Imported Upstream version 3.6.0

Former-commit-id: da6be194a6b1221998fc28233f2503bd61dd9d14

external/aspnetwebstack/test/System.Web.Http.WebHost.Test/HttpControllerHandlerTest.cs

@@ -0,0 +1,196 @@
+// Copyright (c) Microsoft Corporation. All rights reserved. See License.txt in the project root for license information.
+
+using System.Collections;
+using System.Collections.Generic;
+using System.IO;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Net.Http.Formatting;
+using System.Net.Http.Headers;
+using System.Reflection;
+using System.Text;
+using System.Threading.Tasks;
+using Microsoft.TestCommon;
+using Moq;
+using Xunit;
+using Xunit.Extensions;
+using Assert = Microsoft.TestCommon.AssertEx;
+
+namespace System.Web.Http.WebHost
+{
+    public class HttpControllerHandlerTest
+    {
+        [Fact]
+        public void ConvertResponse_IfResponseHasNoCacheControlDefined_SetsNoCacheCacheabilityOnAspNetResponse()
+        {
+            // Arrange
+            Mock<HttpContextBase> contextMock = new Mock<HttpContextBase>() { DefaultValue = DefaultValue.Mock };
+            HttpResponseMessage response = new HttpResponseMessage();
+            HttpRequestMessage request = new HttpRequestMessage();
+
+            // Act
+            HttpControllerHandler.ConvertResponse(contextMock.Object, response, request);
+
+            // Assert
+            contextMock.Verify(c => c.Response.Cache.SetCacheability(HttpCacheability.NoCache));
+        }
+
+        [Fact]
+        public void ConvertResponse_IfResponseHasCacheControlDefined_DoesNotSetCacheCacheabilityOnAspNetResponse()
+        {
+            // Arrange
+            Mock<HttpContextBase> contextMock = new Mock<HttpContextBase>() { DefaultValue = DefaultValue.Mock };
+            HttpResponseMessage response = new HttpResponseMessage();
+            HttpRequestMessage request = new HttpRequestMessage();
+            response.Headers.CacheControl = new CacheControlHeaderValue { Public = true };
+
+            // Act
+            HttpControllerHandler.ConvertResponse(contextMock.Object, response, request);
+
+            // Assert
+            contextMock.Verify(c => c.Response.Cache.SetCacheability(HttpCacheability.NoCache), Times.Never());
+        }
+
+        [Fact]
+        public Task ConvertResponse_DisposesRequestAndResponse()
+        {
+            // Arrange
+            Mock<HttpContextBase> contextMock = new Mock<HttpContextBase>() { DefaultValue = DefaultValue.Mock };
+            contextMock.SetupGet((hcb) => hcb.Response.OutputStream).Returns(Stream.Null);
+
+            HttpRequestMessage request = new HttpRequestMessage();
+            HttpResponseMessage response = new HttpResponseMessage();
+
+            // Act
+            return HttpControllerHandler.ConvertResponse(contextMock.Object, response, request).ContinueWith(
+                _ =>
+                {
+                    // Assert
+                    Assert.ThrowsObjectDisposed(() => request.Method = HttpMethod.Get, typeof(HttpRequestMessage).FullName);
+                    Assert.ThrowsObjectDisposed(() => response.StatusCode = HttpStatusCode.OK, typeof(HttpResponseMessage).FullName);
+                });
+        }
+
+        [Fact]
+        public Task ConvertResponse_DisposesRequestAndResponseWithContent()
+        {
+            // Arrange
+            Mock<HttpContextBase> contextMock = new Mock<HttpContextBase>() { DefaultValue = DefaultValue.Mock };
+            contextMock.SetupGet((hcb) => hcb.Response.OutputStream).Returns(Stream.Null);
+
+            HttpRequestMessage request = new HttpRequestMessage() { Content = new StringContent("request") };
+            HttpResponseMessage response = new HttpResponseMessage() { Content = new StringContent("response") };
+
+            // Act
+            return HttpControllerHandler.ConvertResponse(contextMock.Object, response, request).ContinueWith(
+                _ =>
+                {
+                    // Assert
+                    Assert.ThrowsObjectDisposed(() => request.Method = HttpMethod.Get, typeof(HttpRequestMessage).FullName);
+                    Assert.ThrowsObjectDisposed(() => response.StatusCode = HttpStatusCode.OK, typeof(HttpResponseMessage).FullName);
+                });
+        }
+
+        [Fact]
+        public void SuppressFormsAuthenticationRedirect_DoesntRequireSuppressRedirect() {
+            // Arrange
+            Mock<HttpContextBase> contextMock = new Mock<HttpContextBase>() { DefaultValue = DefaultValue.Mock };
+            IDictionary contextItems = new Hashtable();
+            contextMock.SetupGet(hcb => hcb.Response.StatusCode).Returns(200);
