refactor(Core.Application.BenchmarkTests): add benchmark tests for authorization behavior

Author: ahmet-cetinkaya

src/tests/Core.Application.BenchmarkTests/Core.Application.BenchmarkTests.csproj

@@ -0,0 +1,20 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFramework>net8.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+	<Optimize>true</Optimize>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="BenchmarkDotNet" Version="0.13.12" />
+    <PackageReference Include="Microsoft.AspNetCore.Http" Version="2.2.2" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\..\Core.Application\Core.Application.csproj" />
+  </ItemGroup>
+
+</Project>

src/tests/Core.Application.BenchmarkTests/Pipelines/Authorization/AuthorizationBehaviorBenchmarkTest.cs

@@ -0,0 +1,41 @@
+using BenchmarkDotNet.Attributes;
+using MediatR;
+using NArchitecture.Core.Application.Pipelines.Authorization;
+using NArchitecture.Core.Security.Constants;
+
+namespace Core.Application.BenchmarkTests.Pipelines.Authorization;
+
+[MemoryDiagnoser(true)]
+public class AuthorizationBehaviorBenchmark
+{
+    public class ExampleRequestType : IRequest<ExampleResponseType>, ISecuredRequest
+    {
+        public IEnumerable<string> IdentityRoles { get; set; }
+        private const string _requiredRoleClaims = "Test";
+        public ReadOnlySpan<char> RequiredRoleClaims => _requiredRoleClaims.AsSpan();
+
+        public class ExampleRequestTypeHandler : IRequestHandler<ExampleRequestType, ExampleResponseType>
+        {
+            public Task<ExampleResponseType?> Handle(ExampleRequestType request, CancellationToken cancellationToken)
+            {
+                return Task.FromResult(default(ExampleResponseType));
+            }
+        }
+    }
+
+    public class ExampleResponseType { }
+
+    [Benchmark]
+    public async Task<ExampleResponseType?> BenchmarkAuthorizationBehavior()
+    {
+        ExampleRequestType request = new() { IdentityRoles = [GeneralOperationClaims.Admin] };
+
+        AuthorizationBehavior<ExampleRequestType, ExampleResponseType> authorizationBehavior =
+            new AuthorizationBehavior<ExampleRequestType, ExampleResponseType>();
+        return await authorizationBehavior.Handle(
+            request,
+            () => Task.FromResult(default(ExampleResponseType)),
+            CancellationToken.None
+        );
+    }
+}

src/tests/Core.Application.BenchmarkTests/Program.cs

@@ -0,0 +1,4 @@
+using BenchmarkDotNet.Running;
+using Core.Application.BenchmarkTests.Pipelines.Authorization;
+
+BenchmarkRunner.Run<AuthorizationBehaviorBenchmark>();

src/tests/Core.Application.Tests/Core.Application.Tests/Core.Application.Tests.csproj

@@ -0,0 +1,29 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFramework>net8.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+
+    <IsPackable>false</IsPackable>
+    <IsTestProject>true</IsTestProject>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="coverlet.collector" Version="6.0.0" />
+    <PackageReference Include="MediatR" Version="12.2.0" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.8.0" />
+    <PackageReference Include="Moq" Version="4.20.70" />
+    <PackageReference Include="xunit" Version="2.5.3" />
+    <PackageReference Include="xunit.runner.visualstudio" Version="2.5.3" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\..\..\Core.Application\Core.Application.csproj" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <Using Include="Xunit" />
+  </ItemGroup>
+
+</Project>

src/tests/Core.Application.Tests/Core.Application.Tests/Pipelines/AuthorizationBehaviorTests.cs

@@ -0,0 +1,100 @@
+using System.Security.Authentication;
+using MediatR;
+using Moq;
+using NArchitecture.Core.Application.Pipelines.Authorization;
+using NArchitecture.Core.CrossCuttingConcerns.Exception.Types;
+
+namespace NArchitecture.Core.Application.Tests.Pipelines.Authorization;
+
+public class AuthorizationBehaviorTests
+{
+    [Fact]
+    public async Task Handle_ValidRequest_ReturnsResponse()
+    {
+        // Arrange
+        var request = new ValidSecuredRequest();
+        request.IdentityRoles = ["admin", "user"];
+        var next = Mock.Of<RequestHandlerDelegate<int>>();
+
+        // Act
+        _ = await new AuthorizationBehavior<ValidSecuredRequest, int>().Handle(request, next, CancellationToken.None);
+
+        // Assert
+        Assert.True(true);
+    }
+
+    public class ValidSecuredRequest : IRequest<int>, ISecuredRequest
+    {
+        public IEnumerable<string> IdentityRoles { get; set; }
+        public ReadOnlySpan<char> RequiredRoleClaims => "".AsSpan();
+    }
+
+    [Fact]
+    public async Task Handle_InvalidRequest_ThrowsAuthorizationException()
+    {
+        // Arrange
+        var request = new InvalidSecuredRequest();
+        var next = Mock.Of<RequestHandlerDelegate<int>>();
+
+        // Act and Assert
+        await Assert.ThrowsAsync<AuthenticationException>(
+            () => new AuthorizationBehavior<InvalidSecuredRequest, int>().Handle(request, next, CancellationToken.None)
+        );
+    }
+
+    public class InvalidSecuredRequest : IRequest<int>, ISecuredRequest
+    {
+        public IEnumerable<string> IdentityRoles { get; set; }
+        public ReadOnlySpan<char> RequiredRoleClaims => "".AsSpan();
+    }
+
+    [Fact]
+    public async Task Handle_InvalidRequest_WithRequiredRoleClaims_ThrowsAuthorizationException()
+    {
+        // Arrange
+        var request = new SecuredRequestWithRequiredRoleClaims();
+        request.IdentityRoles = new[] { "user" };
+        var next = Mock.Of<RequestHandlerDelegate<int>>();
+
+        // Act and Assert
+        await Assert.ThrowsAsync<AuthorizationException>(
+            () =>
+                new AuthorizationBehavior<SecuredRequestWithRequiredRoleClaims, int>().Handle(
+                    request,
+                    next,
+                    CancellationToken.None
+                )
+        );
+    }
+
+    public class SecuredRequestWithRequiredRoleClaims : IRequest<int>, ISecuredRequest
+    {
+        public IEnumerable<string> IdentityRoles { get; set; }
+        public ReadOnlySpan<char> RequiredRoleClaims => "admin".AsSpan();
+    }
+
+    [Fact]
+    public async Task Handle_ValidRequest_WithRequiredRoleClaims_ReturnsResponse()
+    {
+        // Arrange
+        var request = new SecuredRequestWithoutRequiredRoleClaims();
+        request.IdentityRoles = new[] { "user", "admin" };
+        var next = Mock.Of<RequestHandlerDelegate<int>>();
+
+        // Act
+        _ = await new AuthorizationBehavior<SecuredRequestWithoutRequiredRoleClaims, int>().Handle(
+            request,
+            next,
+            CancellationToken.None
+        );
+
+        // Assert
+        Assert.True(true);
+    }
+
+    public class SecuredRequestWithoutRequiredRoleClaims : IRequest<int>, ISecuredRequest
+    {
+        public IEnumerable<string> IdentityRoles { get; set; }
+        public ReadOnlySpan<char> RequiredRoleClaims => "admin".AsSpan();
+    }
+}