Dev authorization fakes (#151)

* Created fake helper classes to assist with testing Blazor authentication/authorization. Added unit tests for them.

* Added extension methods to add appropriate authentication/authorization test service, in the right state, to the TestServiceProvider. Added unit tests.

* Added component tests that use AuthorizeView and the BUnit authorization fakes to validate the various states.

* Updated changelog and minor cleanup for SimpleAuthView and test.

* Added placeholders for AuthenticationStateProvider and IAuthorizationService to give user friendly reminder to call AddAuthorization to TestContext.Services.

* committing this to be able to switch

* Created fake helper classes to assist with testing Blazor authentication/authorization. Added unit tests for them.

* Added extension methods to add appropriate authentication/authorization test service, in the right state, to the TestServiceProvider. Added unit tests.

* Added component tests that use AuthorizeView and the BUnit authorization fakes to validate the various states.

* Updated changelog and minor cleanup for SimpleAuthView and test.

* Added placeholders for AuthenticationStateProvider and IAuthorizationService to give user friendly reminder to call AddAuthorization to TestContext.Services.

* Added documentation for fake authorization services and how to use them.

* Fixed code formatting in documentation.

* Update docs/site/docs/mocking/mocking-auth.md

Co-authored-by: Egil Hansen <egil@assimilated.dk>

* Update src/bunit.web/TestDoubles/Authorization/FakeAuthenticationStateProvider.cs

Change to method comment.

Co-authored-by: Egil Hansen <egil@assimilated.dk>

* Update docs/site/docs/mocking/mocking-auth.md

changing mocking to faking

Co-authored-by: Egil Hansen <egil@assimilated.dk>

* Update src/bunit.web.tests/TestDoubles/Authorization/FakeAuthorizationPolicyProviderTest.cs

Removing ConfigureAwait call.

Co-authored-by: Egil Hansen <egil@assimilated.dk>

* Update src/bunit.web.tests/TestDoubles/Authorization/LoginDisplay.razor

removing NavigationManager

Co-authored-by: Egil Hansen <egil@assimilated.dk>

* Update src/bunit.web.tests/TestDoubles/Authorization/LoginDisplayTest.cs

removed navigation manager from component.

Co-authored-by: Egil Hansen <egil@assimilated.dk>

* Update src/bunit.web.tests/TestDoubles/Authorization/LoginDisplayTest.cs

removed navigation manager from component.

Co-authored-by: Egil Hansen <egil@assimilated.dk>

* Update src/bunit.web.tests/TestDoubles/Authorization/SimpleAuthView.razor

remove unnecessary @code block

Co-authored-by: Egil Hansen <egil@assimilated.dk>

* Update src/bunit.web.tests/TestDoubles/Authorization/LoginDisplayTest.cs

removed navigation manager from component.

Co-authored-by: Egil Hansen <egil@assimilated.dk>

* Update src/bunit.web.tests/TestDoubles/Authorization/LoginDisplayTest.cs

removed navigation manager from component.

Co-authored-by: Egil Hansen <egil@assimilated.dk>

* Created fake helper classes to assist with testing Blazor authentication/authorization. Added unit tests for them.

* Added extension methods to add appropriate authentication/authorization test service, in the right state, to the TestServiceProvider. Added unit tests.

* Added component tests that use AuthorizeView and the BUnit authorization fakes to validate the various states.

* Updated changelog and minor cleanup for SimpleAuthView and test.

* Added placeholders for AuthenticationStateProvider and IAuthorizationService to give user friendly reminder to call AddAuthorization to TestContext.Services.

* Update src/bunit.web/TestDoubles/Authorization/FakeAuthenticationStateProvider.cs

Change to method comment.

Co-authored-by: Egil Hansen <egil@assimilated.dk>

* Update src/bunit.web.tests/TestDoubles/Authorization/FakeAuthorizationPolicyProviderTest.cs

Removing ConfigureAwait call.

Co-authored-by: Egil Hansen <egil@assimilated.dk>

* Update src/bunit.web.tests/TestDoubles/Authorization/LoginDisplay.razor

removing NavigationManager

Co-authored-by: Egil Hansen <egil@assimilated.dk>

* Update src/bunit.web.tests/TestDoubles/Authorization/LoginDisplayTest.cs

removed navigation manager from component.

Co-authored-by: Egil Hansen <egil@assimilated.dk>

* Update src/bunit.web.tests/TestDoubles/Authorization/LoginDisplayTest.cs

removed navigation manager from component.

Co-authored-by: Egil Hansen <egil@assimilated.dk>

* Update src/bunit.web.tests/TestDoubles/Authorization/SimpleAuthView.razor

remove unnecessary @code block

Co-authored-by: Egil Hansen <egil@assimilated.dk>

* Update src/bunit.web.tests/TestDoubles/Authorization/LoginDisplayTest.cs

removed navigation manager from component.

