Added guard to FormsAuthentication as per issue #1755

src/Nancy.Authentication.Forms.Tests/FormsAuthenticationFixture.cs

@@ -8,7 +8,6 @@ namespace Nancy.Authentication.Forms.Tests
     using FakeItEasy;
     using Fakes;
     using Helpers;
-    using Nancy.Security;
     using Nancy.Tests;
     using Nancy.Tests.Fakes;
     using Xunit;
@@ -162,7 +161,71 @@ public void Should_return_ok_response_when_user_logs_in_without_redirect()
             result.StatusCode.ShouldEqual(HttpStatusCode.OK);
         }
 
-        [Fact]
+		#region Throw helpful exception when the configuration is not enabled
+
+		[Fact]
+		public void Should_throw_helpful_exception_message_when_user_logs_in_without_redirect_and_forms_authentication_not_enabled()
+		{
+			// Given
+			const string expectedMessage = "The internal FormsAuthenticationConfiguration has not been set. Ensure that FormsAuthentication has been enabled in the bootstrapper";
+			FormsAuthentication.Disable();
+
+			// When
+			var result = Record.Exception(() => FormsAuthentication.UserLoggedInResponse(userGuid));
+
+			// Then
+			result.ShouldBeOfType(typeof(InvalidOperationException));
+			result.Message.ShouldBeSameAs(expectedMessage);
+		}
+
+		[Fact]
+		public void Should_throw_helpful_exception_message_when_user_logs_in_with_redirect_and_forms_authentication_not_enabled()
+		{
+			// Given
+			const string expectedMessage = "The internal FormsAuthenticationConfiguration has not been set. Ensure that FormsAuthentication has been enabled in the bootstrapper";
+			FormsAuthentication.Disable();
+
+			// When
+			var result = Record.Exception(() => FormsAuthentication.UserLoggedInRedirectResponse(context, userGuid));
+
+			// Then
+			result.ShouldBeOfType(typeof(InvalidOperationException));
+			result.Message.ShouldBeSameAs(expectedMessage);
+		}
+
+		[Fact]
+		public void Should_throw_helpful_exception_message_when_user_logs_out_with_redirect_and_forms_authentication_not_enabled()
+		{
+			// Given
+			const string expectedMessage = "The internal FormsAuthenticationConfiguration has not been set. Ensure that FormsAuthentication has been enabled in the bootstrapper";
+			FormsAuthentication.Disable();
+
+			// When
+			var result = Record.Exception(() => FormsAuthentication.LogOutAndRedirectResponse(context, "/"));
+
+			// Then
+			result.ShouldBeOfType(typeof(InvalidOperationException));
+			result.Message.ShouldBeSameAs(expectedMessage);
+		}
+
+		[Fact]
+		public void Should_throw_helpful_exception_message_when_user_logs_out_without_redirect_and_forms_authentication_not_enabled()
+		{
+			// Given
+			const string expectedMessage = "The internal FormsAuthenticationConfiguration has not been set. Ensure that FormsAuthentication has been enabled in the bootstrapper";
+			FormsAuthentication.Disable();
+
+			// When
+			var result = Record.Exception(() => FormsAuthentication.LogOutResponse());
+
+			// Then
+			result.ShouldBeOfType(typeof(InvalidOperationException));
+			result.Message.ShouldBeSameAs(expectedMessage);
+		}
+
+		#endregion
+
+		[Fact]
         public void Should_have_authentication_cookie_in_login_response_when_logging_in_with_redirect()
         {
             FormsAuthentication.Enable(A.Fake<IPipelines>(), this.config);

src/Nancy.Authentication.Forms/FormsAuthentication.cs

@@ -34,7 +34,15 @@ public static string FormsAuthenticationCookieName
             }
         }
 
-        /// <summary>
+		/// <summary>
+		/// To support testing, necessary as everying is static, but not ideal
+		/// </summary>
+		internal static void Disable()
+		{
+			currentConfiguration = null;
+		}
+
+		/// <summary>
         /// Enables forms authentication for the application
         /// </summary>
         /// <param name="pipelines">Pipelines to add handlers to (usually "this")</param>
@@ -110,7 +118,12 @@ public static void Enable(INancyModule module, FormsAuthenticationConfiguration
         /// <returns>Nancy response with redirect.</returns>
         public static Response UserLoggedInRedirectResponse(NancyContext context, Guid userIdentifier, DateTime? cookieExpiry = null, string fallbackRedirectUrl = null)
         {
-            var redirectUrl = fallbackRedirectUrl;
+			if (currentConfiguration == null)
+			{
+				throw new InvalidOperationException("The internal FormsAuthenticationConfiguration has not been set. Ensure that FormsAuthentication has been enabled in the bootstrapper");
+			}
+
+			var redirectUrl = fallbackRedirectUrl;
 
             if (string.IsNullOrEmpty(redirectUrl))
             {
@@ -149,11 +162,14 @@ public static Response UserLoggedInRedirectResponse(NancyContext context, Guid u
         /// <returns>Nancy response with status <see cref="HttpStatusCode.OK"/></returns>
         public static Response UserLoggedInResponse(Guid userIdentifier, DateTime? cookieExpiry = null)
         {
-            var response =
-                (Response)HttpStatusCode.OK;
+			if (currentConfiguration == null)
+			{
+				throw new InvalidOperationException("The internal FormsAuthenticationConfiguration has not been set. Ensure that FormsAuthentication has been enabled in the bootstrapper");
+			}
+
+            var response = (Response)HttpStatusCode.OK;
 
