Beispiel #1
0
        public async Task <LocalLoginResultOutput> ExecuteAsync(string email, string password, bool rememberLogin, string returnUrl)
        {
            var authRequest = await _authorizationService.GetAuthorizationRequestAsync(returnUrl);

            var getAccountResult = await _accountGetterService.GetByEmailAsync(email);

            if (!getAccountResult.Success)
            {
                return(LocalLoginResultOutput.Fail(authRequest != null, getAccountResult.Errors));
            }

            var accountCanBeAuthenticatedVerificationResult =
                _accountVerificationService.VerifyAccountCanBeAuthenticated(getAccountResult.Value, password);

            if (!accountCanBeAuthenticatedVerificationResult.Success)
            {
                return(LocalLoginResultOutput.Fail(authRequest != null,
                                                   accountCanBeAuthenticatedVerificationResult.Errors));
            }

            var claims = await _accountClaimsCreatorService.CreateAccountClaimsAsync(getAccountResult.Value);

            await _signInService.SignInAsync(getAccountResult.Value.Id, getAccountResult.Value.Email, rememberLogin,
                                             claims);

            return(LocalLoginResultOutput.Ok(authRequest != null, authRequest?.IsNativeClient));
        }
Beispiel #2
0
        public async Task ValidateAsync(ResourceOwnerPasswordValidationContext context)
        {
            var invalidCredentialsResult = new GrantValidationResult(TokenRequestErrors.InvalidTarget, "Invalid credentials");

            var getAccountResult = await _accountGetterService.GetByEmailAsync(context.UserName);

            if (!getAccountResult.Success)
            {
                context.Result = invalidCredentialsResult;
                return;
            }

            var accountCanBeAuthenticatedResult = _accountVerificationService.VerifyAccountCanBeAuthenticated(getAccountResult.Value, context.Password);

            if (!accountCanBeAuthenticatedResult.Success)
            {
                var error = accountCanBeAuthenticatedResult.Errors.Single();
                context.Result = error.ErrorCode.Equals(AccountErrorCodeEnumeration.PasswordIsNotSet) || error.ErrorCode.Equals(AccountErrorCodeEnumeration.IncorrectPassword)
                        ? invalidCredentialsResult
                        : new GrantValidationResult(TokenRequestErrors.InvalidTarget, error.ErrorMessage);
                return;
            }

            var claims = await _accountClaimsCreatorService.CreateAccountClaimsAsync(getAccountResult.Value);

            context.Result = new GrantValidationResult(getAccountResult.Value.Id.ToString(),
                                                       context.Request.GrantType, claims);
        }
Beispiel #3
0
        public void VerifyAccountCanBeAuthenticated_Should_Return_VerificationResult_With_Success_True()
        {
            var account = Account.Builder()
                          .SetId(Guid.NewGuid())
                          .SetEmail("*****@*****.**")
                          .SetConfirmed(true)
                          .SetPasswordHash("PasswordHash")
                          .SetSecurityStamp(Guid.NewGuid())
                          .SetCreated(DateTimeOffset.UtcNow)
                          .SetRoles(new List <Guid> {
                Guid.NewGuid()
            })
                          .Build();
            var expectedResult = VerificationResult.Ok();

            _passwordServiceMock.Setup(x => x.VerifyHashedPassword(It.IsAny <string>(), It.IsAny <string>()))
            .Returns(true);

            var result = _accountVerificationService.VerifyAccountCanBeAuthenticated(account, "password");

            result.Should().BeEquivalentTo(expectedResult);
        }