Co-authored-by: Egil Hansen <egil@assimilated.dk>

* Update src/bunit.web.tests/TestDoubles/Authorization/LoginDisplayTest.cs

removed navigation manager from component.

Co-authored-by: Egil Hansen <egil@assimilated.dk>

* Removed this prefixes from usage in code.

* Rename SimpleAuthViewTest to AuthorizationTests to better describe what it is doing. Remove LoginDisplay component and tests since they are redundant with SimpleAuthView and its tests.

* Added AuthorizationState enum to encapsulate the states. Changed API parameter to use AuthorizationState rather than isAuthorized boolean.

* Renamed FakeAuthorizationExtensions.AddAuthorization to AddTestAuthorization

* Replaced FakeAuthorizationService.NextResult to be CurrentState with an AuthorizationState enum value. Changed FakeAuthenticationStateProvider.TriggerAuthenticationStateChanged to take userName and optional roles parameters.

* Added simplifying methods to FakeAuthorizationExtensions to UpdateTestAuthorizationState. Removes requiring boilerplate state change code in tests.

* Added factory method to simplify creating ClaimsPrincipal when needed.

* Update docs/site/docs/test-doubles/faking-auth.md

Updated doc title

Co-authored-by: Egil Hansen <egil@assimilated.dk>

* Update docs/site/docs/test-doubles/faking-auth.md

updated doc title

Co-authored-by: Egil Hansen <egil@assimilated.dk>

* Update src/bunit.web/TestDoubles/Authorization/MissingFakeAuthorizationException.cs

Updated exception help link

Co-authored-by: Egil Hansen <egil@assimilated.dk>

* Fix  build failure caused by IList property with a setter.

* Moved SimpleAuthTest to bunit.testassets project. Fixed tests to reference new component.

* Add an explicit SetAuthorizationState to FakeAuthorizationService.

* Hide the CurrentState property because it's an implementation detail.

* Made policy scheme name a settable property with a default to TestScheme (in case users need to explicitly set it).

* Created an AuthorizationAdaptor to wrap some of the auth services and state. Refactored to simplify FakeAuthorizationExtensions methods. Fixed tests.

* Renamed AuthorizationAdaptor to TestAuthorizationContext and minor clean up.

* Changed Roles properties to be non-nullable in TestAuthorizationContext and FakePrincipal.

* Renamed TestAuthorizationContext methods to SetAuthorized and SetNotAuthorized.

* Update CHANGELOG.md with PR comments

Co-authored-by: Egil Hansen <egil@assimilated.dk>

* Minor clean ups from PR comments.

* Added check to property setters in FakeIdentity and FakeAuthorizationPolicyProvider.

* Exposed AuthorizeCalls through TestAuthorizationContext for callers to easily access it in tests.

* Small style tweaks to code, spelling, etc.

* Added back .Render() to test removed during experiments

* Additional simplifications of code, update to changelog

* Fixed tests and code that broke during refactor

* Added empty string check to PolicySchemeName. Removed AuthorizeCalls

* Added documentation sample code to the bunit.docs.samples project. Update markdown files to reference sample code rather than duplicate it.

* Made roles list in SetAuthorized a params string[] roles, making it easier to pass just one role. Fixed up tests.

* Added TestAuthorizationContext.SetAuthorizationPolicies as way for callers to specify policy names when they need to test AuthorizeView with Policy set. Changed FakeAuthorizationPolicy to validate policy name in GetPolicyAsync.

* Fix up sample build break.

* Added SimpleAuthViewWithPolicy component to validate testing with AuthorizationView.Policy set.

* Added sample code and unit tests for using AuthorizeView with Policy.

* changed role names, and removed ConfigureAwait calls from test classes.

* Made CreatePrincipal internal

* Added SetRoles method, and made the TestAuthorizationContext methods chainable.

* Updated samples to the TestAuthorizationContext api changes.

* Updated docs to match the style of the other pages

* Added docs samples

* Tests (which breaks) for missing or invalid roles and policies

* removed src/bunit.testassets/SampleComponents/SimpleWithJsRuntimeDep.razor

* Readded SimpleWithJSRuntimeDep.razor

* Fix FakeAuthorizationService to validate checks for policies and roles in AuthorizeAsync method.

* Added SetAuthorizing method and state implementation to get AuthorizeView to behave as expected. Updated sample code too.

* Added TestAuthorizationContext.SetClaims and implementation in services, new SimpleAuthViewWithClaims component, and unit tests.

* Clean up from PR comments.

* Added negative test for AuthorizeView without defined claims.

