Skip to content

Commit

Permalink
Facebook: Test functionality of OnCannotCreateCookies hook.
Browse files Browse the repository at this point in the history 
- Added tests to validate flow, triggering, and default behaviors.
  • Loading branch information
@NTaylorMullen
NTaylorMullen committed Aug 27, 2014
1 parent 8c87afb commit eef9d90
Show file tree
Hide file tree
Showing 4 changed files with 180 additions and 20 deletions.
1 change: 1 addition & 0 deletions test/Microsoft.AspNet.Facebook.Test/App.config
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,5 +6,6 @@
<add key="Facebook:AppNamespace" value="MyApp" />
<add key="Facebook:AppUrl" value="https://apps.newfacebook.example.com/myapp" />
<add key="Facebook:AuthorizationRedirectPath" value="~/Authorize/Index" />
<add key="Facebook:CannotCreateCookiesRedirectPath" value="~/NoCookies/Index" />
</appSettings>
</configuration>
163 changes: 143 additions & 20 deletions test/Microsoft.AspNet.Facebook.Test/FacebookAuthorizeFilterHookTest.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,66 @@ namespace Microsoft.AspNet.Facebook.Test
public class FacebookAuthorizeFilterHookTest
{
[Theory]
[InlineData("http://example.com", "email", true)]
[InlineData("http://example.com?error=access_denied", "email", false)]
[InlineData("http://example.com?error=access_denied", null, false)]
[InlineData("~/home/cannotcreatecookies", "https://apps.facebook.com/DefaultAppId/home/cannotcreatecookies")]
[InlineData(null, "https://www.facebook.com/")]
public void OnAuthorization_CannotCreateCookiesHookRedirectsToConfigValueOrDefault(
string cannotCreateCookiesRedirectPath,
string expectedRedirectPath)
{
// Arrange
var config = BuildConfiguration("~/home/permissions", cannotCreateCookiesRedirectPath);
var authorizeFilter = new FacebookAuthorizeFilter(config);
var context = BuildSignedAuthorizationContext("http://contoso.com?__fb_mps=", "email");

// Act
authorizeFilter.OnAuthorization(context);
var result = context.Result as JavaScriptRedirectResult;

// Assert
Assert.Equal(result.RedirectUrl.AbsoluteUri, new Uri(expectedRedirectPath).AbsoluteUri);
}

[Fact]
public void OnAuthorization_OnlyTriggersCannotCreateCookiesHook()
{
// Arrange
var config = BuildConfiguration("~/home/permissions");
var authorizeFilter = new CustomDefaultAuthorizeFilter(config);
var context = BuildSignedAuthorizationContext("http://contoso.com?__fb_mps=", "email");

// Act
authorizeFilter.OnAuthorization(context);

// Assert
Assert.True(authorizeFilter.CannotCreateCookiesHookTriggered);
Assert.False(authorizeFilter.PermissionPromptHookTriggered);
Assert.False(authorizeFilter.DeniedPermissionPromptHookTriggered);
}

[Theory]
[InlineData("http://contoso.com?__fb_mps=", "email", true)]
[InlineData("http://contoso.com", "email", false)]
[InlineData("http://contoso.com?__fb_mps=", null, false)]
public void OnAuthorization_TriggersCannotCreateCookiesHook(string requestUrl,
string permission,
bool expectedTrigger)
{
// Arrange
var config = BuildConfiguration("~/home/permissions");
var authorizeFilter = new CustomDefaultAuthorizeFilter(config);
var context = BuildSignedAuthorizationContext(requestUrl, permission);

// Act
authorizeFilter.OnAuthorization(context);

// Assert
Assert.Equal(expectedTrigger, authorizeFilter.CannotCreateCookiesHookTriggered);
}

[Theory]
[InlineData("http://contoso.com", "email", true)]
[InlineData("http://contoso.com?error=access_denied", "email", false)]
[InlineData("http://contoso.com?error=access_denied", null, false)]
public void OnAuthorization_TriggersPreHookPriorToPermissionsDialog(string requestUrl,
string permission,
bool expectedTrigger)
Expand All @@ -35,9 +92,9 @@ public void OnAuthorization_TriggersPreHookPriorToPermissionsDialog(string reque
}

