In this article, let's learn about how to setup
Functional Test in
WebAPI in ASP.NET Core.
Note: If you have not done so already, I recommend you read the article on Using WireMock.NET in Functional testing in ASP.NET WEB API.
Table of Contents
In our previous article we saw how to use
WireMock.NET in functional test to validate HTTP calls. In this article,
we will see how to setup
Authorization in functional test in
WebAPI in ASP.NET Core step by step. We will be using the same project that we used in our previous article.
The straight forward way to enable
Web API is to add
UseAuthentication() middleware and decorate necessary endpoints
[Authorize] attribute. But instead of addiing to each
Controller, we can do a small configuration in
AuthorizeFilter and enable for all
Code Sample - Configure Authentication in Web API
Now after adding the above code in
Program.cs, if we run our tests, all our tests will fail with
401 UnAuthorized as shown below.
Lets quickly verify if we are getting
401 UnAuthorized from swagger. Here is the swagger response from the
Functional Test is a bit tricky as it cannot be
mocked like unit tests. But here is plan as per official documentation.
Let's start with
Code Sample - Configure Test Auth Handler for ASP.NET WEB API Functional Test
When application is started in test host add new authentication scheme (let's call it
Code Sample - Register Test Authentication Scheme in Custom Web Application Factory
Configure authentication scheme to use custom authentication handler (
TestAuthHandler) that creates fake identity for integration tests. This handler creates fake user when
HandleAuthenticateAsync()is called. We don't need any additional hacks to make ASP.NET Core application use this fake identity. Our integration test needs also some changes because of authentication handler.
Extend test client to use authentication header with scheme
Code Sample - Setting Auth Header in Test HTTP Client
That's it now if we run our tests, it should pass. Here is the output of the test after adding the above code.
So far so good. Now the problem with the above
TestHandler is that it provides static set of claims for all the
tests. This will not be the case in real world applications. The handler provides web application with static set of claims. No matter what is the
request claims are always the same. This way it is not possible to test application with different users and roles. We need to validate
Authorization for endpoints which require different set of claims. So we need to configure claims for each test. Here is the plan.
To make test authentication handler support different user accounts I added claims provider. This is the
classthat carries given set of
claimsto test authentication provider. I added also some static methods to return already initialized provider with set of claims specific for role.
Code Sample - Configuring Claims in ASP.NET WEB API Functional Test
Inject above instance of claims provider to test authentication handler using framework-level dependency injection.
Code Sample - Injecting claims and roles in APS.NET Web API Functional Test
That's it. Now we can use the above code to configure
each test. Let's try to test both
Admin role. Since we added
AuthClaimsProvider.WithGuestClaims() as default in
CustomWebApplicationFactory we can directly add that to
GetWeatherForecastFromDatabase endpoint and run test.
Now lets try to test the
Admin role on
endpoint. For this we need to replace
Guest claims with
Admin claims. We are
going to use the same Replace Service Method that we learned in
Faking Dependencies in Functional testing in ASP.NET WEB API.
The updated test code is shown below.
Code Sample - Running WEB API Functional Test with Admin Role
Thats it. We are done with setup. Now the tests will run in the following flow.
- Start Test Method.
- Create HTTP Client.
- Create WebApplicationFactory.
- Run Program.cs.
- Add Default Authentication / Override with Different Claims.
- Service Registration.
- Overriding Service Registration and Configuration with ConfigureTestServices.
- Build Web Application.
- WireMock.NET Setup.
- Test Code Execution.
Now lets run the test and see the result.
In this article, we learnt about how to setup
Functional Test in
WebAPI in ASP.NET Core. We learnt how to setup Test
Authentication Handler and Test Scheme and also learnt how to inject different users and claims in runtime. The complete source code for this article
can be found here. With this we
are completing the series on
Functional Testing in ASP.NET WebAPI. I'm happy to share my knowledge on functional
testing. Hope you enjoyed reading it.