Added sample for testing authorized requests (#81)

Author: ivaylokenov

samples/Books Web API/Books.Api/App_Start/IdentityConfig.cs

@@ -9,6 +9,7 @@ namespace Books.Api
 {
     using Books.Models;
     using Data;
+    using Infrastructure;
 
     // Configure the application user manager used in this application. UserManager is defined in ASP.NET Identity and is used by the application.
 
@@ -21,7 +22,9 @@ public ApplicationUserManager(IUserStore<Author> store)
 
         public static ApplicationUserManager Create(IdentityFactoryOptions<ApplicationUserManager> options, IOwinContext context)
         {
-            var manager = new ApplicationUserManager(new UserStore<Author>(context.Get<BooksDbContext>()));
+            var manager = ObjectFactory.TryGetInstance<ApplicationUserManager>() ??
+                          new ApplicationUserManager(new UserStore<Author>(context.Get<BooksDbContext>()));
+
             // Configure validation logic for usernames
             manager.UserValidator = new UserValidator<Author>(manager)
             {
@@ -32,10 +35,10 @@ public static ApplicationUserManager Create(IdentityFactoryOptions<ApplicationUs
             manager.PasswordValidator = new PasswordValidator
             {
                 RequiredLength = 6,
-                RequireNonLetterOrDigit = true,
-                RequireDigit = true,
-                RequireLowercase = true,
-                RequireUppercase = true,
+                RequireNonLetterOrDigit = false,
+                RequireDigit = false,
+                RequireLowercase = false,
+                RequireUppercase = false,
             };
             var dataProtectionProvider = options.DataProtectionProvider;
             if (dataProtectionProvider != null)

samples/Books Web API/Books.Api/App_Start/NinjectConfig.cs

@@ -6,6 +6,7 @@ namespace Books.Api
     using System;
     using System.Web;
     using Data;
+    using Infrastructure;
     using Microsoft.Web.Infrastructure.DynamicModuleHelper;
 
     using Ninject;
@@ -53,6 +54,7 @@ public static IKernel CreateKernel()
                     RebindAction(kernel);
                 }
 
+                ObjectFactory.Initialize(kernel);
                 return kernel;
             }
             catch

samples/Books Web API/Books.Api/Books.Api.csproj

@@ -245,6 +245,7 @@
     <Compile Include="Global.asax.cs">
       <DependentUpon>Global.asax</DependentUpon>
     </Compile>
+    <Compile Include="Infrastructure\ObjectFactory.cs" />
     <Compile Include="Mappings\IHaveCustomMappings.cs" />
     <Compile Include="Mappings\IMapFrom.cs" />
     <Compile Include="Models\AccountBindingModels.cs" />

samples/Books Web API/Books.Api/Controllers/AccountController.cs

@@ -32,11 +32,9 @@ public AccountController()
         {
         }
 
-        public AccountController(ApplicationUserManager userManager,
-            ISecureDataFormat<AuthenticationTicket> accessTokenFormat)
+        public AccountController(ApplicationUserManager userManager)
         {
             UserManager = userManager;
-            AccessTokenFormat = accessTokenFormat;
         }
 
         public ApplicationUserManager UserManager

samples/Books Web API/Books.Api/Infrastructure/ObjectFactory.cs

@@ -0,0 +1,19 @@
+namespace Books.Api.Infrastructure
+{
+    using Ninject;
+
+    public static class ObjectFactory
+    {
+        public static IKernel standartKernel;
+
+        public static void Initialize(IKernel kernel)
+        {
+            standartKernel = kernel;
+        }
+
+        public static T TryGetInstance<T>()
+        {
+            return standartKernel.TryGet<T>();
+        }
+    }
+}

samples/Books Web API/Books.Api/Startup.cs

@@ -16,15 +16,15 @@ public void Configuration(IAppBuilder app)
         {
             AutoMapperConfig.RegisterMappings(Assembly.GetExecutingAssembly());
 
