File: AuthMiddlewareUsingRequireAuthTest.cs
Web Access
Project: src\src\Mvc\test\Mvc.FunctionalTests\Microsoft.AspNetCore.Mvc.FunctionalTests.csproj (Microsoft.AspNetCore.Mvc.FunctionalTests)
// Licensed to the .NET Foundation under one or more agreements.
// The .NET Foundation licenses this file to you under the MIT license.
 
using System.Net;
using System.Net.Http;
using Microsoft.AspNetCore.Hosting;
 
namespace Microsoft.AspNetCore.Mvc.FunctionalTests;
 
public class AuthMiddlewareUsingRequireAuthTest : IClassFixture<MvcTestFixture<SecurityWebSite.StartupWithRequireAuth>>
{
    public AuthMiddlewareUsingRequireAuthTest(MvcTestFixture<SecurityWebSite.StartupWithRequireAuth> fixture)
    {
        var factory = fixture.Factories.FirstOrDefault() ?? fixture.WithWebHostBuilder(ConfigureWebHostBuilder);
        Client = factory.CreateDefaultClient();
    }
 
    private static void ConfigureWebHostBuilder(IWebHostBuilder builder) =>
        builder.UseStartup<SecurityWebSite.StartupWithRequireAuth>();
 
    public HttpClient Client { get; }
 
    [Fact]
    public async Task RequireAuthConfiguredGlobally_AppliesToControllers()
    {
        // Arrange
        var action = "Home/Index";
        var response = await Client.GetAsync(action);
 
        await AssertAuthorizeResponse(response);
 
        // We should be able to login with ClaimA alone
        var authCookie = await GetAuthCookieAsync("LoginClaimA");
 
        var request = new HttpRequestMessage(HttpMethod.Get, action);
        request.Headers.Add("Cookie", authCookie);
 
        response = await Client.SendAsync(request);
        await response.AssertStatusCodeAsync(HttpStatusCode.OK);
    }
 
    [Fact]
    public async Task RequireAuthConfiguredGlobally_AppliesToRazorPages()
    {
        // Arrange
        var action = "PagesHome";
        var response = await Client.GetAsync(action);
 
        await AssertAuthorizeResponse(response);
 
        // We should be able to login with ClaimA alone
        var authCookie = await GetAuthCookieAsync("LoginClaimA");
 
        var request = new HttpRequestMessage(HttpMethod.Get, action);
        request.Headers.Add("Cookie", authCookie);
 
        response = await Client.SendAsync(request);
        await response.AssertStatusCodeAsync(HttpStatusCode.OK);
    }
 
    private async Task AssertAuthorizeResponse(HttpResponseMessage response)
    {
        await response.AssertStatusCodeAsync(HttpStatusCode.Redirect);
        Assert.Equal("/Home/Login", response.Headers.Location.LocalPath);
    }
 
    private async Task<string> GetAuthCookieAsync(string action)
    {
        var response = await Client.PostAsync($"Login/{action}", null);
 
        await response.AssertStatusCodeAsync(HttpStatusCode.OK);
        Assert.True(response.Headers.Contains("Set-Cookie"));
        return response.Headers.GetValues("Set-Cookie").FirstOrDefault();
    }
}