Renamed test projects

2024-12-10 16:39:28 +01:00
parent 4d91ce1819
commit ee7bf1e204
21 changed files with 31 additions and 27 deletions
--- a/tests/HopFrame.Tests.Security/AuthenticationTests.cs
+++ b/tests/HopFrame.Tests.Security/AuthenticationTests.cs
@@ -0,0 +1,141 @@
+using System.Text.Encodings.Web;
+using HopFrame.Database.Models;
+using HopFrame.Database.Repositories;
+using HopFrame.Security.Authentication;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Http;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+using Moq;
+
+namespace HopFrame.Tests.Security;
+
+public class AuthenticationTests {
+
+    private async Task<HopFrameAuthentication> SetupEnvironment(Token correctToken = null, string providedToken = null) {
+        var options = new Mock<IOptionsMonitor<AuthenticationSchemeOptions>>();
+        options
+            .Setup(x => x.Get(It.IsAny<string>()))
+            .Returns(new AuthenticationSchemeOptions());
+
+        var logger = new Mock<ILoggerFactory>();
+        logger
+            .Setup(x => x.CreateLogger(It.IsAny<String>()))
+            .Returns(new Mock<ILogger<HopFrameAuthentication>>().Object);
+
+        var encoder = new Mock<UrlEncoder>();
+        var clock = new Mock<ISystemClock>();
+        var tokens = new Mock<ITokenRepository>();
+        var perms = new Mock<IPermissionRepository>();
+
+        var provideCorrectToken = correctToken is null;
+        correctToken ??= new Token {
+            Content = Guid.NewGuid(),
+            CreatedAt = DateTime.Now,
+            Type = Token.AccessTokenType,
+            Owner = new User {
+                Id = Guid.NewGuid()
+            }
+        };
+
+        tokens
+            .Setup(x => x.GetToken(It.Is<string>(t => t == correctToken.Content.ToString())))
+            .ReturnsAsync(correctToken);
+
+        perms
+            .Setup(x => x.GetFullPermissions(It.IsAny<User>()))
+            .ReturnsAsync(new List<string>());
+
+        var auth = new HopFrameAuthentication(options.Object, logger.Object, encoder.Object, clock.Object, tokens.Object, perms.Object);
+        var context = new DefaultHttpContext();
+        if (provideCorrectToken)
+            context.HttpContext.Request.Headers.Append(HopFrameAuthentication.SchemeName, correctToken.Content.ToString());
+        if (providedToken is not null)
+            context.HttpContext.Request.Headers.Append(HopFrameAuthentication.SchemeName, providedToken);
+        
+        await auth.InitializeAsync(new AuthenticationScheme(HopFrameAuthentication.SchemeName, null, typeof(HopFrameAuthentication)), context);
+        return auth;
+    }
+
+    [Fact]
+    public async Task Authentication_Should_Succeed() {
+        // Arrange
+        var auth = await SetupEnvironment();
+        
+        // Act
+        var result = await auth.AuthenticateAsync();
+        
+        // Assert
+        Assert.True(result.Succeeded);
+    }
+    
+    [Fact]
+    public async Task Authentication_With_NoToken_Should_Fail() {
+        // Arrange
+        var auth = await SetupEnvironment(new Token());
+        
+        // Act
+        var result = await auth.AuthenticateAsync();
+        
+        // Assert
+        Assert.False(result.Succeeded);
+        Assert.NotNull(result.Failure);
+        Assert.Equal("No Access Token provided", result.Failure.Message);
+    }
+    
+    [Fact]
+    public async Task Authentication_With_InvalidToken_Should_Fail() {
+        // Arrange
+        var auth = await SetupEnvironment(null, Guid.NewGuid().ToString());
+        
+        // Act
+        var result = await auth.AuthenticateAsync();
+        
+        // Assert
+        Assert.False(result.Succeeded);
+        Assert.NotNull(result.Failure);
+        Assert.Equal("The provided Access Token does not exist", result.Failure.Message);
+    }
+    
+    [Fact]
+    public async Task Authentication_With_ExpiredToken_Should_Fail() {
+        // Arrange
+        var token = new Token {
+            Content = Guid.NewGuid(),
+            CreatedAt = DateTime.MinValue,
+            Type = Token.AccessTokenType,
+            Owner = new User()
+        };
+        var auth = await SetupEnvironment(token, token.Content.ToString());
+        
+        // Act
+        var result = await auth.AuthenticateAsync();
+        
+        // Assert
+        Assert.False(result.Succeeded);
+        Assert.NotNull(result.Failure);
+        Assert.Equal("The provided Access Token is expired", result.Failure.Message);
+    }
+    
+    [Fact]
+    public async Task Authentication_With_UnownedToken_Should_Fail() {
+        // Arrange
+        var token = new Token {
+            Content = Guid.NewGuid(),
+            CreatedAt = DateTime.Now,
+            Type = Token.AccessTokenType,
+            Owner = null
+        };
+        var auth = await SetupEnvironment(token, token.Content.ToString());
+        
