public async Task Test_FacebookController_FacebookAuth_Fail()
{
//Arrange
//Facebook Client returns IsAuthenticated false
this.MockFacebookClient = this.InitMockFacebookClient(this.SecuritySettings, false);
FacebookAuthModel facebookAuthModel = new FacebookAuthModel
{
UserAccessToken = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
};
FacebookAuthenticator authenticator = new FacebookAuthenticator(this.MockFacebookClient.Object);
var securityService = new SecurityService <FacebookAuthModel>(this.SecuritySettings);
var controller = new FacebookController(securityService, authenticator);
//Act
var result = await controller.Create(facebookAuthModel);
//Assert
Assert.IsType <BadRequestResult>(result);
this.MockFacebookClient.Verify(x => x.PostSecurityRequest(facebookAuthModel), Times.Once);
}
public async Task Test_FacebookController_Pass()
{
//Arrange
FacebookAuthModel facebookAuthModel = new FacebookAuthModel
{
UserAccessToken = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
};
var client = new FacebookClient(this.SecuritySettings, this.MockHttpClient.Object);
FacebookAuthenticator authenticator = new FacebookAuthenticator(client);
var securityService = new SecurityService <FacebookAuthModel>(this.SecuritySettings);
var controller = new FacebookController(securityService, authenticator);
//Act
var result = await controller.Create(facebookAuthModel);
//Assert
Assert.IsType <ObjectResult>(result);
Assert.True((result as ObjectResult).Value.ToString().IsValidJwtToken());
this.MockHttpClient.Verify(x => x.GetStringAsync <FacebookAppAccessToken>(It.IsAny <string>()), Times.Once);
this.MockHttpClient.Verify(x => x.GetStringAsync <FacebookUserAccessTokenValidation>(It.IsAny <string>()), Times.Once);
}
public async Task Test_FacebookController_NoUserToken_Fail()
{
//Arrange
//Facebook User Token absent
FacebookAuthModel facebookAuthModel = new FacebookAuthModel();
FacebookAuthenticator authenticator = new FacebookAuthenticator(this.MockFacebookClient.Object);
var securityService = new SecurityService <FacebookAuthModel>(this.SecuritySettings);
var controller = new FacebookController(securityService, authenticator);
try
{
//Act
var result = await controller.Create(facebookAuthModel);
}
catch (SecurityException ex)
{
//Assert
Assert.IsType <SecurityException>(ex);
this.MockFacebookClient.Verify(x => x.PostSecurityRequest(facebookAuthModel), Times.Never);
}
}
public async Task Add(FacebookAuthModel newUser)
{
using (DynamoDbContext dbContext = new DynamoDbContext())
{
await dbContext.SaveAsync(newUser);
}
}
public IActionResult FacebookAuth([FromBody] FacebookAuthModel authModel)
{
authModel.UserId = authModel.UserId;
authModel.AccessToken = authModel.AccessToken;
var result = _authervice.AuthenticateByFaceBook(authModel.AccessToken, authModel.UserId);
return(Ok(result));
}
/// <summary>
/// Blockes users registerd with facebook.
/// </summary>
/// <param name="registrationKey"></param>
/// <returns></returns>
private async Task BlockFacebookAuth(string registrationKey)
{
try
{
FacebookAuthModel facebookAuth = _facebookAuthRepository.GetAuthByFacebookId(registrationKey);
facebookAuth.IsBLocked = true;
await _facebookAuthRepository.Update(facebookAuth);
}
catch (Exception)
{
throw;
}
}
public async Task Update(FacebookAuthModel facebookAuth)
{
try
{
using (DynamoDbContext dbContext = new DynamoDbContext())
{
await dbContext.SaveAsync(facebookAuth);
}
}
catch (Exception e)
{
throw e;
}
}
public async Task <IActionResult> Create([FromBody] FacebookAuthModel user)
{
try
{
if (await this.authentication.IsValidUser(user))
{
return(new ObjectResult(this.securityService.GenerateToken(user)));
}
return(BadRequest());
}
catch (Exception ex)
{
throw new SecurityException(ex.Message);
}
}
public async Task <IActionResult> FacebookLogin(FacebookAuthModel model)
{
if (!string.IsNullOrEmpty(model.UserId) &&
!string.IsNullOrEmpty(model.AccessToken))
{
var result = _authenticateRequestService.FacebookAuthenticate(model.UserId, model.AccessToken);
if (result.IsSuccessStatusCode)
{
await SignInAsync(result.ResponseData);
return(Ok(true));
}
return(Ok(BaseResponse <string> .BadRequest(result.Message)));
}
return(Ok(BaseResponse <string> .BadRequest()));
}
public async Task <IActionResult> Create([FromBody] FacebookAuthModel user)
{
if (user == null)
{
throw new ArgumentNullException(nameof(user));
}
if (string.IsNullOrEmpty(user.UserAccessToken))
{
throw new ArgumentNullException(nameof(user.UserAccessToken));
}
if (await this.authentication.IsValidUser(user))
{
return(new ObjectResult(this.securityService.GenerateToken(user)));
}
return(BadRequest());
}
public async Task Test_FacebookController_FacebookAuthorizeAttribute_InvalidAPIKey_ReturnsUnauthorizedResult()
{
var config = new ConfigurationBuilder()
.AddJsonFile("securitySettings.json")
.Build();
// Arrange
var server = new TestServer(new WebHostBuilder()
.UseConfiguration(config)
.UseStartup <Startup>());
var client = server.CreateClient();
var url = "/facebook";
var expected = HttpStatusCode.Unauthorized;
FacebookAuthModel facebookAuthModel = new FacebookAuthModel
{
UserAccessToken = null
};
HttpContent httpContent = new StringContent(JsonConvert.SerializeObject(facebookAuthModel));
// Act
var response = await client.PostAsync(url, httpContent);
// Assert
Assert.Equal(expected, response.StatusCode);
//Arrange
var bytes = new byte[2] {
103, 104
};
httpContent = new ByteArrayContent(bytes);
try
{
// Act
response = await client.PostAsync(url, httpContent);
}
catch (SecurityException ex)
{
// Assert
Assert.IsType <SecurityException>(ex);
}
}