+            contextMock.SetupGet(hcb => hcb.Items).Returns(contextItems);
+
+            PropertyInfo suppressRedirect = typeof(HttpResponseBase).GetProperty(SuppressFormsAuthRedirectModule.SuppressFormsAuthenticationRedirectPropertyName, BindingFlags.Instance | BindingFlags.Public);
+
+            // Act
+            HttpControllerHandler.EnsureSuppressFormsAuthenticationRedirect(contextMock.Object);
+
+            // Assert
+            if (suppressRedirect == null) {
+                // .NET 4.0
+                Assert.False(contextItems.Contains(SuppressFormsAuthRedirectModule.DisableAuthenticationRedirectKey));
+            }
+            else {
+                // .NET 4.5
+                Assert.False((bool)suppressRedirect.GetValue(contextMock.Object, null));
+            }
+        }
+
+        [Fact]
+        public void SuppressFormsAuthenticationRedirect_RequireSuppressRedirect() {
+            // Arrange
+            Mock<HttpContextBase> contextMock = new Mock<HttpContextBase>() { DefaultValue = DefaultValue.Mock };
+            IDictionary contextItems = new Hashtable();
+            contextMock.SetupGet(hcb => hcb.Response.StatusCode).Returns(401);
+            contextMock.SetupGet(hcb => hcb.Items).Returns(contextItems);
+
+            PropertyInfo suppressRedirect = typeof(HttpResponseBase).GetProperty(SuppressFormsAuthRedirectModule.SuppressFormsAuthenticationRedirectPropertyName, BindingFlags.Instance | BindingFlags.Public);
+
+            // Act
+            HttpControllerHandler.EnsureSuppressFormsAuthenticationRedirect(contextMock.Object);
+
+            // Assert
+            if (suppressRedirect == null) {
+                // .NET 4.0
+                Assert.True(contextItems.Contains(SuppressFormsAuthRedirectModule.DisableAuthenticationRedirectKey));
+                Assert.True((bool)contextItems[SuppressFormsAuthRedirectModule.DisableAuthenticationRedirectKey]);
+            }
+            else {
+                // .NET 4.5
+                Assert.True((bool)suppressRedirect.GetValue(contextMock.Object, null));
+            }
+        }
+
+        [Theory]
+        [PropertyData("OutputBufferingTestData")]
+        public void IsOutputBufferingNecessary_Returns_Correct_Value(HttpContent content, bool isBuffered)
+        {
+            // Arrange & Act & Assert
+            Assert.Equal(isBuffered, HttpControllerHandler.IsOutputBufferingNecessary(content));
+        }
+
+        [Theory]
+        [PropertyData("OutputBufferingTestData")]
+        public void IsOutputBufferingNecessary_Causes_Content_Length_Header_To_Be_Set(HttpContent content, bool isBuffered)
+        {
+            // Arrange & Act
+            HttpControllerHandler.IsOutputBufferingNecessary(content);
+            IEnumerable<string> contentLengthEnumerable;
+            bool isContentLengthInHeaders = content.Headers.TryGetValues("Content-Length", out contentLengthEnumerable);
+            string[] contentLengthStrings = isContentLengthInHeaders ? contentLengthEnumerable.ToArray() : new string[0];
+            long? contentLength = content.Headers.ContentLength;
+
+            // Assert
+            if (contentLength.HasValue && contentLength.Value >= 0)
+            {
+                // Setting the header is HttpContentHeader's responsibility, but we assert
+                // it has happened because it is IsOutputBufferingNecessary's responsibility
+                // to cause that to happen.   HttpControllerHandler relies on this.
+                Assert.True(isContentLengthInHeaders);
+                Assert.Equal(contentLength.Value, long.Parse(contentLengthStrings[0]));
+            }
+        }
+
+        public static IEnumerable<object[]> OutputBufferingTestData
+        {
+            get
+            {
+                string testString = "testString";
+                Mock<Stream> mockStream = new Mock<Stream>() { CallBase = true };
+                return new TheoryDataSet<HttpContent, bool>()
+                {
+                    // Known length HttpContents other than OC should not buffer
+                    { new StringContent(testString), false },
+                    { new ByteArrayContent(Encoding.UTF8.GetBytes(testString)), false },
+                    { new StreamContent(new MemoryStream(Encoding.UTF8.GetBytes(testString))), false},
+
+                    // StreamContent (unknown length) should not buffer
+                    { new StreamContent(mockStream.Object), false},
+
+                    // ObjectContent (unknown length) should buffer
+                    { new ObjectContent<string>(testString, new XmlMediaTypeFormatter()), true }
+                };
+            }
+        }
+    }
+}

