public void OnAuthorizationThrowsIfFilterContextIsNull() {
            // Arrange
            RequireHttpsAttribute attr = new RequireHttpsAttribute();

            // Act & assert
            ExceptionHelper.ExpectArgumentNullException(
                delegate {
                    attr.OnAuthorization(null);
                }, "filterContext");
        }
示例#2
0
		public void OnAuthorization(AuthorizationContext filterContext)
		{
			if (_configurationHelper.IsHttpsRequired)
			{
				var requiredHttpsAttribute = new RequireHttpsAttribute();
				requiredHttpsAttribute.OnAuthorization(filterContext);
				if (filterContext.Result != null)
					filterContext.Result = new RedirectResult("https://" + filterContext.HttpContext.Request.Url.Host + filterContext.HttpContext.Request.ApplicationPath);
			}
		}
        public void OnAuthorizationDoesNothingIfRequestIsSecure() {
            // Arrange
            Mock<AuthorizationContext> mockAuthContext = new Mock<AuthorizationContext>();
            mockAuthContext.Expect(c => c.HttpContext.Request.IsSecureConnection).Returns(true);
            AuthorizationContext authContext = mockAuthContext.Object;

            ViewResult result = new ViewResult();
            authContext.Result = result;

            RequireHttpsAttribute attr = new RequireHttpsAttribute();

            // Act
            attr.OnAuthorization(authContext);

            // Assert
            Assert.AreSame(result, authContext.Result, "Result should not have been changed.");
        }
        public void OnAuthorizationRedirectsIfRequestIsNotSecureAndMethodIsGet() {
            // Arrange
            Mock<AuthorizationContext> mockAuthContext = new Mock<AuthorizationContext>();
            mockAuthContext.Expect(c => c.HttpContext.Request.HttpMethod).Returns("get");
            mockAuthContext.Expect(c => c.HttpContext.Request.IsSecureConnection).Returns(false);
            mockAuthContext.Expect(c => c.HttpContext.Request.RawUrl).Returns("/alpha/bravo/charlie?q=quux");
            mockAuthContext.Expect(c => c.HttpContext.Request.Url).Returns(new Uri("http://www.example.com:8080/foo/bar/baz"));
            AuthorizationContext authContext = mockAuthContext.Object;

            RequireHttpsAttribute attr = new RequireHttpsAttribute();

            // Act
            attr.OnAuthorization(authContext);
            RedirectResult result = authContext.Result as RedirectResult;

            // Assert
            Assert.IsNotNull(result, "Result should have been a RedirectResult.");
            Assert.AreEqual("https://www.example.com/alpha/bravo/charlie?q=quux", result.Url);
        }
        public void OnAuthorizationThrowsIfRequestIsNotSecureAndMethodIsNotGet() {
            // Arrange
            Mock<AuthorizationContext> mockAuthContext = new Mock<AuthorizationContext>();
            mockAuthContext.Expect(c => c.HttpContext.Request.HttpMethod).Returns("post");
            mockAuthContext.Expect(c => c.HttpContext.Request.IsSecureConnection).Returns(false);
            AuthorizationContext authContext = mockAuthContext.Object;

            RequireHttpsAttribute attr = new RequireHttpsAttribute();

            // Act & assert
            ExceptionHelper.ExpectInvalidOperationException(
                delegate {
                    attr.OnAuthorization(authContext);
                },
                @"The requested resource can only be accessed via SSL.");
        }