// Copyright (c) Microsoft Corporation. All rights reserved. See License.txt in the project root for license information. using System.Net; using System.Net.Http; using System.Web.Http.SelfHost; using Xunit; namespace System.Web.Http { public class BasicOverHttpTest { private static readonly string BaseAddress = "http://localhost:8080"; [Fact] public void AuthenticateWithUsernameTokenSucceed() { RunBasicAuthTest("Sample", "", new NetworkCredential("username", "password"), (response) => Assert.Equal(HttpStatusCode.OK, response.StatusCode) ); } [Fact] public void AuthenticateWithWrongPasswordFail() { RunBasicAuthTest("Sample", "", new NetworkCredential("username", "wrong password"), (response) => Assert.Equal(HttpStatusCode.Forbidden, response.StatusCode) ); } [Fact] public void AuthenticateWithNoCredentialFail() { RunBasicAuthTest("Sample", "", null, (response) => Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode) ); } private static void RunBasicAuthTest(string controllerName, string routeSuffix, NetworkCredential credential, Action assert) { // Arrange HttpSelfHostConfiguration config = new HttpSelfHostConfiguration(BaseAddress); config.Routes.MapHttpRoute("Default", "{controller}" + routeSuffix, new { controller = controllerName }); config.UserNamePasswordValidator = new CustomUsernamePasswordValidator(); config.MessageHandlers.Add(new CustomMessageHandler()); HttpSelfHostServer server = new HttpSelfHostServer(config); server.OpenAsync().Wait(); // Create a GET request with correct username and password HttpClientHandler handler = new HttpClientHandler(); handler.Credentials = credential; HttpClient client = new HttpClient(handler); HttpResponseMessage response = null; try { // Act response = client.GetAsync(BaseAddress).Result; // Assert assert(response); } finally { if (response != null) { response.Dispose(); } client.Dispose(); } server.CloseAsync().Wait(); } } }