[Theory]
[InlineData("http://example.com", "email", true)]
[InlineData("http://example.com?error=access_denied", "email", false)]
[InlineData("http://example.com?error=access_denied", null, false)]
[InlineData("http://contoso.com", "email", true)]
[InlineData("http://contoso.com?error=access_denied", "email", false)]
[InlineData("http://contoso.com?error=access_denied", null, false)]
public void OnAuthorization_TriggersDeniedHook(string requestUrl, string permission, bool expectedTrigger)
{
// Arrange
Expand All @@ -57,11 +114,11 @@ public void OnAuthorization_TriggersDeniedHook(string requestUrl, string permiss
}

[Theory]
[InlineData("http://example.com", "email", "email", true)]
[InlineData("http://example.com", "email", "foo", false)]
[InlineData("http://example.com?error=access_denied", "email", "email", false)]
[InlineData("http://example.com?error=access_denied", "email", "foo", false)]
[InlineData("http://example.com?error=access_denied", null, "foo", false)]
[InlineData("http://contoso.com", "email", "email", true)]
[InlineData("http://contoso.com", "email", "foo", false)]
[InlineData("http://contoso.com?error=access_denied", "email", "email", false)]
[InlineData("http://contoso.com?error=access_denied", "email", "foo", false)]
[InlineData("http://contoso.com?error=access_denied", null, "foo", false)]
public void OnAuthorization_TriggersDeniedHookWithRevokedPermissions(string requestUrl,
string permission,
string permissionInStatus,
Expand Down Expand Up @@ -89,9 +146,9 @@ public void OnAuthorization_TriggersDeniedHookWithRevokedPermissions(string requ
}

[Theory]
[InlineData("http://example.com", "email", true)]
[InlineData("http://example.com?error=access_denied", "email", false)]
[InlineData("http://example.com?error=access_denied", null, false)]
[InlineData("http://contoso.com", "email", true)]
[InlineData("http://contoso.com?error=access_denied", "email", false)]
[InlineData("http://contoso.com?error=access_denied", null, false)]
public void OnAuthorization_TriggersDeniedHookAfterPersistingRequestedPermissions(string requestUrl,
string permission,
bool expectedTrigger)
Expand Down Expand Up @@ -122,13 +179,28 @@ public void OnAuthorization_TriggersDeniedHookAfterPersistingRequestedPermission
Assert.Equal(expectedTrigger, authorizeFilter.DeniedPermissionPromptHookTriggered);
}

[Fact]
public void OnAuthorization_CannotCreateCookiesHookNullFlows()
{
// Arrange
var config = BuildConfiguration("~/home/permissions");
var authorizeFilter = new CustomInvalidAuthorizeFilter(config);
var context = BuildSignedAuthorizationContext("http://contoso.com?__fb_mps=", "email");

// Act
authorizeFilter.OnAuthorization(context);

// Assert
Assert.Null(context.Result);
}

[Fact]
public void OnAuthorization_PreHookNullTreatedLikeIgnoreResult()
{
// Arrange
var config = BuildConfiguration("~/home/permissions");
var authorizeFilter = new CustomInvalidAuthorizeFilter(config);
var context = BuildSignedAuthorizationContext("http://www.example.com", "email");
var context = BuildSignedAuthorizationContext("http://contoso.com", "email");

// Act
authorizeFilter.OnAuthorization(context);
Expand All @@ -147,7 +219,7 @@ public void OnAuthorization_DeniedHookNullTreatedLikeIgnoreResult()
persistedCookies.Add(
new HttpCookie(
PermissionHelper.RequestedPermissionCookieName, "email"));
var context = BuildSignedAuthorizationContext("http://www.example.com", "email", persistedCookies);
var context = BuildSignedAuthorizationContext("http://contoso.com", "email", persistedCookies);

// Act
authorizeFilter.OnAuthorization(context);
Expand All @@ -156,14 +228,35 @@ public void OnAuthorization_DeniedHookNullTreatedLikeIgnoreResult()
Assert.Null(context.Result);
}

