C# (CSharp) Microsoft.AspNet.Antiforgery DefaultAntiforgeryTokenStore.GetRequestTokensAsync示例

示例#1

        public async Task GetFormToken_FormFieldIsValid_ReturnsToken()
        {
            // Arrange
            var httpContext = new DefaultHttpContext();

            httpContext.Request.ContentType = "application/x-www-form-urlencoded";
            httpContext.Request.Form        = new FormCollection(new Dictionary <string, StringValues>()
            {
                { "form-field-name", "form-value" },
            });
            httpContext.Request.Cookies = new ReadableStringCollection(new Dictionary <string, StringValues>()
            {
                { "cookie-name", "cookie-value" },
            });

            var options = new AntiforgeryOptions()
            {
                CookieName    = "cookie-name",
                FormFieldName = "form-field-name",
            };

            var tokenStore = new DefaultAntiforgeryTokenStore(
                optionsAccessor: new TestOptionsManager(options),
                tokenSerializer: Mock.Of <IAntiforgeryTokenSerializer>());

            // Act
            var tokens = await tokenStore.GetRequestTokensAsync(httpContext);

            // Assert
            Assert.Equal("cookie-value", tokens.CookieToken);
            Assert.Equal("form-value", tokens.FormToken);
        }

示例#2

        public async Task GetRequestTokens_NonFormContentType_Throws()
        {
            // Arrange
            var httpContext = new DefaultHttpContext();

            httpContext.Request.ContentType = "application/json";

            // Will not be accessed
            httpContext.Request.Form    = null;
            httpContext.Request.Cookies = new ReadableStringCollection(new Dictionary <string, StringValues>()
            {
                { "cookie-name", "cookie-value" },
            });

            var options = new AntiforgeryOptions()
            {
                CookieName    = "cookie-name",
                FormFieldName = "form-field-name",
            };

            var tokenStore = new DefaultAntiforgeryTokenStore(
                optionsAccessor: new TestOptionsManager(options),
                tokenSerializer: new DefaultAntiforgeryTokenSerializer(new EphemeralDataProtectionProvider()));

            // Act
            var exception = await Assert.ThrowsAsync <InvalidOperationException>(
                async() => await tokenStore.GetRequestTokensAsync(httpContext));

            // Assert
            Assert.Equal("The required antiforgery form field \"form-field-name\" is not present.", exception.Message);
        }

示例#3

        public async Task GetRequestTokens_FormFieldIsEmpty_Throws()
        {
            // Arrange
            var httpContext = new DefaultHttpContext();

            httpContext.Request.ContentType = "application/x-www-form-urlencoded";
            httpContext.Request.Form        = new FormCollection(new Dictionary <string, StringValues>());
            httpContext.Request.Cookies     = new ReadableStringCollection(new Dictionary <string, StringValues>()
            {
                { "cookie-name", "cookie-value" },
            });

            var options = new AntiforgeryOptions()
            {
                CookieName    = "cookie-name",
                FormFieldName = "form-field-name",
            };

            var tokenStore = new DefaultAntiforgeryTokenStore(
                optionsAccessor: new TestOptionsManager(options),
                tokenSerializer: Mock.Of <IAntiforgeryTokenSerializer>());

            // Act
            var exception = await Assert.ThrowsAsync <InvalidOperationException>(
                async() => await tokenStore.GetRequestTokensAsync(httpContext));

            // Assert
            Assert.Equal("The required antiforgery form field \"form-field-name\" is not present.", exception.Message);
        }

示例#4

文件： DefaultAntiforgeryTokenStoreTest.cs 项目： cemoses/aspnet

        public async Task GetRequestTokens_CookieIsEmpty_Throws()
        {
            // Arrange
            var httpContext = new DefaultHttpContext();

            httpContext.Request.Form    = new FormCollection(new Dictionary <string, string[]>());
            httpContext.Request.Cookies = new ReadableStringCollection(new Dictionary <string, string[]>());

            var options = new AntiforgeryOptions()
            {
                CookieName    = "cookie-name",
                FormFieldName = "form-field-name",
            };

            var tokenStore = new DefaultAntiforgeryTokenStore(
                optionsAccessor: new TestOptionsManager(options),
                tokenSerializer: null);

            // Act
            var exception = await Assert.ThrowsAsync <InvalidOperationException>(
                async() => await tokenStore.GetRequestTokensAsync(httpContext));

            // Assert
            Assert.Equal("The required antiforgery cookie \"cookie-name\" is not present.", exception.Message);
        }