external/aspnetwebstack/test/System.Web.Http.WebHost.Test/Properties/AssemblyInfo.cs

@@ -0,0 +1,5 @@
+// Copyright (c) Microsoft Corporation. All rights reserved. See License.txt in the project root for license information.
+
+using System;
+
+[assembly: CLSCompliant(false)]

external/aspnetwebstack/test/System.Web.Http.WebHost.Test/RouteCollectionExtensionsTest.cs

@@ -0,0 +1,69 @@
+// Copyright (c) Microsoft Corporation. All rights reserved. See License.txt in the project root for license information.
+
+using System.Web.Routing;
+using Microsoft.TestCommon;
+using Xunit;
+using Assert = Microsoft.TestCommon.AssertEx;
+
+namespace System.Web.Http
+{
+    public class RouteCollectionExtensionsTest
+    {
+        [Fact]
+        public void IsCorrectType()
+        {
+            Assert.Type.HasProperties(typeof(RouteCollectionExtensions), TypeAssert.TypeProperties.IsStatic | TypeAssert.TypeProperties.IsPublicVisibleClass);
+        }
+
+        [Fact]
+        public void MapHttpRoute1ThrowsOnNullRouteCollection()
+        {
+            Assert.ThrowsArgumentNull(() => RouteCollectionExtensions.MapHttpRoute(null, "", "", null), "routes");
+        }
+
+        [Fact]
+        public void MapHttpRoute1CreatesRoute()
+        {
+            // Arrange
+            RouteCollection routes = new RouteCollection();
+            object defaults = new { d1 = "D1" };
+
+            // Act
+            Route route = routes.MapHttpRoute("name", "template", defaults);
+
+            // Assert
+            Assert.NotNull(route);
+            Assert.Equal("template", route.Url);
+            Assert.Equal(1, route.Defaults.Count);
+            Assert.Equal("D1", route.Defaults["d1"]);
+            Assert.Same(route, routes["name"]);
+        }
+
+        [Fact]
+        public void MapHttpRoute2ThrowsOnNullRouteCollection()
+        {
+            Assert.ThrowsArgumentNull(() => RouteCollectionExtensions.MapHttpRoute(null, "", "", null, null), "routes");
+        }
+
+        [Fact]
+        public void MapHttpRoute2CreatesRoute()
+        {
+            // Arrange
+            RouteCollection routes = new RouteCollection();
+            object defaults = new { d1 = "D1" };
+            object constraints = new { c1 = "C1" };
+
+            // Act
+            Route route = routes.MapHttpRoute("name", "template", defaults, constraints);
+
+            // Assert
+            Assert.NotNull(route);
+            Assert.Equal("template", route.Url);
+            Assert.Equal(1, route.Defaults.Count);
+            Assert.Equal("D1", route.Defaults["d1"]);
+            Assert.Equal(1, route.Defaults.Count);
+            Assert.Equal("C1", route.Constraints["c1"]);
+            Assert.Same(route, routes["name"]);
+        }
+    }
+}

external/aspnetwebstack/test/System.Web.Http.WebHost.Test/Routing/HostedUrlHelperTest.cs

