public async Task Can_authenticate_with_passwordless_email_code() { // Arrange var authenticationApiClient = new AuthenticationApiClient(new Uri(GetVariable("AUTH0_AUTHENTICATION_API_URL"))); // Arrange var authenticationResponse = await authenticationApiClient.AuthenticateAsync(new AuthenticationRequest { ClientId = GetVariable("AUTH0_CLIENT_ID"), Connection = "email", GrantType = "password", Scope = "openid", Username = "******", Password = "******" }); authenticationResponse.Should().NotBeNull(); }
public async Task <ActionResult> Login(LoginViewModel vm, string returnUrl = null) { if (ModelState.IsValid) { try { AuthenticationApiClient client = new AuthenticationApiClient( new Uri($"https://{ConfigurationManager.AppSettings["auth0:Domain"]}/")); var result = await client.AuthenticateAsync(new AuthenticationRequest { ClientId = ConfigurationManager.AppSettings["auth0:ClientId"], Scope = "openid", Connection = "Database-Connection", // Specify the correct name of your DB connection Username = vm.EmailAddress, Password = vm.Password }); // Get user info from token var user = await client.GetTokenInfoAsync(result.IdToken); // Create claims principal var claimsIdentity = new ClaimsIdentity(new[] { new Claim(ClaimTypes.NameIdentifier, user.UserId), new Claim(ClaimTypes.Name, user.FullName ?? user.Email), new Claim("http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider", "ASP.NET Identity", "http://www.w3.org/2001/XMLSchema#string") }, DefaultAuthenticationTypes.ApplicationCookie); // Sign user into cookie middleware AuthenticationManager.SignIn(new AuthenticationProperties { IsPersistent = false }, claimsIdentity); return(RedirectToLocal(returnUrl)); } catch (Exception e) { ModelState.AddModelError("", e.Message); } } return(View(vm)); }
public async Task Can_authenticate_with_passwordless_email_code() { // Arrange var authenticationApiClient = new AuthenticationApiClient(new Uri(GetVariable("AUTH0_AUTHENTICATION_API_URL"))); // Arrange var authenticationResponse = await authenticationApiClient.AuthenticateAsync(new AuthenticationRequest { ClientId = GetVariable("AUTH0_CLIENT_ID"), Connection = "email", GrantType = "password", Scope = "openid", Username = "******", Password = "******" }); authenticationResponse.Should().NotBeNull(); }
public async Task Can_obtain_user_info() { var authenticationApiClient = new AuthenticationApiClient(GetVariable("AUTH0_AUTHENTICATION_API_URL")); // First get the access token var token = await authenticationApiClient.AuthenticateAsync(new AuthenticationRequest { ClientId = GetVariable("AUTH0_CLIENT_ID"), ClientSecret = GetVariable("AUTH0_CLIENT_SECRET"), Realm = connection.Name, Username = newUser.Email, Password = "******", Scope = "openid profile" }); // Get the user info var user = await authenticationApiClient.GetUserInfoAsync(token.AccessToken); user.Should().NotBeNull(); user.UserId.Should().NotBeNull(); }
public async Task <IActionResult> Login(LoginViewModel vm, string returnUrl = null) { if (ModelState.IsValid) { try { AuthenticationApiClient client = new AuthenticationApiClient(new Uri($"https://{_auth0Settings.Domain}/")); var result = await client.AuthenticateAsync(new AuthenticationRequest { ClientId = _auth0Settings.ClientId, Scope = "openid", Connection = "Database-Connection", // Specify the correct name of your DB connection Username = vm.EmailAddress, Password = vm.Password }); // Get user info from token var user = await client.GetTokenInfoAsync(result.IdToken); // Create claims principal var claimsPrincipal = new ClaimsPrincipal(new ClaimsIdentity(new[] { new Claim(ClaimTypes.NameIdentifier, user.UserId), new Claim(ClaimTypes.Name, user.FullName) }, CookieAuthenticationDefaults.AuthenticationScheme)); // Sign user into cookie middleware await HttpContext.Authentication.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, claimsPrincipal); return(RedirectToLocal(returnUrl)); } catch (Exception e) { ModelState.AddModelError("", e.Message); } } return(View(vm)); }
