I've been able to workaround this in a way that I'm sure is sub-optimal, but will have to do until I come across a better solution or one of you fine folk tells me a better way to do this :) I've done it as follows:
In my Startup class I've added a CreateAuthFilter hook which we'll see later is used only in integration tests:
// Sample Startup class public class Startup { public void Configuration(IAppBuilder app) { var config = new HttpConfiguration(); // Use CreateFilter Method to create Authorisation Filter - if not null add it var authFilter = CreateAuthFilter(); if(authFilter != null) config.Filters.Add(authFilter); // Other configuration and middleware... } public static Func<IFilter> CreateAuthFilter = () => null; }
Implemented an Authorization Filter which will only be used in Integration Tests:
public class TestAuthFilter : IAuthenticationFilter { static TestAuthFilter() { TestUserId = "TestDomain\\TestUser"; } public bool AllowMultiple { get; private set; } public async Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken) { context.Principal = new ClientRolePrincipal(new HttpListenerBasicIdentity(TestUserId, "password")); ; } public static string TestUserId { get; set; } public async Task ChallengeAsync(HttpAuthenticationChallengeContext context, CancellationToken cancellationToken) { } }
In the SetUp code for my Integration Tests I inject the Test Authorization Filter:
Startup.CreateAuthFilter = () => new TestAuthFilter(); var TestServer = TestServer.Create<Startup>();
When needed in specific tests, I set the TestUserId to a known value, and other tests just seem to work because the Auth Filter is present:
TestAuthFilter.TestUserId = testUser.UserId;
I'm sharing this here incase it helps others out there, but please someone tell me a better way! At the very least I'm sure there's a better way to inject my Test Filter without including code in Startup... I just haven't thought of it.