.NET Tips and Tricks

Blog archive

Mocking an Authenticated User in Blazor/ASP.NET Core

I've done a couple of recent columns about securing Blazor Components and using claims-based policies declaratively in ASP.NET Core generally. While working with security, I'm always interested in doing end-to-end testing: Starting up the application and seeing what happens when I try to navigate to a page.

However, while that matters to me, I'm less interested in setting up users with a variety of different security configurations (so many names! so many passwords!). Inevitably while thinking I'm testing one authorization scenario, I pick a user that actually represents a different scenario.

So I created a MockAuthenticatedUser class that, once added to my application's middleware, creates an authenticated user for my application. I find it easier to configure my mock user's authorization claims in code before running a test than it is to maintain (and remember) a variety of users.

If you think you might find it useful, you can add it to your processing pipeline with code like this in your Startup class' ConfigureServices method:

services.AddAuthentication("BasicAuthentication")
                .AddScheme<AuthenticationSchemeOptions, 
                              MockAuthenticatedUser>("BasicAuthentication", null);

To use this class, you'll also need this line in your Startup class' Configure method:

app.UseAuthentication();

I should be clear that I've only used this to test Controllers so it might behave differently with Razor Pages.

Here's the code for my MockAuthenticatedUser class that configures a user with a name, an Id, a role, and some random claims:

using System.Security.Claims;
using System.Text.Encodings.Web;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;

namespace SampleBlazor.Models
{
  public class MockAuthenticatedUser : AuthenticationHandler<AuthenticationSchemeOptions>
  {
    const string userId = "phv";
    const string userName = "Jean Irvine";
    const string userRole = "ProductManager";

    public MockAuthenticatedUser(
      IOptionsMonitor<AuthenticationSchemeOptions> options,
      ILoggerFactory logger,
      UrlEncoder encoder,
      ISystemClock clock)
      : base(options, logger, encoder, clock){ }

    protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
    {
      var claims = new[] 
        {
          new Claim(ClaimTypes.NameIdentifier, userId),
          new Claim(ClaimTypes.Name, userName),
          new Claim(ClaimTypes.Role, userRole),
          new Claim(ClaimTypes.Email, "peter.vogel@phvis.com"),
        };
        var identity = new ClaimsIdentity(claims, Scheme.Name);
        var principal = new ClaimsPrincipal(identity);
        var ticket = new AuthenticationTicket(principal, Scheme.Name);

        return await Task.FromResult(AuthenticateResult.Success(ticket));
    }
  }
}

Posted by Peter Vogel on 11/14/2019


comments powered by Disqus

Featured

Subscribe on YouTube