Can authorise routes based on claims, there is also a claims transformation middleware

2025-06-18 21:08:16 +08:00 · 2016-10-19 11:56:05 +01:00
parent 3285be3c73
commit b8951c4698
39 changed files with 700 additions and 294 deletions
--- a/test/Ocelot.UnitTests/Authorization/AuthorisationMiddlewareTests.cs
+++ b/test/Ocelot.UnitTests/Authorization/AuthorisationMiddlewareTests.cs
@ -0,0 +1,102 @@
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Net.Http;
+using System.Security.Claims;
+using Microsoft.AspNetCore.Hosting;
+using Microsoft.AspNetCore.TestHost;
+using Microsoft.Extensions.DependencyInjection;
+using Moq;
+using Ocelot.Authorisation;
+using Ocelot.Configuration.Builder;
+using Ocelot.DownstreamRouteFinder;
+using Ocelot.DownstreamRouteFinder.UrlMatcher;
+using Ocelot.Responses;
+using Ocelot.ScopedData;
+using TestStack.BDDfy;
+using Xunit;
+
+namespace Ocelot.UnitTests.Authorization
+{
+    using Authorisation.Middleware;
+
+    public class AuthorisationMiddlewareTests : IDisposable
+    {
+        private readonly Mock<IScopedRequestDataRepository> _scopedRepository;
+        private readonly Mock<IAuthoriser> _authService;
+        private readonly string _url;
+        private readonly TestServer _server;
+        private readonly HttpClient _client;
+        private HttpResponseMessage _result;
+        private OkResponse<DownstreamRoute> _downstreamRoute;
+
+        public AuthorisationMiddlewareTests()
+        {
+            _url = "http://localhost:51879";
+            _scopedRepository = new Mock<IScopedRequestDataRepository>();
+            _authService = new Mock<IAuthoriser>();
+            var builder = new WebHostBuilder()
+              .ConfigureServices(x =>
+              {
+                  x.AddSingleton(_authService.Object);
+                  x.AddSingleton(_scopedRepository.Object);
+              })
+              .UseUrls(_url)
+              .UseKestrel()
+              .UseContentRoot(Directory.GetCurrentDirectory())
+              .UseIISIntegration()
+              .UseUrls(_url)
+              .Configure(app =>
+              {
+                  app.UseAuthorisationMiddleware();
+              });
+
+            _server = new TestServer(builder);
+            _client = _server.CreateClient();
+        }
+
+        [Fact]
+        public void happy_path()
+        {
+            this.Given(x => x.GivenTheDownStreamRouteIs(new DownstreamRoute(new List<TemplateVariableNameAndValue>(), new ReRouteBuilder().WithIsAuthorised(true).Build())))
+                .And(x => x.GivenTheAuthServiceReturns(new OkResponse<bool>(true)))
+                .When(x => x.WhenICallTheMiddleware())
+                .Then(x => x.ThenTheAuthServiceIsCalledCorrectly())
+                .BDDfy();
+        }
+
+        private void GivenTheAuthServiceReturns(Response<bool> expected)
+        {
+            _authService
+                .Setup(x => x.Authorise(It.IsAny<ClaimsPrincipal>(), It.IsAny<Dictionary<string, string>>()))
+                .Returns(expected);
+        }
+
+        private void ThenTheAuthServiceIsCalledCorrectly()
+        {
+            _authService
+                .Verify(x => x.Authorise(It.IsAny<ClaimsPrincipal>(),
+                It.IsAny<Dictionary<string, string>>()), Times.Once);
+        }
+
+        private void GivenTheDownStreamRouteIs(DownstreamRoute downstreamRoute)
+        {
+            _downstreamRoute = new OkResponse<DownstreamRoute>(downstreamRoute);
+            _scopedRepository
+                .Setup(x => x.Get<DownstreamRoute>(It.IsAny<string>()))
+                .Returns(_downstreamRoute);
+        }
+
+        private void WhenICallTheMiddleware()
+        {
+            _result = _client.GetAsync(_url).Result;
+        }
+
+
+        public void Dispose()
+        {
+            _client.Dispose();
+            _server.Dispose();
+        }
+    }
+}