using e_suite.Database.Audit; using eSuite.Core.Miscellaneous; using Microsoft.AspNetCore.Http; using Moq; using NUnit.Framework; namespace eSuite.API.UnitTests.SingleSignOn.CookieManager; [TestFixture] public class CreateProfileLinkCookieUnitTests : CookieManagerTestBase { [SetUp] public override async Task Setup() { await base.Setup(); } [Test] public async Task CreateSessionCookie_WhenCalled_AddsSessionCookieToResponseWithCorrectSettings() { //Arrange var cookies = new FakeResponseCookies(); var httpResponseMock = new Mock(); httpResponseMock.SetupGet(x => x.Cookies).Returns(cookies); var auditUserDetails = new AuditUserDetails { UserDisplayName = "Testy McTester", UserId = 69, Comment = string.Empty }; var generalIdRef = new GeneralIdRef { Id = 69 }; var singleUseGuid = new Guid("{52A3CF29-E622-41B4-9431-46B3F6B6D16A}"); _userManagerMock.Setup(x => x.CreateSingleUseGuid(auditUserDetails, generalIdRef, It.IsAny())) .ReturnsAsync(singleUseGuid); //Act await _cookieManager.CreateProfileLinkCookie(httpResponseMock.Object, auditUserDetails, generalIdRef, CancellationToken.None ); //Assert Assert.That(cookies.CookieDictionary["eSuiteProfileLinkCookie"], Is.Not.Null); Assert.That(cookies.CookieDictionary["eSuiteProfileLinkCookie"].Value, Is.EqualTo(singleUseGuid.ToString())); var cookieOptions = cookies.CookieDictionary["eSuiteProfileLinkCookie"].CookieOptions!; Assert.That(cookieOptions.Expires, Is.Null); Assert.That(cookieOptions.HttpOnly, Is.True); //Is only ever ready by the ASP Code, Javascript is banned. Assert.That(cookieOptions.IsEssential, Is.True); Assert.That(cookieOptions.Secure, Is.True); Assert.That(cookieOptions.SameSite, Is.EqualTo(SameSiteMode.Lax)); //This cookie is used when the Sso Provider is calling back after authorisation Assert.That(cookieOptions.Path, Is.EqualTo("/")); } }