@@ -0,0 +1,139 @@
+// Copyright (c) Microsoft Corporation. All rights reserved. See License.txt in the project root for license information.
+
+using System.Net.Http;
+using System.Web.Http.Controllers;
+using System.Web.Mvc;
+using System.Web.Routing;
+using Moq;
+using Xunit;
+using Xunit.Extensions;
+using UrlHelper = System.Web.Http.Routing.UrlHelper;
+
+namespace System.Web.Http.WebHost.Routing
+{
+    public class HostedUrlHelperTest
+    {
+        [Theory]
+        [InlineData(WhichRoute.ApiRoute1)]
+        [InlineData(WhichRoute.ApiRoute2)]
+        [InlineData(WhichRoute.WebRoute1)]
+        public void UrlHelper_GeneratesApiUrl_ForMatchingData(WhichRoute whichRoute)
+        {
+            // Mixed mode app with Web API generating URLs to other APIs
+            var url = GetUrlHelperForMixedApp(whichRoute);
+
+            string generatedUrl = url.Route("apiroute2", new { controller = "something", action = "someaction", id = 789 });
+
+            Assert.Equal("$APP$/SOMEAPP/api/something/someaction", generatedUrl);
+        }
+
+        [Theory]
+        [InlineData(WhichRoute.ApiRoute1)]
+        [InlineData(WhichRoute.ApiRoute2)]
+        [InlineData(WhichRoute.WebRoute1)]
+        public void UrlHelper_SkipsApiRoutesAndMatchesMvcUrl_ForMatchingData(WhichRoute whichRoute)
+        {
+            // Mixed mode app with MVC generating URLs to other MVC URLs
+            RouteCollection routes;
+            RequestContext requestContext;
+            var url = GetUrlHelperForMixedApp(whichRoute, out routes, out requestContext);
+
+            // Note: This is generating a URL the "hard" way because it's simulating what a regular MVC
+            // app would do when generating a URL. If we went through the Web API functionality it wouldn't
+            // be testing what would really happen in a mixed app.
+            VirtualPathData virtualPathData = routes.GetVirtualPath(requestContext, new RouteValueDictionary(new { controller = "something", action = "someaction", id = 789 }));
+
+            Assert.NotNull(virtualPathData);
+
+            string generatedUrl = virtualPathData.VirtualPath;
+
+            Assert.Equal("$APP$/SOMEAPP/something/someaction/789", generatedUrl);
+        }
+
+        [Theory]
+        [InlineData(WhichRoute.ApiRoute1)]
+        [InlineData(WhichRoute.ApiRoute2)]
+        [InlineData(WhichRoute.WebRoute1)]
+        public void UrlHelper_MvcAppGeneratesApiRoute_WithSpecialHttpRouteKey(WhichRoute whichRoute)
+        {
+            // Mixed mode app with MVC generating URLs to Web APIs
+            RouteCollection routes;
+            RequestContext requestContext;
+            var url = GetUrlHelperForMixedApp(whichRoute, out routes, out requestContext);
+
+            // Note: This is generating a URL the "hard" way because it's simulating what a regular MVC
+            // app would do when generating a URL. If we went through the Web API functionality it wouldn't
+            // be testing what would really happen in a mixed app.
+            VirtualPathData virtualPathData = routes.GetVirtualPath(requestContext, new RouteValueDictionary(new { controller = "something", action = "someotheraction", id = 789, httproute = true }));
+
+            Assert.NotNull(virtualPathData);
+
+            string generatedUrl = virtualPathData.VirtualPath;
+
+            Assert.Equal("$APP$/SOMEAPP/api/something/someotheraction", generatedUrl);
+        }
+
+        private static UrlHelper GetUrlHelperForMixedApp(WhichRoute whichRoute)
+        {
+            RouteCollection routes;
+            RequestContext requestContext;
+            return GetUrlHelperForMixedApp(whichRoute, out routes, out requestContext);
+        }
+
+        private static UrlHelper GetUrlHelperForMixedApp(WhichRoute whichRoute, out RouteCollection routes, out RequestContext requestContext)
+        {
+            routes = new RouteCollection();
+
+            HttpControllerContext cc = new HttpControllerContext();
+            cc.Request = new HttpRequestMessage();
+            var mockHttpContext = new Mock<HttpContextBase>();
+            var mockHttpRequest = new Mock<HttpRequestBase>();
+            mockHttpRequest.SetupGet<string>(x => x.ApplicationPath).Returns("/SOMEAPP/");
+            var mockHttpResponse = new Mock<HttpResponseBase>();
+            mockHttpResponse.Setup<string>(x => x.ApplyAppPathModifier(It.IsAny<string>())).Returns<string>(x => "$APP$" + x);
+            mockHttpContext.SetupGet<HttpRequestBase>(x => x.Request).Returns(mockHttpRequest.Object);
+            mockHttpContext.SetupGet<HttpResponseBase>(x => x.Response).Returns(mockHttpResponse.Object);
+            cc.Request.Properties["MS_HttpContext"] = mockHttpContext.Object;
+
+            // Set up routes
+            var hostedRoutes = new HostedHttpRouteCollection(routes);
+            Route apiRoute1 = routes.MapHttpRoute("apiroute1", "api/{controller}/{id}", new { action = "someaction" });
+            Route apiRoute2 = routes.MapHttpRoute("apiroute2", "api/{controller}/{action}", new { id = 789 });
+            Route webRoute1 = routes.MapRoute("webroute1", "{controller}/{action}/{id}");
+            cc.Configuration = new HttpConfiguration(hostedRoutes);
+
+            RouteData routeData = new RouteData();
+            routeData.Values.Add("controller", "people");
+            routeData.Values.Add("id", "123");
+
+            // Specify which route we came in on (e.g. what request matching the incoming URL) because
+            // it can affect the generated URL due to the ambient route data.
+            switch (whichRoute)
+            {
+                case WhichRoute.ApiRoute1:
+                    routeData.Route = apiRoute1;
+                    break;
+                case WhichRoute.ApiRoute2:
+                    routeData.Route = apiRoute2;
+                    break;
+                case WhichRoute.WebRoute1:
+                    routeData.Route = webRoute1;
+                    break;
+                default:
+                    throw new ArgumentException("Invalid route specified.", "whichRoute");
+            }
+            cc.RouteData = new HostedHttpRouteData(routeData);
+
+            requestContext = new RequestContext(mockHttpContext.Object, routeData);
+
+            return cc.Url;
+        }
+
+        public enum WhichRoute
+        {
+            ApiRoute1,
+            ApiRoute2,
+            WebRoute1,
+        }
+    }
+}

