Beispiel #1
0
        public async Task LoginInvalidExistingActiveDirectoryAsync()
        {
            _authController.Request = CreateRequestMessage(LOGIN_ENDPOINT, null, false, false);
            Settings.Current.EnableActiveDirectoryAuth = true;

            // add user
            var    provider = new TestDomainLoginProvider();
            string email    = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);
            var    user     = new User {
                EmailAddress           = email,
                IsEmailAddressVerified = true,
                FullName = "User 6"
            };
            await _userRepository.AddAsync(user);

            await _configuration.Client.RefreshAsync();

            // create model
            var loginModel = new LoginModel {
                Email    = TestDomainLoginProvider.ValidUsername,
                Password = "******"
            };

            var actionResult = await _authController.LoginAsync(loginModel);

            var result = await actionResult.ExecuteAsync(new CancellationToken());

            Assert.Equal(System.Net.HttpStatusCode.Unauthorized, result.StatusCode);
        }
        public async Task CannotSignupWhenAccountCreationDisabledWithInvalidTokenAsync(bool enableAdAuth, string email, string password)
        {
            await ResetAsync();

            try {
                _authController.Request = CreateRequestMessage(SIGNUP_ENDPOINT, null, false, false);
                Settings.Current.EnableAccountCreation     = false;
                Settings.Current.EnableActiveDirectoryAuth = enableAdAuth;

                if (enableAdAuth && email == TestDomainLoginProvider.ValidUsername)
                {
                    TestDomainLoginProvider provider = new TestDomainLoginProvider();
                    email = provider.GetEmailAddressFromUsername(email);
                }

                var signupModel = new SignupModel {
                    Email       = email,
                    InviteToken = StringExtensions.GetNewToken(),
                    Name        = "Test",
                    Password    = password
                };
                var actionResult = await _authController.SignupAsync(signupModel);

                Assert.IsAssignableFrom <IHttpActionResult>(actionResult);
                var cancellation = new CancellationToken();
                var result       = await actionResult.ExecuteAsync(cancellation);

                Assert.False(result.IsSuccessStatusCode, "Status Code is success.");
                Assert.Equal(System.Net.HttpStatusCode.BadRequest, result.StatusCode);
                var error = GetErrorMessage(result);
                Assert.Equal("Account Creation is currently disabled.", error);
            } finally {
                await ResetAsync();
            }
        }
        public async Task LoginValidNonExistantActiveDirectoryAsync()
        {
            await ResetAsync();

            try {
                _authController.Request = CreateRequestMessage(LOGIN_ENDPOINT, null, false, false);
                Settings.Current.EnableActiveDirectoryAuth = true;

                // create model
                var    provider   = new TestDomainLoginProvider();
                string email      = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);
                var    loginModel = new LoginModel {
                    Email    = email,
                    Password = TestDomainLoginProvider.ValidPassword
                };

                var actionResult = await _authController.LoginAsync(loginModel);

                var cancellation = new CancellationToken();
                var result       = await actionResult.ExecuteAsync(cancellation);

                var error = GetResult <HttpError>(result);
                if (error != null)
                {
                    _output.WriteLine("Error: {0}", error.Message);
                }
                Assert.Equal(System.Net.HttpStatusCode.Unauthorized, result.StatusCode);
            } finally {
                await ResetAsync();
            }
        }
Beispiel #4
0
    public async Task LoginValidExistingActiveDirectoryAsync()
    {
        _authOptions.EnableActiveDirectoryAuth = true;

        var    provider = new TestDomainLoginProvider();
        string email    = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);
        var    user     = new User {
            EmailAddress           = email,
            IsEmailAddressVerified = true,
            FullName = "User 6"
        };

        await _userRepository.AddAsync(user, o => o.ImmediateConsistency());

        var result = await SendRequestAsAsync <TokenResult>(r => r
                                                            .Post()
                                                            .AppendPath("auth/login")
                                                            .Content(new LoginModel {
            Email = email,
            Password = TestDomainLoginProvider.ValidPassword
        })
                                                            .StatusCodeShouldBeOk()
                                                            );

        Assert.NotNull(result);
        Assert.False(String.IsNullOrEmpty(result.Token));
    }
Beispiel #5
0
        public async Task CanSignupWhenAccountCreationEnabledWithNoTokenAndValidAdAccountAsync()
        {
            _authController.Request = CreateRequestMessage(SIGNUP_ENDPOINT, null, false, false);
            Settings.Current.EnableAccountCreation     = true;
            Settings.Current.EnableActiveDirectoryAuth = true;

