public async Task Test_GoogleController_NoAuthorizationCode_Fail()
{
//Arrange
//Authorization Code absent
GoogleAuthModel googleAuthModel = new GoogleAuthModel
{
APIKey = "<api key>"
};
GoogleClient client = new GoogleClient(this.SecuritySettings, this.MockHttpClient.Object);
GoogleAuthenticator authenticator = new GoogleAuthenticator(this.SecuritySettings.GoogleSecuritySettings,
client);
var controller = new GoogleController(authenticator);
try
{
//Act
var result = await controller.Create(googleAuthModel);
}
catch (SecurityException ex)
{
//Assert
Assert.IsType <SecurityException>(ex);
this.MockGoogleClient.Verify(x => x.PostSecurityRequest(googleAuthModel), Times.Never);
}
}
public async Task <IActionResult> Google([FromBody] GoogleAuthModel model)
{
Log.Information("userView = " + model.tokenId);
GoogleJsonWebSignature.Payload payload =
await GoogleJsonWebSignature.ValidateAsync(model.tokenId, new GoogleJsonWebSignature.ValidationSettings());
var authRequest = new AuthentificateRequestGoogle()
{
User = payload,
GroupId = model.GroupId
};
var authResult = await _userSerice.AuthentificateWithGoogle(authRequest, ipAddress());
if (authResult == null)
{
return(BadRequest("Group is not match user group!"));
}
setTokenCookie(authResult.RefreshToken);
return(Ok(new AuthentificateDto
{
Id = authResult.Student.Id,
Group = authResult.Student.Group.Group_Name,
Username = authResult.Student.Username,
FirstName = authResult.Student.FirstName,
LastName = authResult.Student.LastName,
Token = authResult.JwtToken,
RefreshToken = authResult.RefreshToken
}));
}
public async Task Test_GoogleController_GoogleAuth_Fail()
{
//Arrange
//Google Client returns IsAuthenticated false
this.MockGoogleClient = this.InitMockGoogleClient(this.SecuritySettings, false);
GoogleAuthModel facebookAuthModel = new GoogleAuthModel
{
APIKey = "<api key>",
AuthorizationCode = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
};
GoogleAuthenticator authenticator = new GoogleAuthenticator(this.SecuritySettings.GoogleSecuritySettings,
this.MockGoogleClient.Object);
var controller = new GoogleController(authenticator);
//Act
var result = await controller.Create(facebookAuthModel);
//Assert
Assert.IsType <BadRequestResult>(result);
this.MockGoogleClient.Verify(x => x.PostSecurityRequest(facebookAuthModel), Times.Once);
}
public async Task Test_GoogleController_NoAPIKey_Fail()
{
//Arrange
//API Key absent
GoogleAuthModel facebookAuthModel = new GoogleAuthModel
{
AuthorizationCode = "<auth_code>"
};
GoogleClient client = new GoogleClient(this.SecuritySettings, this.MockHttpClient.Object);
GoogleAuthenticator authenticator = new GoogleAuthenticator(this.SecuritySettings.GoogleSecuritySettings,
client);
var controller = new GoogleController(authenticator);
try
{
//Act
var result = await controller.Create(facebookAuthModel);
}
catch (SecurityException)
{
//Assert
this.MockGoogleClient.Verify(x => x.PostSecurityRequest(facebookAuthModel), Times.Never);
}
}
public async Task Test_GoogleController_Pass()
{
//Arrange
GoogleAuthModel googleAuthModel = new GoogleAuthModel
{
APIKey = "<api key>",
AuthorizationCode = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
};
GoogleClient client = new GoogleClient(this.SecuritySettings, this.MockHttpClient.Object);
GoogleAuthenticator authenticator = new GoogleAuthenticator(this.SecuritySettings.GoogleSecuritySettings,
