Equal(key, await response.Content.ReadAsStringAsync()); client.UseApiKey(key2, customHeader); response = await client.GetAsync("/"); Assert.Equal(HttpStatusCode.OK, response.StatusCode); Assert.Equal(key2, await response.Content.ReadAsStringAsync()); }
public async Task ValidCredentialsAndCustomAuthenticationFullTicketProperlySetClaimsInContext() { const string key = "goodkey"; const string claimName = "John"; var client = TestBed.GetClientWithBuilder(builder => { builder.AddApiKeyHeaderAuthentication(options => options.UseRegisteredAuthenticationHandler = true); builder.Services.AddSingleton <IApiKeyCustomAuthenticationTicketHandler, CustomFullTicketHandler>(); }); client.UseApiKey(key); var response = await client.GetAsync(TestBed.FullUserPath); var content = await response.Content.ReadAsStringAsync(); var user = JsonDocument.Parse(content); Assert.Equal(HttpStatusCode.OK, response.StatusCode); Assert.Equal(claimName, user.RootElement.GetProperty("Name").GetString()); }
public async Task ValidCredentialsAndCustomAuthenticationFullTicketProperlySetOtherClaimsInTicket() { const string key = "goodkey"; var client = TestBed.GetClientWithBuilder(builder => { builder.AddApiKeyHeaderAuthentication(options => options.UseRegisteredAuthenticationHandler = true); builder.Services.AddSingleton <IApiKeyCustomAuthenticationTicketHandler, CustomFullTicketHandler>(); }); client.UseApiKey(key); var response = await client.GetAsync(TestBed.FullTicketPrincipalClaimsPath); var content = await response.Content.ReadAsStringAsync(); var claims = JsonDocument.Parse(content); Assert.Equal(HttpStatusCode.OK, response.StatusCode); Assert.Equal("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name", claims.RootElement[0].GetProperty("Type").GetString()); Assert.Equal(CustomFullTicketHandler.TestUserName, claims.RootElement[0].GetProperty("Value").GetString()); Assert.Equal("http://schemas.microsoft.com/ws/2008/06/identity/claims/role", claims.RootElement[1].GetProperty("Type").GetString()); Assert.Equal(CustomFullTicketHandler.TestRole, claims.RootElement[1].GetProperty("Value").GetString()); }