c#asp.net-mvcrazorintegration-testing
C# How Do I Logout in An Integration Test for An MVC App?
I have an MVC app for which I am writing Integration tests. I have a process I'm testing that involves the user logging out and then logging in. I can login just fine. The test below succeeds (btw I'm injecting an in memory db with a matching user entry):
[Fact]
public async Task D_LoginTest()
{
var client = _factory.CreateClient(
new WebApplicationFactoryClientOptions
{
AllowAutoRedirect = true
});
var initResponse = await client.GetAsync("/Identity/Account/Login");
var antiForgeryValues = await AntiForgeryTokenExtractor.ExtractAntiForgeryValues(initResponse);
var postRequest = new HttpRequestMessage(HttpMethod.Post, "/Identity/Account/Login");
postRequest.Headers.Add("Cookie", new CookieHeaderValue(AntiForgeryTokenExtractor.AntiForgeryCookieName, antiForgeryValues.cookieValue).ToString());
var formModel = new Dictionary<string, string>
{
{ AntiForgeryTokenExtractor.AntiForgeryFieldName, antiForgeryValues.fieldValue },
{ "Input.Email", "test@example.com" },
{ "Input.Password", "pas3w0!rRd" }
};
postRequest.Content = new FormUrlEncodedContent(formModel);
var response = await client.SendAsync(postRequest);
response.EnsureSuccessStatusCode();
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
}
But when I add a logout to this test:
[Fact]
public async Task D_LoginTest()
{
var client = _factory.CreateClient(
new WebApplicationFactoryClientOptions
{
AllowAutoRedirect = true
});
var initResponse = await client.GetAsync("/Identity/Account/Login");
var antiForgeryValues = await AntiForgeryTokenExtractor.ExtractAntiForgeryValues(initResponse);
var postRequest = new HttpRequestMessage(HttpMethod.Post, "/Identity/Account/Login");
postRequest.Headers.Add("Cookie", new CookieHeaderValue(AntiForgeryTokenExtractor.AntiForgeryCookieName, antiForgeryValues.cookieValue).ToString());
var formModel = new Dictionary<string, string>
{
{ AntiForgeryTokenExtractor.AntiForgeryFieldName, antiForgeryValues.fieldValue },
{ "Input.Email", "test@example.com" },
{ "Input.Password", "pas3w0!rRd" }
};
postRequest.Content = new FormUrlEncodedContent(formModel);
var response = await client.SendAsync(postRequest);
response.EnsureSuccessStatusCode();
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
var postRequestLogout = new HttpRequestMessage(HttpMethod.Post, "/Identity/Account/Logout");
postRequestLogout.Headers.Add("Cookie", new CookieHeaderValue(AntiForgeryTokenExtractor.AntiForgeryCookieName, antiForgeryValues.cookieValue).ToString());
var postRequestLougoutForm = new Dictionary<string, string>
{
{ AntiForgeryTokenExtractor.AntiForgeryFieldName, antiForgeryValues.fieldValue },
};
postRequestLogout.Content = new FormUrlEncodedContent(postRequestLougoutForm);
var logoutAnswer = await client.SendAsync(postRequestLogout);
logoutAnswer.EnsureSuccessStatusCode();
Console.WriteLine(logoutAnswer.StatusCode);
Assert.Equal(HttpStatusCode.OK, logoutAnswer.StatusCode);
}
It fails with this error.
Failed amaranth.Tests.AdminControllerTests.D_LoginTest [23 ms]
Error Message:
System.Net.Http.HttpRequestException : Response status code does not indicate success: 400 (Bad Request).
Stack Trace:
at System.Net.Http.HttpResponseMessage.EnsureSuccessStatusCode()
at amaranth.Tests.AdminControllerTests.D_LoginTest() in /path/to/project/dir/amaranth.Tests/IntegrationTests/AdminControllerTests.cs:line 308
--- End of stack trace from previous location ---
Also in case it's helpful, this is the Logout.cshtml.cs file:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.RazorPages;
using Microsoft.Extensions.Logging;
namespace amaranth.Areas.Identity.Pages.Account
{
[AllowAnonymous]
public class LogoutModel : PageModel
{
private readonly SignInManager<IdentityUser> _signInManager;
private readonly ILogger<LogoutModel> _logger;
public LogoutModel(SignInManager<IdentityUser> signInManager, ILogger<LogoutModel> logger)
{
_signInManager = signInManager;
_logger = logger;
}
public void OnGet()
{
}
public async Task<IActionResult> OnPost(string returnUrl = null)
{
await _signInManager.SignOutAsync();
_logger.LogInformation("User logged out.");
if (returnUrl != null)
{
return LocalRedirect(returnUrl);
}
else
{
return Page();
}
}
}
}
And here's a picture of the error in my debugger:
What am I doing wrong? How do I logout in an Integration Test? Btw, This is the default Razor Page MVC scaffolded logout if that helps.