client);
var controller = new GoogleController(authenticator);
//Act
var result = await controller.Create(googleAuthModel);
var googleResponse = ((result as ObjectResult).Value as GoogleResponseModel);
//Assert
Assert.IsType <ObjectResult>(result);
Assert.True(googleResponse.AccessToken.IsValidJwtToken());
this.MockHttpClient.Verify(x => x.SendAsync <GoogleResponseModel>(It.IsAny <HttpRequestMessage>()), Times.Once);
}
public JsonResult ValidateExistingAuthCode(string code, string memberNumber)
{
DataAccess _da = new DataAccess();
GoogleAuthModel model = _da.GetGoogleAuthDetails(memberNumber);
GoogleAuthUtil ob = new GoogleAuthUtil(_config);
return(Json(ob.ValidateCode(code, model.PassCodeGoogleSecret)));
}
public AccountController(
UserManager <ApplicationUser> userManager,
ApplicationDbContext appDbContext,
IJwtFactory jwtFactory,
IOptions <JwtIssuerOptions> jwtOptions,
IOptions <GoogleAuthModel> googleAuthOptions)
{
_userManager = userManager;
_appDbContext = appDbContext;
_jwtFactory = jwtFactory;
_jwtOptions = jwtOptions.Value;
_googleAuthModel = googleAuthOptions.Value;
}
public async Task <IActionResult> Create([FromBody] GoogleAuthModel user)
{
try
{
var response = await this.authentication.IsValidUser(user);
if (response.IsAuthenticated)
{
return(new ObjectResult(response));
}
return(BadRequest());
}
catch (Exception ex)
{
throw new SecurityException(ex.Message);
}
}
public async Task <IActionResult> DoLogin([FromBody] GoogleAuthModel googleAuthModel)
{
if (googleAuthModel.GoogleAuthToken.IsEmpty())
{
return(Unauthorized());
}
using (HttpClient client = new HttpClient())
{
var response = await client.GetAsync(@"https://oauth2.googleapis.com/tokeninfo?id_token=" + googleAuthModel.GoogleAuthToken.ToString());
if (response.IsSuccessStatusCode)
{
var info = await response.Content.ReadAsStringAsync();
GoogleResponseData data = JsonConvert.DeserializeObject <GoogleResponseData>(info);
var claims = new []
{
new Claim(ClaimTypes.Name, data.name),
new Claim(ClaimTypes.Email, data.email),
new Claim("Role", "Admin")
};
Tuple <string, DateTime> infoTuple = _jwtAuthenticationHandler.GenerateJwtToken(claims);
string refresh_token = _jwtAuthenticationHandler.GenerateRefreshToken();
if (infoTuple.Item1 == null)
{
return(Unauthorized());
}
return(Ok(new LoginDataModel {
Token = infoTuple.Item1, Refresh = refresh_token, Expiry = infoTuple.Item2
}));
}
else
{
return(Unauthorized());
}
}
}
public async Task Test_GoogleController_GoogleAuthorizeAttribute_InvalidAPIKey_ReturnsUnauthorizedResult()
{
var config = new ConfigurationBuilder()
.AddJsonFile("securitySettings.json")
.Build();
// Arrange
var server = new TestServer(new WebHostBuilder()
.UseConfiguration(config)
.UseStartup <Startup>());
var client = server.CreateClient();
var url = "/google";
var expected = HttpStatusCode.Unauthorized;
GoogleAuthModel googleAuthModel = new GoogleAuthModel
{
AuthorizationCode = "string",
APIKey = "invalid api key"
};
HttpContent httpContent = new StringContent(JsonConvert.SerializeObject(googleAuthModel));
// Act
var response = await client.PostAsync(url, httpContent);
// Assert
Assert.Equal(expected, response.StatusCode);
//Arrange
httpContent = new StringContent(string.Empty);
// Act
try
{
response = await client.PostAsync(url, httpContent).ConfigureAwait(false);
