80 lines
3.3 KiB
C#
80 lines
3.3 KiB
C#
using System;
|
|
using System.Net;
|
|
using System.Net.Http;
|
|
using System.Net.Http.Json;
|
|
using System.Threading.Tasks;
|
|
using System.Linq;
|
|
using Microsoft.AspNetCore.Builder;
|
|
using Microsoft.AspNetCore.Hosting;
|
|
using Microsoft.AspNetCore.Hosting.Server;
|
|
using Microsoft.AspNetCore.Hosting.Server.Features;
|
|
using Microsoft.Extensions.DependencyInjection;
|
|
using Microsoft.Extensions.Logging;
|
|
using Xunit;
|
|
using XWorld.Server.Auth;
|
|
|
|
namespace XWorld.Server.Auth.Tests
|
|
{
|
|
public class AuthEndpointsTests : IAsyncLifetime
|
|
{
|
|
WebApplication _app;
|
|
HttpClient _http;
|
|
AccountStore _store;
|
|
|
|
public async Task InitializeAsync()
|
|
{
|
|
_store = new AccountStore("Data Source=ep_" + Guid.NewGuid().ToString("N") + ";Mode=Memory;Cache=Shared");
|
|
var tokens = new TokenService(new byte[32]);
|
|
var builder = WebApplication.CreateBuilder();
|
|
builder.Logging.ClearProviders();
|
|
builder.WebHost.ConfigureKestrel(o => o.Listen(System.Net.IPAddress.Loopback, 0));
|
|
_app = builder.Build();
|
|
AuthEndpoints.Map(_app, _store, tokens, TimeSpan.FromHours(1));
|
|
await _app.StartAsync();
|
|
string baseUrl = _app.Services.GetRequiredService<IServer>()
|
|
.Features.Get<IServerAddressesFeature>().Addresses.First();
|
|
_http = new HttpClient { BaseAddress = new Uri(baseUrl) };
|
|
}
|
|
|
|
public async Task DisposeAsync() { _http?.Dispose(); _store?.Dispose(); await _app.DisposeAsync(); }
|
|
|
|
[Fact]
|
|
public async Task Register_then_login_yields_token_and_pid()
|
|
{
|
|
var reg = await _http.PostAsJsonAsync("/register", new { username = "neo", password = "redpill1" });
|
|
Assert.Equal(HttpStatusCode.OK, reg.StatusCode);
|
|
var regBody = await reg.Content.ReadFromJsonAsync<AuthEndpoints.AuthResponse>();
|
|
Assert.True(regBody.pid > 0);
|
|
Assert.False(string.IsNullOrEmpty(regBody.token));
|
|
|
|
var login = await _http.PostAsJsonAsync("/login", new { username = "neo", password = "redpill1" });
|
|
Assert.Equal(HttpStatusCode.OK, login.StatusCode);
|
|
var loginBody = await login.Content.ReadFromJsonAsync<AuthEndpoints.AuthResponse>();
|
|
Assert.Equal(regBody.pid, loginBody.pid);
|
|
}
|
|
|
|
[Fact]
|
|
public async Task Register_duplicate_returns_409()
|
|
{
|
|
await _http.PostAsJsonAsync("/register", new { username = "dup", password = "pw123456" });
|
|
var again = await _http.PostAsJsonAsync("/register", new { username = "dup", password = "pw123456" });
|
|
Assert.Equal(HttpStatusCode.Conflict, again.StatusCode);
|
|
}
|
|
|
|
[Fact]
|
|
public async Task Login_wrong_password_returns_401()
|
|
{
|
|
await _http.PostAsJsonAsync("/register", new { username = "trinity", password = "pw123456" });
|
|
var bad = await _http.PostAsJsonAsync("/login", new { username = "trinity", password = "WRONG" });
|
|
Assert.Equal(HttpStatusCode.Unauthorized, bad.StatusCode);
|
|
}
|
|
|
|
[Fact]
|
|
public async Task Register_empty_fields_returns_400()
|
|
{
|
|
var r = await _http.PostAsJsonAsync("/register", new { username = "", password = "" });
|
|
Assert.Equal(HttpStatusCode.BadRequest, r.StatusCode);
|
|
}
|
|
}
|
|
}
|