public async Task LoginInvalidExistingActiveDirectoryAsync()
{
_authController.Request = CreateRequestMessage(LOGIN_ENDPOINT, null, false, false);
Settings.Current.EnableActiveDirectoryAuth = true;
// add user
var provider = new TestDomainLoginProvider();
string email = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);
var user = new User {
EmailAddress = email,
IsEmailAddressVerified = true,
FullName = "User 6"
};
await _userRepository.AddAsync(user);
await _configuration.Client.RefreshAsync();
// create model
var loginModel = new LoginModel {
Email = TestDomainLoginProvider.ValidUsername,
Password = "******"
};
var actionResult = await _authController.LoginAsync(loginModel);
var result = await actionResult.ExecuteAsync(new CancellationToken());
Assert.Equal(System.Net.HttpStatusCode.Unauthorized, result.StatusCode);
}
public async Task CannotSignupWhenAccountCreationDisabledWithInvalidTokenAsync(bool enableAdAuth, string email, string password)
{
await ResetAsync();
try {
_authController.Request = CreateRequestMessage(SIGNUP_ENDPOINT, null, false, false);
Settings.Current.EnableAccountCreation = false;
Settings.Current.EnableActiveDirectoryAuth = enableAdAuth;
if (enableAdAuth && email == TestDomainLoginProvider.ValidUsername)
{
TestDomainLoginProvider provider = new TestDomainLoginProvider();
email = provider.GetEmailAddressFromUsername(email);
}
var signupModel = new SignupModel {
Email = email,
InviteToken = StringExtensions.GetNewToken(),
Name = "Test",
Password = password
};
var actionResult = await _authController.SignupAsync(signupModel);
Assert.IsAssignableFrom <IHttpActionResult>(actionResult);
var cancellation = new CancellationToken();
var result = await actionResult.ExecuteAsync(cancellation);
Assert.False(result.IsSuccessStatusCode, "Status Code is success.");
Assert.Equal(System.Net.HttpStatusCode.BadRequest, result.StatusCode);
var error = GetErrorMessage(result);
Assert.Equal("Account Creation is currently disabled.", error);
} finally {
await ResetAsync();
}
}
public async Task LoginValidNonExistantActiveDirectoryAsync()
{
await ResetAsync();
try {
_authController.Request = CreateRequestMessage(LOGIN_ENDPOINT, null, false, false);
Settings.Current.EnableActiveDirectoryAuth = true;
// create model
var provider = new TestDomainLoginProvider();
string email = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);
var loginModel = new LoginModel {
Email = email,
Password = TestDomainLoginProvider.ValidPassword
};
var actionResult = await _authController.LoginAsync(loginModel);
var cancellation = new CancellationToken();
var result = await actionResult.ExecuteAsync(cancellation);
var error = GetResult <HttpError>(result);
if (error != null)
{
_output.WriteLine("Error: {0}", error.Message);
}
Assert.Equal(System.Net.HttpStatusCode.Unauthorized, result.StatusCode);
} finally {
await ResetAsync();
}
}
public async Task LoginValidExistingActiveDirectoryAsync()
{
_authOptions.EnableActiveDirectoryAuth = true;
var provider = new TestDomainLoginProvider();
string email = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);
var user = new User {
EmailAddress = email,
IsEmailAddressVerified = true,
FullName = "User 6"
};
await _userRepository.AddAsync(user, o => o.ImmediateConsistency());
var result = await SendRequestAsAsync <TokenResult>(r => r
.Post()
.AppendPath("auth/login")
.Content(new LoginModel {
Email = email,
Password = TestDomainLoginProvider.ValidPassword
})
.StatusCodeShouldBeOk()
);
Assert.NotNull(result);
Assert.False(String.IsNullOrEmpty(result.Token));
}
public async Task CanSignupWhenAccountCreationEnabledWithNoTokenAndValidAdAccountAsync()
{
_authController.Request = CreateRequestMessage(SIGNUP_ENDPOINT, null, false, false);
Settings.Current.EnableAccountCreation = true;
Settings.Current.EnableActiveDirectoryAuth = true;
TestDomainLoginProvider provider = new TestDomainLoginProvider();
string email = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);
