Add some more functional tests (Cookies/PathSelection/DynamicSchemes) (#42)

* Add some cookie tests

* Add more functional tests

Cookes + PathSchemeSelection + DynamicScheme tests

samples/DynamicSchemes/DynamicSchemes.csproj

@@ -14,7 +14,6 @@
     <PackageReference Include="Microsoft.AspNetCore.StaticFiles" Version="$(MicrosoftAspNetCoreStaticFilesPackageVersion)" />
     <PackageReference Include="Microsoft.AspNetCore.Server.IISIntegration" Version="$(MicrosoftAspNetCoreServerIISIntegrationPackageVersion)" />
     <PackageReference Include="Microsoft.AspNetCore.Server.Kestrel" Version="$(MicrosoftAspNetCoreServerKestrelPackageVersion)" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" PrivateAssets="All" Version="$(MicrosoftEntityFrameworkCoreToolsPackageVersion)" />
     <PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="$(MicrosoftExtensionsConfigurationEnvironmentVariablesPackageVersion)" />
     <PackageReference Include="Microsoft.Extensions.Configuration.UserSecrets" Version="$(MicrosoftExtensionsConfigurationUserSecretsPackageVersion)" />
     <PackageReference Include="Microsoft.Extensions.Logging.Console" Version="$(MicrosoftExtensionsLoggingConsolePackageVersion)" />

test/AuthSamples.FunctionalTests/CookiesTests.cs

@@ -1,6 +1,7 @@
 // Copyright (c) .NET Foundation. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
+using System.Collections.Generic;
 using System.Net;
 using System.Net.Http;
 using System.Threading.Tasks;
@@ -12,9 +13,7 @@ namespace AuthSamples.FunctionalTests
     public class CookiesTests : IClassFixture<WebApplicationFactory<Cookies.Startup>>
     {
         public CookiesTests(WebApplicationFactory<Cookies.Startup> fixture)
-        {
+            => Client = fixture.CreateClient();
-            Client = fixture.CreateDefaultClient();
-        }
 
         public HttpClient Client { get; }
 
@@ -37,8 +36,59 @@ namespace AuthSamples.FunctionalTests
             var content = await response.Content.ReadAsStringAsync();
 
             // Assert
-            Assert.Equal(HttpStatusCode.Redirect, response.StatusCode);
+            Assert.Equal(HttpStatusCode.OK, response.StatusCode);
-            Assert.Equal("http://localhost/account/login?ReturnUrl=%2FHome%2FMyClaims", response.Headers.Location.ToString());
+            Assert.Equal("http://localhost/account/login?ReturnUrl=%2FHome%2FMyClaims", response.RequestMessage.RequestUri.ToString());
+        }
+
+        [Fact]
+        public async Task MyClaimsShowsClaimsWhenLoggedIn()
+        {
+            // Arrange & Act & Assert
+            await SignIn("Dude");
+            await CheckMyClaims("Dude");
+        }
+
+        [Fact]
+        public async Task LogoutClearsCookie()
+        {
+            // Arrange & Act
+            await SignIn("Dude");
+            await CheckMyClaims("Dude");
+
+            var response = await Client.GetAsync("/Account/Logout");
+            var content = await response.Content.ReadAsStringAsync();
+            Assert.Equal(HttpStatusCode.OK, response.StatusCode);
+
+            response = await Client.GetAsync("/Home/MyClaims");
+            content = await response.Content.ReadAsStringAsync();
+
+            // Assert
+            Assert.Equal(HttpStatusCode.OK, response.StatusCode);
+            Assert.Contains("Log in</button>", content);
+        }
+
+        internal async Task CheckMyClaims(string userName)
+        {
+            var response = await Client.GetAsync("/Home/MyClaims");
+            var content = await response.Content.ReadAsStringAsync();
+            Assert.Equal(HttpStatusCode.OK, response.StatusCode);
+            Assert.Contains("<h2>HttpContext.User.Claims</h2>", content);
+            Assert.Contains($"<dd>{userName}</dd>", content); // Ensure user name shows up as a claim
+        }
+
+        internal async Task SignIn(string userName)
+        {
+            var goToSignIn = await Client.GetAsync("/account/login");
+            var signIn = await TestAssert.IsHtmlDocumentAsync(goToSignIn);
+
+            var form = TestAssert.HasForm(signIn);
+            await Client.SendAsync(form, new Dictionary<string, string>()
+            {
+                ["username"] = userName,
+                ["password"] = userName // this test doesn't care what the password is
+            });
+
+            Assert.Equal(HttpStatusCode.OK, signIn.StatusCode);
         }
     }
 }