[Fact]
public void OnAuthorization_CannotCreateCookiesHookCustomActionResultIsContextsResult()
{
// Arrange
var tempUrl = "http://contoso.com?__fb_mps=";
var config = BuildConfiguration("~/home/permissions");
var cannotCreateCookiesHookResult = new RedirectResult(tempUrl);
var authorizeFilter = new CustomReturningAuthorizeFilter(config,
cannotCreateCookiesHookResult,
new RedirectResult(tempUrl),
new RedirectResult(tempUrl));
var context = BuildSignedAuthorizationContext(tempUrl, "email");

// Act
authorizeFilter.OnAuthorization(context);

// Assert
Assert.Equal(cannotCreateCookiesHookResult, context.Result);
}

[Fact]
public void OnAuthorization_PreHookCustomActionResultIsContextsResult()
{
// Arrange
var tempUrl = "http://www.example.com";
var tempUrl = "http://contoso.com";
var config = BuildConfiguration("~/home/permissions");
var preHookResult = new RedirectResult(tempUrl);
var authorizeFilter = new CustomReturningAuthorizeFilter(config,
new RedirectResult(tempUrl),
preHookResult,
new RedirectResult(tempUrl));
var context = BuildSignedAuthorizationContext(tempUrl, "email");
Expand All @@ -179,10 +272,11 @@ public void OnAuthorization_PreHookCustomActionResultIsContextsResult()
public void OnAuthorization_DeniedHookCustomActionResultIsContextsResult()
{
// Arrange
var tempUrl = "http://www.example.com";
var tempUrl = "http://contoso.com";
var config = BuildConfiguration("~/home/permissions");
var deniedHookResult = new RedirectResult(tempUrl);
var authorizeFilter = new CustomReturningAuthorizeFilter(config,
new RedirectResult(tempUrl),
new RedirectResult(tempUrl),
deniedHookResult);
var persistedCookies = new HttpCookieCollection();
Expand All @@ -200,13 +294,19 @@ public void OnAuthorization_DeniedHookCustomActionResultIsContextsResult()

// Helper methods and classes
private FacebookConfiguration BuildConfiguration(string authorizationRedirectPath,
string cannotCreateCookiesRedirectPath = null,
PermissionsStatus userPermissionsStatus = null)
{
var client = MockHelpers.CreateFacebookClient();
var permissionService = MockHelpers.CreatePermissionService(new[] { "" }, userPermissionsStatus);
var config = MockHelpers.CreateConfiguration(client, permissionService);
config.AuthorizationRedirectPath = authorizationRedirectPath;

if (cannotCreateCookiesRedirectPath != null)
{
config.CannotCreateCookieRedirectPath = cannotCreateCookiesRedirectPath;
}

return config;
}

Expand All @@ -216,13 +316,15 @@ private AuthorizationContext BuildSignedAuthorizationContext(string requestUrl,
{
var permissions = permission == null ? new string[0] : new string[] { permission };

var requestUri = new Uri(requestUrl);

var context = new AuthorizationContext(
MockHelpers.CreateControllerContext(new NameValueCollection
{
{"signed_request", "exampleSignedRequest"}
},
null,
new Uri(requestUrl),
HttpUtility.ParseQueryString(requestUri.Query),
requestUri,
requestCookies),
MockHelpers.CreateActionDescriptor(new[] { new FacebookAuthorizeAttribute(permissions) }));

Expand All @@ -235,6 +337,11 @@ public CustomInvalidAuthorizeFilter(FacebookConfiguration config)
: base(config)
{ }

protected override void OnCannotCreateCookies(PermissionContext context)
{
context.Result = null;
}

protected override void OnPermissionPrompt(PermissionContext context)
{
context.Result = null;
Expand All @@ -252,9 +359,17 @@ public CustomDefaultAuthorizeFilter(FacebookConfiguration config)
: base(config)
{ }

public bool CannotCreateCookiesHookTriggered { get; private set; }
public bool PermissionPromptHookTriggered { get; private set; }
public bool DeniedPermissionPromptHookTriggered { get; private set; }

protected override void OnCannotCreateCookies(PermissionContext context)
{
CannotCreateCookiesHookTriggered = true;

