Merge pull request okta#6 from okta/OKTA-167118-add-testing-to-aspnet

Okta 167118 add testing to aspnet
paulofrancis · Apr 27, 2018 · 525f291 · 525f291
2 parents c6f98b2 + 3149420
commit 525f291
Show file tree

Hide file tree

Showing 28 changed files with 425 additions and 51 deletions.
diff --git a/Okta.AspNet.Abstractions.Test/Okta.AspNet.Abstractions.Test.csproj b/Okta.AspNet.Abstractions.Test/Okta.AspNet.Abstractions.Test.csproj
@@ -0,0 +1,20 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFramework>netcoreapp2.0</TargetFramework>
+
+    <IsPackable>false</IsPackable>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="15.5.0" />
+    <PackageReference Include="xunit" Version="2.3.1" />
+    <PackageReference Include="xunit.runner.visualstudio" Version="2.3.1" />
+    <DotNetCliToolReference Include="dotnet-xunit" Version="2.3.1" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\Okta.AspNet.Abstractions\Okta.AspNet.Abstractions.csproj" />
+  </ItemGroup>
+
+</Project>
diff --git a/Okta.AspNet.Abstractions.Test/OktaMvcOptionsValidatorShould.cs b/Okta.AspNet.Abstractions.Test/OktaMvcOptionsValidatorShould.cs
@@ -0,0 +1,96 @@
+using Okta.AspNet.Abstractions;
+using System;
+using Xunit;
+
+namespace Okta.AspNet.Abstractions.Test
+{
+    public class OktaMvcOptionsValidatorShould
+    {
+        [Theory]
+        [InlineData(null)]
+        [InlineData("")]
+        public void FailWhenClientSecretIsNullOrEmpty(String clientSecret)
+        {
+            var options = new OktaMvcOptions()
+            {
+                OrgUrl = "OrgUrl",
+                ClientId = "ClientId",
+                ClientSecret = clientSecret
+            };
+
+            ShouldFailValidation(options, nameof(OktaMvcOptions.ClientSecret));
+        }
+
+        [Theory]
+        [InlineData(null)]
+        [InlineData("")]
+        public void FailWhenRedirectUriIsNullOrEmpty(String redirectUri)
+        {
+            var options = new OktaMvcOptions()
+                {
+                    OrgUrl = "OrgUrl",
+                    ClientId = "ClientId",
+                    ClientSecret = "ClientSecret",
+                    RedirectUri = redirectUri
+                };
+
+            ShouldFailValidation(options, nameof(OktaMvcOptions.RedirectUri));
+        }
+
+        [Theory]
+        [InlineData(null)]
+        [InlineData("")]
+        public void FailWhenClientIdIsNullOrEmpty(String clientId)
+        {
+            var options = new OktaMvcOptions()
+            {
+                OrgUrl = "OrgUrl",
+                ClientId = clientId,
+            };
+
+            ShouldFailValidation(options, nameof(OktaMvcOptions.ClientId));
+        }
+
+        [Theory]
+        [InlineData(null)]
+        [InlineData("")]
+        public void FailIfOrgUrlIsNullOrEmpty(String orgUrl)
+        {
+            var options = new OktaMvcOptions()
+            {
+                OrgUrl = orgUrl,
+                ClientId = "ClientId"
+            };
+
+            ShouldFailValidation(options, nameof(OktaMvcOptions.OrgUrl));
+        }
+
+        [Fact]
+        public void NotThrowWhenParamsAreProvided()
+        {
+            var options = new OktaMvcOptions()
+            {
+                OrgUrl = "OrgUrl",
+                ClientId = "ClientId",
+                ClientSecret = "ClientSecret",
+                RedirectUri = "RedirectUri"
+            };
+
+            new OktaMvcOptionsValidator().Validate(options);
+            Assert.True(true, "No exception was thrown.");
+        }
+
+        private void ShouldFailValidation(OktaMvcOptions options, string paramName)
+        {
+            try
+            {
+                new OktaMvcOptionsValidator().Validate(options);
