Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Jul 08 19:22
    dependabot[bot] labeled #113
  • Jul 08 19:22
    dependabot[bot] labeled #113
  • Jul 08 19:22
    dependabot[bot] opened #113
  • Jul 08 19:22

    dependabot[bot] on nuget

    Bump Microsoft.AspNetCore.Mvc.C… (compare)

  • Jul 07 23:09
    dependabot[bot] labeled #112
  • Jul 07 23:09
    dependabot[bot] labeled #112
  • Jul 07 23:09
    dependabot[bot] opened #112
  • Jul 07 23:09

    dependabot[bot] on nuget

    Bump Microsoft.AspNetCore.Http … (compare)

  • Jun 28 09:48
    dionfoster commented #77
  • Jun 28 02:04
    rochitsen commented #77
  • Jun 24 13:02
    dependabot[bot] labeled #111
  • Jun 24 13:02
    dependabot[bot] labeled #111
  • Jun 24 13:02
    dependabot[bot] opened #111
  • Jun 24 13:02

    dependabot[bot] on npm_and_yarn

    Bump shell-quote from 1.7.2 to … (compare)

  • Jun 22 15:32
    dependabot[bot] labeled #110
  • Jun 22 15:32
    dependabot[bot] labeled #110
  • Jun 22 15:32
    dependabot[bot] opened #110
  • Jun 22 15:32

    dependabot[bot] on nuget

    Bump Newtonsoft.Json from 9.0.1… (compare)

  • Jun 14 19:45
    satishviswanathan commented #84
  • Jun 14 18:14
    jeremydmiller commented #84
Jeremy D. Miller
@jeremydmiller
ToUrl() is just passing the Url as a string, and it’s completely agnostic of what is handling that in your ASP.Net Core application. Long winded way of saying “yes"
Ismail Mayat
@ismailmayat
@jeremydmiller ah yes you are right, so i think the issue is something else basically i was writing a test for the Add method on this controller https://github.com/joaofbantunes/OOPsIDidItAgain/blob/main/src/OOPsIDidItAgain.06.MinimizingExceptions.Web/Controllers/CartsController.cs
it has input param AddItemCartModel which looks like https://bit.ly/2OWlYHx the ItemId field is another type and that is hydrated by https://bit.ly/3tn7oYo modelbinder and i think issue is here
Jeremy D. Miller
@jeremydmiller
Hey, if anybody is paying attention to this, here's a set of proposed changes for Alba V5: JasperFx/alba#86
The big driver is wanting helpers for testing APIs secured by JWTs post haste at my work
JT
@Hawxy
For JWT's we just have a fake JWT generator and override the JwtBearerOptions within the hostbuilder passed into the SystemUnderTest 
 s.PostConfigure<JwtBearerOptions>(JwtBearerDefaults.AuthenticationScheme, options =>
                    {
                        options.TokenValidationParameters = new TokenValidationParameters
                        {
                            IssuerSigningKey = FakeJwtGenerator.SecurityKey,
                            ValidIssuer = FakeJwtGenerator.Issuer,
                            ValidAudience = FakeJwtGenerator.Audience
                        };
                    });
Although in our case our identity provider is Auth0, so I'm guessing there's some extra complexity when it comes to IdentityServer.
Jeremy D. Miller
@jeremydmiller
@Hawxy Do you run a parallel web app for the fake JWT generation, or do something else?
JT
@Hawxy
No need, it's just a static class that creates random security keys & signing credentials on each run, with a function that generates a token with the ability to set some claims the backend uses like user/tenant/scopes.
I'm overriding the token validation, so as long as the rest of the data on the token meets the authorization requirements we're all good.
Jeremy D. Miller
@jeremydmiller
So I'm gonna plead ignorance then, I thought that the bearer token authentication had to make a call to the OIDC server to validate the token -- and I typed that out before you wrote the last message
How are you overriding the token validation?
JT
@Hawxy
The PostConfigure call I posted above

My Startup.cs contains

            services.AddAuthentication(options =>
                {
                    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                    options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
                })
                .AddJwtBearer(options =>
                {
                    options.Authority = Configuration["Auth0:Domain"];
                    options.Audience = Configuration["Auth0:Audience"];
                })

PostConfigure runs after the bearer options were set, thereby wiping out the configuration and validating the token with the fake signing key instead of reaching out and getting the JWKs from Auth0.