public async Task Can_authenticate_user_with_plus_in_username() { // Arrange var authenticationApiClient = new AuthenticationApiClient(new Uri(GetVariable("AUTH0_AUTHENTICATION_API_URL"))); // Act var authenticationResponse = await authenticationApiClient.AuthenticateAsync(new AuthenticationRequest { ClientId = GetVariable("AUTH0_CLIENT_ID"), Connection = connection.Name, GrantType = "password", Scope = "openid", Username = plusUser.Email, Password = "******" }); // Assert authenticationResponse.Should().NotBeNull(); authenticationResponse.TokenType.Should().NotBeNull(); authenticationResponse.AccessToken.Should().NotBeNull(); authenticationResponse.IdToken.Should().NotBeNull(); }
public async Task Can_authenticate_against_Auth0() { // Arrange var authenticationApiClient = new AuthenticationApiClient(new Uri(GetVariable("AUTH0_AUTHENTICATION_API_URL"))); // Act var authenticationResponse = await authenticationApiClient.AuthenticateAsync(new AuthenticationRequest { ClientId = GetVariable("AUTH0_CLIENT_ID"), Connection = connection.Name, GrantType = "password", Scope = "openid", Username = user.Email, Password = "******" }); // Assert authenticationResponse.Should().NotBeNull(); authenticationResponse.TokenType.Should().NotBeNull(); authenticationResponse.AccessToken.Should().NotBeNull(); authenticationResponse.IdToken.Should().NotBeNull(); authenticationResponse.RefreshToken.Should().BeNull(); // No refresh token if offline access was not requested }
public async Task Can_authenticate_against_Auth0() { // Arrange var authenticationApiClient = new AuthenticationApiClient(new Uri(GetVariable("AUTH0_AUTHENTICATION_API_URL"))); // Act var authenticationResponse = await authenticationApiClient.AuthenticateAsync(new AuthenticationRequest { ClientId = GetVariable("AUTH0_CLIENT_ID"), Connection = connection.Name, GrantType = "password", Scope = "openid", Username = user.Email, Password = "******" }); // Assert authenticationResponse.Should().NotBeNull(); authenticationResponse.TokenType.Should().NotBeNull(); authenticationResponse.AccessToken.Should().NotBeNull(); authenticationResponse.IdToken.Should().NotBeNull(); authenticationResponse.RefreshToken.Should().BeNull(); // No refresh token if offline access was not requested }
public async Task Can_authenticate_user_with_plus_in_username() { // Arrange var authenticationApiClient = new AuthenticationApiClient(new Uri(GetVariable("AUTH0_AUTHENTICATION_API_URL"))); // Act var authenticationResponse = await authenticationApiClient.AuthenticateAsync(new AuthenticationRequest { ClientId = GetVariable("AUTH0_CLIENT_ID"), Connection = connection.Name, GrantType = "password", Scope = "openid", Username = plusUser.Email, Password = "******" }); // Assert authenticationResponse.Should().NotBeNull(); authenticationResponse.TokenType.Should().NotBeNull(); authenticationResponse.AccessToken.Should().NotBeNull(); authenticationResponse.IdToken.Should().NotBeNull(); }
public async Task SetUp() { var scopes = new { users = new { actions = new string[] { "read", "create", "update", "delete" } }, connections = new { actions = new string[] { "create", "delete" } } }; string token = GenerateToken(scopes); apiClient = new ManagementApiClient(token, new Uri(GetVariable("AUTH0_MANAGEMENT_API_URL"))); authenticationApiClient = new AuthenticationApiClient(new Uri(GetVariable("AUTH0_AUTHENTICATION_API_URL"))); // We will need a connection to add the users to... connection = await apiClient.Connections.CreateAsync(new ConnectionCreateRequest { Name = Guid.NewGuid().ToString("N"), Strategy = "auth0", EnabledClients = new[] { "rLNKKMORlaDzrMTqGtSL9ZSXiBBksCQW" } }); // Add a new user var newUserRequest = new UserCreateRequest { Connection = connection.Name, Email = $"{Guid.NewGuid():N}@nonexistingdomain.aaa", EmailVerified = true, Password = "******" }; user = await apiClient.Users.CreateAsync(newUserRequest); // Now try and sign in with a wrong password until we get "too many attempts" bool userBlocked = false; int attempts = 0; do { try { attempts++; var authenticationResponse = await authenticationApiClient.AuthenticateAsync(new AuthenticationRequest { ClientId = GetVariable("AUTH0_CLIENT_ID"), Connection = connection.Name, GrantType = "password", Scope = "openid", Username = user.Email, Password = "******" }); } catch (ApiException ex) { if (ex.ApiError.Error == "too_many_attempts") { userBlocked = true; } } } while (!userBlocked && attempts < 20); // Add failsafe to stop if we go over 20 attempts. User should be blocked by then, but just to make sure... }