tk/Ocelot
1
0
Fork 0
mirror of https://github.com/nsnail/Ocelot.git synced 2025-06-19 00:58:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

add a security module (#628) (#629)

Browse Source 
* Add security mechanisms, IP whitelists, blacklists, and extended security interfaces.

* Optimized configuration name

* Fix IP Security Bug

* Repair Security Protection Module Bug

* Add security module unit test

* Optimize log prompts
This commit is contained in:
阿凌
2018-09-26 01:29:38 +08:00
committed by Tom Pallister
parent aa14b2f877
commit 4a8f4c2e03
18 changed files with 526 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

108
test/Ocelot.UnitTests/Security/SecurityMiddlewareTests.cs Normal file
View File

@ -0,0 +1,108 @@
using Microsoft.AspNetCore.Http;
using Moq;
using Ocelot.Errors;
using Ocelot.Logging;
using Ocelot.Middleware;
using Ocelot.Request.Middleware;
using Ocelot.Responses;
using Ocelot.Security;
using Ocelot.Security.IPSecurity;
using Ocelot.Security.Middleware;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net.Http;
using System.Text;
using System.Threading.Tasks;
using TestStack.BDDfy;
using Xunit;
namespace Ocelot.UnitTests.Security
{
public class SecurityMiddlewareTests
{
private List<Mock<ISecurityPolicy>> _securityPolicyList;
private Mock<IOcelotLoggerFactory> _loggerFactory;
private Mock<IOcelotLogger> _logger;
private readonly SecurityMiddleware _middleware;
private readonly DownstreamContext _downstreamContext;
private readonly OcelotRequestDelegate _next;
public SecurityMiddlewareTests()
{
_loggerFactory = new Mock<IOcelotLoggerFactory>();
_logger = new Mock<IOcelotLogger>();
_loggerFactory.Setup(x => x.CreateLogger<SecurityMiddleware>()).Returns(_logger.Object);
_securityPolicyList = new List<Mock<ISecurityPolicy>>();
_securityPolicyList.Add(new Mock<ISecurityPolicy>());
_securityPolicyList.Add(new Mock<ISecurityPolicy>());
_next = context =>
{
return Task.CompletedTask;
};
_middleware = new SecurityMiddleware(_loggerFactory.Object, _securityPolicyList.Select(f => f.Object).ToList(), _next);
_downstreamContext = new DownstreamContext(new DefaultHttpContext());
_downstreamContext.DownstreamRequest = new DownstreamRequest(new HttpRequestMessage(HttpMethod.Get, "http://test.com"));
}
[Fact]
public void should_legal_request()
{
this.Given(x => x.GivenPassingSecurityVerification())
.When(x => x.WhenICallTheMiddleware())
.Then(x => x.ThenTheRequestIsPassingSecurity())
.BDDfy();
}
[Fact]
public void should_verification_failed_request()
{
this.Given(x => x.GivenNotPassingSecurityVerification())
.When(x => x.WhenICallTheMiddleware())
.Then(x => x.ThenTheRequestIsNotPassingSecurity())
.BDDfy();
}
private void GivenPassingSecurityVerification()
{
foreach (var item in _securityPolicyList)
{
Response response = new OkResponse();
item.Setup(x => x.Security(_downstreamContext)).Returns(Task.FromResult(response));
}
}
private void GivenNotPassingSecurityVerification()
{
for (int i = 0; i < _securityPolicyList.Count; i++)
{
Mock<ISecurityPolicy> item = _securityPolicyList[i];
if (i == 0)
{
Error error = new UnauthenticatedError($"Not passing security verification");
Response response = new ErrorResponse(error);
item.Setup(x => x.Security(_downstreamContext)).Returns(Task.FromResult(response));
}
else
{
Response response = new OkResponse();
item.Setup(x => x.Security(_downstreamContext)).Returns(Task.FromResult(response));
}
}
}
private void WhenICallTheMiddleware()
{
_middleware.Invoke(_downstreamContext).GetAwaiter().GetResult();
}
private void ThenTheRequestIsPassingSecurity()
{
Assert.False(_downstreamContext.IsError);
}
private void ThenTheRequestIsNotPassingSecurity()
{
Assert.True(_downstreamContext.IsError);
}
}
}