| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140 |
- using System;
- using System.Collections.Generic;
- using System.Net;
- using System.Security.Claims;
- using System.Threading.Tasks;
- using AutoFixture;
- using AutoFixture.AutoMoq;
- using Jellyfin.Api.Auth.DefaultAuthorizationPolicy;
- using Jellyfin.Api.Constants;
- using Jellyfin.Data.Entities;
- using Jellyfin.Server.Implementations.Security;
- using MediaBrowser.Common.Configuration;
- using MediaBrowser.Controller.Library;
- using Microsoft.AspNetCore.Authorization;
- using Microsoft.AspNetCore.Http;
- using Moq;
- using Xunit;
- namespace Jellyfin.Api.Tests.Auth.DefaultAuthorizationPolicy
- {
- public class DefaultAuthorizationHandlerTests
- {
- private readonly Mock<IConfigurationManager> _configurationManagerMock;
- private readonly List<IAuthorizationRequirement> _requirements;
- private readonly DefaultAuthorizationHandler _sut;
- private readonly Mock<IUserManager> _userManagerMock;
- private readonly Mock<IHttpContextAccessor> _httpContextAccessor;
- public DefaultAuthorizationHandlerTests()
- {
- var fixture = new Fixture().Customize(new AutoMoqCustomization());
- _configurationManagerMock = fixture.Freeze<Mock<IConfigurationManager>>();
- _requirements = new List<IAuthorizationRequirement> { new DefaultAuthorizationRequirement() };
- _userManagerMock = fixture.Freeze<Mock<IUserManager>>();
- _httpContextAccessor = fixture.Freeze<Mock<IHttpContextAccessor>>();
- _sut = fixture.Create<DefaultAuthorizationHandler>();
- }
- [Theory]
- [InlineData(UserRoles.Administrator)]
- [InlineData(UserRoles.Guest)]
- [InlineData(UserRoles.User)]
- public async Task ShouldSucceedOnUser(string userRole)
- {
- TestHelpers.SetupConfigurationManager(_configurationManagerMock, true);
- var claims = TestHelpers.SetupUser(
- _userManagerMock,
- _httpContextAccessor,
- userRole);
- var context = new AuthorizationHandlerContext(_requirements, claims, null);
- await _sut.HandleAsync(context);
- Assert.True(context.HasSucceeded);
- }
- [Fact]
- public async Task ShouldSucceedOnApiKey()
- {
- TestHelpers.SetupConfigurationManager(_configurationManagerMock, true);
- _httpContextAccessor
- .Setup(h => h.HttpContext!.Connection.RemoteIpAddress)
- .Returns(new IPAddress(0));
- _userManagerMock
- .Setup(u => u.GetUserById(It.IsAny<Guid>()))
- .Returns<User?>(null);
- var claims = new[]
- {
- new Claim(InternalClaimTypes.IsApiKey, bool.TrueString)
- };
- var identity = new ClaimsIdentity(claims, string.Empty);
- var principal = new ClaimsPrincipal(identity);
- var context = new AuthorizationHandlerContext(_requirements, principal, null);
- await _sut.HandleAsync(context);
- Assert.True(context.HasSucceeded);
- }
- [Theory]
- [MemberData(nameof(GetParts_ValidAuthHeader_Success_Data))]
- public void GetParts_ValidAuthHeader_Success(string input, Dictionary<string, string> parts)
- {
- var dict = AuthorizationContext.GetParts(input);
- foreach (var (key, value) in parts)
- {
- Assert.Equal(dict[key], value);
- }
- }
- public static TheoryData<string, Dictionary<string, string>> GetParts_ValidAuthHeader_Success_Data()
- {
- var data = new TheoryData<string, Dictionary<string, string>>();
- data.Add(
- "x=\"123,123\",y=\"123\"",
- new Dictionary<string, string>
- {
- { "x", "123,123" },
- { "y", "123" }
- });
- data.Add(
- "x=\"123,123\", y=\"123\",z=\"'hi'\"",
- new Dictionary<string, string>
- {
- { "x", "123,123" },
- { "y", "123" },
- { "z", "'hi'" }
- });
- data.Add(
- "x=\"ab\"",
- new Dictionary<string, string>
- {
- { "x", "ab" }
- });
- data.Add(
- "param=Hörbücher",
- new Dictionary<string, string>
- {
- { "param", "Hörbücher" }
- });
- data.Add(
- "param=%22%Hörbücher",
- new Dictionary<string, string>
- {
- { "param", "\"%Hörbücher" }
- });
- return data;
- }
- }
- }
|
