feat(audit): ScadaBridge IAuditActorAccessor + wire audit Actor from Auth principal at authenticated emit sites (Phase 3)
This commit is contained in:
Joseph Doherty
@@ -0,0 +1,114 @@
|
||||
using System.Security.Claims;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using ZB.MOM.WW.Auth.AspNetCore;
|
||||
using ZB.MOM.WW.ScadaBridge.Security;
|
||||
|
||||
namespace ZB.MOM.WW.ScadaBridge.Security.Tests;
|
||||
|
||||
/// <summary>
|
||||
/// Phase 3 (wire audit Actor from the Auth principal): unit tests for
|
||||
/// <see cref="HttpAuditActorAccessor"/>. The accessor resolves the audit
|
||||
/// <c>Actor</c> from the authenticated principal on the ambient
|
||||
/// <see cref="IHttpContextAccessor.HttpContext"/> — the canonical username claim
|
||||
/// with an <see cref="System.Security.Principal.IIdentity.Name"/> fallback — and
|
||||
/// returns <c>null</c> whenever there is no authenticated interactive user, so the
|
||||
/// caller keeps its existing actor/fallback rather than echoing an unauthenticated
|
||||
/// principal.
|
||||
/// </summary>
|
||||
public class HttpAuditActorAccessorTests
|
||||
{
|
||||
/// <summary>
|
||||
/// Minimal <see cref="IHttpContextAccessor"/> test double returning a fixed
|
||||
/// (possibly null) <see cref="HttpContext"/>.
|
||||
/// </summary>
|
||||
private sealed class StubHttpContextAccessor : IHttpContextAccessor
|
||||
{
|
||||
public HttpContext? HttpContext { get; set; }
|
||||
}
|
||||
|
||||
private static HttpContext AuthenticatedContext(params Claim[] claims)
|
||||
{
|
||||
var ctx = new DefaultHttpContext
|
||||
{
|
||||
User = new ClaimsPrincipal(new ClaimsIdentity(claims, authenticationType: "TestAuth")),
|
||||
};
|
||||
return ctx;
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void CurrentActor_Authenticated_ReturnsUsernameClaim()
|
||||
{
|
||||
var ctx = AuthenticatedContext(
|
||||
new Claim(JwtTokenService.UsernameClaimType, "alice"),
|
||||
// A different Identity.Name proves the username claim is preferred.
|
||||
new Claim(ClaimTypes.Name, "Alice Liddell"));
|
||||
var accessor = new HttpAuditActorAccessor(
|
||||
new StubHttpContextAccessor { HttpContext = ctx });
|
||||
|
||||
Assert.Equal("alice", accessor.CurrentActor);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void CurrentActor_Authenticated_NoUsernameClaim_FallsBackToIdentityName()
|
||||
{
|
||||
// No canonical username claim; Identity.Name (pinned to ZbClaimTypes.Name)
|
||||
// is the documented fallback. DefaultHttpContext maps the ClaimTypes.Name
|
||||
// claim onto Identity.Name.
|
||||
var ctx = AuthenticatedContext(new Claim(ClaimTypes.Name, "bob"));
|
||||
var accessor = new HttpAuditActorAccessor(
|
||||
new StubHttpContextAccessor { HttpContext = ctx });
|
||||
|
||||
Assert.Equal("bob", accessor.CurrentActor);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void CurrentActor_Authenticated_PrefersUsernameOverZbName()
|
||||
{
|
||||
// Both the canonical username and the canonical name claim present — the
|
||||
// username claim wins.
|
||||
var ctx = AuthenticatedContext(
|
||||
new Claim(JwtTokenService.UsernameClaimType, "svc-user"),
|
||||
new Claim(ZbClaimTypes.Name, "Service User"));
|
||||
var accessor = new HttpAuditActorAccessor(
|
||||
new StubHttpContextAccessor { HttpContext = ctx });
|
||||
|
||||
Assert.Equal("svc-user", accessor.CurrentActor);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void CurrentActor_Unauthenticated_ReturnsNull()
|
||||
{
|
||||
// An anonymous identity (no authenticationType) is NOT authenticated —
|
||||
// never echo it back as an actor even if a name claim is somehow present.
|
||||
var ctx = new DefaultHttpContext
|
||||
{
|
||||
User = new ClaimsPrincipal(
|
||||
new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, "ghost") })),
|
||||
};
|
||||
var accessor = new HttpAuditActorAccessor(
|
||||
new StubHttpContextAccessor { HttpContext = ctx });
|
||||
|
||||
Assert.Null(accessor.CurrentActor);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void CurrentActor_NoAmbientHttpContext_ReturnsNull()
|
||||
{
|
||||
var accessor = new HttpAuditActorAccessor(
|
||||
new StubHttpContextAccessor { HttpContext = null });
|
||||
|
||||
Assert.Null(accessor.CurrentActor);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void CurrentActor_AuthenticatedButNoUsableName_ReturnsNull()
|
||||
{
|
||||
// Authenticated identity carrying only an unrelated claim (no username,
|
||||
// no name) — there is nothing usable to record, so fall back to null.
|
||||
var ctx = AuthenticatedContext(new Claim(ZbClaimTypes.Role, "Administrator"));
|
||||
var accessor = new HttpAuditActorAccessor(
|
||||
new StubHttpContextAccessor { HttpContext = ctx });
|
||||
|
||||
Assert.Null(accessor.CurrentActor);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user