// Copyright (c) .NET Foundation. All rights reserved. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. using System; using System.Security.Claims; using System.Threading.Tasks; using Microsoft.AspNetCore.Http; using Microsoft.Extensions.DependencyInjection; using Xunit; namespace Microsoft.AspNetCore.Authentication { public class AuthenticationServiceTests { [Fact] public async Task CanOnlySignInIfSupported() { var services = new ServiceCollection().AddOptions().AddAuthenticationCore(o => { o.AddScheme("uber", "whatever"); o.AddScheme("base", "whatever"); o.AddScheme("signin", "whatever"); o.AddScheme("signout", "whatever"); }).BuildServiceProvider(); var context = new DefaultHttpContext(); context.RequestServices = services; await context.SignInAsync("uber", new ClaimsPrincipal(), null); await Assert.ThrowsAsync(() => context.SignInAsync("base", new ClaimsPrincipal(), null)); await context.SignInAsync("signin", new ClaimsPrincipal(), null); await Assert.ThrowsAsync(() => context.SignInAsync("signout", new ClaimsPrincipal(), null)); } [Fact] public async Task CanOnlySignOutIfSupported() { var services = new ServiceCollection().AddOptions().AddAuthenticationCore(o => { o.AddScheme("uber", "whatever"); o.AddScheme("base", "whatever"); o.AddScheme("signin", "whatever"); o.AddScheme("signout", "whatever"); }).BuildServiceProvider(); var context = new DefaultHttpContext(); context.RequestServices = services; await context.SignOutAsync("uber"); await Assert.ThrowsAsync(() => context.SignOutAsync("base")); await context.SignOutAsync("signout"); await context.SignOutAsync("signin"); } [Fact] public async Task ServicesWithDefaultIAuthenticationHandlerMethodsTest() { var services = new ServiceCollection().AddOptions().AddAuthenticationCore(o => { o.AddScheme("base", "whatever"); o.DefaultScheme = "base"; }).BuildServiceProvider(); var context = new DefaultHttpContext(); context.RequestServices = services; await context.AuthenticateAsync(); await context.ChallengeAsync(); await context.ForbidAsync(); await Assert.ThrowsAsync(() => context.SignOutAsync()); await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); } [Fact] public async Task ServicesWithDefaultUberMethodsTest() { var services = new ServiceCollection().AddOptions().AddAuthenticationCore(o => { o.AddScheme("base", "whatever"); o.DefaultScheme = "base"; }).BuildServiceProvider(); var context = new DefaultHttpContext(); context.RequestServices = services; await context.AuthenticateAsync(); await context.ChallengeAsync(); await context.ForbidAsync(); await context.SignOutAsync(); await context.SignInAsync(new ClaimsPrincipal()); } [Fact] public async Task ServicesWithDefaultSignInMethodsTest() { var services = new ServiceCollection().AddOptions().AddAuthenticationCore(o => { o.AddScheme("base", "whatever"); o.DefaultScheme = "base"; }).BuildServiceProvider(); var context = new DefaultHttpContext(); context.RequestServices = services; await context.AuthenticateAsync(); await context.ChallengeAsync(); await context.ForbidAsync(); await context.SignOutAsync(); await context.SignInAsync(new ClaimsPrincipal()); } [Fact] public async Task ServicesWithDefaultSignOutMethodsTest() { var services = new ServiceCollection().AddOptions().AddAuthenticationCore(o => { o.AddScheme("base", "whatever"); o.DefaultScheme = "base"; }).BuildServiceProvider(); var context = new DefaultHttpContext(); context.RequestServices = services; await context.AuthenticateAsync(); await context.ChallengeAsync(); await context.ForbidAsync(); await context.SignOutAsync(); await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); } private class BaseHandler : IAuthenticationHandler { public Task AuthenticateAsync() { return Task.FromResult(AuthenticateResult.NoResult()); } public Task ChallengeAsync(AuthenticationProperties properties) { return Task.FromResult(0); } public Task ForbidAsync(AuthenticationProperties properties) { return Task.FromResult(0); } public Task InitializeAsync(AuthenticationScheme scheme, HttpContext context) { return Task.FromResult(0); } } private class SignInHandler : IAuthenticationSignInHandler { public Task AuthenticateAsync() { return Task.FromResult(AuthenticateResult.NoResult()); } public Task ChallengeAsync(AuthenticationProperties properties) { return Task.FromResult(0); } public Task ForbidAsync(AuthenticationProperties properties) { return Task.FromResult(0); } public Task InitializeAsync(AuthenticationScheme scheme, HttpContext context) { return Task.FromResult(0); } public Task SignInAsync(ClaimsPrincipal user, AuthenticationProperties properties) { return Task.FromResult(0); } public Task SignOutAsync(AuthenticationProperties properties) { return Task.FromResult(0); } } public class SignOutHandler : IAuthenticationSignOutHandler { public Task AuthenticateAsync() { return Task.FromResult(AuthenticateResult.NoResult()); } public Task ChallengeAsync(AuthenticationProperties properties) { return Task.FromResult(0); } public Task ForbidAsync(AuthenticationProperties properties) { return Task.FromResult(0); } public Task InitializeAsync(AuthenticationScheme scheme, HttpContext context) { return Task.FromResult(0); } public Task SignOutAsync(AuthenticationProperties properties) { return Task.FromResult(0); } } private class UberHandler : IAuthenticationHandler, IAuthenticationRequestHandler, IAuthenticationSignInHandler, IAuthenticationSignOutHandler { public Task AuthenticateAsync() { return Task.FromResult(AuthenticateResult.NoResult()); } public Task ChallengeAsync(AuthenticationProperties properties) { return Task.FromResult(0); } public Task ForbidAsync(AuthenticationProperties properties) { return Task.FromResult(0); } public Task HandleRequestAsync() { return Task.FromResult(false); } public Task InitializeAsync(AuthenticationScheme scheme, HttpContext context) { return Task.FromResult(0); } public Task SignInAsync(ClaimsPrincipal user, AuthenticationProperties properties) { return Task.FromResult(0); } public Task SignOutAsync(AuthenticationProperties properties) { return Task.FromResult(0); } } } }