26 lines
974 B
C#
26 lines
974 B
C#
using System.Net;
|
|
|
|
namespace StellaOps.Scanner.WebService.Tests;
|
|
|
|
public sealed class AuthorizationTests
|
|
{
|
|
[Fact]
|
|
public async Task ApiRoutesRequireAuthenticationWhenAuthorityEnabled()
|
|
{
|
|
using var factory = new ScannerApplicationFactory(configuration =>
|
|
{
|
|
configuration["scanner:authority:enabled"] = "true";
|
|
configuration["scanner:authority:allowAnonymousFallback"] = "false";
|
|
configuration["scanner:authority:issuer"] = "https://authority.local";
|
|
configuration["scanner:authority:audiences:0"] = "scanner-api";
|
|
configuration["scanner:authority:clientId"] = "scanner-web";
|
|
configuration["scanner:authority:clientSecret"] = "secret";
|
|
});
|
|
|
|
using var client = factory.CreateClient();
|
|
var response = await client.GetAsync("/api/v1/__auth-probe");
|
|
|
|
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
|
|
}
|
|
}
|