1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
|
using System;
using System.Collections.Generic;
using System.Net;
using System.Security.Claims;
using System.Threading.Tasks;
using AutoFixture;
using AutoFixture.AutoMoq;
using Jellyfin.Api.Auth.DefaultAuthorizationPolicy;
using Jellyfin.Api.Constants;
using Jellyfin.Database.Implementations.Entities;
using Jellyfin.Server.Implementations.Security;
using MediaBrowser.Common.Configuration;
using MediaBrowser.Controller.Library;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Moq;
using Xunit;
namespace Jellyfin.Api.Tests.Auth.DefaultAuthorizationPolicy
{
public class DefaultAuthorizationHandlerTests
{
private readonly Mock<IConfigurationManager> _configurationManagerMock;
private readonly List<IAuthorizationRequirement> _requirements;
private readonly DefaultAuthorizationHandler _sut;
private readonly Mock<IUserManager> _userManagerMock;
private readonly Mock<IHttpContextAccessor> _httpContextAccessor;
public DefaultAuthorizationHandlerTests()
{
var fixture = new Fixture().Customize(new AutoMoqCustomization());
_configurationManagerMock = fixture.Freeze<Mock<IConfigurationManager>>();
_requirements = new List<IAuthorizationRequirement> { new DefaultAuthorizationRequirement() };
_userManagerMock = fixture.Freeze<Mock<IUserManager>>();
_httpContextAccessor = fixture.Freeze<Mock<IHttpContextAccessor>>();
_sut = fixture.Create<DefaultAuthorizationHandler>();
}
[Theory]
[InlineData(UserRoles.Administrator)]
[InlineData(UserRoles.Guest)]
[InlineData(UserRoles.User)]
public async Task ShouldSucceedOnUser(string userRole)
{
TestHelpers.SetupConfigurationManager(_configurationManagerMock, true);
var claims = TestHelpers.SetupUser(
_userManagerMock,
_httpContextAccessor,
userRole);
var context = new AuthorizationHandlerContext(_requirements, claims, null);
await _sut.HandleAsync(context);
Assert.True(context.HasSucceeded);
}
[Fact]
public async Task ShouldSucceedOnApiKey()
{
TestHelpers.SetupConfigurationManager(_configurationManagerMock, true);
_httpContextAccessor
.Setup(h => h.HttpContext!.Connection.RemoteIpAddress)
.Returns(new IPAddress(0));
_userManagerMock
.Setup(u => u.GetUserById(It.IsAny<Guid>()))
.Returns<User?>(null);
var claims = new[]
{
new Claim(InternalClaimTypes.IsApiKey, bool.TrueString)
};
var identity = new ClaimsIdentity(claims, string.Empty);
var principal = new ClaimsPrincipal(identity);
var context = new AuthorizationHandlerContext(_requirements, principal, null);
await _sut.HandleAsync(context);
Assert.True(context.HasSucceeded);
}
[Theory]
[MemberData(nameof(GetParts_ValidAuthHeader_Success_Data))]
public void GetParts_ValidAuthHeader_Success(string input, Dictionary<string, string> parts)
{
var dict = AuthorizationContext.GetParts(input);
foreach (var (key, value) in parts)
{
Assert.Equal(dict[key], value);
}
}
public static TheoryData<string, Dictionary<string, string>> GetParts_ValidAuthHeader_Success_Data()
{
var data = new TheoryData<string, Dictionary<string, string>>();
data.Add(
"x=\"123,123\",y=\"123\"",
new Dictionary<string, string>
{
{ "x", "123,123" },
{ "y", "123" }
});
data.Add(
"x=\"123,123\", y=\"123\",z=\"'hi'\"",
new Dictionary<string, string>
{
{ "x", "123,123" },
{ "y", "123" },
{ "z", "'hi'" }
});
data.Add(
"x=\"ab\"",
new Dictionary<string, string>
{
{ "x", "ab" }
});
data.Add(
"param=Hörbücher",
new Dictionary<string, string>
{
{ "param", "Hörbücher" }
});
data.Add(
"param=%22%Hörbücher",
new Dictionary<string, string>
{
{ "param", "\"%Hörbücher" }
});
return data;
}
}
}
|