示例#5

文件： DefaultAntiforgeryTokenStoreTest.cs 项目： 5280Software/Antiforgery

        public async Task GetFormToken_FormFieldIsValid_ReturnsToken()
        {
            // Arrange
            var httpContext = new DefaultHttpContext();
            httpContext.Request.ContentType = "application/x-www-form-urlencoded";
            httpContext.Request.Form = new FormCollection(new Dictionary<string, StringValues>()
            {
                { "form-field-name", "form-value" },
            });
            httpContext.Request.Cookies = new ReadableStringCollection(new Dictionary<string, StringValues>()
            {
                { "cookie-name", "cookie-value" },
            });

            var options = new AntiforgeryOptions()
            {
                CookieName = "cookie-name",
                FormFieldName = "form-field-name",
            };

            var tokenStore = new DefaultAntiforgeryTokenStore(
                optionsAccessor: new TestOptionsManager(options),
                tokenSerializer: Mock.Of<IAntiforgeryTokenSerializer>());

            // Act
            var tokens = await tokenStore.GetRequestTokensAsync(httpContext);

            // Assert
            Assert.Equal("cookie-value", tokens.CookieToken);
            Assert.Equal("form-value", tokens.FormToken);
        }

示例#6

文件： DefaultAntiforgeryTokenStoreTest.cs 项目： 5280Software/Antiforgery

        public async Task GetRequestTokens_FormFieldIsEmpty_Throws()
        {
            // Arrange
            var httpContext = new DefaultHttpContext();
            httpContext.Request.ContentType = "application/x-www-form-urlencoded";
            httpContext.Request.Form = new FormCollection(new Dictionary<string, StringValues>());
            httpContext.Request.Cookies = new ReadableStringCollection(new Dictionary<string, StringValues>()
            {
                { "cookie-name", "cookie-value" },
            });

            var options = new AntiforgeryOptions()
            {
                CookieName = "cookie-name",
                FormFieldName = "form-field-name",
            };

            var tokenStore = new DefaultAntiforgeryTokenStore(
                optionsAccessor: new TestOptionsManager(options),
                tokenSerializer: Mock.Of<IAntiforgeryTokenSerializer>());

            // Act
            var exception = await Assert.ThrowsAsync<InvalidOperationException>(
                async () => await tokenStore.GetRequestTokensAsync(httpContext));

            // Assert         
            Assert.Equal("The required antiforgery form field \"form-field-name\" is not present.", exception.Message);
        }

示例#7

文件： DefaultAntiforgeryTokenStoreTest.cs 项目： 5280Software/Antiforgery

        public async Task GetRequestTokens_NonFormContentType_Throws()
        {
            // Arrange
            var httpContext = new DefaultHttpContext();
            httpContext.Request.ContentType = "application/json";

            // Will not be accessed
            httpContext.Request.Form = null;
            httpContext.Request.Cookies = new ReadableStringCollection(new Dictionary<string, StringValues>()
            {
                { "cookie-name", "cookie-value" },
            });

            var options = new AntiforgeryOptions()
            {
                CookieName = "cookie-name",
                FormFieldName = "form-field-name",
            };

            var tokenStore = new DefaultAntiforgeryTokenStore(
                optionsAccessor: new TestOptionsManager(options),
                tokenSerializer: new DefaultAntiforgeryTokenSerializer(new EphemeralDataProtectionProvider()));

            // Act
            var exception = await Assert.ThrowsAsync<InvalidOperationException>(
                async () => await tokenStore.GetRequestTokensAsync(httpContext));

            // Assert         
            Assert.Equal("The required antiforgery form field \"form-field-name\" is not present.", exception.Message);
        }

示例#8

文件： DefaultAntiforgeryTokenStoreTest.cs 项目： cemoses/aspnet

        public async Task GetRequestTokens_CookieIsEmpty_Throws()
        {
            // Arrange
            var httpContext = new DefaultHttpContext();
            httpContext.Request.Form = new FormCollection(new Dictionary<string, string[]>());
            httpContext.Request.Cookies = new ReadableStringCollection(new Dictionary<string, string[]>());

            var options = new AntiforgeryOptions()
            {
                CookieName = "cookie-name",
                FormFieldName = "form-field-name",
            };

            var tokenStore = new DefaultAntiforgeryTokenStore(
                optionsAccessor: new TestOptionsManager(options),
                tokenSerializer: null);

            // Act
            var exception = await Assert.ThrowsAsync<InvalidOperationException>(
                async () => await tokenStore.GetRequestTokensAsync(httpContext));

            // Assert         
            Assert.Equal("The required antiforgery cookie \"cookie-name\" is not present.", exception.Message);
        }