public void AuthenticateRequest_WithRequestHavingValidAuthCookies_SetsUserToGenericPrincipalWithRoles() { // arrange var module = new AuthenticationModule(); const string roles = "Admins|HostAdmins|Users"; var ticket = new FormsAuthenticationTicket(1, ".ASPXAUTH.42", DateTime.Now, DateTime.Now.AddDays(60), true, roles); string cookieValue = FormsAuthentication.Encrypt(ticket); var authCookie = new HttpCookie(".ASPXAUTH.42") { Value = cookieValue }; var cookies = new HttpCookieCollection { authCookie }; var httpContext = new Mock<HttpContextBase>(); httpContext.Stub(c => c.User); httpContext.Setup(c => c.Request.Path).Returns("/"); httpContext.Setup(c => c.Request.QueryString).Returns(new NameValueCollection()); httpContext.Setup(c => c.Request.Cookies).Returns(cookies); httpContext.Setup(c => c.Response.Cookies).Returns(cookies); var blogRequest = new BlogRequest("localhost", string.Empty, new Uri("http://localhost"), false, RequestLocation.Blog, "/") { Blog = new Blog { Id = 42 } }; // act module.AuthenticateRequest(httpContext.Object, blogRequest); // assert var principal = httpContext.Object.User as GenericPrincipal; Assert.IsNotNull(principal); Assert.IsTrue(principal.IsInRole("Admins")); Assert.IsTrue(principal.IsInRole("HostAdmins")); Assert.IsTrue(principal.IsInRole("Users")); }
public void AuthenticateRequest_WithRequestForStaticFile_ReturnsImmediately() { // arrange var module = new AuthenticationModule(); var httpContext = new Mock<HttpContextBase>(); httpContext.Setup(c => c.Request.Cookies).Throws(new InvalidOperationException()); var blogRequest = new BlogRequest("localhost", string.Empty, new Uri("http://localhost"), false, RequestLocation.StaticFile, "/"); // act, assert module.AuthenticateRequest(httpContext.Object, blogRequest); }
public void GetFormsAuthenticationTicket_WithRequestHavingExpiredAuthCookies_SetsUserToGenericPrincipalWithRoles() { // arrange var module = new AuthenticationModule(); const string roles = "Admins|HostAdmins|Users"; var ticket = new FormsAuthenticationTicket(1, ".ASPXAUTH.42", DateTime.UtcNow, DateTime.UtcNow.AddDays(-10), true, roles); Assert.IsTrue(ticket.Expired); string cookieValue = FormsAuthentication.Encrypt(ticket); var authCookie = new HttpCookie(".ASPXAUTH.42") { Value = cookieValue }; // act var authTicket = module.GetFormsAuthenticationTicket(authCookie); // assert Assert.IsNull(authTicket); }
public void GetFormsAuthenticationTicket_WithRequestHavingIndecipherableAuthCookies_ReturnsNull() { // arrange var module = new AuthenticationModule(); var badCookie = new HttpCookie(".ASPXAUTH.42") { Value = "STEOHsuthosaeuthoes234234sThisIsGarbage", Expires = DateTime.UtcNow }; // act var ticket = module.GetFormsAuthenticationTicket(badCookie); // assert Assert.IsNull(ticket); }
public void GetFormsAuthenticationTicket_WithRequestHavingNullAuthTicket_ReturnsNull() { // arrange var module = new AuthenticationModule(); var authCookie = new HttpCookie(".ASPXAUTH.42") { Value = null }; // act var ticket = module.GetFormsAuthenticationTicket(authCookie); // assert Assert.IsNull(ticket); }
public void GetFormsAuthenticationTicket_WithRequestHavingNoCookies_ReturnsNull() { // arrange var module = new AuthenticationModule(); // act var authTicket = module.GetFormsAuthenticationTicket(null); // assert Assert.IsNull(authTicket); }
public void HandleFormsAuthenticationTicket_WithRequestHavingNullAuthTicket_WritesExpiredCookie() { // arrange Func<BlogRequest, HttpContextBase, string> loginFunc = (r, c) => "/foo/login.aspx"; var module = new AuthenticationModule(); var authCookie = new HttpCookie(".ASPXAUTH.42") { Value = null }; var cookies = new HttpCookieCollection { authCookie }; var httpContext = new Mock<HttpContextBase>(); httpContext.Stub(c => c.User); httpContext.Setup(c => c.Request.Path).Returns("/"); httpContext.Setup(c => c.Request.QueryString).Returns(new NameValueCollection()); httpContext.Setup(c => c.Request.Cookies).Returns(cookies); httpContext.Setup(c => c.Response.Redirect(It.IsAny<string>(), true)); var responseCookies = new HttpCookieCollection(); httpContext.Setup(c => c.Response.Cookies).Returns(responseCookies); var blogRequest = new BlogRequest("localhost", string.Empty, new Uri("http://localhost"), false, RequestLocation.Blog, "/") { Blog = new Blog { Id = 42 } }; // act module.HandleFormsAuthenticationTicket(blogRequest, httpContext.Object, null); // assert var principal = httpContext.Object.User as GenericPrincipal; Assert.IsNull(principal); Assert.AreEqual(1, responseCookies.Count); HttpCookie cookie = responseCookies[".ASPXAUTH.42"]; Assert.IsTrue(cookie.Expires.AddYears(20) < DateTime.Now); }