End-to-End Testing Authorization in ASP.NET Core App with Blazor

End-to-End Testing Authorization in ASP.NET Core App with Blazor

Mocking an Authenticated User in Blazor and ASP.NET Core. MockAuthenticatedUser is a tool that uses when doing end-to-end testing of authorization in ASP.NET Core applications, with a Blazor example.

I've done a couple of recent columns about securing Blazor Components and using claims-based policies declaratively in ASP.NET Core generally. While working with security, I'm always interested in doing end-to-end testing: Starting up the application and seeing what happens when I try to navigate to a page.

However, while that matters to me, I'm less interested in setting up users with a variety of different security configurations (so many names! so many passwords!). Inevitably while thinking I'm testing one authorization scenario, I pick a user that actually represents a different scenario.

So I created a MockAuthenticatedUser class that, once added to my application's middleware, creates an authenticated user for my application. I find it easier to configure my mock user's authorization claims in code before running a test than it is to maintain (and remember) a variety of users.

If you think you might find it useful, you can add it to your processing pipeline with code like this in your Startup class' ConfigureServices method:

                              MockAuthenticatedUser>("BasicAuthentication", null);

To use this class, you'll also need this line in your Startup class' Configure method:


I should be clear that I've only used this to test Controllers so it might behave differently with Razor Pages.

Here's the code for my MockAuthenticatedUser class that configures a user with a name, an Id, a role, and some random claims:

using System.Security.Claims;
using System.Text.Encodings.Web;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;

namespace SampleBlazor.Models
  public class MockAuthenticatedUser : AuthenticationHandler<AuthenticationSchemeOptions>
    const string userId = "phv";
    const string userName = "Jean Irvine";
    const string userRole = "ProductManager";

    public MockAuthenticatedUser(
      IOptionsMonitor<AuthenticationSchemeOptions> options,
      ILoggerFactory logger,
      UrlEncoder encoder,
      ISystemClock clock)
      : base(options, logger, encoder, clock){ }

    protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
      var claims = new[] 
          new Claim(ClaimTypes.NameIdentifier, userId),
          new Claim(ClaimTypes.Name, userName),
          new Claim(ClaimTypes.Role, userRole),
          new Claim(ClaimTypes.Email, "[email protected]"),
        var identity = new ClaimsIdentity(claims, Scheme.Name);
        var principal = new ClaimsPrincipal(identity);
        var ticket = new AuthenticationTicket(principal, Scheme.Name);

        return await Task.FromResult(AuthenticateResult.Success(ticket));

Blazor dotnet aspdotnet authorization testing

Bootstrap 5 Complete Course with Examples

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Building a simple Applications with Vue 3

Deno Crash Course: Explore Deno and Create a full REST API with Deno

How to Build a Real-time Chat App with Deno and WebSockets

Convert HTML to Markdown Online

HTML entity encoder decoder Online

Testing Microservices Applications

The shift towards microservices and modular applications makes testing more important and more challenging at the same time. Learn more here.

Select List in Blazor || DropDown List in Blazor

LIKE | COMMENT | SHARE | SUBSCRIBE In this Blazor Tutorial, I will show you how to use #DropDownList in blazor app using MatBlazor - (Material Design compone...

Introduction to Blazor Component Testing

In this post, I'm going to look at how to get started testing Blazor components using Steve Sanderson's testing prototype. To make things more real world, I'm going to add some tests to my Blazored Modal library.

Blazor : Calling REST API ASP NET Core Blazor | WEB API

LIKE | COMMENT | SHARE | SUBSCRIBE How to call and consume a REST API from ASP.NET Core Blazor application. Blog : https://aspdotnetexplorer.blogspot.com/sea...

How to Do API Testing?

API endpoint when you send the get request to that URL it returns the JSON response. In this article, I am going to use postman assertions for all the examples since it is the most popular tool. But this article is not intended only for the postman tool.