Jeremy D. Miller
@jeremydmiller
Gotcha. I didn't catch that you were completely wiping out the TokenValidationParameters
JT
@Hawxy
Ah right, so I just ran some tests, the authority must still be a valid OIDC server that the middleware can fetch metadata from, despite not using it as part of the validation.
Jeremy D. Miller
@jeremydmiller
Okay, so I'm not crazy. I've been trying hard to disable the validation and it was still trying to call out.
Also, doing difficult exploratory coding while watching Peppa Pig with a sick 4yo hanging on your arm is not terribly effective.
The simple thing I haven't tried yet is just sticking a ClaimsPrincipal on the HttpContext first.
JT
@Hawxy
That's quite the combination haha
Jeremy D. Miller
@jeremydmiller
In the post configure, I added this to short circuit the callouts: 
            // This will deactivate the callout to the OIDC server
            options.ConfigurationManager =
                new StaticConfigurationManager<OpenIdConnectConfiguration>(new OpenIdConnectConfiguration
                {

                });
JT
@Hawxy
Sweet, I assumed there'd be a way to do so.
Jeremy D. Miller
@jeremydmiller
And just adding the ClaimsPrincipal doesn't seem to work:(
@Hawxy Can you peek at this one? https://jeremydmiller.com/2021/08/09/testing-web-services-secured-by-jwt-tokens-with-alba-v5/
JT
@Hawxy
Yeah that looks good. I believe I'd work for our scenario.
Jeremy D. Miller
@jeremydmiller
Just out of curiosity, does anyone still write web services that use Xml?
JT
@Hawxy
btw https://github.com/JasperFx/alba/commit/5a81473b2b63b5a54fc30c4e0fc88e0812e067b5#diff-25a6634263c1b1f6fc4697a04e2b9904ea4b042a89af59dc93ec1f5d44848a26
NRTs was already enabled at the assembly level as part of v4: https://github.com/JasperFx/alba/blob/master/src/Alba/Alba.csproj#L18
.NET 6 project templates will also ship it enabled by default going forward
JT
@Hawxy
It'd be good to get JasperFx/baseline#23 in, as it's a blocker for NRT accuracy within all of the dependents.
Jeremy D. Miller
@jeremydmiller
@Hawxy Baseline 3.2.1 has that. Sorry, I'd taken my eye off the ball on that one
JT
@Hawxy
No problem. I'll get weasel covered and make my way up the stack.
Jacob Krieg
@jkrieg
Hi. I'm using AlbaHost to test our endpoints, but I'm having some trouble with IScenarioResult's readers. I have content in the body, there's a content length, and a content-type of application/json. But the result's ReadAsJson comes back as null. When I force the response body into a stream reader I get the full body back.
ReadAsText also comes back empty.
Jacob Krieg
@jkrieg
For reference, this is on Alba v5.
Jeremy D. Miller
@jeremydmiller
On the response coming back? How is the body written in the real request? Is it a 200 response? You can see that there’s non-zero content in the Response body stream? ReadAsText() is just rewinding the Response body and pulling the string out. Are you completely sure there’s actually bytes written to the response body?
Jacob Krieg
@jkrieg
yes, the response coming back. 200, .Context.Response.Headers.ContentLength. Used StreamReader and got back a full JSON string. ReadAsText resulted in an empty string from the IScenarioResult. Of course, reading the bytes directly causes the stream to not be readable the second time though.
I was thinking there was something not set up correctly on our end.
Jacob Krieg
@jkrieg
ok, I have text from ReadAsText this time.
I think maybe I had kept the ReadAsJson in the code previously, and that stopped it from reading text.
Jeremy D. Miller
@jeremydmiller
Well, yeah, it’s not built to be reentrant like that, but maybe it really should be because duh. ;-)
Jacob Krieg
@jkrieg
I've narrowed it down to something specific to a model I'm using. I can ReadAsJson<object> and though it's obviously not going to give me what I want because object, it proves to be working. Thanks for responding.
Jeremy D. Miller
@jeremydmiller
That would fail if the JSON serialization fails. May need to fail more obviously
Jacob Krieg
@jkrieg
Solved the problem, Jeremy. We are in the midst of implementing NodaTime to our solution, and had a missing serialization setting to account for it. Thanks again.
Jeremy D. Miller
@jeremydmiller
Gotcha. That's happened before. So it's really a serialization issue, but Alba made it look like it was a content problem? I'm gonna call that an opportunity for improvement then. Thank you letting me know!
srollinet
@srollinet

Hi! I have the same issue with Alba v5 returning an empty result when using Scenario.

            var response = await Host.Scenario(x =>
            {
                x.Get.Url("/static/countries");
                x.StatusCodeShouldBeOk();
                x.ContentShouldContain("Mexico");
            });

            var output = response.ReadAsJson<List<CountryResponse>>(); // null
            var output2 = await Host.GetAsJson<List<CountryResponse>>("/static/countries"); // ok

Note, ContentShouldContain works as expected

Jeremy D. Miller
@jeremydmiller
@srollinet It's not rewinding the stream, I think it'll be an easy fix
Jeremy D. Miller
@jeremydmiller
Hey everybody, there's a new Alba v5.0.1 on Nuget just now. This is to resolve some issues with JSON serialization for #92 and #93. The response reading is now reentrant, meaning that you can do ReadAsJson()/ReadAsText() in any order as many times as you'd like. There's also more visibility into JSON serialization errors or empty content when trying to execute ReadAsJson() for easier to diagnose test failures