-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added NPQAccessToken to gettrn journey
- Loading branch information
Showing
3 changed files
with
36 additions
and
4 deletions.
There are no files selected for viewing
16 changes: 15 additions & 1 deletion
16
...ingRecordSystem/src/TeachingRecordSystem.AuthorizeAccess/Pages/RequestTrn/Index.cshtml.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,10 +1,24 @@ | ||
using Microsoft.AspNetCore.Mvc; | ||
using Microsoft.AspNetCore.Mvc.RazorPages; | ||
using TeachingRecordSystem.UiCommon.FormFlow; | ||
|
||
namespace TeachingRecordSystem.AuthorizeAccess.Pages.RequestTrn; | ||
|
||
[Journey(RequestTrnJourneyState.JourneyName), ActivatesJourney, RequireJourneyInstance] | ||
public class IndexModel : PageModel | ||
public class IndexModel(IConfiguration configuration) : PageModel | ||
{ | ||
public JourneyInstance<RequestTrnJourneyState>? JourneyInstance { get; set; } | ||
|
||
[FromQuery] | ||
public string? AccessToken { get; set; } | ||
|
||
public ActionResult OnGet() | ||
{ | ||
var whitelistedAccessToken = configuration.GetRequiredValue("RequestTrnAccessToken"); | ||
if (!whitelistedAccessToken.Equals(AccessToken, StringComparison.Ordinal)) | ||
{ | ||
return BadRequest(); | ||
} | ||
return Page(); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -7,5 +7,6 @@ | |
"Microsoft.AspNetCore": "Fatal" | ||
} | ||
} | ||
} | ||
}, | ||
"RequestTrnAccessToken": "n8hhN5MSrNXxCzRo" | ||
} |
21 changes: 19 additions & 2 deletions
21
...ystem/tests/TeachingRecordSystem.AuthorizeAccess.Tests/PageTests/RequestTrn/IndexTests.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,20 +1,37 @@ | ||
namespace TeachingRecordSystem.AuthorizeAccess.Tests.PageTests.RequestTrn; | ||
|
||
public class IndexTests(HostFixture hostFixture) : TestBase(hostFixture) | ||
public class IndexTests(HostFixture hostFixture, IConfiguration configuration) : TestBase(hostFixture) | ||
{ | ||
[Fact] | ||
public async Task Get_ValidRequest_RendersExpectedContent() | ||
{ | ||
// Arrange | ||
var accessToken = configuration.GetValue<string>("RequestTrnAccessToken"); | ||
var state = CreateNewState(); | ||
var journeyInstance = await CreateJourneyInstance(state); | ||
|
||
var request = new HttpRequestMessage(HttpMethod.Get, $"/request-trn?{journeyInstance.GetUniqueIdQueryParameter()}"); | ||
var request = new HttpRequestMessage(HttpMethod.Get, $"/request-trn?{journeyInstance.GetUniqueIdQueryParameter()}&AccessToken={accessToken}"); | ||
|
||
// Act | ||
var response = await HttpClient.SendAsync(request); | ||
|
||
// Assert | ||
await AssertEx.HtmlResponseAsync(response); | ||
} | ||
|
||
[Fact] | ||
public async Task Get_MissingAccessToken_ReturnsBadRequest() | ||
{ | ||
// Arrange | ||
var state = CreateNewState(); | ||
var journeyInstance = await CreateJourneyInstance(state); | ||
|
||
var request = new HttpRequestMessage(HttpMethod.Get, $"/request-trn?{journeyInstance.GetUniqueIdQueryParameter()}&AccessToken="); | ||
|
||
// Act | ||
var response = await HttpClient.SendAsync(request); | ||
|
||
// Assert | ||
Assert.Equal(StatusCodes.Status400BadRequest, (int)response.StatusCode); | ||
} | ||
} |