与Microsoft.Owin.Testing.TestServer认证为内存集成测试 [英] Authentication with Microsoft.Owin.Testing.TestServer for In-Memory Integration Tests
问题描述
我刚刚搬到使用OWIN \\武士刀为Web API项目。它使用Windows身份验证。这似乎是工作,但我的大多数集成测试已经打破。他们是previously只使用一个内存的HttpServer
,但我已经改变使用 Microsoft.Owin.Testing.TestServer
。我把它换成这样的事情在我的测试设置:
I've just moved to using OWIN\Katana for a web api project. It uses Windows Authentication. This seems to be working, but most of my integration tests have broken. They were previously just using an In-Memory HttpServer
but I've changed to using Microsoft.Owin.Testing.TestServer
. I've replaced something like this in my test setup:
var config = new HttpConfiguration { IncludeErrorDetailPolicy = IncludeErrorDetailPolicy.Always };
config.EnableQuerySupport();
Server = new HttpServer(config);
MyConfigClass.Configure(config);
WebApiConfig.Register(config);
用一个简单的:
TestServer = TestServer.Create<Startup>();
但是,尽管previously我可以把下面的与内存的服务器假货验证:
But whereas previously I could just put the following to "fake" authentication with the in-memory server:
Thread.CurrentPrincipal = new ClientRolePrincipal(new HttpListenerBasicIdentity(Username, Password));
现在,这是行不通的。我得到的所有请求如下:
This now doesn't work. I get the following for all requests:
System.Exception : {"Message":"Authorization has been denied for this request."}
我如何与在内存OWIN测试服务器进行身份验证或至少绕过认证?
How do I Authenticate with the In-Memory OWIN test server or at least by-pass the authentication?
推荐答案
我已经能够在我敢肯定的方式来解决此是次优的,但必须做,直到我遇到一个更好的解决方案或者你们中的一个民族优秀告诉我一个更好的方式来做到这一点:)我已经做到了,如下所示:
I've been able to workaround this in a way that I'm sure is sub-optimal, but will have to do until I come across a better solution or one of you fine folk tells me a better way to do this :) I've done it as follows:
-
在我的启动类,我添加了我们稍后将看到,仅用于集成测试一个CreateAuthFilter挂钩:
In my Startup class I've added a CreateAuthFilter hook which we'll see later is used only in integration tests:
// Sample Startup class
public class Startup
{
public void Configuration(IAppBuilder app)
{
var config = new HttpConfiguration();
// Use CreateFilter Method to create Authorisation Filter - if not null add it
var authFilter = CreateAuthFilter();
if(authFilter != null)
config.Filters.Add(authFilter);
// Other configuration and middleware...
}
public static Func<IFilter> CreateAuthFilter = () => null;
}
实施了一项授权过滤器将只在集成测试中使用:
Implemented an Authorization Filter which will only be used in Integration Tests:
public class TestAuthFilter : IAuthenticationFilter
{
static TestAuthFilter()
{
TestUserId = "TestDomain\\TestUser";
}
public bool AllowMultiple { get; private set; }
public async Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)
{
context.Principal = new ClientRolePrincipal(new HttpListenerBasicIdentity(TestUserId, "password")); ;
}
public static string TestUserId { get; set; }
public async Task ChallengeAsync(HttpAuthenticationChallengeContext context, CancellationToken cancellationToken)
{
}
}
在设置code对我的集成测试我注入测试授权过滤器:
In the SetUp code for my Integration Tests I inject the Test Authorization Filter:
Startup.CreateAuthFilter = () => new TestAuthFilter();
var TestServer = TestServer.Create<Startup>();
当需要在特定的测试,我设置了TestUserId为已知值,等检查似乎只是工作,因为验证过滤器是present:
When needed in specific tests, I set the TestUserId to a known value, and other tests just seem to work because the Auth Filter is present:
TestAuthFilter.TestUserId = testUser.UserId;
我在这里分享这一柜面它可以帮助其他人在那里,但请有人告诉我一个更好的办法!至少,我敢肯定有一个更好的方式来注入我的测试筛选,而不包括在启动code ...我只是还没有想到这一点。
I'm sharing this here incase it helps others out there, but please someone tell me a better way! At the very least I'm sure there's a better way to inject my Test Filter without including code in Startup... I just haven't thought of it.
这篇关于与Microsoft.Owin.Testing.TestServer认证为内存集成测试的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!