Solution
I created a minimum reproducible example amaranth-minal-testing-example that successfully logs out in an integration test. First this is amaranth-minal-testing-example/TestRunProject.Tests/AntiForgeryTokenExtractor.cs
using System.Text.RegularExpressions;
using Microsoft.Net.Http.Headers;
namespace TestRunProject.Tests
{
public static class AntiForgeryTokenExtractor
{
public static string ExtractAntiForgeryToken(string htmlBody)
{
var requestVerificationTokenMatch =
Regex.Match(htmlBody, $@"\<input name=""__RequestVerificationToken"" type=""hidden"" value=""([^""]+)"" \/\>");
if (requestVerificationTokenMatch.Success)
return requestVerificationTokenMatch.Groups[1].Captures[0].Value;
throw new ArgumentException($"Anti forgery token '__RequestVerificationToken' not found in HTML", nameof(htmlBody));
}
}
}
And this is amaranth-minal-testing-example/TestRunProject.Tests/IntegrationTests/AuthTest.cs
using Microsoft.AspNetCore.Mvc.Testing;
using Microsoft.Net.Http.Headers;
using Microsoft.VisualStudio.TestPlatform.TestHost;
namespace TestRunProject.Tests
{
public class AuthTests
{
[Fact]
public async Task DLoginTest()
{
{
var application = new WebApplicationFactory<Program>()
.WithWebHostBuilder(builder =>
{
// ... Configure test services
});
var client = application.CreateClient();
// -- REGISTER --
var registerResponse = await client.GetAsync("/Identity/Account/Register");
registerResponse.EnsureSuccessStatusCode();
string registerResponseContent = await registerResponse.Content.ReadAsStringAsync();
var requestVerificationToken = AntiForgeryTokenExtractor.ExtractAntiForgeryToken(registerResponseContent);
var formModel = new Dictionary<string, string>
{
{ "Input.Email", "test2@example.com" },
{ "Input.Password", "pas3w02!rRd" },
{ "Input.ConfirmPassword", "pas3w02!rRd" },
{ "__RequestVerificationToken", requestVerificationToken },
};
var postRequest2 = new HttpRequestMessage(HttpMethod.Post, "/Identity/Account/Register");
postRequest2.Content = new FormUrlEncodedContent(formModel);
var registerResponse2 = await client.SendAsync(postRequest2);
registerResponse2.EnsureSuccessStatusCode();
// -- LOGOUT --
var logoutRequest = new StringContent("");
logoutRequest.Headers.Add("RequestVerificationToken", requestVerificationToken);
var logoutResponse = await client.PostAsync("/Identity/Account/Logout", logoutRequest);
logoutResponse.EnsureSuccessStatusCode();
// -- LOGIN --
var loginResponse = await client.GetAsync("/Identity/Account/Login");
loginResponse.EnsureSuccessStatusCode();
string loginResponseContent = await registerResponse.Content.ReadAsStringAsync();
requestVerificationToken = AntiForgeryTokenExtractor.ExtractAntiForgeryToken(loginResponseContent);
formModel = new Dictionary<string, string>
{
{ "Input.Email", "test2@example.com" },
{ "Input.Password", "pas3w02!rRd" },
{ "__RequestVerificationToken", requestVerificationToken },
};
var loginRequest = new HttpRequestMessage(HttpMethod.Post, "/Identity/Account/Login");
loginRequest.Content = new FormUrlEncodedContent(formModel);
var loginResponse2 = await client.SendAsync(loginRequest);
loginResponse2.EnsureSuccessStatusCode();
}
}
}
}
This works for a default scaffolded C# ASP.NET core identity razor pages project when TestRunProject.Tests is placed in the same directory as TestRunProject (the default scaffolded C# ASP.NET core identity razor pages project).
I have a Github repo for this code here https://github.com/ChristianOConnor/amaranth-minal-testing-example. The above code is from this commit: 0d768c4aa181cb4289de4b17f1eac222323ee469
- Why does 1.0/100.0 == 0.1/10.0 give True?
- How to organize the receive msg and user current input in C network such that it's clean
- Using inclusive scan syntax in OpenMP in the C language
- Unable to understand context in book "OOP in C" by Axel Schreiner
- How to dereference member from struct in which the definition is hid from user?
- variable-length array in struct with TI compiler in C (socket programming)
- A faster way to test 32bpp DDBs for a valid Alpha channel
- How can I compile the zephyr example-application as a freestanding application?
- Why does my forked process sometimes overwrite data in a file?
- Why in C can I initialize more values than the size of an array?
- _Generic in C needs typecasting?
- Declaring/defining an unused variable changes the output from an unrelated variable
- How to use gdb to explore the stack/heap?
- How can I read an input string of unknown length?
- Confused by difference between expression inside if and expression outside if
- Fast Arc Cos algorithm?
- Discrepancy of `unsigned long` size between llvm and gcc in riscv32
- GCC (C) - error: 'x' redeclared as different kind of symbol
- Why does GCC’s static analyser falsely warn that a pointer to an allocated memory block itself stored in an allocated memory block may leak?
- c language gcc compiler *.i file #3 "" 2 what is this?
- How to make clang compile to llvm IR
- Hashtable implementation in C
- EFI variables or config file on the EFI partition for EFI application?
- Pack high bit of every byte in ARM, for 64 bytes like AVX512 vpmovb2m?
- Calling an external C function (in a shared lib) from Perl with Inline::C does not work
- Can a C program detect if its own source code has been modified?
- Is this declaration UB?
- Eclipse C/C++ how to find variable belongs to which struct quickly
- Is this truly best way to delete last element in C?
- flint/arb.h: No such file or directory