12cbcd5d8e
- Replaced JwtSecurityToken with JsonWebToken in DependencyInjection.cs to align with ASP.NET Core 8+ requirements. - Enhanced CustomWebApplicationFactory to configure minimal JWT validation and custom authentication handling for functional tests. - Removed outdated tests that relied on InMemory Database limitations, ensuring a cleaner test suite. - Updated RegisterUserCommandHandlerTests to throw DuplicateResourceException for better error handling.
78 lines
2.9 KiB
C#
78 lines
2.9 KiB
C#
using System.Security.Claims;
|
|
using System.Text.Encodings.Web;
|
|
using Microsoft.AspNetCore.Authentication;
|
|
using Microsoft.Extensions.Logging;
|
|
using Microsoft.Extensions.Options;
|
|
|
|
namespace IamService.FunctionalTests;
|
|
|
|
/// <summary>
|
|
/// EN: Test authentication handler that bypasses JWT validation for functional tests.
|
|
/// VI: Handler xác thực test để bypass JWT validation cho functional tests.
|
|
/// </summary>
|
|
public class TestAuthenticationHandler : AuthenticationHandler<AuthenticationSchemeOptions>
|
|
{
|
|
public TestAuthenticationHandler(
|
|
IOptionsMonitor<AuthenticationSchemeOptions> options,
|
|
ILoggerFactory logger,
|
|
UrlEncoder encoder)
|
|
: base(options, logger, encoder)
|
|
{
|
|
}
|
|
|
|
protected override Task<AuthenticateResult> HandleAuthenticateAsync()
|
|
{
|
|
// EN: Check if Authorization header exists and starts with Bearer
|
|
// VI: Kiểm tra nếu Authorization header tồn tại và bắt đầu với Bearer
|
|
var authHeader = Request.Headers.Authorization.ToString();
|
|
|
|
if (string.IsNullOrEmpty(authHeader) || !authHeader.StartsWith("Bearer ", StringComparison.OrdinalIgnoreCase))
|
|
{
|
|
return Task.FromResult(AuthenticateResult.NoResult());
|
|
}
|
|
|
|
var token = authHeader["Bearer ".Length..].Trim();
|
|
|
|
if (string.IsNullOrEmpty(token))
|
|
{
|
|
return Task.FromResult(AuthenticateResult.Fail("No token provided"));
|
|
}
|
|
|
|
try
|
|
{
|
|
// EN: Parse the JWT token to extract claims (without signature validation)
|
|
// VI: Parse JWT token để trích xuất claims (không validate signature)
|
|
var handler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
|
|
|
|
if (!handler.CanReadToken(token))
|
|
{
|
|
return Task.FromResult(AuthenticateResult.Fail("Invalid token format"));
|
|
}
|
|
|
|
var jwtToken = handler.ReadJwtToken(token);
|
|
|
|
// EN: Create claims identity from token
|
|
// VI: Tạo claims identity từ token
|
|
var claims = jwtToken.Claims.ToList();
|
|
|
|
// EN: Ensure we have a name identifier claim
|
|
// VI: Đảm bảo có name identifier claim
|
|
var subClaim = claims.FirstOrDefault(c => c.Type == "sub");
|
|
if (subClaim != null && !claims.Any(c => c.Type == ClaimTypes.NameIdentifier))
|
|
{
|
|
claims.Add(new Claim(ClaimTypes.NameIdentifier, subClaim.Value));
|
|
}
|
|
|
|
var identity = new ClaimsIdentity(claims, "Test");
|
|
var principal = new ClaimsPrincipal(identity);
|
|
var ticket = new AuthenticationTicket(principal, "Bearer");
|
|
|
|
return Task.FromResult(AuthenticateResult.Success(ticket));
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
return Task.FromResult(AuthenticateResult.Fail($"Token parsing failed: {ex.Message}"));
|
|
}
|
|
}
|
|
}
|