Recently, I was trying to take a stab at unit testing using NUnit and FakeItEasy. My first unit test started with the following code:
public void Index_GivenNoParameters_ReturnsActionResult()
var fakeDependency1 = A.Fake<IDependency1>();
var fakeDependency2 = A.Fake<IDependency2>();
MyController controller = new MyController(fakeDependency1, fakeDependency2);
ActionResult ar = controller.Index();
All I really wanted to do was to see if the method does return a instance of ActionResult. Upon executing the unit test, I came across this error:
A first chance exception of type ‘System.InvalidOperationException’ occurred in System.IdentityModel.dll
Additional information: ID7027: Could not load the identity configuration because no <system.identityModel> configuration section was found.
The error specifically pointed out that this was occurring at the ClaimsPrincipalPermission attribute.
[ClaimsPrincipalPermission(SecurityAction.Demand, Operation = "View", Resource = "Index")]
public ActionResult Index()
ClaimsPrincipalPermission InvalidOperationException occurred.
After some research, I came across that the reason that this was occurring was that ClaimsPrincipalPermission becomes invoked at the CLR level, which in turn it affects unit testing.
This approach typically gets in your way, e.g. ClaimsPrincipalPermission gets invoked directly by the CLR, which means it will also run in unit tests, and unhandled exceptions short-circuit your processing pipeline. http://leastprivilege.com/2012/10/26/using-claims-based-authorization-in-mvc-and-web-api/
Looking at StackOverflow, Dominick suggested you should create a custom ClaimsAuthorizationManager to get around this. You would have your custom ClaimsAuthorizationManager to always return true.
Use a custom ClaimsAuthorizationManager that always returns true for the unit tests.
PrincipalPermissions in general are not very unit testing friendly. http://stackoverflow.com/questions/15429811/claimsprincipalpermission-and-unit-testing/15436366#15436366
So, I did as he suggested. In my AuthorizationManager class, with my current production AuthorizationManager, I created a unit testing version as so:
public class UnitTestingAuthorizationManager : ClaimsAuthorizationManager
public override bool CheckAccess(AuthorizationContext context)
Lastly, within my unit testing project I added the following to the app.config file:
<section name="system.identityModel" type="System.IdentityModel.Configuration.SystemIdentityModelSection, System.IdentityModel, Version=188.8.131.52, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
<section name="system.identityModel.services" type="System.IdentityModel.Services.Configuration.SystemIdentityModelServicesSection, System.IdentityModel.Services, Version=184.108.40.206, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
<claimsAuthenticationManager type="MyApp.Models.ClaimsTransformer, MyApp" />
<claimsAuthorizationManager type="MyApp.Models.UnitTestingAuthorizationManager, MyApp" />
<cookieHandler requireSsl="false" />
When all this was setup, I was able to run my unit test successfully.
Hope this helps you.