external/aspnetwebstack/test/System.Web.Http.WebHost.Test/SuppressFormsAuthRedirectModuleTest.cs

@@ -0,0 +1,184 @@
+// Copyright (c) Microsoft Corporation. All rights reserved. See License.txt in the project root for license information.
+
+using System.Collections;
+using System.Collections.Specialized;
+using System.Web.WebPages.TestUtils;
+using Microsoft.TestCommon;
+using Moq;
+using Xunit;
+using Xunit.Extensions;
+
+namespace System.Web.Http.WebHost
+{
+    public class SuppressFormsAuthRedirectModuleTest
+    {
+        [Fact]
+        public void DisableAuthenticationRedirect_SetTheFlagToTrue()
+        {
+            // Arrange
+            Mock<HttpContextBase> contextMock = new Mock<HttpContextBase>() {DefaultValue = DefaultValue.Mock};
+            IDictionary contextItems = new Hashtable();
+            contextMock.SetupGet(hcb => hcb.Items).Returns(contextItems);
+
+            // Act
+            SuppressFormsAuthRedirectModule.DisableAuthenticationRedirect(contextMock.Object);
+
+            // Assert
+            AssertEx.True(contextItems.Contains(SuppressFormsAuthRedirectModule.DisableAuthenticationRedirectKey));
+            AssertEx.True((bool) contextItems[SuppressFormsAuthRedirectModule.DisableAuthenticationRedirectKey]);
+        }
+
+        [Fact]
+        public void EnableAuthenticationRedirect_SetTheFlagToFalse()
+        {
+            // Arrange
+            Mock<HttpContextBase> contextMock = new Mock<HttpContextBase>() { DefaultValue = DefaultValue.Mock };
+            IDictionary contextItems = new Hashtable();
+            contextMock.SetupGet(hcb => hcb.Items).Returns(contextItems);
+
+            // Act
+            SuppressFormsAuthRedirectModule.AllowAuthenticationRedirect(contextMock.Object);
+
+            // Assert
+            AssertEx.True(contextItems.Contains(SuppressFormsAuthRedirectModule.DisableAuthenticationRedirectKey));
+            AssertEx.False((bool) contextItems[SuppressFormsAuthRedirectModule.DisableAuthenticationRedirectKey]);
+        }
+
+        [Fact]
+        public void OnEndRequest_IfDisableRedirectAndStatusIsRedirect_ModifyResponse()
+        {
+            // Arrange
+            HttpResponse response = new HttpResponse(null);
+            IDictionary contextItems = new Hashtable();
+            Mock<HttpContextBase> contextMock = new Mock<HttpContextBase>() { DefaultValue = DefaultValue.Mock };
+            DisableRedirectStub disableRedirectStub = new DisableRedirectStub(contextItems, response);
+
+            contextMock.SetupGet(hcb => hcb.Items).Returns(contextItems);
+            response.StatusCode = 302;
+
+            // Act
+            SuppressFormsAuthRedirectModule.DisableAuthenticationRedirect(contextMock.Object);
+            SuppressFormsAuthRedirectModule.EnsureRestoreUnauthorized(disableRedirectStub);
+
+            // Assert
+            AssertEx.Equal(401, response.StatusCode);
+        }
+
+        [Fact]
+        public void OnEndRequest_IfDisableRedirectAndStatusIsNotRedirect_DoNothing()
+        {
+            // Arrange
+            HttpResponse response = new HttpResponse(null);
+            IDictionary contextItems = new Hashtable();
+            Mock<HttpContextBase> contextMock = new Mock<HttpContextBase>() { DefaultValue = DefaultValue.Mock };
+            DisableRedirectStub disableRedirectStub = new DisableRedirectStub(contextItems, response);
+
+            contextMock.SetupGet(hcb => hcb.Items).Returns(contextItems);
+            response.StatusCode = 200;
+
+            // Act
+            SuppressFormsAuthRedirectModule.DisableAuthenticationRedirect(contextMock.Object);
+            SuppressFormsAuthRedirectModule.EnsureRestoreUnauthorized(disableRedirectStub);
+
+            // Assert
+            AssertEx.Equal(200, response.StatusCode);
+        }
+
+        [Fact]
+        public void OnEndRequest_IfEnableRedirectAndStatusIsRedirect_DoNothing()