}
catch (SecurityException ex)
{
// Assert
Assert.IsType <SecurityException>(ex);
}
}
/// <summary>
/// LoginWithGooglePlus
/// </summary>
/// <param name="accessToken"></param>
/// <returns></returns>
public JsonResult LoginWithGooglePlus(string accessToken)
{
try
{
var clientId = ConfigurationManager.AppSettings["GooglePlusClientId"];
var jsonResult = this.GetWebResponse("https://people.googleapis.com/v1/people/me?personFields=metadata,names,emailAddresses&access_token=" + accessToken, HttpMethod.Get, null);
if (!String.IsNullOrEmpty(jsonResult))
{
var response = JValue.Parse(jsonResult);
var error = response.Value <JObject>("error");
if (error != null)
{
Console.WriteLine(error.Value <string>("message"));
return(Json(new ReturnObj
{
StatusCode = (int)RegisterStatus.第三方登入失敗,
Message = RegisterStatus.第三方登入失敗.ToString(),
}));
}
else
{
GoogleAuthModel AuthModel = JsonConvert.DeserializeObject <GoogleAuthModel>(jsonResult);//反序列化
var userId = AuthModel.resourceName.Replace("people/", "");
Name name_modle = AuthModel.names.Find(x => x.metadata.primary == true);
string userName = null;
if (name_modle != null)
{
userName = name_modle.displayName;
}
GoogleAuthEmailAddresses emailAddresses_model = AuthModel.emailAddresses.Find(x => x.metadata.primary == true);
string userEmail = null;
if (emailAddresses_model != null)
{
userEmail = emailAddresses_model.value;
}
// 確認第三方登入的會員有沒有註冊過 沒有的話就讓使用者填寫註冊資料
if (string.IsNullOrWhiteSpace(userEmail))
{
Console.WriteLine("Google Plus Email is Null");
return(Json(new ReturnObj
{
StatusCode = (int)RegisterStatus.第三方授權無法提供您的EMail,
Message = "第三方授權無法提供您的E - Mail,請您改用其他方式註冊(登入)",
}));
}
var data = service.HasExtauth(userEmail, "GL", userId);
if (data.Status == RegisterStatus.第三方登入失敗)
{
return(Json(new ReturnObj
{
StatusCode = (int)data.Status,
Message = data.Status.ToString(),
}));
}
if (data.Status == RegisterStatus.註冊直接登入)
{
var verifyForSocialData = new VerifyForSocialDto()
{
Account = userEmail,
Pwd = "#",
Ip = Request.UserHostAddress,
Browser = Request.Browser.Browser,
ProvdrType = "GL",
UserId = userId
};
var verifyStatus = service.VerifyForSocial(verifyForSocialData);
// Login
if (!verifyStatus)
{
return(Json(new ReturnObj
{
StatusCode = (int)RegisterStatus.第三方登入失敗,
Message = RegisterStatus.第三方登入失敗.ToString(),
}));
}
else
{
return(Json(new ReturnObj
{
StatusCode = (int)data.Status,
Message = data.Status.ToString(),
}));
}
}
else
{
data.UserId = userId;
data.Email = userEmail;
data.ProvdrType = "GL";
var result = new ReturnObj
{
StatusCode = (int)data.Status,
Message = data.Status.ToString(),
Email = userEmail,
UserID = userId,
UserName = userName,
Phone = data.Phone
};
//sessionRegistrationInfo = result;
service.TempRegistrationInfo(new RegisterDto()
{
Account = userEmail,
Pwd = "#",
UserId = userId,
ProvdrType = "GL",
Email = userEmail,
ClientIP = Request.UserHostAddress,
HasNotifyLetter = "N",
CustId = "",
RecommendId = "",
Mobile = "",
},
new SorceOptionDto()
{
otherSorce = "",
SorceValue = ""
});
return(Json(result));
}
}
}
else
{
return(Json(new ReturnObj
{
StatusCode = (int)RegisterStatus.第三方登入失敗,
Message = RegisterStatus.第三方登入失敗.ToString(),
}));
}
}
catch (Exception ex)
{
return(Json(new ReturnObj
{
StatusCode = (int)RegisterStatus.第三方登入失敗,
Message = RegisterStatus.第三方登入失敗.ToString(),
}));
}
}
