Joseph Doherty
43 lines
1.5 KiB
C#
43 lines
1.5 KiB
C#
using System.Net.Http;
|
|
using ZB.MOM.WW.MxGateway.Client;
|
|
|
|
namespace ZB.MOM.WW.MxGateway.Client.Tests;
|
|
|
|
public sealed class MxGatewayClientTlsHandlerTests
|
|
{
|
|
/// <summary>
|
|
/// Verifies that when TLS is used with no pinned CA and RequireCertificateValidation is false (default),
|
|
/// the handler installs an accept-all callback so the gateway's self-signed cert is trusted.
|
|
/// </summary>
|
|
[Fact]
|
|
public void Handler_SkipsVerification_WhenTlsAndNoCaPinned()
|
|
{
|
|
MxGatewayClientOptions options = new()
|
|
{
|
|
Endpoint = new Uri("https://localhost:5120"),
|
|
ApiKey = "k",
|
|
UseTls = true,
|
|
};
|
|
using SocketsHttpHandler handler = MxGatewayClient.CreateHttpHandlerForTests(options);
|
|
Assert.NotNull(handler.SslOptions.RemoteCertificateValidationCallback);
|
|
}
|
|
|
|
/// <summary>
|
|
/// Verifies that when RequireCertificateValidation is true, the callback is left null
|
|
/// so the OS trust store performs validation.
|
|
/// </summary>
|
|
[Fact]
|
|
public void Handler_KeepsDefaultVerification_WhenRequireCertificateValidation()
|
|
{
|
|
MxGatewayClientOptions options = new()
|
|
{
|
|
Endpoint = new Uri("https://localhost:5120"),
|
|
ApiKey = "k",
|
|
UseTls = true,
|
|
RequireCertificateValidation = true,
|
|
};
|
|
using SocketsHttpHandler handler = MxGatewayClient.CreateHttpHandlerForTests(options);
|
|
Assert.Null(handler.SslOptions.RemoteCertificateValidationCallback);
|
|
}
|
|
}
|