+        {
+            // Arrange
+            HttpResponse response = new HttpResponse(null);
+            IDictionary contextItems = new Hashtable();
+            Mock<HttpContextBase> contextMock = new Mock<HttpContextBase>() { DefaultValue = DefaultValue.Mock };
+            DisableRedirectStub disableRedirectStub = new DisableRedirectStub(contextItems, response);
+
+            contextMock.SetupGet(hcb => hcb.Items).Returns(contextItems);
+            response.StatusCode = 302;
+
+            // Act
+            SuppressFormsAuthRedirectModule.AllowAuthenticationRedirect(contextMock.Object);
+            SuppressFormsAuthRedirectModule.EnsureRestoreUnauthorized(disableRedirectStub);
+
+            // Assert
+            AssertEx.Equal(302, response.StatusCode);
+        }
+
+
+        [Fact]
+        public void OnEndRequest_IfWebApiControllerReturnsARedirect_DoNothing() {
+            // Arrange
+            HttpResponse response = new HttpResponse(null);
+            IDictionary contextItems = new Hashtable();
+            Mock<HttpContextBase> contextMock = new Mock<HttpContextBase>() { DefaultValue = DefaultValue.Mock };
+            DisableRedirectStub disableRedirectStub = new DisableRedirectStub(contextItems, response);
+
+            contextMock.SetupGet(hcb => hcb.Items).Returns(contextItems);
+            response.StatusCode = 302;
+
+            // Act
+            HttpControllerHandler.EnsureSuppressFormsAuthenticationRedirect(contextMock.Object);
+
+            SuppressFormsAuthRedirectModule.AllowAuthenticationRedirect(contextMock.Object);
+            SuppressFormsAuthRedirectModule.EnsureRestoreUnauthorized(disableRedirectStub);
+
+            // Assert
+            AssertEx.Equal(302, response.StatusCode);
+        }
+
+        [Fact]
+        public void OnEndRequest_IfEnableRedirectAndStatusIsNotRedirect_DoNothing()
+        {
+            // Arrange
+            HttpResponse response = new HttpResponse(null);
+            IDictionary contextItems = new Hashtable();
+            Mock<HttpContextBase> contextMock = new Mock<HttpContextBase>() { DefaultValue = DefaultValue.Mock };
+            DisableRedirectStub disableRedirectStub = new DisableRedirectStub(contextItems, response);
+
+            contextMock.SetupGet(hcb => hcb.Items).Returns(contextItems);
+            response.StatusCode = 200;
+
+            // Act
+            SuppressFormsAuthRedirectModule.AllowAuthenticationRedirect(contextMock.Object);
+            SuppressFormsAuthRedirectModule.EnsureRestoreUnauthorized(disableRedirectStub);
+
+            // Assert
+            AssertEx.Equal(200, response.StatusCode);
+        }
+
+        [Theory]
+        [InlineData("false", false)]
+        [InlineData("true", true)]
+        [InlineData("", true)]
+        [InlineData("foo", true)]
+        public void GetDisabled_ParsesAppSettings(string setting, bool expected)
+        {
+            AssertEx.Equal(expected, SuppressFormsAuthRedirectModule.GetEnabled(new NameValueCollection() { { SuppressFormsAuthRedirectModule.AppSettingsSuppressFormsAuthenticationRedirectKey, setting } }));
+        }
+        
+
+        [Fact]
+        public void PreApplicationStartCode_IsValid() 
+        {
+            PreAppStartTestHelper.TestPreAppStartClass(typeof(PreApplicationStartCode));
+        }
+    }
+
+    internal class DisableRedirectStub : SuppressFormsAuthRedirectModule.IDisableRedirect {
+        private readonly IDictionary _contextItems;
+        private readonly HttpResponse _response;
+
+        public DisableRedirectStub(IDictionary contextItems, HttpResponse response) {
+            _contextItems = contextItems;
+            _response = response;
+        }
+
+        public IDictionary ContextItems {
+            get { return _contextItems; }
+        }
+
+        public HttpResponse Response {
+            get { return _response; }
+        }
+    }
+}