-            var authenticationCookie = 
-                BuildCookie(userIdentifier, cookieExpiry, currentConfiguration);
+            var authenticationCookie = BuildCookie(userIdentifier, cookieExpiry, currentConfiguration);
 
             response.AddCookie(authenticationCookie);
 
@@ -168,7 +184,12 @@ public static Response UserLoggedInResponse(Guid userIdentifier, DateTime? cooki
         /// <returns>Nancy response</returns>
         public static Response LogOutAndRedirectResponse(NancyContext context, string redirectUrl)
         {
-            var response = context.GetRedirect(redirectUrl);
+			if (currentConfiguration == null)
+			{
+				throw new InvalidOperationException("The internal FormsAuthenticationConfiguration has not been set. Ensure that FormsAuthentication has been enabled in the bootstrapper");
+			}
+
+			var response = context.GetRedirect(redirectUrl);
             var authenticationCookie = BuildLogoutCookie(currentConfiguration);
             response.AddCookie(authenticationCookie);
 
@@ -181,11 +202,14 @@ public static Response LogOutAndRedirectResponse(NancyContext context, string re
         /// <returns>Nancy response</returns>
         public static Response LogOutResponse()
         {
-            var response =
-                (Response)HttpStatusCode.OK;
+			if (currentConfiguration == null)
+			{
+				throw new InvalidOperationException("The internal FormsAuthenticationConfiguration has not been set. Ensure that FormsAuthentication has been enabled in the bootstrapper");
+			}
+
+			var response = (Response)HttpStatusCode.OK;
 
-            var authenticationCookie = 
-                BuildLogoutCookie(currentConfiguration);
+            var authenticationCookie = BuildLogoutCookie(currentConfiguration);
 
             response.AddCookie(authenticationCookie);
 

src/Nancy.Testing/Nancy.Testing.csproj

@@ -85,9 +85,9 @@
     <DocumentationFile>bin\MonoRelease\Nancy.Testing.XML</DocumentationFile>
   </PropertyGroup>
   <ItemGroup>
-    <Reference Include="CsQuery, Version=1.3.3.5, Culture=neutral, processorArchitecture=MSIL">
+    <Reference Include="CsQuery, Version=1.3.3.249, Culture=neutral, processorArchitecture=MSIL">
       <SpecificVersion>False</SpecificVersion>
-      <HintPath>..\packages\CsQuery.1.3.3\lib\net40\CsQuery.dll</HintPath>
+      <HintPath>..\..\..\..\savetrees\code\references\packages\CsQuery.1.3.4\lib\net40\CsQuery.dll</HintPath>
     </Reference>
     <Reference Include="System">
     </Reference>
@@ -171,7 +171,6 @@
     </BootstrapperPackage>
   </ItemGroup>
   <ItemGroup>
-    <None Include="packages.config" />
     <EmbeddedResource Include="Resources\Nancy Testing Cert.pfx" />
   </ItemGroup>
   <ItemGroup>
@@ -180,6 +179,9 @@
       <LastGenOutput>Resources.Designer.cs</LastGenOutput>
     </EmbeddedResource>
   </ItemGroup>
+  <ItemGroup>
+    <None Include="packages.config" />
+  </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
   <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
        Other similar extension points exist, see Microsoft.Common.targets.

src/Nancy.Testing/packages.config

@@ -1,4 +1,4 @@
 <?xml version="1.0" encoding="utf-8"?>
 <packages>
-  <package id="CsQuery" version="1.3.3" targetFramework="net40" />
+  <package id="CsQuery" version="1.3.4" targetFramework="net40" />
 </packages>

src/Nancy.ViewEngines.Razor.BuildProviders/Nancy.ViewEngines.Razor.BuildProviders.csproj

@@ -97,8 +97,8 @@
     <Reference Include="System.Web" />
     <Reference Include="Microsoft.CSharp" />
     <Reference Include="System.Web.Razor, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <SpecificVersion>False</SpecificVersion>
-      <HintPath>..\packages\Microsoft.AspNet.Razor.2.0.30506.0\lib\net40\System.Web.Razor.dll</HintPath>
+      <Private>True</Private>
+      <HintPath>..\..\..\..\savetrees\code\references\packages\Microsoft.AspNet.Razor.2.0.30506.0\lib\net40\System.Web.Razor.dll</HintPath>
     </Reference>
   </ItemGroup>
   <ItemGroup>

src/Nancy.ViewEngines.Razor/HtmlHelpers.cs

@@ -2,6 +2,7 @@
 {
     using System;
     using System.IO;
+    using Nancy.Extensions;
     using Nancy.Security;
 