var signupModel = new SignupModel {
Email = email,
InviteToken = "",
Name = "Test",
Password = TestDomainLoginProvider.ValidPassword
};
var actionResult = await _authController.SignupAsync(signupModel);
var result = await actionResult.ExecuteAsync(new CancellationToken());
Assert.True(result.IsSuccessStatusCode, "Status Code is failure.");
Assert.Equal(System.Net.HttpStatusCode.OK, result.StatusCode);
var tokenResult = GetResult <TokenResult>(result);
Assert.NotNull(tokenResult);
Assert.False(string.IsNullOrEmpty(tokenResult.Token));
}
public async Task CanSignupWhenAccountCreationDisabledWithValidTokenAsync(bool enableAdAuth, string email, string password)
{
await ResetAsync();
try {
_authController.Request = CreateRequestMessage(SIGNUP_ENDPOINT, null, false, false);
Settings.Current.EnableAccountCreation = false;
Settings.Current.EnableActiveDirectoryAuth = enableAdAuth;
if (enableAdAuth && email == TestDomainLoginProvider.ValidUsername)
{
TestDomainLoginProvider provider = new TestDomainLoginProvider();
email = provider.GetEmailAddressFromUsername(email);
}
var orgs = await _organizationRepository.GetAllAsync();
var organization = orgs.Documents.First();
var invite = new Invite {
Token = StringExtensions.GetNewToken(),
EmailAddress = email.ToLowerInvariant(),
DateAdded = DateTime.UtcNow
};
organization.Invites.Add(invite);
await _organizationRepository.SaveAsync(organization);
_client.Refresh(r => r.Force());
Assert.NotNull(organization.GetInvite(invite.Token));
var signupModel = new SignupModel {
Email = email,
InviteToken = invite.Token,
Name = "Test",
Password = password
};
var actionResult = await _authController.SignupAsync(signupModel);
var cancellation = new CancellationToken();
var result = await actionResult.ExecuteAsync(cancellation);
var error = GetResult <HttpError>(result);
if (error != null)
{
_output.WriteLine("Error: {0}", error.Message);
}
Assert.True(result.IsSuccessStatusCode, "Status Code is failure.");
Assert.Equal(System.Net.HttpStatusCode.OK, result.StatusCode);
var tokenResult = GetResult <TokenResult>(result);
Assert.NotNull(tokenResult);
Assert.False(string.IsNullOrEmpty(tokenResult.Token));
} finally {
await ResetAsync();
}
}
public Task LoginValidNonExistantActiveDirectoryAsync()
{
_authOptions.EnableActiveDirectoryAuth = true;
var provider = new TestDomainLoginProvider();
string email = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);
return(SendRequestAsync(r => r
.Post()
.AppendPath("auth/login")
.Content(new LoginModel {
Email = email,
Password = TestDomainLoginProvider.ValidPassword
})
.StatusCodeShouldBeUnauthorized()
));
}
public async Task LoginValidExistingActiveDirectoryAsync()
{
await ResetAsync();
try {
_authController.Request = CreateRequestMessage(LOGIN_ENDPOINT, null, false, false);
Settings.Current.EnableActiveDirectoryAuth = true;
// add user
var provider = new TestDomainLoginProvider();
string email = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);
var user = new User {
EmailAddress = email,
IsEmailAddressVerified = true,
FullName = "User 6"
};
await _userRepository.AddAsync(user);
await _client.RefreshAsync(r => r.Force());
// create model
var loginModel = new LoginModel {
Email = email,
Password = TestDomainLoginProvider.ValidPassword
};
var actionResult = await _authController.LoginAsync(loginModel);
var cancellation = new CancellationToken();
var result = await actionResult.ExecuteAsync(cancellation);
var error = GetResult <HttpError>(result);
if (error != null)
{
_output.WriteLine("Error: {0}", error.Message);
}
Assert.True(result.IsSuccessStatusCode, "Status Code is failure.");
Assert.Equal(System.Net.HttpStatusCode.OK, result.StatusCode);
var tokenResult = GetResult <TokenResult>(result);
Assert.NotNull(tokenResult);
Assert.False(string.IsNullOrEmpty(tokenResult.Token));
} finally {
await ResetAsync();
}
}
public async Task CanSignupWhenAccountCreationEnabledWithValidTokenAndValidAdAccountAsync()
{
