ForbidAsync now uses correct Schemes method (#918)

* ForbidAsync now uses correct Schemes method * comment * adds tests
aspnet · Sep 15, 2017 · ec3da99 · ec3da99
1 parent 7a1f70d
commit ec3da99
Show file tree

Hide file tree

Showing 2 changed files with 55 additions and 3 deletions.
diff --git a/src/Microsoft.AspNetCore.Authentication.Core/AuthenticationService.cs b/src/Microsoft.AspNetCore.Authentication.Core/AuthenticationService.cs
@@ -113,11 +113,11 @@ public virtual async Task ForbidAsync(HttpContext context, string scheme, Authen
         {
             if (scheme == null)
             {
-                var defaultChallengeScheme = await Schemes.GetDefaultChallengeSchemeAsync();
-                scheme = defaultChallengeScheme?.Name;
+                var defaultForbidScheme = await Schemes.GetDefaultForbidSchemeAsync();
+                scheme = defaultForbidScheme?.Name;
                 if (scheme == null)
                 {
-                    throw new InvalidOperationException($"No authenticationScheme was specified, and there was no DefaultChallengeScheme found.");
+                    throw new InvalidOperationException($"No authenticationScheme was specified, and there was no DefaultForbidScheme found.");
                 }
             }
 

diff --git a/test/Microsoft.AspNetCore.Authentication.Core.Test/AuthenticationServiceTests.cs b/test/Microsoft.AspNetCore.Authentication.Core.Test/AuthenticationServiceTests.cs
@@ -122,6 +122,20 @@ public async Task ServicesWithDefaultSignOutMethodsTest()
             await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
         }
 
+        [Fact]
+        public async Task ServicesWithDefaultForbidMethod_CallsForbidMethod()
+        {
+            var services = new ServiceCollection().AddOptions().AddAuthenticationCore(o =>
+            {
+                o.AddScheme<ForbidHandler>("forbid", "whatever");
+                o.DefaultForbidScheme = "forbid";
+            }).BuildServiceProvider();
+            var context = new DefaultHttpContext();
+            context.RequestServices = services;
+
+            await context.ForbidAsync();
+        }
+
 
         private class BaseHandler : IAuthenticationHandler
         {
@@ -245,5 +259,43 @@ public Task SignOutAsync(AuthenticationProperties properties)
             }
         }
 
+        private class ForbidHandler : IAuthenticationHandler, IAuthenticationRequestHandler, IAuthenticationSignInHandler, IAuthenticationSignOutHandler
+        {
+            public Task<AuthenticateResult> AuthenticateAsync()
+            {
+                throw new NotImplementedException();
+            }
+
+            public Task ChallengeAsync(AuthenticationProperties properties)
+            {
+                throw new NotImplementedException();
+            }
+
+            public Task ForbidAsync(AuthenticationProperties properties)
+            {
+                return Task.FromResult(0);
+            }
+
+            public Task<bool> HandleRequestAsync()
+            {
+                throw new NotImplementedException();
+            }
+
+            public Task InitializeAsync(AuthenticationScheme scheme, HttpContext context)
+            {
+                return Task.FromResult(0);
+            }
+
+            public Task SignInAsync(ClaimsPrincipal user, AuthenticationProperties properties)
+            {
+                throw new NotImplementedException();
+            }
+
+            public Task SignOutAsync(AuthenticationProperties properties)
+            {
+                throw new NotImplementedException();
+            }
+        }
+
     }
 }