            TestDomainLoginProvider provider = new TestDomainLoginProvider();
            string email = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);

            var signupModel = new SignupModel {
                Email       = email,
                InviteToken = "",
                Name        = "Test",
                Password    = TestDomainLoginProvider.ValidPassword
            };

            var actionResult = await _authController.SignupAsync(signupModel);

            var result = await actionResult.ExecuteAsync(new CancellationToken());

            Assert.True(result.IsSuccessStatusCode, "Status Code is failure.");
            Assert.Equal(System.Net.HttpStatusCode.OK, result.StatusCode);

            var tokenResult = GetResult <TokenResult>(result);

            Assert.NotNull(tokenResult);
            Assert.False(string.IsNullOrEmpty(tokenResult.Token));
        }
        public async Task CanSignupWhenAccountCreationDisabledWithValidTokenAsync(bool enableAdAuth, string email, string password)
        {
            await ResetAsync();

            try {
                _authController.Request = CreateRequestMessage(SIGNUP_ENDPOINT, null, false, false);
                Settings.Current.EnableAccountCreation     = false;
                Settings.Current.EnableActiveDirectoryAuth = enableAdAuth;

                if (enableAdAuth && email == TestDomainLoginProvider.ValidUsername)
                {
                    TestDomainLoginProvider provider = new TestDomainLoginProvider();
                    email = provider.GetEmailAddressFromUsername(email);
                }

                var orgs = await _organizationRepository.GetAllAsync();

                var organization = orgs.Documents.First();
                var invite       = new Invite {
                    Token        = StringExtensions.GetNewToken(),
                    EmailAddress = email.ToLowerInvariant(),
                    DateAdded    = DateTime.UtcNow
                };
                organization.Invites.Add(invite);
                await _organizationRepository.SaveAsync(organization);

                _client.Refresh(r => r.Force());

                Assert.NotNull(organization.GetInvite(invite.Token));

                var signupModel = new SignupModel {
                    Email       = email,
                    InviteToken = invite.Token,
                    Name        = "Test",
                    Password    = password
                };
                var actionResult = await _authController.SignupAsync(signupModel);

                var cancellation = new CancellationToken();
                var result       = await actionResult.ExecuteAsync(cancellation);

                var error = GetResult <HttpError>(result);
                if (error != null)
                {
                    _output.WriteLine("Error: {0}", error.Message);
                }
                Assert.True(result.IsSuccessStatusCode, "Status Code is failure.");
                Assert.Equal(System.Net.HttpStatusCode.OK, result.StatusCode);
                var tokenResult = GetResult <TokenResult>(result);
                Assert.NotNull(tokenResult);
                Assert.False(string.IsNullOrEmpty(tokenResult.Token));
            } finally {
                await ResetAsync();
            }
        }
Beispiel #7
0
    public Task LoginValidNonExistantActiveDirectoryAsync()
    {
        _authOptions.EnableActiveDirectoryAuth = true;

        var    provider = new TestDomainLoginProvider();
        string email    = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);

        return(SendRequestAsync(r => r
                                .Post()
                                .AppendPath("auth/login")
                                .Content(new LoginModel {
            Email = email,
            Password = TestDomainLoginProvider.ValidPassword
        })
                                .StatusCodeShouldBeUnauthorized()
                                ));
    }
        public async Task LoginValidExistingActiveDirectoryAsync()
        {
            await ResetAsync();

            try {
                _authController.Request = CreateRequestMessage(LOGIN_ENDPOINT, null, false, false);
                Settings.Current.EnableActiveDirectoryAuth = true;

                // add user
                var    provider = new TestDomainLoginProvider();
                string email    = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);
                var    user     = new User {
                    EmailAddress           = email,
                    IsEmailAddressVerified = true,
                    FullName = "User 6"
                };
                await _userRepository.AddAsync(user);

                await _client.RefreshAsync(r => r.Force());

                // create model
                var loginModel = new LoginModel {
                    Email    = email,
                    Password = TestDomainLoginProvider.ValidPassword
                };

                var actionResult = await _authController.LoginAsync(loginModel);

                var cancellation = new CancellationToken();
                var result       = await actionResult.ExecuteAsync(cancellation);

                var error = GetResult <HttpError>(result);
                if (error != null)
                {
                    _output.WriteLine("Error: {0}", error.Message);
                }
                Assert.True(result.IsSuccessStatusCode, "Status Code is failure.");
                Assert.Equal(System.Net.HttpStatusCode.OK, result.StatusCode);
                var tokenResult = GetResult <TokenResult>(result);
                Assert.NotNull(tokenResult);
                Assert.False(string.IsNullOrEmpty(tokenResult.Token));
            } finally {
                await ResetAsync();
            }
        }
Beispiel #9
0
        public async Task CanSignupWhenAccountCreationEnabledWithValidTokenAndValidAdAccountAsync()
        {
            _authController.Request = CreateRequestMessage(SIGNUP_ENDPOINT, null, false, false);
            Settings.Current.EnableAccountCreation     = true;
            Settings.Current.EnableActiveDirectoryAuth = true;

