public async Task WhenPasswordChangeRequired_RequirePasswordChangeTrue() { var username = "******" + TEST_DOMAIN; var userId = await AddUserIfNotExistsAsync(username, c => c.RequirePasswordChange = true); var query = new AuthenticateUserCredentialsQuery() { UserAreaCode = TestUserArea1.Code, Username = username, Password = VALID_PASSWORD }; UserCredentialsAuthenticationResult result; using var app = _appFactory.Create(); var repository = app.Services.GetService <IDomainRepository>(); result = await repository.ExecuteQueryAsync(query); using (new AssertionScope()) { result.Should().NotBeNull(); result.User.Should().NotBeNull(); result.User.UserId.Should().Be(userId); result.IsSuccess.Should().BeTrue(); result.Error.Should().BeNull(); result.User.RequirePasswordChange.Should().BeTrue(); } }
public async Task WhenValid_Maps() { var userId = await AddUserIfNotExistsAsync(); var query = new AuthenticateUserCredentialsQuery() { UserAreaCode = TestUserArea1.Code, Username = VALID_USERNAME, Password = VALID_PASSWORD }; using var app = _appFactory.Create(); var repository = app.Services.GetService <IDomainRepository>(); var result = await repository.ExecuteQueryAsync(query); using (new AssertionScope()) { result.Should().NotBeNull(); result.User.Should().NotBeNull(); result.User.UserId.Should().Be(userId); result.User.UserAreaCode.Should().Be(TestUserArea1.Code); result.IsSuccess.Should().BeTrue(); result.Error.Should().BeNull(); // Non-defaults for these props are covered in other tests result.User.RequirePasswordChange.Should().BeFalse(); result.User.IsAccountVerified.Should().BeFalse(); } }
public async Task WhenIncorrectUserArea_ReturnsInvalidCredentials() { await AddUserIfNotExistsAsync(); var query = new AuthenticateUserCredentialsQuery() { UserAreaCode = TestUserArea2.Code, Username = VALID_USERNAME, Password = VALID_PASSWORD }; UserCredentialsAuthenticationResult result; using (var app = _appFactory.Create()) { var repository = app.Services.GetService <IDomainRepository>(); result = await repository.ExecuteQueryAsync(query); } using (new AssertionScope()) { result.Should().NotBeNull(); result.User.Should().BeNull(); result.IsSuccess.Should().BeFalse(); result.Error.ErrorCode.Should().Be(UserValidationErrors.Authentication.InvalidCredentials.ErrorCode); } }
public async Task WhenOldPasswordHash_PasswordRehashed() { var username = "******" + TEST_DOMAIN; var userId = await AddUserIfNotExistsAsync(username); string oldHash; using (var app = _appFactory.Create()) { var dbContext = app.Services.GetService <CofoundryDbContext>(); var user = await dbContext .Users .SingleAsync(u => u.UserId == userId); user.Password = Defuse.PasswordCryptographyV2.CreateHash(VALID_PASSWORD); user.PasswordHashVersion = (int)PasswordHashVersion.V2; oldHash = user.Password; await dbContext.SaveChangesAsync(); } var query = new AuthenticateUserCredentialsQuery() { UserAreaCode = TestUserArea1.Code, Username = username, Password = VALID_PASSWORD }; UserCredentialsAuthenticationResult result; User updatedUser; using (var app = _appFactory.Create()) { var repository = app.Services.GetService <IDomainRepository>(); var dbContext = app.Services.GetService <CofoundryDbContext>(); result = await repository.ExecuteQueryAsync(query); updatedUser = await dbContext .Users .FilterById(userId) .SingleAsync(); } using (new AssertionScope()) { result.Should().NotBeNull(); result.IsSuccess.Should().BeTrue(); result.Error.Should().BeNull(); updatedUser.Password.Should().NotBe(oldHash); } }
public async Task WhenSystemUser_ReturnsInvalidCredentials() { // Set the system user password to a known value, as it is // set randomly during installation using (var app = _appFactory.Create()) { var dbContext = app.Services.GetService <CofoundryDbContext>(); var passwordCryptographyService = app.Services.GetService <IPasswordCryptographyService>(); var systemUser = await dbContext .Users .SingleAsync(u => u.IsSystemAccount); var hash = passwordCryptographyService.CreateHash(VALID_PASSWORD); systemUser.Password = hash.Hash; systemUser.PasswordHashVersion = hash.HashVersion; await dbContext.SaveChangesAsync(); } var query = new AuthenticateUserCredentialsQuery() { UserAreaCode = CofoundryAdminUserArea.Code, Username = "******", Password = VALID_PASSWORD }; UserCredentialsAuthenticationResult result; using (var app = _appFactory.Create()) { var repository = app.Services.GetService <IDomainRepository>(); result = await repository.ExecuteQueryAsync(query); } using (new AssertionScope()) { result.Should().NotBeNull(); result.User.Should().BeNull(); result.IsSuccess.Should().BeFalse(); result.Error.ErrorCode.Should().Be(UserValidationErrors.Authentication.InvalidCredentials.ErrorCode); } }
public async Task WhenPasswordInvalid_SendsMessage() { await AddUserIfNotExistsAsync(); using var app = _appFactory.Create(); var repository = app.Services.GetService <IDomainRepository>(); var query = new AuthenticateUserCredentialsQuery() { UserAreaCode = TestUserArea1.Code, Username = VALID_USERNAME, Password = "******" }; await repository.ExecuteQueryAsync(query); app.Mocks .CountMessagesPublished <UserAuthenticationFailedMessage>(m => { return(m.Username == VALID_USERNAME.ToLowerInvariant() && m.UserAreaCode == TestUserArea1.Code); }) .Should().Be(1); }
public async Task WhenUsernameNotExists_ReturnsInvalidCredentialsError(string username) { await AddUserIfNotExistsAsync(); var query = new AuthenticateUserCredentialsQuery() { UserAreaCode = CofoundryAdminUserArea.Code, Username = username, Password = VALID_PASSWORD }; using var app = _appFactory.Create(); var repository = app.Services.GetService <IDomainRepository>(); var result = await repository.ExecuteQueryAsync(query); using (new AssertionScope()) { result.Should().NotBeNull(); result.User.Should().BeNull(); result.IsSuccess.Should().BeFalse(); result.Error.ErrorCode.Should().Be(UserValidationErrors.Authentication.InvalidCredentials.ErrorCode); } }
public async Task WhenDeletedUser_ReturnsInvalidCredentials() { var username = "******" + TEST_DOMAIN; var userId = await AddUserIfNotExistsAsync(username); using (var app = _appFactory.Create()) { var repository = app.Services.GetService <IDomainRepository>(); await repository .WithElevatedPermissions() .ExecuteCommandAsync(new DeleteUserCommand(userId)); } var query = new AuthenticateUserCredentialsQuery() { UserAreaCode = CofoundryAdminUserArea.Code, Username = username, Password = VALID_PASSWORD }; UserCredentialsAuthenticationResult result; using (var app = _appFactory.Create()) { var repository = app.Services.GetService <IDomainRepository>(); result = await repository.ExecuteQueryAsync(query); } using (new AssertionScope()) { result.Should().NotBeNull(); result.User.Should().BeNull(); result.IsSuccess.Should().BeFalse(); result.Error.ErrorCode.Should().Be(UserValidationErrors.Authentication.InvalidCredentials.ErrorCode); } }
public IDomainRepositoryQueryContext <UserCredentialsAuthenticationResult> AuthenticateCredentials(AuthenticateUserCredentialsQuery query) { return(DomainRepositoryQueryContextFactory.Create(query, ExtendableContentRepository)); }