+                Assert.True(false, "No exception was thrown.");
+            }
+            catch (ArgumentNullException e)
+            {
+                Assert.Contains(e.ParamName, paramName);
+            }
+        }
+    }
+}
diff --git a/Okta.AspNet.Abstractions.Test/OktaWebApiOptionsValidatorShould.cs b/Okta.AspNet.Abstractions.Test/OktaWebApiOptionsValidatorShould.cs
@@ -0,0 +1,67 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using Xunit;
+
+namespace Okta.AspNet.Abstractions.Test
+{
+    public class OktaWebApiOptionsValidatorShould
+    {
+        [Theory]
+        [InlineData(null)]
+        [InlineData("")]
+        public void FailWhenClientIdIsNullOrEmpty(String clientId)
+        {
+            var options = new OktaWebApiOptions()
+            {
+                OrgUrl = "OrgUrl",
+                ClientId = clientId,
+            };
+
+            ShouldFailValidation(options, nameof(OktaWebApiOptions.ClientId));
+        }
+
+        [Theory]
+        [InlineData(null)]
+        [InlineData("")]
+        public void FailIfOrgUrlIsNullOrEmpty(String orgUrl)
+        {
+            var options = new OktaWebApiOptions()
+            {
+                OrgUrl = orgUrl,
+                ClientId = "ClientId"
+            };
+
+            ShouldFailValidation(options, nameof(OktaWebApiOptions.OrgUrl));
+        }
+
+        [Fact]
+        public void NotThrowWhenParamsAreProvided()
+        {
+            var options = new OktaWebApiOptions()
+            {
+                OrgUrl = "OrgUrl",
+                ClientId = "ClientId",
+            };
+
+            new OktaWebApiOptionsValidator().Validate(options);
+            Assert.True(true, "No exception was thrown.");
+        }
+
+        private void ShouldFailValidation(OktaWebApiOptions options, string paramName)
+        {
+            try
+            {
+                new OktaWebApiOptionsValidator().Validate(options);
+                Assert.True(false, "No exception was thrown.");
+            }
+            catch (ArgumentNullException e)
+            {
+                Assert.Contains(e.ParamName, paramName);
+            }
+        }
+    }
+}
+
diff --git a/Okta.AspNet.Abstractions/OktaMvcOptionsValidator.cs b/Okta.AspNet.Abstractions/OktaMvcOptionsValidator.cs
@@ -0,0 +1,24 @@
+using System;
+
+namespace Okta.AspNet.Abstractions
+{
+    public class OktaMvcOptionsValidator : OktaOptionsValidator
+    {
+        public void Validate(OktaMvcOptions options)
+        {
+            base.ValidateBaseOktaOptions(options);
+
+            if (string.IsNullOrEmpty(options.ClientSecret))
+            {
+                throw new ArgumentNullException(nameof(options.ClientSecret),
+                    "Your Okta Application client secret is missing. You can find it in the Okta Developer Console in the details for the Application you created.");
+            }
+
+            if (string.IsNullOrEmpty(options.RedirectUri))
+            {
+                throw new ArgumentNullException(nameof(options.RedirectUri),
+                    "Your Okta Application redirect URI is missing. You can find it in the Okta Developer Console in the details for the Application you created.");
+            }
+        }
+    }
+}
diff --git a/Okta.AspNet.Abstractions/OktaOptionsValidator.cs b/Okta.AspNet.Abstractions/OktaOptionsValidator.cs
@@ -0,0 +1,27 @@
+using System;
+
+namespace Okta.AspNet.Abstractions
+{
+    public class OktaOptionsValidator
+    {
+        public virtual void ValidateBaseOktaOptions(OktaOptions options)
+        {
+            if (options == null)
+            {
+                throw new ArgumentNullException(nameof(options));
+            }
+
+            if (string.IsNullOrEmpty(options.OrgUrl))
+            {
