public async Task Try_Login_With_Local_Account_Manipulate_ReturnUri()
{
var config = ConfigBuilder.Default.Build();
var server = TestServerBuilder.BuildServer <Startup>(config);
var client = server.CreateClient();
// Call the login page
var response = await client.GetAsync($"/login?returnUrl={Constants.ReturnUrl}");
response.EnsureSuccessStatusCode();
// Fill out the form and submit
var doc = await response.Content.ReadAsHtmlDocumentAsync();
var form = new Dictionary <string, string>
{
{ "Email", "alice@localhost" },
{ "Password", "alice@localhost" },
{ "RememberLogin", "false" },
{ "__RequestVerificationToken", doc.GetAntiForgeryToken() }
};
var response2 = await client.PostFormAsync(doc.GetFormAction(), form, response);
// Should redirect to startpage, end of journey
response2.StatusCode.Should().Be(HttpStatusCode.Found);
response2.Headers.Location.ToString().Should().Equals("/");
}
public GeneralTests()
{
var config = ConfigBuilder.Default.Build();
_server = TestServerBuilder.BuildServer <Startup>(config);
_client = _server.CreateClient();
}
private async Task <HttpResponseMessage> GetAndPostRecoverForm(
bool loginAfterAccountRecovery,
Action <TestServer, HttpClient> gotServer,
Action <string, string> gotMail)
{
// Mock the email service to intercept the outgoing email messages
var emailServiceMock = EmailServiceHelper.GetEmailServiceMock(
IdentityBaseConstants.EmailTemplates.UserAccountRecover,
"alice@localhost",
(templateName, emailTo, viewData, isHtml) =>
{
// 3. Get confirm url
var confirmUrl = viewData.ToDictionary()["ConfirmUrl"] as string;
var cancelUrl = viewData.ToDictionary()["CancelUrl"] as string;
gotMail(confirmUrl, cancelUrl);
});
// Create a server with custom configuration
var config = ConfigBuilder.Default
// remove the default service since we mocking it
.RemoveDefaultMailService()
// dont login after recovery
.Alter("App:LoginAfterAccountRecovery", loginAfterAccountRecovery ? "true" : "false")
.Build();
var server = TestServerBuilder.BuildServer <Startup>(config, (services) =>
{
services.AddSingleton(emailServiceMock.Object);
});
var client = server.CreateClient();
gotServer(server, client);
// Call the recovery page
var response = await client.GetAsync(
$"/recover?returnUrl={Constants.ReturnUrl}");
response.EnsureSuccessStatusCode();
// Fill out the form and submit
var doc = await response.Content.ReadAsHtmlDocumentAsync();
var form = new Dictionary <string, string>
{
{ "Email", "alice@localhost" },
{ "__RequestVerificationToken", doc.GetAntiForgeryToken() }
};
var response2 = await client.PostFormAsync(doc.GetFormAction(), form, response);
response2.EnsureSuccessStatusCode();
return(response2);
}
public async Task Try_Register(
string email,
string password,
string passwordConfirm,
HttpStatusCode statusCode,
bool isError)
{
var config = ConfigBuilder.Default.Build();
var server = TestServerBuilder.BuildServer <Startup>(config);
var client = server.CreateClient();
// Call the register page
var response = await client.GetAsync($"/register?returnUrl={Constants.ReturnUrl}");
response.EnsureSuccessStatusCode();
// Fill out the form and submit
var doc = await response.Content.ReadAsHtmlDocumentAsync();
var form = new Dictionary <string, string>
{
{ "Email", email },
{ "Password", password },
{ "PasswordConfirm", passwordConfirm },
{ "__RequestVerificationToken", doc.GetAntiForgeryToken() }
};
var response2 = await client.PostFormAsync(doc.GetFormAction(), form, response);
if (statusCode == HttpStatusCode.Found)
{
// After successfull login user should be redirect to IdentityServer4 authorize endpoint
response2.StatusCode.Should().Be(HttpStatusCode.Found);
response2.Headers.Location.ToString().Should().StartWith("/connect/authorize/login");
}
else
{
response2.StatusCode.Should().Be(statusCode);
var doc2 = await response2.Content.ReadAsHtmlDocumentAsync();
// Check for error
if (isError)
{
var elm = doc2.QuerySelector(".alert.alert-danger");
throw new NotImplementedException();
// TODO: check the error message
// elm.TextContent.Contains()
