UAuthApp & UAuthStateView Tests

Author: mckaragoz

src/client/CodeBeam.UltimateAuth.Client.Blazor/Components/UAuthStateView.razor.cs

@@ -98,10 +98,18 @@ private async Task<bool> EvaluateAuthorizationAsync()
         var results = new List<bool>();
 
         if (roles.Count > 0)
-            results.Add(roles.Any(AuthState.IsInRole));
+        {
+            results.Add(MatchAll
+                ? roles.All(AuthState.IsInRole)
+                : roles.Any(AuthState.IsInRole));
+        }
 
         if (permissions.Count > 0)
-            results.Add(permissions.Any(AuthState.HasPermission));
+        {
+            results.Add(MatchAll
+                ? permissions.All(AuthState.HasPermission)
+                : permissions.Any(AuthState.HasPermission));
+        }
 
         if (!string.IsNullOrWhiteSpace(Policy))
             results.Add(await EvaluatePolicyAsync());

tests/CodeBeam.UltimateAuth.Tests.Unit/Bunit/UAuthAppTests.cs

@@ -0,0 +1,121 @@
+using Bunit;
+using CodeBeam.UltimateAuth.Client;
+using CodeBeam.UltimateAuth.Client.Abstractions;
+using CodeBeam.UltimateAuth.Client.Blazor;
+using CodeBeam.UltimateAuth.Client.Infrastructure;
+using CodeBeam.UltimateAuth.Tests.Unit.Helpers;
+using FluentAssertions;
+using Microsoft.AspNetCore.Components;
+using Microsoft.Extensions.DependencyInjection;
+using Moq;
+
+namespace CodeBeam.UltimateAuth.Tests.Unit;
+
+public class UAuthAppTests
+{
+
+    private (BunitContext ctx, Mock<IUAuthStateManager> stateManager, Mock<IUAuthClientBootstrapper> bootstrapper, Mock<ISessionCoordinator> coordinator)
+    
+        CreateUAuthAppTestContext(UAuthState state, bool authenticated = true)
+    {
+        var ctx = new BunitContext();
+
+        var stateManager = new Mock<IUAuthStateManager>();
+        stateManager.Setup(x => x.State).Returns(state);
+        stateManager.Setup(x => x.EnsureAsync(It.IsAny<bool>()))
+            .Returns(Task.CompletedTask);
+
+        var bootstrapper = new Mock<IUAuthClientBootstrapper>();
+        bootstrapper.Setup(x => x.EnsureStartedAsync())
+            .Returns(Task.CompletedTask);
+
+        var coordinator = new Mock<ISessionCoordinator>();
+        coordinator.Setup(x => x.StartAsync()).Returns(Task.CompletedTask);
+        coordinator.Setup(x => x.StopAsync()).Returns(Task.CompletedTask);
+
+        ctx.Services.AddSingleton(stateManager.Object);
+        ctx.Services.AddSingleton(bootstrapper.Object);
+        ctx.Services.AddSingleton(coordinator.Object);
+
+        var auth = ctx.AddAuthorization();
+        if (authenticated)
+            auth.SetAuthorized("test-user");
+        else
+            auth.SetNotAuthorized();
+
+        return (ctx, stateManager, bootstrapper, coordinator);
+    }
+
+    [Fact]
+    public async Task Should_Initialize_And_Bootstrap_On_First_Render()
+    {
+        var state = TestAuthState.Anonymous();
+        var (ctx, stateManager, bootstrapper, _) = CreateUAuthAppTestContext(state);
+        var cut = ctx.Render<UAuthApp>();
+        await cut.InvokeAsync(() => Task.CompletedTask);
+
+        bootstrapper.Verify(x => x.EnsureStartedAsync(), Times.Once);
+        stateManager.Verify(x => x.EnsureAsync(It.IsAny<bool>()), Times.AtLeastOnce);
+    }
+
+    [Fact]
+    public async Task Should_Start_Coordinator_When_Authenticated()
+    {
+        var state = TestAuthState.Authenticated();
+        var (ctx, _, _, coordinator) = CreateUAuthAppTestContext(state);
+        var cut = ctx.Render<UAuthApp>();
+        await cut.InvokeAsync(() => Task.CompletedTask);
+
+        coordinator.Verify(x => x.StartAsync(), Times.Once);
+    }
+
+    [Fact]
+    public async Task Should_Stop_Coordinator_When_State_Cleared()
+    {
+        var state = TestAuthState.Authenticated();
+        var (ctx, _, _, coordinator) = CreateUAuthAppTestContext(state);
+        var cut = ctx.Render<UAuthApp>();
+        state.Clear();
+        await cut.InvokeAsync(() => Task.CompletedTask);
+
+        coordinator.Verify(x => x.StopAsync(), Times.Once);
+    }
+
+    [Fact]
+    public async Task Should_Stop_Coordinator_On_Dispose()
+    {
+        var state = TestAuthState.Authenticated();
+        var (ctx, _, _, coordinator) = CreateUAuthAppTestContext(state);
+        var cut = ctx.Render<UAuthApp>();
+        await cut.Instance.DisposeAsync();
+
+        coordinator.Verify(x => x.StopAsync(), Times.Once);
+    }
+
+    [Fact]
+    public async Task Should_Call_Ensure_When_State_Is_Stale()
+    {
+        var state = TestAuthState.Authenticated();
+        state.MarkStale();
+        var (ctx, stateManager, _, _) = CreateUAuthAppTestContext(state);
+        var cut = ctx.Render<UAuthApp>();
+        await cut.InvokeAsync(() => Task.CompletedTask);
+
+        stateManager.Verify(x => x.EnsureAsync(true), Times.AtLeastOnce);
+    }
+
+    [Fact]
+    public async Task Should_Invoke_Callback_On_Reauth()
+    {
+        var state = TestAuthState.Authenticated();
+        var (ctx, _, _, coordinator) = CreateUAuthAppTestContext(state);
+        var called = false;
+        var cut = ctx.Render<UAuthApp>(p => p.Add(x => x.OnReauthRequired, EventCallback.Factory.Create(this, () => called = true)));
+
+        await cut.InvokeAsync(() => Task.CompletedTask);
+        coordinator.Raise(x => x.ReauthRequired += null);
+        await cut.InvokeAsync(() => Task.CompletedTask);
+
+        called.Should().BeTrue();
+    }
+}

