1. 首頁
  2. 問答
  3. 是否可以編寫一個可以測試AuthorizationPolicy對象的測試?

是否可以編寫一個可以測試AuthorizationPolicy對象的測試?

2017-10-09 102 views
1

我已經得到了我想要測試策略中的C#是否可以編寫一個可以測試AuthorizationPolicy對象的測試?

public class WorkflowCreatePolicy 
{ 
    public AuthorizationPolicy AuthorizationPolicy => 
     new AuthorizationPolicyBuilder() 
      .RequireClaim("scope", "WorkflowAdmin") 
      .Build(); 
}

有誰知道的方法來測試AuthorizationPolicy確認範圍「WorkflowAdmin」是成功的,其他都是不呢?

這是我所看到的,當我檢查對象:

enter image description here

我設法找到了這個網站:Authorization Handler Unit Tests但其談論測試處理器,並具有標誌着身份驗證嘗試是成功的代碼。

我不確定這是否接近或不接近。它目前沒有通過

[Test] 
public void GivenPolicyName_WhenICallPolicyChecks_ThenItPasses() 
{ 
    ClaimsPrincipal user = new ClaimsPrincipal(new ClaimsIdentity(new List<Claim> { new Claim(CustomClaims.Scope, "WorkflowAdmin") })); 

    WorkflowCreatePolicy workflowCreatePolicy = new WorkflowCreatePolicy(); 

    AuthorizationHandlerContext authorizationHandlerContext = new AuthorizationHandlerContext(workflowCreatePolicy.AuthorizationPolicy.Requirements, user, null); 

    Assert.That(authorizationHandlerContext.HasSucceeded, Is.EqualTo(true)); 
}

來源

2017-10-09 chris31389

回答

2

引擎蓋下的AuthorizationPolicy只是一個集合授權處理程序。諸如RequireClaim之類的方法將Microsoft構建的處理程序添加到集合中。在這種情況下,ClaimsAuthorizationRequirementAuthorizationHandler繼承。

要驗證用戶是否通過AuthorizationPolicy,您需要一個將調用所有策略的AuthorizationService。第一個處理程序未能對用戶進行身份驗證後,DefaultAuthorizationService將停止。如果你不註冊另一個AuthorizationService這個將被使用。

所以你可以自己構建AuthorizationService,並調用它的AuthorizeAsync方法。請注意,如果您想對他們進行測試,您也需要註冊您的定製AuthorizationHandler

private static async Task<bool> CanAuthorizeUserWithPolicyAsync(ClaimsPrincipal user, AuthorizationPolicy policy) 
{ 
    var handlers = policy.Requirements.Select(x => x as IAuthorizationHandler).ToArray(); 
    // add your custom authorization handlers here to the `handlers` collection 

    var authorizationOptions = Options.Create(new AuthorizationOptions()); 

    authorizationOptions.Value.AddPolicy(nameof(policy), policy); 

    var policyProvider = new DefaultAuthorizationPolicyProvider(authorizationOptions); 
    var handlerProvider = new DefaultAuthorizationHandlerProvider(handlers); 
    var contextFactory = new DefaultAuthorizationHandlerContextFactory(); 

    var authorizationService = new DefaultAuthorizationService(
     policyProvider, 
     handlerProvider, 
     new NullLogger<DefaultAuthorizationService>(), 
     contextFactory, 
     new DefaultAuthorizationEvaluator(), 
     authorizationOptions); 

    var result = await authorizationService.AuthorizeAsync(user, policy); 
    return result.Succeeded; 
}

您可以像下面這樣使用此方法。

var user = new ClaimsPrincipal(new ClaimsIdentity(new List<Claim> { new Claim("scope", "WorkflowAdmin") })); 

var policy = new AuthorizationPolicyBuilder() 
    .RequireClaim("scope", "WorkflowAdmin") 
    .Build(); 

Assert.That(await CanAuthorizeUserWithPolicyAsync(user, policy), Is.EqualTo(true));

來源

2017-10-16 09:05:35 NtFreX

相關問題

 相關問題