How do I unit test a controller method that has the [Authorize] attribute applied?

Question

I've searched stackoverflow and googled four a couple of hours and still not found any solution for my "trivial" problem.

If you write unit test for your filtered [Authorize] ActionResult, how do you solve the problem to fake that user is authenticated?

I have a lot of ActionResult methods that are filtered with [Authorize] and I want to test all of my ActionResult methods regardless if they are filtered with [Authorize] or not.

A simple example of what i mean:

[TestMethod] public void Create_Get_ReturnsView() {  // Arrange  var controller = new UserController();  // Act  var result = controller.Create();  // Assert  Assert.IsNotNull(result as ViewResult); }  [Authorize] public ActionResult Create() {  return View("Create"); } 

As of now the tests don't even hit the ActionResult method because of the [Authorize] filter, exception thrown is: System.NullReferenceException: Object reference not set to an instance of an object.

Answer 1

You need to mock a context for your controller. Try using Moq

Your arrange would then look like:

var controller = new UserController(); var mock = new Mock<ControllerContext>(); mock.SetupGet(x => x.HttpContext.User.Identity.Name).Returns("SOMEUSER"); mock.SetupGet(x => x.HttpContext.Request.IsAuthenticated).Returns(true); controller.ControllerContext = mock.Object; 

You should be able to then do your Act & Assert.

If you haven't already, I would highly recommend looking through NerdDinner as an example MVC site.