            TestDomainLoginProvider provider = new TestDomainLoginProvider();
            string email = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);

            var results = await _organizationRepository.GetAllAsync();

            var organization = results.Documents.First();
            var invite       = new Invite {
                Token        = StringExtensions.GetNewToken(),
                EmailAddress = email.ToLowerInvariant(),
                DateAdded    = SystemClock.UtcNow
            };

            organization.Invites.Add(invite);
            await _organizationRepository.SaveAsync(organization);

            await _configuration.Client.RefreshAsync();

            Assert.NotNull(organization.GetInvite(invite.Token));

            var signupModel = new SignupModel {
                Email       = email,
                InviteToken = invite.Token,
                Name        = "Test",
                Password    = TestDomainLoginProvider.ValidPassword
            };
            var actionResult = await _authController.SignupAsync(signupModel);

            var result = await actionResult.ExecuteAsync(new CancellationToken());

            Assert.True(result.IsSuccessStatusCode, "Status Code is failure.");
            Assert.Equal(System.Net.HttpStatusCode.OK, result.StatusCode);

            var tokenResult = GetResult <TokenResult>(result);

            Assert.NotNull(tokenResult);
            Assert.False(string.IsNullOrEmpty(tokenResult.Token));
        }
Beispiel #10
0
        public async Task LoginValidNonExistantActiveDirectoryAsync()
        {
            _authController.Request = CreateRequestMessage(LOGIN_ENDPOINT, null, false, false);
            Settings.Current.EnableActiveDirectoryAuth = true;

            // create model
            var    provider   = new TestDomainLoginProvider();
            string email      = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);
            var    loginModel = new LoginModel {
                Email    = email,
                Password = TestDomainLoginProvider.ValidPassword
            };

            var actionResult = await _authController.LoginAsync(loginModel);

            var result = await actionResult.ExecuteAsync(new CancellationToken());

            Assert.Equal(System.Net.HttpStatusCode.Unauthorized, result.StatusCode);
        }
Beispiel #11
0
    public async Task CanSignupWhenAccountCreationDisabledWithValidTokenAsync(bool enableAdAuth, string email, string password)
    {
        _authOptions.EnableAccountCreation     = false;
        _authOptions.EnableActiveDirectoryAuth = enableAdAuth;

        if (enableAdAuth && email == TestDomainLoginProvider.ValidUsername)
        {
            var provider = new TestDomainLoginProvider();
            email = provider.GetEmailAddressFromUsername(email);
        }

        var results = await _organizationRepository.GetAllAsync();

        var organization = results.Documents.First();

        var invite = new Invite {
            Token        = StringExtensions.GetNewToken(),
            EmailAddress = email.ToLowerInvariant(),
            DateAdded    = SystemClock.UtcNow
        };

        organization.Invites.Add(invite);
        organization = await _organizationRepository.SaveAsync(organization, o => o.ImmediateConsistency());

        Assert.NotNull(organization.GetInvite(invite.Token));

        var result = await SendRequestAsAsync <TokenResult>(r => r
                                                            .Post()
                                                            .AppendPath("auth/signup")
                                                            .Content(new SignupModel {
            Email = email,
            InviteToken = invite.Token,
            Name = "Test",
            Password = password
        })
                                                            .StatusCodeShouldBeOk()
                                                            );

        Assert.NotNull(result);
        Assert.False(String.IsNullOrEmpty(result.Token));
    }
Beispiel #12
0
    public async Task LoginInvalidNonExistantActiveDirectoryAsync()
    {
        _authOptions.EnableActiveDirectoryAuth = true;

        await SendRequestAsync(r => r
                               .Post()
                               .AppendPath("auth/login")
                               .Content(new LoginModel {
            Email = TestDomainLoginProvider.ValidUsername + ".au",
            Password = "******"
        })
                               .StatusCodeShouldBeUnauthorized()
                               );

        // Verify that a user account was not added
        var    provider = new TestDomainLoginProvider();
        string email    = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);
        var    user     = await _userRepository.GetByEmailAddressAsync(email + ".au");

        Assert.Null(user);
    }
        public async Task LoginInvalidNonExistantActiveDirectoryAsync()
        {
            await ResetAsync();

            try {
                _authController.Request = CreateRequestMessage(LOGIN_ENDPOINT, null, false, false);
                Settings.Current.EnableActiveDirectoryAuth = true;