base.OnCannotCreateCookies(context);
}

protected override void OnPermissionPrompt(PermissionContext context)
{
PermissionPromptHookTriggered = true;
Expand All @@ -272,18 +387,26 @@ protected override void OnDeniedPermissionPrompt(PermissionContext context)

private class CustomReturningAuthorizeFilter : FacebookAuthorizeFilter
{
private ActionResult _cannotCreateCookieResult;
private ActionResult _promptPermissionHookResult;
private ActionResult _deniedPermissionPromptHookResult;

public CustomReturningAuthorizeFilter(FacebookConfiguration config,
ActionResult cannotCreateCookieResult,
ActionResult promptPermissionHookResult,
ActionResult deniedPermissionPromptHookResult)
: base(config)
{
_cannotCreateCookieResult = cannotCreateCookieResult;
_promptPermissionHookResult = promptPermissionHookResult;
_deniedPermissionPromptHookResult = deniedPermissionPromptHookResult;
}

protected override void OnCannotCreateCookies(PermissionContext context)
{
context.Result = _cannotCreateCookieResult;
}

protected override void OnPermissionPrompt(PermissionContext context)
{
context.Result = _promptPermissionHookResult;
Expand Down
27 changes: 27 additions & 0 deletions test/Microsoft.AspNet.Facebook.Test/FacebookAuthorizeFilterTest.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,20 @@ namespace Microsoft.AspNet.Facebook.Test
{
public class FacebookAuthorizeFilterTest
{
[Fact]
public void AddCookieVerificationQuery_AddsQueryParams()
{
// Arrange
var collection = new NameValueCollection();
var filter = new CustomAuthorizeFilter();

// Act
filter.ExposedAddCookieVerificationQuery(collection);

// Assert
Assert.NotEmpty(collection);
}

[Fact]
public void Constructor_ThrowsArgumentNullException()
{
Expand Down Expand Up @@ -115,5 +129,18 @@ public void OnAuthorization_RedirectsToAuthorizationRedirectPath_OnlyWhenUserDen
String.Format("<script>window.top.location = '{0}';</script>", expectedRedirectUrl),
result.Content);
}

private class CustomAuthorizeFilter : FacebookAuthorizeFilter
{
public CustomAuthorizeFilter()
: base(new FacebookConfiguration())
{
}

public void ExposedAddCookieVerificationQuery(NameValueCollection queries)
{
AddCookieVerificationQuery(queries);
}
}
}
}
9 changes: 9 additions & 0 deletions test/Microsoft.AspNet.Facebook.Test/FacebookConfigurationTest.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ public void Default_Constructor()
Assert.Null(config.AppSecret);
Assert.NotNull(config.AppUrl);
Assert.Null(config.AuthorizationRedirectPath);
Assert.Null(config.CannotCreateCookieRedirectPath);
Assert.Null(config.ClientProvider);
Assert.Null(config.PermissionService);
Assert.NotNull(config.Properties);
Expand Down Expand Up @@ -56,6 +57,7 @@ public void LoadFromAppSettings_ReadsFromAppConfig()
Assert.Equal("abcdefg", config.AppSecret);
Assert.Equal("MyApp", config.AppNamespace);
Assert.Equal("~/Authorize/Index", config.AuthorizationRedirectPath);
Assert.Equal("~/NoCookies/Index", config.CannotCreateCookieRedirectPath);
Assert.Equal("https://apps.newfacebook.example.com/myapp", config.AppUrl);
}

Expand All @@ -65,5 +67,12 @@ public void AuthorizationRedirectPath_ThrowsArgumentException()
FacebookConfiguration config = new FacebookConfiguration();
Assert.ThrowsArgument(() => config.AuthorizationRedirectPath = "Home/Permissions", "value");
}

[Fact]
public void CannotCreateCookieRedirectPath_ThrowsArgumentException()
{
FacebookConfiguration config = new FacebookConfiguration();
Assert.ThrowsArgument(() => config.CannotCreateCookieRedirectPath = "Home/Permissions", "value");
}
}
}

0 comments on commit eef9d90

Please sign in to comment.