+                throw new ArgumentNullException(nameof(options.OrgUrl),
+                    "Your Okta Org URL is missing. You can find it in the Okta Developer Console. It'll look like: https://{yourOktaDomain}.com");
+            }
+
+            if (string.IsNullOrEmpty(options.ClientId))
+            {
+                throw new ArgumentNullException(nameof(options.ClientId),
+                    "Your Okta Application client ID is missing. You can find it in the Okta Developer Console in the details for the Application you created.");
+            }
+        }
+    }
+}
diff --git a/Okta.AspNet.Abstractions/OktaWebApiOptionsValidator.cs b/Okta.AspNet.Abstractions/OktaWebApiOptionsValidator.cs
@@ -0,0 +1,10 @@
+namespace Okta.AspNet.Abstractions
+{
+    public class OktaWebApiOptionsValidator : OktaOptionsValidator
+    {
+        public void Validate(OktaWebApiOptions options)
+        {
+            base.ValidateBaseOktaOptions(options);
+        }
+    }
+}
diff --git a/Okta.AspNet.Test.Mvc/Okta.AspNet.Test.Mvc.csproj b/Okta.AspNet.Test.Mvc/Okta.AspNet.Test.Mvc.csproj
@@ -65,6 +65,9 @@
     <Reference Include="Microsoft.Owin.Host.SystemWeb, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.Owin.Host.SystemWeb.4.0.0\lib\net451\Microsoft.Owin.Host.SystemWeb.dll</HintPath>
     </Reference>
+    <Reference Include="Microsoft.Owin.Hosting, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.Owin.Hosting.4.0.0\lib\net451\Microsoft.Owin.Hosting.dll</HintPath>
+    </Reference>
     <Reference Include="Microsoft.Owin.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.Owin.Security.4.0.0\lib\net451\Microsoft.Owin.Security.dll</HintPath>
     </Reference>
@@ -74,6 +77,12 @@
     <Reference Include="Microsoft.Owin.Security.OpenIdConnect, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.Owin.Security.OpenIdConnect.4.0.0\lib\net451\Microsoft.Owin.Security.OpenIdConnect.dll</HintPath>
     </Reference>
+    <Reference Include="Mono.Options, Version=4.0.0.0, Culture=neutral, processorArchitecture=MSIL">
+      <HintPath>..\packages\Mono.Options.4.4.0.0\lib\net4-client\Mono.Options.dll</HintPath>
+    </Reference>
+    <Reference Include="Mono.Posix, Version=4.0.0.0, Culture=neutral, PublicKeyToken=0738eb9f132ed756, processorArchitecture=MSIL">
+      <HintPath>..\packages\Mono.Posix.4.0.0.0\lib\net40\Mono.Posix.dll</HintPath>
+    </Reference>
     <Reference Include="Newtonsoft.Json, Version=11.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed, processorArchitecture=MSIL">
       <HintPath>..\packages\Newtonsoft.Json.11.0.2\lib\net45\Newtonsoft.Json.dll</HintPath>
     </Reference>

diff --git a/Okta.AspNet.Test.Mvc/Startup.cs b/Okta.AspNet.Test.Mvc/Startup.cs
@@ -1,6 +1,7 @@
 using System;
 using System.Configuration;
 using System.Threading.Tasks;
+using System.Web.Routing;
 using Microsoft.Owin;
 using Microsoft.Owin.Security;
 using Microsoft.Owin.Security.Cookies;

diff --git a/Okta.AspNet.Test.Mvc/packages.config b/Okta.AspNet.Test.Mvc/packages.config
@@ -24,11 +24,14 @@
   <package id="Microsoft.Net.Compilers" version="2.7.0" targetFramework="net461" developmentDependency="true" />
   <package id="Microsoft.Owin" version="4.0.0" targetFramework="net461" />
   <package id="Microsoft.Owin.Host.SystemWeb" version="4.0.0" targetFramework="net461" />
+  <package id="Microsoft.Owin.Hosting" version="4.0.0" targetFramework="net461" />
   <package id="Microsoft.Owin.Security" version="4.0.0" targetFramework="net461" />
   <package id="Microsoft.Owin.Security.Cookies" version="4.0.0" targetFramework="net461" />
   <package id="Microsoft.Owin.Security.OpenIdConnect" version="4.0.0" targetFramework="net461" />
   <package id="Microsoft.Web.Infrastructure" version="1.0.0.0" targetFramework="net461" />