_authController.Request = CreateRequestMessage(SIGNUP_ENDPOINT, null, false, false);
Settings.Current.EnableAccountCreation = true;
Settings.Current.EnableActiveDirectoryAuth = true;
TestDomainLoginProvider provider = new TestDomainLoginProvider();
string email = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);
var results = await _organizationRepository.GetAllAsync();
var organization = results.Documents.First();
var invite = new Invite {
Token = StringExtensions.GetNewToken(),
EmailAddress = email.ToLowerInvariant(),
DateAdded = SystemClock.UtcNow
};
organization.Invites.Add(invite);
await _organizationRepository.SaveAsync(organization);
await _configuration.Client.RefreshAsync();
Assert.NotNull(organization.GetInvite(invite.Token));
var signupModel = new SignupModel {
Email = email,
InviteToken = invite.Token,
Name = "Test",
Password = TestDomainLoginProvider.ValidPassword
};
var actionResult = await _authController.SignupAsync(signupModel);
var result = await actionResult.ExecuteAsync(new CancellationToken());
Assert.True(result.IsSuccessStatusCode, "Status Code is failure.");
Assert.Equal(System.Net.HttpStatusCode.OK, result.StatusCode);
var tokenResult = GetResult <TokenResult>(result);
Assert.NotNull(tokenResult);
Assert.False(string.IsNullOrEmpty(tokenResult.Token));
}
public async Task LoginValidNonExistantActiveDirectoryAsync()
{
_authController.Request = CreateRequestMessage(LOGIN_ENDPOINT, null, false, false);
Settings.Current.EnableActiveDirectoryAuth = true;
// create model
var provider = new TestDomainLoginProvider();
string email = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);
var loginModel = new LoginModel {
Email = email,
Password = TestDomainLoginProvider.ValidPassword
};
var actionResult = await _authController.LoginAsync(loginModel);
var result = await actionResult.ExecuteAsync(new CancellationToken());
Assert.Equal(System.Net.HttpStatusCode.Unauthorized, result.StatusCode);
}
public async Task CanSignupWhenAccountCreationDisabledWithValidTokenAsync(bool enableAdAuth, string email, string password)
{
_authOptions.EnableAccountCreation = false;
_authOptions.EnableActiveDirectoryAuth = enableAdAuth;
if (enableAdAuth && email == TestDomainLoginProvider.ValidUsername)
{
var provider = new TestDomainLoginProvider();
email = provider.GetEmailAddressFromUsername(email);
}
var results = await _organizationRepository.GetAllAsync();
var organization = results.Documents.First();
var invite = new Invite {
Token = StringExtensions.GetNewToken(),
EmailAddress = email.ToLowerInvariant(),
DateAdded = SystemClock.UtcNow
};
organization.Invites.Add(invite);
organization = await _organizationRepository.SaveAsync(organization, o => o.ImmediateConsistency());
Assert.NotNull(organization.GetInvite(invite.Token));
var result = await SendRequestAsAsync <TokenResult>(r => r
.Post()
.AppendPath("auth/signup")
.Content(new SignupModel {
Email = email,
InviteToken = invite.Token,
Name = "Test",
Password = password
})
.StatusCodeShouldBeOk()
);
Assert.NotNull(result);
Assert.False(String.IsNullOrEmpty(result.Token));
}
public async Task LoginInvalidNonExistantActiveDirectoryAsync()
{
_authOptions.EnableActiveDirectoryAuth = true;
await SendRequestAsync(r => r
.Post()
.AppendPath("auth/login")
.Content(new LoginModel {
Email = TestDomainLoginProvider.ValidUsername + ".au",
Password = "******"
})
.StatusCodeShouldBeUnauthorized()
);
// Verify that a user account was not added
var provider = new TestDomainLoginProvider();
string email = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);
var user = await _userRepository.GetByEmailAddressAsync(email + ".au");
Assert.Null(user);
}
public async Task LoginInvalidNonExistantActiveDirectoryAsync()
{
await ResetAsync();
try {
_authController.Request = CreateRequestMessage(LOGIN_ENDPOINT, null, false, false);
Settings.Current.EnableActiveDirectoryAuth = true;
// create model
var loginModel = new LoginModel {
Email = TestDomainLoginProvider.ValidUsername + ".au",
