public void SplitString_SplitsOnCommaAndTrimsWhitespaceAndIgnoresEmptyStrings( string input, params string[] expectedResult ) { string[] result = AuthorizeAttribute.SplitString(input); Assert.Equal(expectedResult, result); }
public void Users_Property() { AuthorizeAttribute attribute = new AuthorizeAttribute(); Assert.Reflection.StringProperty( attribute, a => a.Users, expectedDefaultValue: String.Empty ); }
public void OnAuthorization_IfControllerDescriptorIsMarkedWithAllowAnonymousAttribute_DoesNotShortCircuitResponse() { _controllerDescriptorMock.Setup(ad => ad.GetCustomAttributes <AllowAnonymousAttribute>()).Returns(_allowAnonymousAttributeCollection); Mock <MockableAuthorizeAttribute> authorizeAttributeMock = new Mock <MockableAuthorizeAttribute>() { CallBase = true }; AuthorizeAttribute attribute = authorizeAttributeMock.Object; attribute.OnAuthorization(_actionContext); Assert.Null(_actionContext.Response); }
public void OnAuthorization_IfRequestNotAuthorized_CallsHandleUnauthorizedRequest() { Mock <MockableAuthorizeAttribute> authorizeAttributeMock = new Mock <MockableAuthorizeAttribute>() { CallBase = true }; _principalMock.Setup(p => p.Identity.IsAuthenticated).Returns(false); authorizeAttributeMock.Setup(a => a.HandleUnauthorizedRequestPublic(_actionContext)).Verifiable(); AuthorizeAttribute attribute = authorizeAttributeMock.Object; attribute.OnAuthorization(_actionContext); authorizeAttributeMock.Verify(); }
public void GetFilterPipeline_Returns_ConfigurationFilters() { IActionFilter actionFilter = new Mock <IActionFilter>().Object; IExceptionFilter exceptionFilter = new Mock <IExceptionFilter>().Object; IAuthorizationFilter authorizationFilter = new AuthorizeAttribute(); Action deleteAllUsersMethod = _controller.DeleteAllUsers; HttpControllerDescriptor controllerDescriptor = new HttpControllerDescriptor(new HttpConfiguration(), "UsersRpcController", typeof(UsersRpcController)); controllerDescriptor.Configuration.Filters.Add(actionFilter); controllerDescriptor.Configuration.Filters.Add(exceptionFilter); controllerDescriptor.Configuration.Filters.Add(authorizationFilter); ReflectedHttpActionDescriptor actionDescriptor = new ReflectedHttpActionDescriptor(controllerDescriptor, deleteAllUsersMethod.Method); Collection <FilterInfo> filters = actionDescriptor.GetFilterPipeline(); Assert.Same(actionFilter, filters[0].Instance); Assert.Same(exceptionFilter, filters[1].Instance); Assert.Same(authorizationFilter, filters[2].Instance); }
public void GetFilterPipeline_Returns_ConfigurationFilters() { IActionFilter actionFilter = new Mock<IActionFilter>().Object; IExceptionFilter exceptionFilter = new Mock<IExceptionFilter>().Object; IAuthorizationFilter authorizationFilter = new AuthorizeAttribute(); Action deleteAllUsersMethod = _controller.DeleteAllUsers; HttpControllerDescriptor controllerDescriptor = new HttpControllerDescriptor(new HttpConfiguration(), "UsersRpcController", typeof(UsersRpcController)); controllerDescriptor.Configuration.Filters.Add(actionFilter); controllerDescriptor.Configuration.Filters.Add(exceptionFilter); controllerDescriptor.Configuration.Filters.Add(authorizationFilter); ReflectedHttpActionDescriptor actionDescriptor = new ReflectedHttpActionDescriptor(controllerDescriptor, deleteAllUsersMethod.Method); Collection<FilterInfo> filters = actionDescriptor.GetFilterPipeline(); Assert.Same(actionFilter, filters[0].Instance); Assert.Same(exceptionFilter, filters[1].Instance); Assert.Same(authorizationFilter, filters[2].Instance); }
private void OnServiceStartup( IAppBuilder applicationBuilder, HttpConfiguration configuration) { if (null == applicationBuilder) { throw new ArgumentNullException(AmazonWebServicesProvider.ArgumentNameApplicationBuilder); } if (null == configuration) { throw new ArgumentNullException(AmazonWebServicesProvider.ArgumentNameConfiguration); } if (null == this.windowsAzureActiveDirectoryBearerAuthenticationOptions) { return; } System.Web.Http.Filters.IFilter authorizationFilter = new AuthorizeAttribute(); configuration.Filters.Add(authorizationFilter); applicationBuilder .UseWindowsAzureActiveDirectoryBearerAuthentication( this.windowsAzureActiveDirectoryBearerAuthenticationOptions); }
/// <summary> /// 用户属于当前Action的角色,用户范围中 /// </summary> /// <param name="authorizationUser"></param> /// <param name="attr"></param> /// <returns></returns> private bool IsInRoles(AuthorisedUserView authorizationUser, AuthorizeAttribute attr) { var inRole = true; //是否在角色内 var inUser = true; //是否在用户内 if (!string.IsNullOrWhiteSpace(attr.Roles)) { var roles = attr.Roles.Split(','); if (!roles.Intersect(authorizationUser.Roles.ToArray()).Any()) { inRole = false; } } if (!string.IsNullOrWhiteSpace(attr.Users)) { var users = attr.Users.Split(','); if (!users.Contains(authorizationUser.UserName)) { inUser = false; } } return inRole && inUser; }
private void OnServiceStartup(IAppBuilder applicationBuilder, HttpConfiguration configuration) { logger.Info("OnServiceStartup.... ###############"); // pvs // IFilter is defined in System.Web.Http.dll. System.Web.Http.Filters.IFilter authorizationFilter = new System.Web.Http.AuthorizeAttribute(); // Defined in System.Web.Http.dll.configuration.Filters.Add(authorizationFilter); // SystemIdentityModel.Tokens.TokenValidationParameters is defined in // System.IdentityModel.Token.Jwt.dll. System.IdentityModel.Tokens.TokenValidationParameters tokenValidationParameters = new TokenValidationParameters() { ValidAudience = "00000002-0000-0000-c000-000000000000" }; // WindowsAzureActiveDirectoryBearerAuthenticationOptions is defined in // Microsoft.Owin.Security.ActiveDirectory.dll Microsoft.Owin.Security.ActiveDirectory. WindowsAzureActiveDirectoryBearerAuthenticationOptions authenticationOptions = new WindowsAzureActiveDirectoryBearerAuthenticationOptions() { TokenValidationParameters = tokenValidationParameters, Tenant = TENANT_ID // Substitute the appropriate tenant’s // identifier for this one. }; applicationBuilder.UseWindowsAzureActiveDirectoryBearerAuthentication(authenticationOptions); //~pvs }