+            app.UseNinjectMiddleware(NinjectConfig.CreateKernel);
+
             ConfigureAuth(app);
 
             var config = new HttpConfiguration();
 
             WebApiConfig.Register(config);
 
-            app
-                .UseNinjectMiddleware(NinjectConfig.CreateKernel)
-                .UseNinjectWebApi(config);
+            app.UseNinjectWebApi(config);
         }
     }
 }

samples/Books Web API/Books.Api/Web.config

@@ -9,7 +9,7 @@
     <section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
   </configSections>
   <connectionStrings>
-    <add name="DefaultConnection" connectionString="Data Source=(LocalDb)\v11.0;AttachDbFilename=|DataDirectory|\aspnet-Books.Api-20150901121637.mdf;Initial Catalog=aspnet-Books.Api-20150901121637;Integrated Security=True" providerName="System.Data.SqlClient" />
+    <add name="DefaultConnection" connectionString="Data Source=.;Initial Catalog=BooksTestingApp;Integrated Security=True" providerName="System.Data.SqlClient" />
   </connectionStrings>
   <appSettings></appSettings>
   <system.web>

samples/Books Web API/Books.Tests/ApiTests/IntegrationTests/BooksControllerIntegrationTests.cs

@@ -6,16 +6,19 @@
     using Api;
     using Api.Models.ResponseModels;
     using Data;
+    using Microsoft.Owin.Security;
     using Mocks;
     using Models;
     using MyTested.WebApi;
     using MyTested.WebApi.Builders.Contracts.Servers;
+    using Newtonsoft.Json.Linq;
     using NUnit.Framework;
 
     [TestFixture]
     public class BooksControllerIntegrationTests
     {
         private IServerBuilder server;
+        private string accessToken;
 
         [TestFixtureSetUp]
         public void Init()
@@ -24,10 +27,13 @@ public void Init()
             {
                 kernel.Rebind<IRepository<Book>>().ToConstant(MocksFactory.BooksRepository);
                 kernel.Rebind<IRepository<Author>>().ToConstant(MocksFactory.AuthorsRepository);
+                kernel.Rebind<ApplicationUserManager>().ToConstant(MocksFactory.ApplicationUserManager);
             };
 
             MyWebApi.Server().Starts<Startup>();
             this.server = MyWebApi.Server().Working();
+
+            this.GetAccessToken();
         }
 
         [Test]
@@ -43,10 +49,38 @@ public void BooksControllerShouldReturnCorrectBooksForUnauthorizedUsers()
                 .Passing(m => m.Count == 3);
         }
 
+        [Test]
+        public void BooksControllerShouldReturnCorrectBooksForAuthorizedUsers()
+        {
+            server
+                .WithHttpRequestMessage(req => req
+                    .WithRequestUri("/api/Books/Get")
+                    .WithMethod(HttpMethod.Get)
+                    .WithHeader("Authorization", "Bearer " + this.accessToken))
+                .ShouldReturnHttpResponseMessage()
+                .WithStatusCode(HttpStatusCode.OK)
+                .WithResponseModelOfType<List<BookResponseModel>>()
+                .Passing(m => m.Count == 10);
+        }
+
         [TestFixtureTearDown]
         public void TearDown()
         {
             MyWebApi.Server().Stops();
         }
+
+        private void GetAccessToken()
+        {
+            var message = server
+                .WithHttpRequestMessage(req => req
+                    .WithRequestUri("/token")
+                    .WithMethod(HttpMethod.Post)
+                    .WithFormUrlEncodedContent("username=TestAuthor@test.com&password=testpass&grant_type=password"))
+                .ShouldReturnHttpResponseMessage()
+                .AndProvideTheHttpResponseMessage();
+
+            var result = JObject.Parse(message.Content.ReadAsStringAsync().Result);
+            this.accessToken = (string)result["access_token"];
+        }
     }
 }