* Update docs/samples/components/UserInfo.razor

sample white space formtting

Co-authored-by: Egil Hansen <egil@assimilated.dk>

* Changed code to remove null pointer exception if authorizing state was set before call to RenderComponent. Additional other tweaks.

* Docs: added authorizing example to tests, fixed spelling and gramma

Co-authored-by: Egil Hansen <egil@assimilated.dk>

Author: DarthPedro

CHANGELOG.md

@@ -9,6 +9,45 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 ### Added
 List of new features.
 
+- Authorization fakes added to make it much easier to test components that use authentication and authorization. By [@DarthPedro](https://github.com/DarthPedro) in [#151](https://github.com/egil/bUnit/pull/151).
+
+#### Authorization Fakes
+Added authentication/authorization fake services to make it easy to test Blazor components that use authorization either through code or the AuthorizeView component.
+You just need to call the AddTestAuthorization method on your TestContext.Services collection.
+
+First define your component that uses AuthorizeView to render differently based on the user's authorization state:
+```
+@using Microsoft.AspNetCore.Authorization
+@using Microsoft.AspNetCore.Components.Authorization
+
+<CascadingAuthenticationState>
+	<AuthorizeView>
+		<Authorized>
+			Authorized!
+		</Authorized>
+		<NotAuthorized>
+			Not authorized?
+		</NotAuthorized>
+	</AuthorizeView>
+</CascadingAuthenticationState>
+```
+Then define your test method to specify the authorization state with a user name, and run your test.
+```c#
+public void Test002()
+{
+	// arrange
+	using var ctx = new TestContext();
+	var authContext = ctx.Services.AddTestAuthorization();
+	authContext.SetAuthorized("TestUser", AuthorizationState.Authorized);
+
+	// act
+	var cut = ctx.RenderComponent<SimpleAuthView>();
+
+	// assert
+	cut.MarkupMatches("Authorized!");
+}
+```
+
 ### Changed
 List of changes in existing functionality.
 

docs/samples/components/InjectAuthService.razor

@@ -0,0 +1,24 @@
+@using Microsoft.AspNetCore.Components.Authorization
+@inject AuthenticationStateProvider AuthenticationStateProvider
+
+<p>Test Component</p>
+
+@if (isAuthenticated)
+{
+    <p>User: @userName</p>
+}
+
+@code{
+    bool isAuthenticated = false;
+    string userName;
+
+    protected override async Task OnInitializedAsync()
+    {
+        var state = await AuthenticationStateProvider.GetAuthenticationStateAsync().ConfigureAwait(false);
+        if (state != null)
+        {
+            this.isAuthenticated = state.User.Identity.IsAuthenticated;
+            this.userName = state.User.Identity.Name;
+        }
+    }
+}

docs/samples/components/UserInfo.razor

@@ -0,0 +1,37 @@
+@using Microsoft.AspNetCore.Components.Authorization
+@inject AuthenticationStateProvider AuthenticationStateProvider
+
+@if (isAuthenticated)
+{
+  <h1>Welcome @userName</h1>
+}
+@if (!isAuthenticated)
+{
+  <h1>Please log in!</h1>
+}
+<CascadingAuthenticationState>
+  <AuthorizeView>
+    <Authorized>
+      <p>State: Authorized</p>
+    </Authorized>
+    <Authorizing>
+      <p>State: Authorizing</p>
+    </Authorizing>
+    <NotAuthorized>
+      <p>State: Not authorized</p>
+    </NotAuthorized>
+  </AuthorizeView>
+</CascadingAuthenticationState>
+
+@code
+{
+  bool isAuthenticated = false;
+  string userName;
+
+  protected override async Task OnParametersSetAsync()
+  {
+    var state = await AuthenticationStateProvider.GetAuthenticationStateAsync();
+    isAuthenticated = state.User.Identity.IsAuthenticated;
+    userName = state.User.Identity.Name;    
+  }
+}

docs/samples/components/UserRights.razor

@@ -0,0 +1,36 @@
+@using Microsoft.AspNetCore.Components.Authorization
+@using System.Security.Claims
+@using System.Globalization
+
+<CascadingAuthenticationState>
+  <AuthorizeView>
+    <h1>Hi @context.User.Identity.Name, you have these claims and rights:</h1>
+  </AuthorizeView>
+  <ul>
+    <AuthorizeView>
+      @foreach (var claim in @context.User.FindAll(x => x.Type != ClaimTypes.Name))
+      {
+        <li>@GetClaimName(claim): @claim.Value</li>
+      }
+    </AuthorizeView>
+    <AuthorizeView Roles="superuser">
+      <li>You have the role SUPER USER</li>
+    </AuthorizeView>  
+    <AuthorizeView Roles="admin">
+      <li>You have the role ADMIN</li>
+    </AuthorizeView>
+    <AuthorizeView Policy="content-editor">
+      <li>You are a CONTENT EDITOR</li>
+    </AuthorizeView>
+  </ul>
+</CascadingAuthenticationState>
+
+@code 
+{
+  private static string GetClaimName(Claim claim)
+  {
+    var claimType = new Uri(claim.Type);
+    var name = claimType.Segments.Last();
+    return CultureInfo.InvariantCulture.TextInfo.ToTitleCase(name);
+  }
+}