test/AuthSamples.FunctionalTests/DynamicSchemeTests.cs

@@ -1,6 +1,7 @@
 // Copyright (c) .NET Foundation. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
+using System.Collections.Generic;
 using System.Net;
 using System.Net.Http;
 using System.Threading.Tasks;
@@ -13,7 +14,7 @@ namespace AuthSamples.FunctionalTests
     {
         public DynamicSchemeTests(WebApplicationFactory<DynamicSchemes.Startup> fixture)
         {
-            Client = fixture.CreateDefaultClient();
+            Client = fixture.CreateClient();
         }
 
         public HttpClient Client { get; }
@@ -29,6 +30,66 @@ namespace AuthSamples.FunctionalTests
             Assert.Equal(HttpStatusCode.OK, response.StatusCode);
         }
 
-        // TODO: add tests verifying add works, remove works
+        [Fact]
+        public async Task CanAddUpdateRemoveSchemes()
+        {
+            // Arrange & Act
+            var response = await AddScheme("New1", "NewOne");
+            var content = await response.Content.ReadAsStringAsync();
+            Assert.Equal(HttpStatusCode.OK, response.StatusCode);
+            Assert.Contains("New1", content);
+            Assert.Contains("NewOne", content);
+
+            response = await AddScheme("New2", "NewTwo");
+            content = await response.Content.ReadAsStringAsync();
+            Assert.Equal(HttpStatusCode.OK, response.StatusCode);
+            Assert.Contains("New1", content);
+            Assert.Contains("NewOne", content);
+            Assert.Contains("New2", content);
+            Assert.Contains("NewTwo", content);
+
+            response = await AddScheme("New2", "UpdateTwo");
+            content = await response.Content.ReadAsStringAsync();
+            Assert.Equal(HttpStatusCode.OK, response.StatusCode);
+            Assert.Contains("New1", content);
+            Assert.Contains("NewOne", content);
+            Assert.Contains("New2", content);
+            Assert.DoesNotContain("NewTwo", content);
+            Assert.Contains("UpdateTwo", content);
+
+            // Now remove all the schemes one at a time
+            response = await Client.GetAsync("/Auth/Remove?scheme=New1");
+            content = await response.Content.ReadAsStringAsync();
+            Assert.Equal(HttpStatusCode.OK, response.StatusCode);
+            Assert.DoesNotContain("New1", content);
+            Assert.DoesNotContain("NewOne", content);
+            Assert.Contains("New2", content);
+            Assert.DoesNotContain("NewTwo", content);
+            Assert.Contains("UpdateTwo", content);
+
+            response = await Client.GetAsync("/Auth/Remove?scheme=New2");
+            content = await response.Content.ReadAsStringAsync();
+            Assert.Equal(HttpStatusCode.OK, response.StatusCode);
+            Assert.DoesNotContain("New1", content);
+            Assert.DoesNotContain("NewOne", content);
+            Assert.DoesNotContain("New2", content);
+            Assert.DoesNotContain("NewTwo", content);
+            Assert.DoesNotContain("UpdateTwo", content);
+        }
+
+        private async Task<HttpResponseMessage> AddScheme(string name, string message)
+        {
+            var goToSignIn = await Client.GetAsync("/");
+            var signIn = await TestAssert.IsHtmlDocumentAsync(goToSignIn);
+
+            var form = TestAssert.HasForm(signIn);
+            return await Client.SendAsync(form, new Dictionary<string, string>()
+            {
+                ["scheme"] = name,
+                ["OptionsMessage"] = message,
+            });
+
+        }
+
     }
 }