Password = "******"
};
var actionResult = await _authController.LoginAsync(loginModel);
var cancellation = new CancellationToken();
var result = await actionResult.ExecuteAsync(cancellation);
var error = GetResult <HttpError>(result);
if (error != null)
{
_output.WriteLine("Error: {0}", error.Message);
}
Assert.Equal(System.Net.HttpStatusCode.Unauthorized, result.StatusCode);
await _client.RefreshAsync(r => r.Force());
// Verify that a user account was not added
var provider = new TestDomainLoginProvider();
string email = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);
var user = await _userRepository.GetByEmailAddressAsync(email + ".au");
Assert.Null(user);
} finally {
await ResetAsync();
}
}
public Task CannotSignupWhenAccountCreationDisabledWithInvalidTokenAsync(bool enableAdAuth, string email, string password)
{
_authOptions.EnableAccountCreation = false;
_authOptions.EnableActiveDirectoryAuth = enableAdAuth;
if (enableAdAuth && email == TestDomainLoginProvider.ValidUsername)
{
var provider = new TestDomainLoginProvider();
email = provider.GetEmailAddressFromUsername(email);
}
return(SendRequestAsync(r => r
.Post()
.AppendPath("auth/signup")
.Content(new SignupModel {
Email = email,
InviteToken = StringExtensions.GetNewToken(),
Name = "Test",
Password = password
})
.StatusCodeShouldBeBadRequest()
));
}
public async Task LoginInvalidExistingActiveDirectoryAsync()
{
_authOptions.EnableActiveDirectoryAuth = true;
var provider = new TestDomainLoginProvider();
string email = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);
var user = new User {
EmailAddress = email,
IsEmailAddressVerified = true,
FullName = "User 6"
};
await _userRepository.AddAsync(user, o => o.ImmediateConsistency());
await SendRequestAsync(r => r
.Post()
.AppendPath("auth/login")
.Content(new LoginModel {
Email = TestDomainLoginProvider.ValidUsername,
Password = "******"
})
.StatusCodeShouldBeUnauthorized()
);
}
public async Task CannotSignupWhenAccountCreationDisabledWithNoTokenAsync(bool enableAdAuth, string email, string password)
{
Settings.Current.EnableAccountCreation = false;
Settings.Current.EnableActiveDirectoryAuth = enableAdAuth;
if (enableAdAuth && email == TestDomainLoginProvider.ValidUsername)
{
var provider = new TestDomainLoginProvider();
email = provider.GetEmailAddressFromUsername(email);
}
await SendRequest(r => r
.Post()
.AppendPath("auth/signup")
.Content(new SignupModel {
Email = email,
InviteToken = "",
Name = "Test",
Password = password
})
.StatusCodeShouldBeBadRequest()
);
}
public async Task CanSignupWhenAccountCreationEnabledWithNoTokenAndValidAdAccountAsync()
{
_authOptions.EnableAccountCreation = true;
_authOptions.EnableActiveDirectoryAuth = true;
var provider = new TestDomainLoginProvider();
string email = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);
var result = await SendRequestAsAsync <TokenResult>(r => r
.Post()
.AppendPath("auth/signup")
.Content(new SignupModel {
Email = email,
InviteToken = "",
Name = "Test",
Password = TestDomainLoginProvider.ValidPassword
})
.StatusCodeShouldBeOk()
);
Assert.NotNull(result);
Assert.False(String.IsNullOrEmpty(result.Token));
}
public async Task LoginInvalidNonExistantActiveDirectoryAsync()
{
_authController.Request = CreateRequestMessage(LOGIN_ENDPOINT, null, false, false);
Settings.Current.EnableActiveDirectoryAuth = true;
// create model
var loginModel = new LoginModel {
Email = TestDomainLoginProvider.ValidUsername + ".au",
Password = "******"
};
var actionResult = await _authController.LoginAsync(loginModel);
var result = await actionResult.ExecuteAsync(new CancellationToken());
Assert.Equal(System.Net.HttpStatusCode.Unauthorized, result.StatusCode);
// Verify that a user account was not added
var provider = new TestDomainLoginProvider();
string email = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername);
var user = await _userRepository.GetByEmailAddressAsync(email + ".au");
Assert.Null(user);
}