docs/samples/components/bunit.docs.samples.csproj

@@ -9,6 +9,7 @@
 
   <ItemGroup>
     <PackageReference Include="Microsoft.AspNetCore.Components" Version="3.1.4" />
+    <PackageReference Include="Microsoft.AspNetCore.Components.Authorization" Version="3.1.4" />
     <PackageReference Include="Microsoft.AspNetCore.Components.Web" Version="3.1.4" />
   </ItemGroup>
 

docs/samples/tests/xunit/InjectAuthServiceTest.cs

@@ -0,0 +1,38 @@
+using Bunit.TestDoubles.Authorization;
+using System;
+using Xunit;
+
+namespace Bunit.Docs.Samples
+{
+    public class InjectAuthServiceTest
+    {
+		[Fact(DisplayName = "Use AuthenticationStateProvider service with authenticated and authorized user")]
+		public void Test001()
+		{
+			// arrange
+			using var ctx = new TestContext();
+			var authContext = ctx.Services.AddTestAuthorization();
+			authContext.SetAuthorized("TestUserName", AuthorizationState.Authorized);
+
+			// act
+			var cut = ctx.RenderComponent<InjectAuthService>();
+
+			// assert
+			Assert.Contains("<p>User: TestUserName</p>", cut.Markup, StringComparison.InvariantCulture);
+		}
+
+		[Fact(DisplayName = "Use AuthenticationStateProvider service with unauthenticated and unauthorized user")]
+		public void Test002()
+		{
+			// arrange
+			using var ctx = new TestContext();
+			var authContext = ctx.Services.AddTestAuthorization();
+
+			// act
+			var cut = ctx.RenderComponent<InjectAuthService>();
+
+			// assert
+			Assert.DoesNotContain("User:", cut.Markup, StringComparison.InvariantCulture);
+		}
+	}
+}

docs/samples/tests/xunit/UserInfoTest.cs

@@ -0,0 +1,71 @@
+using Bunit.TestDoubles.Authorization;
+using Xunit;
+
+namespace Bunit.Docs.Samples
+{
+  public class UserInfoTest
+  {
+    [Fact(DisplayName = "UserInfo with unauthenticated user")]
+    public void Test001()
+    {
+      // Arrange
+      using var ctx = new TestContext();
+      ctx.Services.AddTestAuthorization();
+
+      // Act
+      var cut = ctx.RenderComponent<UserInfo>();
+
+      // Assert
+      cut.MarkupMatches(@"<h1>Please log in!</h1>
+                          <p>State: Not authorized</p>");
+    }
+    
+    [Fact(DisplayName = "UserInfo while authorizing user")]
+    public void Test004()
+    {
+      // Arrange
+      using var ctx = new TestContext();
+      var authContext = ctx.Services.AddTestAuthorization();
+      authContext.SetAuthorizing();
+
+      // Act
+      var cut = ctx.RenderComponent<UserInfo>();
+
+      // Assert
+      cut.MarkupMatches(@"<h1>Please log in!</h1>
+                          <p>State: Authorizing</p>");
+    }    
+
+    [Fact(DisplayName = "UserInfo with authenticated but unauthorized user")]
+    public void Test002()
+    {
+      // Arrange
+      using var ctx = new TestContext();
+      var authContext = ctx.Services.AddTestAuthorization();
+      authContext.SetAuthorized("TEST USER", AuthorizationState.Unauthorized);
+
+      // Act
+      var cut = ctx.RenderComponent<UserInfo>();
+
+      // Assert
+      cut.MarkupMatches(@"<h1>Welcome TEST USER</h1>
+                          <p>State: Not authorized</p>");
+    }    
+
+    [Fact(DisplayName = "UserInfo with authenticated and authorized user")]
+    public void Test003()
+    {
+      // Arrange
+      using var ctx = new TestContext();
+      var authContext = ctx.Services.AddTestAuthorization();
+      authContext.SetAuthorized("TEST USER");
+
+      // Act
+      var cut = ctx.RenderComponent<UserInfo>();
+
+      // Assert
+      cut.MarkupMatches(@"<h1>Welcome TEST USER</h1>
+                          <p>State: Authorized</p>");
+    } 
+  }
+}