+        // Act
+        var result = await auth.AuthenticateAsync();
+        
+        // Assert
+        Assert.False(result.Succeeded);
+        Assert.NotNull(result.Failure);
+        Assert.Equal("The provided Access Token does not match any user", result.Failure.Message);
+    }
+    
+    
+}
--- a/tests/HopFrame.Tests.Security/AuthorizationTests.cs
+++ b/tests/HopFrame.Tests.Security/AuthorizationTests.cs
@@ -0,0 +1,92 @@
+using System.Security.Claims;
+using HopFrame.Security.Authentication;
+using HopFrame.Security.Authorization;
+using HopFrame.Security.Claims;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Abstractions;
+using Microsoft.AspNetCore.Mvc.Filters;
+using Microsoft.AspNetCore.Routing;
+using Moq;
+
+namespace HopFrame.Tests.Security;
+
+public class AuthorizationTests {
+
+    private (AuthorizedFilter, AuthorizationFilterContext) SetupEnvironment(string[] userPermissions, string[] requiredPermissions, bool accessTokenProvided = true) {
+        var filter = new AuthorizedFilter(requiredPermissions);
+        
+        var httpContext = new DefaultHttpContext();
+        var actionContext = new ActionContext { HttpContext = httpContext, RouteData = new RouteData(), ActionDescriptor = new ActionDescriptor() };
+        var context = new Mock<AuthorizationFilterContext>(MockBehavior.Default, actionContext, new List<IFilterMetadata>());
+
+        context
+            .Setup(x => x.Filters)
+            .Returns(new List<IFilterMetadata>());
+
+        context.SetupProperty(c => c.Result);
+
+        var claims = new List<Claim> {
+            new(HopFrameClaimTypes.UserId, Guid.NewGuid().ToString())
+        };
+        if (accessTokenProvided)
+            claims.Add(new (HopFrameClaimTypes.AccessTokenId, Guid.NewGuid().ToString()));
+        claims.AddRange(userPermissions.Select(perm => new Claim(HopFrameClaimTypes.Permission, perm)));
+
+        context.Object.HttpContext.User.AddIdentity(new ClaimsIdentity(claims, HopFrameAuthentication.SchemeName));
+
+        return (filter, context.Object);
+    }
+
+    [Fact]
+    public void OnAuthorization_Should_Succeed() {
+        // Arrange
+        var (filter, context) = SetupEnvironment(["test.permission"], ["test.permission"]);
+        
+        // Act
+        filter.OnAuthorization(context);
+        
+        // Assert
+        Assert.Null(context.Result);
+    }
+
+    [Fact]
+    public void OnAuthorization_With_NoToken_Should_Fail() {
+        // Arrange
+        var (filter, context) = SetupEnvironment([], [], false);
+        
+        // Act
+        filter.OnAuthorization(context);
+        
+        // Assert
+        Assert.NotNull(context.Result);
+        Assert.IsType<UnauthorizedResult>(context.Result);
+    }
+    
+    [Fact]
+    public void OnAuthorization_With_NoPermissions_Should_Fail() {
+        // Arrange
+        var (filter, context) = SetupEnvironment([], ["test.permission"]);
+        
+        // Act
+        filter.OnAuthorization(context);
+        
+        // Assert
+        Assert.NotNull(context.Result);
+        Assert.IsType<UnauthorizedResult>(context.Result);
+    }
+    
+    [Fact]
+    public void OnAuthorization_With_InsufficientPermissions_Should_Fail() {
+        // Arrange
+        var (filter, context) = SetupEnvironment(["permission.other"], ["test.permission"]);
+        
+        // Act
+        filter.OnAuthorization(context);
+        
+        // Assert
+        Assert.NotNull(context.Result);
+        Assert.IsType<UnauthorizedResult>(context.Result);
+    }
+    
+}
--- a/tests/HopFrame.Tests.Security/HopFrame.Tests.Security.csproj
+++ b/tests/HopFrame.Tests.Security/HopFrame.Tests.Security.csproj
@@ -0,0 +1,34 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+    <PropertyGroup>
+        <TargetFramework>net8.0</TargetFramework>
+        <ImplicitUsings>enable</ImplicitUsings>
+        <Nullable>disable</Nullable>
+
+        <IsPackable>false</IsPackable>
+        <IsTestProject>true</IsTestProject>
+    </PropertyGroup>
+
+    <ItemGroup>
+        <PackageReference Include="coverlet.collector" Version="6.0.0"/>
+        <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.8.0"/>
+        <PackageReference Include="Moq" Version="4.20.72" />
+        <PackageReference Include="xunit" Version="2.5.3"/>
+        <PackageReference Include="xunit.runner.visualstudio" Version="2.5.3"/>
+    </ItemGroup>
+
+    <ItemGroup>
+        <Using Include="Xunit"/>
+    </ItemGroup>
+
+    <ItemGroup>
+      <Reference Include="Microsoft.AspNetCore.Authentication">
+        <HintPath>..\..\..\..\..\..\..\Program Files\dotnet\shared\Microsoft.AspNetCore.App\8.0.11\Microsoft.AspNetCore.Authentication.dll</HintPath>
+      </Reference>
+    </ItemGroup>
+
+    <ItemGroup>
+      <ProjectReference Include="..\..\src\HopFrame.Security\HopFrame.Security.csproj" />
+    </ItemGroup>
+
+</Project>