                // create model
                var loginModel = new LoginModel {
                    Email    = TestDomainLoginProvider.ValidUsername + ".au",
                    Password = "******"
                };

                var actionResult = await _authController.LoginAsync(loginModel);

                var cancellation = new CancellationToken();
                var result       = await actionResult.ExecuteAsync(cancellation);

                var error = GetResult <HttpError>(result);
                if (error != null)
                {
                    _output.WriteLine("Error: {0}", error.Message);
                }
                Assert.Equal(System.Net.HttpStatusCode.Unauthorized, result.StatusCode);

                await _client.RefreshAsync(r => r.Force());

                // Verify that a user account was not added
                var    provider = new TestDomainLoginProvider();
                string email    = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);
                var    user     = await _userRepository.GetByEmailAddressAsync(email + ".au");

                Assert.Null(user);
            } finally {
                await ResetAsync();
            }
        }
Beispiel #14
0
    public Task CannotSignupWhenAccountCreationDisabledWithInvalidTokenAsync(bool enableAdAuth, string email, string password)
    {
        _authOptions.EnableAccountCreation     = false;
        _authOptions.EnableActiveDirectoryAuth = enableAdAuth;

        if (enableAdAuth && email == TestDomainLoginProvider.ValidUsername)
        {
            var provider = new TestDomainLoginProvider();
            email = provider.GetEmailAddressFromUsername(email);
        }

        return(SendRequestAsync(r => r
                                .Post()
                                .AppendPath("auth/signup")
                                .Content(new SignupModel {
            Email = email,
            InviteToken = StringExtensions.GetNewToken(),
            Name = "Test",
            Password = password
        })
                                .StatusCodeShouldBeBadRequest()
                                ));
    }
Beispiel #15
0
    public async Task LoginInvalidExistingActiveDirectoryAsync()
    {
        _authOptions.EnableActiveDirectoryAuth = true;

        var    provider = new TestDomainLoginProvider();
        string email    = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);
        var    user     = new User {
            EmailAddress           = email,
            IsEmailAddressVerified = true,
            FullName = "User 6"
        };
        await _userRepository.AddAsync(user, o => o.ImmediateConsistency());

        await SendRequestAsync(r => r
                               .Post()
                               .AppendPath("auth/login")
                               .Content(new LoginModel {
            Email = TestDomainLoginProvider.ValidUsername,
            Password = "******"
        })
                               .StatusCodeShouldBeUnauthorized()
                               );
    }
Beispiel #16
0
        public async Task CannotSignupWhenAccountCreationDisabledWithNoTokenAsync(bool enableAdAuth, string email, string password)
        {
            Settings.Current.EnableAccountCreation     = false;
            Settings.Current.EnableActiveDirectoryAuth = enableAdAuth;

            if (enableAdAuth && email == TestDomainLoginProvider.ValidUsername)
            {
                var provider = new TestDomainLoginProvider();
                email = provider.GetEmailAddressFromUsername(email);
            }

            await SendRequest(r => r
                              .Post()
                              .AppendPath("auth/signup")
                              .Content(new SignupModel {
                Email = email,
                InviteToken = "",
                Name = "Test",
                Password = password
            })
                              .StatusCodeShouldBeBadRequest()
                              );
        }
Beispiel #17
0
    public async Task CanSignupWhenAccountCreationEnabledWithNoTokenAndValidAdAccountAsync()
    {
        _authOptions.EnableAccountCreation     = true;
        _authOptions.EnableActiveDirectoryAuth = true;

        var    provider = new TestDomainLoginProvider();
        string email    = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);

        var result = await SendRequestAsAsync <TokenResult>(r => r
                                                            .Post()
                                                            .AppendPath("auth/signup")
                                                            .Content(new SignupModel {
            Email = email,
            InviteToken = "",
            Name = "Test",
            Password = TestDomainLoginProvider.ValidPassword
        })
                                                            .StatusCodeShouldBeOk()
                                                            );

        Assert.NotNull(result);
        Assert.False(String.IsNullOrEmpty(result.Token));
    }
Beispiel #18
0
        public async Task LoginInvalidNonExistantActiveDirectoryAsync()
        {
            _authController.Request = CreateRequestMessage(LOGIN_ENDPOINT, null, false, false);
            Settings.Current.EnableActiveDirectoryAuth = true;

            // create model
            var loginModel = new LoginModel {
                Email    = TestDomainLoginProvider.ValidUsername + ".au",
                Password = "******"
            };

            var actionResult = await _authController.LoginAsync(loginModel);

            var result = await actionResult.ExecuteAsync(new CancellationToken());

            Assert.Equal(System.Net.HttpStatusCode.Unauthorized, result.StatusCode);

            // Verify that a user account was not added
            var    provider = new TestDomainLoginProvider();
            string email    = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);
            var    user     = await _userRepository.GetByEmailAddressAsync(email + ".au");

            Assert.Null(user);
        }