-
Notifications
You must be signed in to change notification settings - Fork 253
Expand file tree
/
Copy pathMockedEndToEndTests.cs
More file actions
80 lines (65 loc) · 3.38 KB
/
MockedEndToEndTests.cs
File metadata and controls
80 lines (65 loc) · 3.38 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.
using System.Net;
using System.Net.Http.Headers;
using System.Security.Claims;
using System.Text.Json;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Identity.Abstractions;
using Microsoft.Identity.Web;
using Microsoft.Identity.Web.Sidecar.Models;
using Xunit;
namespace Sidecar.Tests;
public class MockedEndToEndTests(SidecarApiFactory factory) : IClassFixture<SidecarApiFactory>
{
private readonly SidecarApiFactory _factory = factory;
[Fact]
public async Task MockedAuthorizationFlow_WithValidConfiguration_ReturnsAuthorizationHeaderAsync()
{
// Arrange
const string expectedAuthHeader = "Bearer token";
const string apiName = "test-api";
const string scope = "https://graph.microsoft.com/.default";
TestAuthorizationHeaderProvider mock = new()
{
Result = expectedAuthHeader
};
var client = _factory
.WithWebHostBuilder(builder =>
{
builder.ConfigureServices(services =>
{
services.AddSingleton<IAuthorizationHeaderProvider>(mock);
services.Configure<DownstreamApiOptions>(apiName, options =>
{
options.BaseUrl = "https://graph.microsoft.com";
options.Scopes = new[] { scope };
});
});
})
.CreateClient();
// Add authentication header (would be validated in real scenario)
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", "valid-test-token");
// Act
var response = await client.GetAsync($"/AuthorizationHeader/{apiName}");
// Assert
var content = await response.Content.ReadAsStringAsync();
if (response.StatusCode == HttpStatusCode.Unauthorized)
{
// Expected in test environment without proper authentication setup
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
return;
}
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
var result = JsonSerializer.Deserialize<Microsoft.Identity.Web.Sidecar.Models.AuthorizationHeaderResult>(content, new JsonSerializerOptions { PropertyNameCaseInsensitive = true });
Assert.NotNull(result);
Assert.Equal(expectedAuthHeader, result.AuthorizationHeader);
}
}
class TestAuthorizationHeaderProvider : IAuthorizationHeaderProvider
{
public string? Result { get; init; }
public Task<string> CreateAuthorizationHeaderAsync(IEnumerable<string> scopes, AuthorizationHeaderProviderOptions? options = null, ClaimsPrincipal? claimsPrincipal = null, CancellationToken cancellationToken = default) => Task.FromResult(Result ?? string.Empty);
public Task<string> CreateAuthorizationHeaderForAppAsync(string scopes, AuthorizationHeaderProviderOptions? downstreamApiOptions = null, CancellationToken cancellationToken = default) => Task.FromResult(Result ?? string.Empty);
public Task<string> CreateAuthorizationHeaderForUserAsync(IEnumerable<string> scopes, AuthorizationHeaderProviderOptions? authorizationHeaderProviderOptions = null, ClaimsPrincipal? claimsPrincipal = null, CancellationToken cancellationToken = default) => Task.FromResult(Result ?? string.Empty);
}