samples/Books Web API/Books.Tests/Books.Tests.csproj

@@ -46,6 +46,10 @@
       <HintPath>..\packages\Microsoft.AspNet.Identity.EntityFramework.2.2.1\lib\net45\Microsoft.AspNet.Identity.EntityFramework.dll</HintPath>
       <Private>True</Private>
     </Reference>
+    <Reference Include="Microsoft.AspNet.Identity.Owin, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.AspNet.Identity.Owin.2.2.1\lib\net45\Microsoft.AspNet.Identity.Owin.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
     <Reference Include="Microsoft.Owin, Version=3.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.Owin.3.0.1\lib\net45\Microsoft.Owin.dll</HintPath>
       <Private>True</Private>
@@ -58,6 +62,18 @@
       <HintPath>..\packages\Microsoft.Owin.Hosting.3.0.1\lib\net45\Microsoft.Owin.Hosting.dll</HintPath>
       <Private>True</Private>
     </Reference>
+    <Reference Include="Microsoft.Owin.Security, Version=3.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.Owin.Security.3.0.1\lib\net45\Microsoft.Owin.Security.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
+    <Reference Include="Microsoft.Owin.Security.Cookies, Version=3.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.Owin.Security.Cookies.3.0.1\lib\net45\Microsoft.Owin.Security.Cookies.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
+    <Reference Include="Microsoft.Owin.Security.OAuth, Version=3.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.Owin.Security.OAuth.3.0.1\lib\net45\Microsoft.Owin.Security.OAuth.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
     <Reference Include="Microsoft.Owin.Testing, Version=3.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.Owin.Testing.3.0.1\lib\net45\Microsoft.Owin.Testing.dll</HintPath>
       <Private>True</Private>
@@ -108,6 +124,7 @@
     <Compile Include="ApiTests\ControllerTests\BooksControllerTests.cs" />
     <Compile Include="ApiTests\IntegrationTests\BooksControllerIntegrationTests.cs" />
     <Compile Include="ApiTests\RouteTests\BookControllerRouteTests.cs" />
+    <Compile Include="Mocks\Identity\ApplicationUserManagerMock.cs" />
     <Compile Include="Mocks\MocksFactory.cs" />
     <Compile Include="Mocks\Repositories\AuthorsRepositoryMock.cs" />
     <Compile Include="Mocks\Repositories\BooksRepositoryMock.cs" />

samples/Books Web API/Books.Tests/Mocks/Identity/ApplicationUserManagerMock.cs

@@ -0,0 +1,35 @@
+namespace Books.Tests.Mocks.Identity
+{
+    using System.Security.Claims;
+    using System.Threading.Tasks;
+    using Api;
+    using Microsoft.AspNet.Identity;
+    using Models;
+    using Moq;
+
+    public class ApplicationUserManagerMock
+    {
+        public static ApplicationUserManager Create()
+        {
+            // create our mocked user
+            var user = new Author { UserName = "TestAuthor", Email = "TestAuthor@test.com" };
+
+            // mock the application user manager with mocked user store
+            var mockedUserStore = new Mock<IUserStore<Author>>();
+            var applicationUserManager = new Mock<ApplicationUserManager>(mockedUserStore.Object);
+
+            // mock the application user manager to always return our user object with any username and password
+            applicationUserManager.Setup(x => x.FindAsync(It.IsAny<string>(), It.IsAny<string>()))
+                .Returns(Task.FromResult(user));
+
+            // mock the application user manager create identity in order to generate valid access token when requested
+            applicationUserManager.Setup(x => x.CreateIdentityAsync(It.IsAny<Author>(), It.IsAny<string>()))
+                .Returns<Author, string>(
+                    (author, password) =>
+                        Task.FromResult(new ClaimsIdentity(new[] {new Claim(ClaimTypes.Name, author.UserName)},
+                            DefaultAuthenticationTypes.ApplicationCookie)));
+
+            return applicationUserManager.Object;
+        }
+    }
+}