tests/CodeBeam.UltimateAuth.Tests.Unit/Bunit/UAuthStateViewTests.cs

@@ -0,0 +1,152 @@
+using Bunit;
+using CodeBeam.UltimateAuth.Authorization.Contracts;
+using CodeBeam.UltimateAuth.Authorization.Reference;
+using CodeBeam.UltimateAuth.Client;
+using CodeBeam.UltimateAuth.Client.Blazor;
+using CodeBeam.UltimateAuth.Core.Domain;
+using CodeBeam.UltimateAuth.Tests.Unit.Helpers;
+using FluentAssertions;
+using Microsoft.AspNetCore.Components;
+using Microsoft.Extensions.DependencyInjection;
+using Moq;
+using System.Security.Claims;
+
+namespace CodeBeam.UltimateAuth.Tests.Unit;
+
+public class UAuthStateViewTests
+{
+    private IRenderedComponent<UAuthStateView> RenderWithAuth(BunitContext ctx, UAuthState state, Action<ComponentParameterCollectionBuilder<UAuthStateView>> parameters)
+    {
+        var wrapper = ctx.Render<CascadingValue<UAuthState>>(p => p
+            .Add(x => x.Value, state)
+            .AddChildContent<UAuthStateView>(parameters)
+        );
+
+        return wrapper.FindComponent<UAuthStateView>();
+    }
+
+    private static RenderFragment Html(string html)
+        => b => b.AddMarkupContent(0, html);
+
+    [Fact]
+    public void Should_Render_NotAuthorized_When_Not_Authenticated()
+    {
+        using var ctx = new BunitContext();
+        var state = UAuthState.Anonymous();
+        ctx.Services.AddSingleton(Mock.Of<IAuthorizationService>());
+
+        var cut = ctx.Render<CascadingValue<UAuthState>>(parameters => parameters
+            .Add(p => p.Value, state)
+            .AddChildContent<UAuthStateView>(child => child
+                .Add(p => p.NotAuthorized, (RenderFragment)(b => b.AddMarkupContent(0, "<div>nope</div>")))
+            )
+        );
+
+        cut.Markup.Should().Contain("nope");
+    }
+
+    [Fact]
+    public void Should_Render_ChildContent_When_Authorized_Without_Conditions()
+    {
+        using var ctx = new BunitContext();
+        var state = TestAuthState.Authenticated();
+        ctx.Services.AddSingleton(Mock.Of<IAuthorizationService>());
+
+        var cut = RenderWithAuth(ctx, state, p => p
+            .Add(x => x.ChildContent, s => b => b.AddContent(0, "authorized"))
+        );
+
+        cut.Markup.Should().Contain("authorized");
+    }
+
+    [Fact]
+    public void Should_Render_NotAuthorized_When_Role_Not_Match()
+    {
+        using var ctx = new BunitContext();
+        var state = TestAuthState.WithRoles("user");
+        ctx.Services.AddSingleton(Mock.Of<IAuthorizationService>());
+
+        var cut = RenderWithAuth(ctx, state, p => p
+            .Add(x => x.Roles, "admin")
+            .Add(x => x.NotAuthorized, Html("<div>nope</div>"))
+        );
+
+        cut.Markup.Should().Contain("nope");
+    }
+
+    [Fact]
+    public void Should_Render_Authorized_When_Role_Matches()
+    {
+        using var ctx = new BunitContext();
+        var state = TestAuthState.WithRoles("admin");
+        ctx.Services.AddSingleton(Mock.Of<IAuthorizationService>());
+
+        var cut = RenderWithAuth(ctx, state, p => p
+            .Add(x => x.Roles, "admin")
+            .Add(x => x.Authorized, s => b => b.AddContent(0, "ok"))
+        );
+
+        cut.Markup.Should().Contain("ok");
+    }
+
+    [Fact]
+    public void Should_Check_Permissions()
+    {
+        using var ctx = new BunitContext();
+        var state = TestAuthState.WithPermissions("read");
+        ctx.Services.AddSingleton(Mock.Of<IAuthorizationService>());
+
+        var cut = RenderWithAuth(ctx, state, p => p
+            .Add(x => x.Permissions, "write")
+            .Add(x => x.NotAuthorized, Html("<div>no</div>"))
+        );
+
+        cut.Markup.Should().Contain("no");
+    }
+
+    [Fact]
+    public void Should_Require_All_When_MatchAll_True()
+    {
+        using var ctx = new BunitContext();
+        var state = TestAuthState.WithRoles("admin");
+        ctx.Services.AddSingleton(Mock.Of<IAuthorizationService>());
+
+        var cut = RenderWithAuth(ctx, state, p => p
+            .Add(x => x.Roles, "admin,user")
+            .Add(x => x.MatchAll, true)
+            .Add(x => x.NotAuthorized, Html("<div>no</div>"))
+        );
+
+        cut.Markup.Should().Contain("no");
+    }
+
+    [Fact]
+    public void Should_Allow_Any_When_MatchAll_False()
+    {
+        using var ctx = new BunitContext();
+        var state = TestAuthState.WithRoles("admin");
+        ctx.Services.AddSingleton(Mock.Of<IAuthorizationService>());
+
+        var cut = RenderWithAuth(ctx, state, p => p
+            .Add(x => x.Roles, "admin,user")
+            .Add(x => x.MatchAll, false)
+            .Add(x => x.Authorized, s => b => b.AddContent(0, "ok"))
+        );
+
+        cut.Markup.Should().Contain("ok");
+    }
+
+    [Fact]
+    public void Should_Render_Inactive_When_Session_Not_Active()
+    {
+        using var ctx = new BunitContext();
+        var state = TestAuthState.WithSession(SessionState.Revoked);
+        ctx.Services.AddSingleton(Mock.Of<IAuthorizationService>());
+
+        var cut = RenderWithAuth(ctx, state, p => p
+            .Add(x => x.Inactive, s => b => b.AddContent(0, "inactive"))
+        );
+
+        cut.Markup.Should().Contain("inactive");
+    }
+}

