dohertj2/mxaccessgw
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

refactor(dashboard): normalize auto-login user in ctor; clarify claim-shape doc; add custom-user test

Browse Source
This commit is contained in:
Joseph Doherty
2026-06-16 08:23:14 -04:00
parent ee1423db7a
commit 1d652b24c6
2 changed files with 18 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/ZB.MOM.WW.MxGateway.Server/Dashboard/DashboardAutoLoginAuthenticationHandler.cs
+8 -2
View File
@@ -36,7 +36,10 @@ public sealed class DashboardAutoLoginAuthenticationHandler
UrlEncoder encoder, UrlEncoder encoder,
IOptions<GatewayOptions> gatewayOptions) IOptions<GatewayOptions> gatewayOptions)
: base(options, logger, encoder) : base(options, logger, encoder)
=> _user = gatewayOptions.Value.Dashboard.AutoLoginUser ?? DefaultUser; {
string? configured = gatewayOptions.Value.Dashboard.AutoLoginUser;
_user = string.IsNullOrWhiteSpace(configured) ? DefaultUser : configured.Trim();
}
/// <summary>No-op: auto-login writes no cookie, so a sign-in has nothing to persist.</summary> /// <summary>No-op: auto-login writes no cookie, so a sign-in has nothing to persist.</summary>
/// <param name="user">Ignored.</param> /// <param name="user">Ignored.</param>
@@ -60,7 +63,9 @@ public sealed class DashboardAutoLoginAuthenticationHandler
/// <summary> /// <summary>
/// Builds the multi-role dev principal. Null/blank <paramref name="user"/> falls back to /// Builds the multi-role dev principal. Null/blank <paramref name="user"/> falls back to
/// <see cref="DefaultUser"/>. Claim shape mirrors <see cref="DashboardAuthenticator"/>. /// <see cref="DefaultUser"/>. The authorization-relevant claim shape mirrors
/// <see cref="DashboardAuthenticator"/>; LDAP group claims (<c>LdapGroupClaimType</c>) are
/// intentionally omitted because auto-login has no real LDAP context.
/// </summary> /// </summary>
/// <param name="user">The configured auto-login username (may be null/blank).</param> /// <param name="user">The configured auto-login username (may be null/blank).</param>
/// <returns>An authenticated principal holding both dashboard roles.</returns> /// <returns>An authenticated principal holding both dashboard roles.</returns>
@@ -68,6 +73,7 @@ public sealed class DashboardAutoLoginAuthenticationHandler
{ {
string name = string.IsNullOrWhiteSpace(user) ? DefaultUser : user.Trim(); string name = string.IsNullOrWhiteSpace(user) ? DefaultUser : user.Trim();
// LdapGroupClaimType claims are omitted — no LDAP groups exist in the auto-login context.
Claim[] claims = Claim[] claims =
[ [
new Claim(ClaimTypes.NameIdentifier, name), new Claim(ClaimTypes.NameIdentifier, name),
src/ZB.MOM.WW.MxGateway.Tests/Gateway/Dashboard/DashboardAutoLoginAuthenticationHandlerTests.cs
+10
View File
@@ -34,4 +34,14 @@ public sealed class DashboardAutoLoginAuthenticationHandlerTests
Assert.Equal("multi-role", principal.Identity!.Name); Assert.Equal("multi-role", principal.Identity!.Name);
} }
[Fact]
public void CreatePrincipal_CustomUser_PreservesNameAndRoles()
{
ClaimsPrincipal principal = DashboardAutoLoginAuthenticationHandler.CreatePrincipal("gw-viewer");
Assert.Equal("gw-viewer", principal.Identity!.Name);
Assert.True(principal.IsInRole(DashboardRoles.Admin));
Assert.True(principal.IsInRole(DashboardRoles.Viewer));
}
} }