OWASP O2 Platform Blog

Unit Test for HttpModule using Moq to wrap HttpRequest

Using the Mocking HttpContext HttpRequest and HttpResponse for UnitTests (using Moq) API, here is a unit test that uses it to test if a method used inside an HttpModule is doing the right thing (in this case the HttpModule will set up the current HttpContext User’s roles to a mapping that is created from a summited token/Guid)

This script is done as an NUnit Test: 

        public string TestSoapRequestUtils()

first create out mock objects and do a basic test (i.e. write and read some text into the HttpRequest

            //**** testing SoapRequestUtils.GetPostDataAsXmlDocument
            var mockHttpContext = new API_Moq_HttpContext();       
            var httpContext = mockHttpContext.httpContext();               
            var requestText = "this is some text in Xml Format";
            var xmlDocument = SoapRequestUtils.GetPostDataAsXmlDocument(httpContext);
            Assert.That(xmlDocument.OuterXml.contains(requestText), "requestText was not in the generated Xml string");

Now lets do a test where we submit a soap request and validate that the function that extracts a value is working as expected

            //**** testing SoapRequestUtils.GetPostDataElementValue
            var adminSessionID = "503d4cc3-be37-42ca-961b-8ee11e4f96eb";
            var soapRequest = "<?xml version=\"1.0\" encoding=\"utf-8\"?>"+
                              "<soap:Envelope xmlns:soap=\"<a href="http://schemas.xmlsoap.org/soap/envelope/\">http://schemas.xmlsoap.org/soap/envelope/\</a>" xmlns:xsi=\"<a href="http://www.w3.org/2001/XMLSchema-instance\">http://www.w3.org/2001/XMLSchema-instance\</a>" xmlns:xsd=\"<a href="http://www.w3.org/2001/XMLSchema\">http://www.w3.org/2001/XMLSchema\</a>">"+
                              "    <soap:Body>"+
                              "        <GetUserInformation xmlns=\"<a href="https://TeamMentor.securityinnovation.com:13415/\">https://TeamMentor.securityinnovation.com:13415/\</a>">"+
                              "            <AdminSessionID>{0}</AdminSessionID>".format(adminSessionID) +
                              "            <UserID>202</UserID>"+
                              "        </GetUserInformation>"+
                              "    </soap:Body>"+
            Assert.That(adminSessionID ==  httpContext.GetPostDataElementValue("AdminSessionID") , "fetched adminSessionID didn't match");

The next tests checks that the roles in httpContext.User have been correcly set

            //**** testing RoleBaseSecurity.SetCurrentUserRoles
            var roles = (string[])httpContext.SetCurrentUserRoles(UserRole.Admin, UserRole.ManageUsers).field("m_roles");
            Assert.That(roles.size()==2 && roles[0] == "Admin" && roles[1]=="ManageUsers", "in SetCurrentUserRoles, m_roles did not had the right value");
            //**** testing UserRoleBaseSecurity.MapRolesBasedOnSessionGuid
            var sessionIdGuid = this.getGuidOfLoggedInUser();
            HttpContextFactory.Context = httpContext;       
            var userRole = sessionIdGuid.userType();
            new UserRoleBaseSecurity().MapRolesBasedOnSessionGuid(sessionIdGuid); 
            roles = (string[])System.Threading.Thread.CurrentPrincipal.field("m_roles");
            Assert.That(roles.size() == 3 && roles[0] == userRole.str(), "in MapRolesBasedOnSessionGuid, m_roles did not had the right value"); 

If all tests passed, return a message to the O2 Unit Test execution GUI

            return "ok: TestSoapRequestUtils";

April 10, 2011 - Posted by | Moq

1 Comment »

  1. […] Unit Test for HttpModule using Moq to wrap HttpRequest […]

    Pingback by Script to fetch and present large number of Wordpress.com blog entries « O2Platform.com for Developers | April 16, 2011 | Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: