diff --git a/src/Microsoft.AspNetCore.Http.Features/Authentication/AuthenticateContext.cs b/src/Microsoft.AspNetCore.Http.Features/Authentication/AuthenticateContext.cs index 21aaf5b428..e73061667b 100644 --- a/src/Microsoft.AspNetCore.Http.Features/Authentication/AuthenticateContext.cs +++ b/src/Microsoft.AspNetCore.Http.Features/Authentication/AuthenticateContext.cs @@ -34,20 +34,36 @@ namespace Microsoft.AspNetCore.Http.Features.Authentication public virtual void Authenticated(ClaimsPrincipal principal, IDictionary properties, IDictionary description) { Accepted = true; + Principal = principal; Properties = properties; Description = description; + + // Set defaults for fields we don't use in case multiple handlers modified the context. + Error = null; } public virtual void NotAuthenticated() { Accepted = true; + + // Set defaults for fields we don't use in case multiple handlers modified the context. + Description = null; + Error = null; + Principal = null; + Properties = null; } public virtual void Failed(Exception error) { - Error = error; Accepted = true; + + Error = error; + + // Set defaults for fields we don't use in case multiple handlers modified the context. + Description = null; + Principal = null; + Properties = null; } } } diff --git a/test/Microsoft.AspNetCore.Http.Features.Tests/Authentication/AuthenticateContextTest.cs b/test/Microsoft.AspNetCore.Http.Features.Tests/Authentication/AuthenticateContextTest.cs new file mode 100644 index 0000000000..c4d901322e --- /dev/null +++ b/test/Microsoft.AspNetCore.Http.Features.Tests/Authentication/AuthenticateContextTest.cs @@ -0,0 +1,162 @@ +// Copyright (c) .NET Foundation. All rights reserved. +// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. + +using System; +using System.Collections.Generic; +using System.Linq; +using System.Security.Claims; +using System.Threading.Tasks; +using Xunit; + +namespace Microsoft.AspNetCore.Http.Features.Authentication +{ + public class AuthenticateContextTest + { + [Fact] + public void AuthenticateContext_Authenticated() + { + // Arrange + var context = new AuthenticateContext("test"); + + var principal = new ClaimsPrincipal(); + var properties = new Dictionary(); + var description = new Dictionary(); + + // Act + context.Authenticated(principal, properties, description); + + // Assert + Assert.True(context.Accepted); + Assert.Equal("test", context.AuthenticationScheme); + Assert.Same(description, context.Description); + Assert.Null(context.Error); + Assert.Same(principal, context.Principal); + Assert.Same(properties, context.Properties); + } + + [Fact] + public void AuthenticateContext_Authenticated_SetsUnusedPropertiesToDefault() + { + // Arrange + var context = new AuthenticateContext("test"); + + var principal = new ClaimsPrincipal(); + var properties = new Dictionary(); + var description = new Dictionary(); + + context.Failed(new Exception()); + + // Act + context.Authenticated(principal, properties, description); + + // Assert + Assert.True(context.Accepted); + Assert.Equal("test", context.AuthenticationScheme); + Assert.Same(description, context.Description); + Assert.Null(context.Error); + Assert.Same(principal, context.Principal); + Assert.Same(properties, context.Properties); + } + + [Fact] + public void AuthenticateContext_Failed() + { + // Arrange + var context = new AuthenticateContext("test"); + + var exception = new Exception(); + + // Act + context.Failed(exception); + + // Assert + Assert.True(context.Accepted); + Assert.Equal("test", context.AuthenticationScheme); + Assert.Null(context.Description); + Assert.Same(exception, context.Error); + Assert.Null(context.Principal); + Assert.Null(context.Properties); + } + + [Fact] + public void AuthenticateContext_Failed_SetsUnusedPropertiesToDefault() + { + // Arrange + var context = new AuthenticateContext("test"); + + var exception = new Exception(); + + context.Authenticated(new ClaimsPrincipal(), new Dictionary(), new Dictionary()); + + // Act + context.Failed(exception); + + // Assert + Assert.True(context.Accepted); + Assert.Equal("test", context.AuthenticationScheme); + Assert.Null(context.Description); + Assert.Same(exception, context.Error); + Assert.Null(context.Principal); + Assert.Null(context.Properties); + } + + [Fact] + public void AuthenticateContext_NotAuthenticated() + { + // Arrange + var context = new AuthenticateContext("test"); + + // Act + context.NotAuthenticated(); + + // Assert + Assert.True(context.Accepted); + Assert.Equal("test", context.AuthenticationScheme); + Assert.Null(context.Description); + Assert.Null(context.Error); + Assert.Null(context.Principal); + Assert.Null(context.Properties); + } + + [Fact] + public void AuthenticateContext_NotAuthenticated_SetsUnusedPropertiesToDefault_Authenticated() + { + // Arrange + var context = new AuthenticateContext("test"); + + var exception = new Exception(); + + context.Authenticated(new ClaimsPrincipal(), new Dictionary(), new Dictionary()); + + // Act + context.NotAuthenticated(); + + // Assert + Assert.True(context.Accepted); + Assert.Equal("test", context.AuthenticationScheme); + Assert.Null(context.Description); + Assert.Null(context.Error); + Assert.Null(context.Principal); + Assert.Null(context.Properties); + } + + [Fact] + public void AuthenticateContext_NotAuthenticated_SetsUnusedPropertiesToDefault_Failed() + { + // Arrange + var context = new AuthenticateContext("test"); + + context.Failed(new Exception()); + + context.NotAuthenticated(); + + // Assert + Assert.True(context.Accepted); + Assert.Equal("test", context.AuthenticationScheme); + Assert.Null(context.Description); + Assert.Null(context.Error); + Assert.Null(context.Principal); + Assert.Null(context.Properties); + } + } +}