external/aspnetwebstack/test/System.Web.Http.WebHost.Test/System.Web.Http.WebHost.Test.csproj

@@ -0,0 +1,97 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildThisFileDirectory),Runtime.sln))\tools\WebStack.settings.targets" />
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+    <ProductVersion>9.0.30729</ProductVersion>
+    <SchemaVersion>2.0</SchemaVersion>
+    <ProjectGuid>{EA62944F-BD25-4730-9405-9BE8FF5BEACD}</ProjectGuid>
+    <OutputType>Library</OutputType>
+    <AppDesignerFolder>Properties</AppDesignerFolder>
+    <RootNamespace>System.Web.Http.WebHost</RootNamespace>
+    <AssemblyName>System.Web.Http.WebHost.Test</AssemblyName>
+    <FileAlignment>512</FileAlignment>
+    <ProjectTypeGuids>{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}</ProjectTypeGuids>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+    <TreatWarningsAsErrors>true</TreatWarningsAsErrors>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)' == 'Debug' ">
+    <DebugSymbols>true</DebugSymbols>
+    <DebugType>full</DebugType>
+    <Optimize>false</Optimize>
+    <OutputPath>$(WebStackRootPath)\bin\Debug\Test\</OutputPath>
+    <DefineConstants>TRACE;DEBUG</DefineConstants>
+    <CodeAnalysisRuleSet>MinimumRecommendedRules.ruleset</CodeAnalysisRuleSet>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)' == 'Release' ">
+    <DebugType>pdbonly</DebugType>
+    <Optimize>true</Optimize>
+    <OutputPath>$(WebStackRootPath)\bin\Release\Test\</OutputPath>
+    <DefineConstants>TRACE</DefineConstants>
+    <CodeAnalysisRuleSet>MinimumRecommendedRules.ruleset</CodeAnalysisRuleSet>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)' == 'CodeCoverage' ">
+    <DebugSymbols>true</DebugSymbols>
+    <DebugType>full</DebugType>
+    <Optimize>false</Optimize>
+    <OutputPath>$(WebStackRootPath)\bin\CodeCoverage\Test\</OutputPath>
+    <DefineConstants>TRACE;DEBUG</DefineConstants>
+    <CodeAnalysisRuleSet>MinimumRecommendedRules.ruleset</CodeAnalysisRuleSet>
+  </PropertyGroup>
+  <ItemGroup>
+    <Reference Include="Moq, Version=4.0.10827.0, Culture=neutral, PublicKeyToken=69f491c39445e920, processorArchitecture=MSIL">
+      <HintPath>..\..\packages\Moq.4.0.10827\lib\NET40\Moq.dll</HintPath>
+    </Reference>
+    <Reference Include="System" />
+    <Reference Include="System.Configuration" />
+    <Reference Include="System.Core" />
+    <Reference Include="System.Net.Http, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\..\packages\Microsoft.Net.Http.2.0.20326.1\lib\net40\System.Net.Http.dll</HintPath>
+    </Reference>
+    <Reference Include="System.Net.Http.WebRequest, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\..\packages\Microsoft.Net.Http.2.0.20326.1\lib\net40\System.Net.Http.WebRequest.dll</HintPath>
+    </Reference>
+    <Reference Include="System.Web" />
+    <Reference Include="xunit">
+      <HintPath>..\..\packages\xunit.1.9.0.1566\lib\xunit.dll</HintPath>
+    </Reference>
+    <Reference Include="xunit.extensions">
+      <HintPath>..\..\packages\xunit.extensions.1.9.0.1566\lib\xunit.extensions.dll</HintPath>
+    </Reference>
+  </ItemGroup>
+  <ItemGroup>
+    <Compile Include="HttpControllerHandlerTest.cs" />
+    <Compile Include="RouteCollectionExtensionsTest.cs" />
+    <Compile Include="Properties\AssemblyInfo.cs" />
+    <Compile Include="Routing\HostedUrlHelperTest.cs" />
+    <Compile Include="SuppressFormsAuthRedirectModuleTest.cs" />
+  </ItemGroup>
+  <ItemGroup>
+    <None Include="packages.config" />
+  </ItemGroup>
+  <ItemGroup>
+    <ProjectReference Include="..\..\src\System.Net.Http.Formatting\System.Net.Http.Formatting.csproj">
+      <Project>{668E9021-CE84-49D9-98FB-DF125A9FCDB0}</Project>
+      <Name>System.Net.Http.Formatting</Name>
+    </ProjectReference>
+    <ProjectReference Include="..\..\src\System.Web.Http.WebHost\System.Web.Http.WebHost.csproj">
+      <Project>{A0187BC2-8325-4BB2-8697-7F955CF4173E}</Project>
+      <Name>System.Web.Http.WebHost</Name>
+    </ProjectReference>
+    <ProjectReference Include="..\..\src\System.Web.Http\System.Web.Http.csproj">
+      <Project>{DDC1CE0C-486E-4E35-BB3B-EAB61F8F9440}</Project>
+      <Name>System.Web.Http</Name>
+    </ProjectReference>
+    <ProjectReference Include="..\..\src\System.Web.Mvc\System.Web.Mvc.csproj">
+      <Project>{3D3FFD8A-624D-4E9B-954B-E1C105507975}</Project>
+      <Name>System.Web.Mvc</Name>
+    </ProjectReference>
+    <ProjectReference Include="..\Microsoft.TestCommon\Microsoft.TestCommon.csproj">
+      <Project>{FCCC4CB7-BAF7-4A57-9F89-E5766FE536C0}</Project>
+      <Name>Microsoft.TestCommon</Name>
+    </ProjectReference>
+  </ItemGroup>
+  <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
+</Project>

external/aspnetwebstack/test/System.Web.Http.WebHost.Test/packages.config

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="utf-8"?>
+<packages>
+  <package id="Microsoft.Net.Http" version="2.0.20326.1" />
+  <package id="Moq" version="4.0.10827" />
+  <package id="xunit" version="1.9.0.1566" />
+  <package id="xunit.extensions" version="1.9.0.1566" />
+</packages>