public void SplitString_SplitsOnCommaAndTrimsWhitespaceAndIgnoresEmptyStrings(
string input,
params string[] expectedResult
)
{
string[] result = AuthorizeAttribute.SplitString(input);
Assert.Equal(expectedResult, result);
}
public void Users_Property()
{
AuthorizeAttribute attribute = new AuthorizeAttribute();
Assert.Reflection.StringProperty(
attribute,
a => a.Users,
expectedDefaultValue: String.Empty
);
}
public void OnAuthorization_IfControllerDescriptorIsMarkedWithAllowAnonymousAttribute_DoesNotShortCircuitResponse()
{
_controllerDescriptorMock.Setup(ad => ad.GetCustomAttributes <AllowAnonymousAttribute>()).Returns(_allowAnonymousAttributeCollection);
Mock <MockableAuthorizeAttribute> authorizeAttributeMock = new Mock <MockableAuthorizeAttribute>()
{
CallBase = true
};
AuthorizeAttribute attribute = authorizeAttributeMock.Object;
attribute.OnAuthorization(_actionContext);
Assert.Null(_actionContext.Response);
}
public void OnAuthorization_IfRequestNotAuthorized_CallsHandleUnauthorizedRequest()
{
Mock <MockableAuthorizeAttribute> authorizeAttributeMock = new Mock <MockableAuthorizeAttribute>()
{
CallBase = true
};
_principalMock.Setup(p => p.Identity.IsAuthenticated).Returns(false);
authorizeAttributeMock.Setup(a => a.HandleUnauthorizedRequestPublic(_actionContext)).Verifiable();
AuthorizeAttribute attribute = authorizeAttributeMock.Object;
attribute.OnAuthorization(_actionContext);
authorizeAttributeMock.Verify();
}
public void GetFilterPipeline_Returns_ConfigurationFilters()
{
IActionFilter actionFilter = new Mock <IActionFilter>().Object;
IExceptionFilter exceptionFilter = new Mock <IExceptionFilter>().Object;
IAuthorizationFilter authorizationFilter = new AuthorizeAttribute();
Action deleteAllUsersMethod = _controller.DeleteAllUsers;
HttpControllerDescriptor controllerDescriptor = new HttpControllerDescriptor(new HttpConfiguration(), "UsersRpcController", typeof(UsersRpcController));
controllerDescriptor.Configuration.Filters.Add(actionFilter);
controllerDescriptor.Configuration.Filters.Add(exceptionFilter);
controllerDescriptor.Configuration.Filters.Add(authorizationFilter);
ReflectedHttpActionDescriptor actionDescriptor = new ReflectedHttpActionDescriptor(controllerDescriptor, deleteAllUsersMethod.Method);
Collection <FilterInfo> filters = actionDescriptor.GetFilterPipeline();
Assert.Same(actionFilter, filters[0].Instance);
Assert.Same(exceptionFilter, filters[1].Instance);
Assert.Same(authorizationFilter, filters[2].Instance);
}
public void GetFilterPipeline_Returns_ConfigurationFilters()
{
IActionFilter actionFilter = new Mock<IActionFilter>().Object;
IExceptionFilter exceptionFilter = new Mock<IExceptionFilter>().Object;
IAuthorizationFilter authorizationFilter = new AuthorizeAttribute();
Action deleteAllUsersMethod = _controller.DeleteAllUsers;
HttpControllerDescriptor controllerDescriptor = new HttpControllerDescriptor(new HttpConfiguration(), "UsersRpcController", typeof(UsersRpcController));
controllerDescriptor.Configuration.Filters.Add(actionFilter);
controllerDescriptor.Configuration.Filters.Add(exceptionFilter);
controllerDescriptor.Configuration.Filters.Add(authorizationFilter);
ReflectedHttpActionDescriptor actionDescriptor = new ReflectedHttpActionDescriptor(controllerDescriptor, deleteAllUsersMethod.Method);
Collection<FilterInfo> filters = actionDescriptor.GetFilterPipeline();
Assert.Same(actionFilter, filters[0].Instance);
Assert.Same(exceptionFilter, filters[1].Instance);
Assert.Same(authorizationFilter, filters[2].Instance);
}
private void OnServiceStartup(
IAppBuilder applicationBuilder,
HttpConfiguration configuration)
{
if (null == applicationBuilder)
{
throw new ArgumentNullException(AmazonWebServicesProvider.ArgumentNameApplicationBuilder);
}
if (null == configuration)
{
throw new ArgumentNullException(AmazonWebServicesProvider.ArgumentNameConfiguration);
}
if (null == this.windowsAzureActiveDirectoryBearerAuthenticationOptions)
{
return;
}
System.Web.Http.Filters.IFilter authorizationFilter = new AuthorizeAttribute();
configuration.Filters.Add(authorizationFilter);
applicationBuilder
.UseWindowsAzureActiveDirectoryBearerAuthentication(
this.windowsAzureActiveDirectoryBearerAuthenticationOptions);
}
/// <summary>
/// 用户属于当前Action的角色,用户范围中
/// </summary>
/// <param name="authorizationUser"></param>
/// <param name="attr"></param>
/// <returns></returns>
private bool IsInRoles(AuthorisedUserView authorizationUser, AuthorizeAttribute attr)
{
var inRole = true; //是否在角色内
var inUser = true; //是否在用户内
if (!string.IsNullOrWhiteSpace(attr.Roles))
{
var roles = attr.Roles.Split(',');
if (!roles.Intersect(authorizationUser.Roles.ToArray()).Any())
{
inRole = false;
}
}
if (!string.IsNullOrWhiteSpace(attr.Users))
{
var users = attr.Users.Split(',');
if (!users.Contains(authorizationUser.UserName))
{
inUser = false;
}
}
return inRole && inUser;
}
private void OnServiceStartup(IAppBuilder applicationBuilder, HttpConfiguration configuration)
{
logger.Info("OnServiceStartup.... ###############");
// pvs
// IFilter is defined in System.Web.Http.dll.
System.Web.Http.Filters.IFilter authorizationFilter =
new System.Web.Http.AuthorizeAttribute(); // Defined in System.Web.Http.dll.configuration.Filters.Add(authorizationFilter);
// SystemIdentityModel.Tokens.TokenValidationParameters is defined in
// System.IdentityModel.Token.Jwt.dll.
System.IdentityModel.Tokens.TokenValidationParameters tokenValidationParameters =
new TokenValidationParameters()
{
ValidAudience = "00000002-0000-0000-c000-000000000000"
};
// WindowsAzureActiveDirectoryBearerAuthenticationOptions is defined in
// Microsoft.Owin.Security.ActiveDirectory.dll
Microsoft.Owin.Security.ActiveDirectory.
WindowsAzureActiveDirectoryBearerAuthenticationOptions authenticationOptions =
new WindowsAzureActiveDirectoryBearerAuthenticationOptions()
{
TokenValidationParameters = tokenValidationParameters,
Tenant = TENANT_ID // Substitute the appropriate tenant’s
// identifier for this one.
};
applicationBuilder.UseWindowsAzureActiveDirectoryBearerAuthentication(authenticationOptions);
//~pvs
}