test/AuthSamples.FunctionalTests/PathSchemeSelectionTests.cs

@@ -1,6 +1,7 @@
 // Copyright (c) .NET Foundation. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
+using System.Collections.Generic;
 using System.Net;
 using System.Net.Http;
 using System.Threading.Tasks;
@@ -13,7 +14,7 @@ namespace AuthSamples.FunctionalTests
     {
         public PathSchemeSelectionTests(WebApplicationFactory<PathSchemeSelection.Startup> fixture)
         {
-            Client = fixture.CreateDefaultClient();
+            Client = fixture.CreateClient();
         }
 
         public HttpClient Client { get; }
@@ -40,6 +41,7 @@ namespace AuthSamples.FunctionalTests
             Assert.Equal(HttpStatusCode.OK, response.StatusCode);
         }
 
+
         [Fact]
         public async Task MyClaimsRedirectsToLoginPageWhenNotLoggedIn()
         {
@@ -48,8 +50,8 @@ namespace AuthSamples.FunctionalTests
             var content = await response.Content.ReadAsStringAsync();
 
             // Assert
-            Assert.Equal(HttpStatusCode.Redirect, response.StatusCode);
+            Assert.Equal(HttpStatusCode.OK, response.StatusCode);
-            Assert.Equal("http://localhost/account/login?ReturnUrl=%2FHome%2FMyClaims", response.Headers.Location.ToString());
+            Assert.Equal("http://localhost/account/login?ReturnUrl=%2FHome%2FMyClaims", response.RequestMessage.RequestUri.ToString());
         }
 
         [Fact]
@@ -65,5 +67,55 @@ namespace AuthSamples.FunctionalTests
             Assert.Contains("Hao", content); // expected name claim
         }
 
+        [Fact]
+        public async Task MyClaimsShowsClaimsWhenLoggedIn()
+        {
+            // Arrange & Act
+            await SignIn("Dude");
+            await CheckMyClaims("Dude");
+        }
+
+        [Fact]
+        public async Task LogoutClearsCookie()
+        {
+            // Arrange & Act
+            await SignIn("Dude");
+            await CheckMyClaims("Dude");
+
+            var response = await Client.GetAsync("/Account/Logout");
+            var content = await response.Content.ReadAsStringAsync();
+            Assert.Equal(HttpStatusCode.OK, response.StatusCode);
+
+            response = await Client.GetAsync("/Home/MyClaims");
+            content = await response.Content.ReadAsStringAsync();
+
+            // Assert
+            Assert.Equal(HttpStatusCode.OK, response.StatusCode);
+            Assert.DoesNotContain("Logout", content);
+        }
+
+        internal async Task CheckMyClaims(string userName)
+        {
+            var response = await Client.GetAsync("/Home/MyClaims");
+            var content = await response.Content.ReadAsStringAsync();
+            Assert.Equal(HttpStatusCode.OK, response.StatusCode);
+            Assert.Contains("<h2>HttpContext.User.Claims (Scheme: Cookies)</h2>", content);
+            Assert.Contains($"<dd>{userName}</dd>", content); // Ensure user name shows up as a claim
+        }
+
+        internal async Task SignIn(string userName)
+        {
+            var goToSignIn = await Client.GetAsync("/account/login");
+            var signIn = await TestAssert.IsHtmlDocumentAsync(goToSignIn);
+
+            var form = TestAssert.HasForm(signIn);
+            await Client.SendAsync(form, new Dictionary<string, string>()
+            {
+                ["username"] = userName,
+                ["password"] = userName // this test doesn't care what the password is
+            });
+
+            Assert.Equal(HttpStatusCode.OK, signIn.StatusCode);
+        }
     }
 }

test/AuthSamples.FunctionalTests/TestAssert.cs

@@ -104,8 +104,6 @@ namespace AuthSamples.FunctionalTests
         }
 
         internal static void IsOK(HttpResponseMessage download)
-        {
+            => Assert.Equal(HttpStatusCode.OK, download.StatusCode);
-            Assert.Equal(HttpStatusCode.OK, download.StatusCode);
-        }
     }
 }