}
}
}
public async Task Post_LoginPage_With_IsExternalLoginOnly_Option_Should_Be_Disabled()
{
var config = ConfigBuilder.Default.Build();
var server = TestServerBuilder.BuildServer <Startup>(config);
var client = server.CreateClient();
// Act
var response = await client.PostFormAsync("/login");
// Assert
Assert.True(response.StatusCode == System.Net.HttpStatusCode.BadRequest,
"POST /login should return 400");
}
public async Task Get_LoginPage_Without_Args_Should_Redirect_To_LandingPage()
{
var config = ConfigBuilder.Default.Build();
var server = TestServerBuilder.BuildServer <Startup>(config);
var client = server.CreateClient();
// Act
var response = await client.GetAsync("/login");
// Assert
response.StatusCode.Should().Be(HttpStatusCode.Found);
response.Headers.Location.ToString().Should().Equals("/");
}
public async Task FooTask()
{
IConfigurationRoot config = ConfigBuilder.Default
.Alter("App:EnableInvitationCreateEndpoint", "true")
.Build();
TestServer testServer = TestServerBuilder
.BuildServer <Startup>(config);
HttpClient client = await testServer
.LoginAndGetAuthorizedClientAsync();
HttpResponseMessage response = await client
.PutJsonAsync("/invitations", new
{
Email = "invited@localhost",
// Target client, is mostly one with GUI
ClientId = "mvc.hybrid"
});
response.EnsureSuccessStatusCode();
var schema = SchemaUtils.GenerateSchema <InvitationsPutResultModel>();
response.AssertSchema(@"{
'type': 'object',
'additionalProperties' : false,
'properties': {
'id': {
'type': [
'string',
'null'
]
},
'error': {},
'stackTrace': {
'type': [
'string',
'null'
]
}
},
'required': [
'type',
'error',
'stackTrace'
]
}");
}
public async Task Invite_User()
{
string confirmUrl = null;
string cancelUrl = null;
// Mock the email service to intercept the outgoing email messages
var emailServiceMock = EmailServiceHelper.GetEmailServiceMock(
IdentityBaseConstants.EmailTemplates.UserAccountInvited,
"invited@localhost",
(templateName, emailTo, viewData, isHtml) =>
{
// 3. Get confirm url
confirmUrl = viewData.ToDictionary()["ConfirmUrl"] as string;
cancelUrl = viewData.ToDictionary()["CancelUrl"] as string;
});
// Create a server with custom configuration
var config = ConfigBuilder.Default
// remove the default service since we mocking it
.RemoveDefaultMailService()
.Alter("App:EnableInvitationCreateEndpoint", "true")
.Build();
var server = TestServerBuilder.BuildServer <Startup>(config, (services) =>
{
services.AddSingleton(emailServiceMock.Object);
});
var client = server.CreateClient();
// Act
var response = await client.PutJsonAsync("/invitations", new
{
Email = "invited@localhost",
ClientId = "mvc.hybrid"
});
response.EnsureSuccessStatusCode();
// Try to follow the confirmation link again it should return an error
var response3 = await client.GetAsync(confirmUrl);
response3.StatusCode.Should().Be(HttpStatusCode.OK);
var doc2 = await response3.Content.ReadAsHtmlDocumentAsync();
}
public RecoverTests()
{
// Create strict moq so it throws exceptions if get called, since this
// tests should all fail
var emailServiceMock = new Mock <IEmailService>(MockBehavior.Strict);
// Create a server with custom configuration
var config = ConfigBuilder.Default
// remove the default service since we mocking it
.RemoveDefaultMailService()
.Build();
_server = TestServerBuilder.BuildServer <Startup>(config, (services) =>
{
services.AddSingleton(emailServiceMock.Object);
});
_client = _server.CreateClient();
}
public async Task Get_LoginPage_With_IsExternalLoginOnly_Option()
{
var config = ConfigBuilder
.Default
.RemoveAuthFacebook() // left only one identity provider
.Alter("App:EnableLocalLogin", "false") // disable local login
.Build();
var server = TestServerBuilder.BuildServer <Startup>(config);
var client = server.CreateClient();
// Act
var response = await client.GetAsync($"/login?returnUrl={Constants.ReturnUrl}");
// Assert
response.StatusCode.Should().Be(HttpStatusCode.Found);
response.Headers.Location
.ToString().Should().StartWith("https://accounts.google.com/o/oauth2");
}