     /// <summary>
@@ -48,6 +49,8 @@ public HtmlHelpers(RazorViewEngine engine, IRenderContext renderContext, TModel
         /// <returns>An <see cref="IHtmlString"/> representation of the partial.</returns>
         public IHtmlString Partial(string viewName)
         {
+			if (string.IsNullOrWhiteSpace(viewName)) throw new ArgumentNullException("viewName", "Attempted to render a non-existent view");
+
             return this.Partial(viewName, null);
         }
 
@@ -59,18 +62,29 @@ public IHtmlString Partial(string viewName)
         /// <returns>An <see cref="IHtmlString"/> representation of the partial.</returns>
         public IHtmlString Partial(string viewName, dynamic modelForPartial)
         {
-            var view = this.RenderContext.LocateView(viewName, modelForPartial);
+			if (string.IsNullOrWhiteSpace(viewName)) throw new ArgumentNullException("viewName", "Attempted to render a non-existent view");
 
-            var response = this.Engine.RenderView(view, modelForPartial, this.RenderContext, true);
-            Action<Stream> action = response.Contents;
-            var mem = new MemoryStream();
+			//this.RenderContext.Context.WriteTraceLog(sb => sb.AppendFormat("Rendered partial view {0} with type {1}", viewName, response));
+			try
+	        {
+		        var view = this.RenderContext.LocateView(viewName, modelForPartial);
 
-            action.Invoke(mem);
-            mem.Position = 0;
+		        var response = this.Engine.RenderView(view, modelForPartial, this.RenderContext, true);
+		        Action<Stream> action = response.Contents;
+		        var mem = new MemoryStream();
 
-            var reader = new StreamReader(mem);
+		        action.Invoke(mem);
+		        mem.Position = 0;
 
-            return new NonEncodedHtmlString(reader.ReadToEnd());
+		        var reader = new StreamReader(mem);
+
+		        return new NonEncodedHtmlString(reader.ReadToEnd());
+	        }
+	        catch (Exception exception)
+	        {
+		        this.RenderContext.Context.WriteTraceLog(sb => sb.AppendFormat("Rendering partial view {0} threw exception {1}", viewName, exception.Message));
+		        throw;
+	        }
         }
 
         /// <summary>

src/Nancy.ViewEngines.Razor/Nancy.ViewEngines.Razor.csproj

@@ -94,7 +94,7 @@
     </Reference>
     <Reference Include="System.Web.Razor, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <Private>True</Private>
-      <HintPath>..\packages\Microsoft.AspNet.Razor.2.0.30506.0\lib\net40\System.Web.Razor.dll</HintPath>
+      <HintPath>..\..\..\..\savetrees\code\references\packages\Microsoft.AspNet.Razor.2.0.30506.0\lib\net40\System.Web.Razor.dll</HintPath>
     </Reference>
     <Reference Include="System.Xml.Linq">
     </Reference>

src/Nancy.ViewEngines.Razor/NancyRazorViewBase.cs

@@ -4,6 +4,7 @@
     using System.Collections.Generic;
     using System.Globalization;
     using System.IO;
+    using System.Linq;
     using System.Text;
     using Nancy.Helpers;
 
@@ -395,25 +396,25 @@ public void ExecuteView(string body, IDictionary<string, string> sectionContents
             }
             catch (NullReferenceException e)
             {
-                throw new ViewRenderException("Unable to render the view.  Most likely the Model, or a property on the Model, is null", e);
+	            throw new ViewRenderException("Unable to render the view.  Most likely the Model, or a property on the Model, is null", e);
             }
 
             this.Body = this.contents.ToString();
 
-            this.SectionContents = new Dictionary<string, string>(this.Sections.Count);
+			this.SectionContents = new Dictionary<string, string>(this.Sections.Count);
             foreach (var section in this.Sections)
             {
-                this.contents.Clear();
+				this.contents.Clear();
                 try
                 {
-                    section.Value.Invoke();
+					section.Value.Invoke();
                 }
                 catch (NullReferenceException e)
                 {
-                    throw new ViewRenderException(string.Format("A null reference was encountered while rendering the section {0}.  Does the section require a model? (maybe it wasn't passed in)", section.Key), e);
+					throw new ViewRenderException(string.Format("A null reference was encountered while rendering the section {0}.  Does the section require a model? (maybe it wasn't passed in)", section.Key), e);
                 }
-                this.SectionContents.Add(section.Key, this.contents.ToString());
-            }
+				this.SectionContents.Add(section.Key, this.contents.ToString());
+			}
         }
 
         /// <summary>