   <package id="Modernizr" version="2.6.2" targetFramework="net461" />
+  <package id="Mono.Options" version="4.4.0.0" targetFramework="net461" />
+  <package id="Mono.Posix" version="4.0.0.0" targetFramework="net461" />
   <package id="Newtonsoft.Json" version="11.0.2" targetFramework="net461" />
   <package id="Owin" version="1.0" targetFramework="net461" />
   <package id="Respond" version="1.2.0" targetFramework="net461" />

diff --git a/...Net.Test.WebApi/App_Start/WebApiConfig.cs → ...IntegrationTest/App_Start/WebApiConfig.cs b/...Net.Test.WebApi/App_Start/WebApiConfig.cs → ...IntegrationTest/App_Start/WebApiConfig.cs
diff --git a/...t.WebApi/Controllers/MessageController.cs → ...tionTest/Controllers/MessageController.cs b/...t.WebApi/Controllers/MessageController.cs → ...tionTest/Controllers/MessageController.cs
diff --git a/Okta.AspNet.Test.WebApi/Global.asax → ...AspNet.WebApi.IntegrationTest/Global.asax b/Okta.AspNet.Test.WebApi/Global.asax → ...AspNet.WebApi.IntegrationTest/Global.asax
diff --git a/Okta.AspNet.Test.WebApi/Global.asax.cs → ...Net.WebApi.IntegrationTest/Global.asax.cs b/Okta.AspNet.Test.WebApi/Global.asax.cs → ...Net.WebApi.IntegrationTest/Global.asax.cs
diff --git a/Okta.AspNet.Test.WebApi/Index.html → ....AspNet.WebApi.IntegrationTest/Index.html b/Okta.AspNet.Test.WebApi/Index.html → ....AspNet.WebApi.IntegrationTest/Index.html
diff --git a/Okta.AspNet.WebApi.IntegrationTest/MiddlewareShould.cs b/Okta.AspNet.WebApi.IntegrationTest/MiddlewareShould.cs
@@ -0,0 +1,67 @@
+using Microsoft.Owin.Testing;
+using Owin;
+using System;
+using System.Net.Http;
+using System.Net.Http.Headers;
+using System.Threading.Tasks;
+using System.Web.Http;
+using System.Web.Http.Dispatcher;
+using Xunit;
+
+namespace Okta.AspNet.Test.WebApi.Tests
+{
+    public class MiddlewareShould : IDisposable
+    {
+        private TestServer _server;
+        private string BaseUrl { get; set; }
+        private string ProtectedEndpoint { get; set; }
+
+        public MiddlewareShould()
+        {
+            BaseUrl = "http://localhost:8080";
+            ProtectedEndpoint = String.Format("{0}/api/messages", BaseUrl);
+
+            _server = TestServer.Create(app =>
+            {
+                var startup = new Startup();
+                startup.Configuration(app);
+
+                HttpConfiguration config = new HttpConfiguration();
+                config.Services.Replace(typeof(IAssembliesResolver), new WebApiResolver());
+                config.MapHttpAttributeRoutes();
+                app.UseWebApi(config);
+            });
+
+            _server.BaseAddress = new Uri(BaseUrl);
+        }
+
+        [Fact]
+        public async Task Returns401WhenAccessToProtectedRouteWithoutTokenAsync()
+        {
+            using (var client = new HttpClient(_server.Handler))
+            {
+                var response = await client.GetAsync(ProtectedEndpoint);
+                Assert.True(response.StatusCode == System.Net.HttpStatusCode.Unauthorized);
+            }
+        }
+
+        [Fact]
+        public async Task Returns401WhenAccessToProtectedRouteWithInvalidTokenAsync()
+        {
+            var accessToken = "thisIsAnInvalidToken";
+            HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, ProtectedEndpoint);
+            request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
+
+            using (var client = new HttpClient(_server.Handler))
+            {
+                var response = await client.SendAsync(request);
+                Assert.True(response.StatusCode == System.Net.HttpStatusCode.Unauthorized);
+            }
+        }
+
+        public void Dispose()
+        {
+            _server.Dispose();
+        }
+    }
+}