tests/CodeBeam.UltimateAuth.Tests.Unit/Helpers/TestAuthState.cs

@@ -0,0 +1,83 @@
+using CodeBeam.UltimateAuth.Client;
+using CodeBeam.UltimateAuth.Core.Contracts;
+using CodeBeam.UltimateAuth.Core.Domain;
+using CodeBeam.UltimateAuth.Core.MultiTenancy;
+using System.Security.Claims;
+
+namespace CodeBeam.UltimateAuth.Tests.Unit.Helpers;
+
+public static class TestAuthState
+{
+    public static UAuthState Anonymous()
+        => UAuthState.Anonymous();
+
+    public static UAuthState Authenticated(
+        string userId = "user-1",
+        params (string Type, string Value)[] claims)
+    {
+        var state = UAuthState.Anonymous();
+
+        var identity = new AuthIdentitySnapshot
+        {
+            UserKey = UserKey.FromString(userId),
+            Tenant = TenantKeys.Single,
+            SessionState = SessionState.Active,
+            UserStatus = UserStatus.Active
+        };
+
+        var snapshot = new AuthStateSnapshot
+        {
+            Identity = identity,
+            Claims = ClaimsSnapshot.From(claims)
+        };
+
+        state.ApplySnapshot(snapshot, DateTimeOffset.UtcNow);
+
+        return state;
+    }
+
+    public static UAuthState WithRoles(params string[] roles)
+    {
+        return Authenticated(
+            claims: roles.Select(r => (ClaimTypes.Role, r)).ToArray());
+    }
+
+    public static UAuthState WithPermissions(params string[] permissions)
+    {
+        return Authenticated(
+            claims: permissions.Select(p => ("uauth:permission", p)).ToArray());
+    }
+
+    public static UAuthState WithSession(SessionState sessionState)
+    {
+        var state = Authenticated();
+
+        var identity = state.Identity! with
+        {
+            SessionState = sessionState
+        };
+
+        var snapshot = new AuthStateSnapshot
+        {
+            Identity = identity,
+            Claims = state.Claims
+        };
+
+        state.ApplySnapshot(snapshot, DateTimeOffset.UtcNow);
+
+        return state;
+    }
+
+    public static UAuthState Full(
+        string userId,
+        string[] roles,
+        string[] permissions)
+    {
+        var claims = new List<(string, string)>();
+
+        claims.AddRange(roles.Select(r => (ClaimTypes.Role, r)));
+        claims.AddRange(permissions.Select(p => ("uauth:permission", p)));
+
+        return Authenticated(userId, claims.ToArray());
+    }
+}