public ExternalUserAssociationMatchResult ExternalUserAssociationCheck(ExternalAuthenticationResult externalAuthenticationResult, string ip)
{
if (externalAuthenticationResult == null)
throw new ArgumentNullException("externalAuthenticationResult");
var match = _externalUserAssociationRepository.Get(externalAuthenticationResult.Issuer, externalAuthenticationResult.ProviderKey);
if (match == null)
{
_securityLogService.CreateLogEntry((int?)null, null, ip, String.Format("Issuer: {0}, Provider: {1}, Name: {2}", externalAuthenticationResult.Issuer, externalAuthenticationResult.ProviderKey, externalAuthenticationResult.Name), SecurityLogType.ExternalAssociationCheckFailed);
return new ExternalUserAssociationMatchResult {Successful = false};
}
var user = _userRepository.GetUser(match.UserID);
if (user == null)
{
_securityLogService.CreateLogEntry((int?)null, null, ip, String.Format("Issuer: {0}, Provider: {1}, Name: {2}", externalAuthenticationResult.Issuer, externalAuthenticationResult.ProviderKey, externalAuthenticationResult.Name), SecurityLogType.ExternalAssociationCheckFailed);
return new ExternalUserAssociationMatchResult {Successful = false};
}
var result = new ExternalUserAssociationMatchResult
{
Successful = true,
ExternalUserAssociation = match,
User = user
};
_securityLogService.CreateLogEntry(user, user, ip, String.Format("Issuer: {0}, Provider: {1}, Name: {2}", match.Issuer, match.ProviderKey, match.Name), SecurityLogType.ExternalAssociationCheckSuccessful);
return result;
}
public ExternalUserAssociationMatchResult ExternalUserAssociationCheck(ExternalAuthenticationResult externalAuthenticationResult, string ip)
{
if (externalAuthenticationResult == null)
{
throw new ArgumentNullException("externalAuthenticationResult");
}
var match = _externalUserAssociationRepository.Get(externalAuthenticationResult.Issuer, externalAuthenticationResult.ProviderKey);
if (match == null)
{
_securityLogService.CreateLogEntry((int?)null, null, ip, String.Format("Issuer: {0}, Provider: {1}, Name: {2}", externalAuthenticationResult.Issuer, externalAuthenticationResult.ProviderKey, externalAuthenticationResult.Name), SecurityLogType.ExternalAssociationCheckFailed);
return(new ExternalUserAssociationMatchResult {
Successful = false
});
}
var user = _userRepository.GetUser(match.UserID);
if (user == null)
{
_securityLogService.CreateLogEntry((int?)null, null, ip, String.Format("Issuer: {0}, Provider: {1}, Name: {2}", externalAuthenticationResult.Issuer, externalAuthenticationResult.ProviderKey, externalAuthenticationResult.Name), SecurityLogType.ExternalAssociationCheckFailed);
return(new ExternalUserAssociationMatchResult {
Successful = false
});
}
var result = new ExternalUserAssociationMatchResult
{
Successful = true,
ExternalUserAssociation = match,
User = user
};
_securityLogService.CreateLogEntry(user, user, ip, String.Format("Issuer: {0}, Provider: {1}, Name: {2}", match.Issuer, match.ProviderKey, match.Name), SecurityLogType.ExternalAssociationCheckSuccessful);
return(result);
}
public async Task<ExternalAuthenticationResult> GetAuthenticationResult(IAuthenticationManager authenticationManager)
{
var authResult = await authenticationManager.AuthenticateAsync(ExternalCookieName);
if (authResult == null)
return null;
if (!authResult.Identity.IsAuthenticated)
return null;
var externalIdentity = authResult.Identity;
var providerKeyClaim = externalIdentity.FindFirst(ClaimTypes.NameIdentifier);
var issuer = providerKeyClaim.Issuer;
var providerKey = providerKeyClaim.Value;
var name = externalIdentity.FindFirstValue(ClaimTypes.Name);
var email = externalIdentity.FindFirstValue(ClaimTypes.Email);
if (String.IsNullOrEmpty(issuer))
throw new NullReferenceException("The identity claims contain no issuer.");
if (String.IsNullOrEmpty(providerKey))
throw new NullReferenceException("The identity claims contain no provider key");
var result = new ExternalAuthenticationResult
{
Issuer = issuer,
ProviderKey = providerKey,
Name = name,
Email = email
};
return result;
}
public void Associate(User user, ExternalAuthenticationResult externalAuthenticationResult, string ip)
{
if (user == null)
throw new ArgumentNullException("user");
if (externalAuthenticationResult != null)
{
if (String.IsNullOrEmpty(externalAuthenticationResult.Issuer))
throw new NullReferenceException("The identity claims contain no issuer.");
if (String.IsNullOrEmpty(externalAuthenticationResult.ProviderKey))
throw new NullReferenceException("The identity claims contain no provider key");
_externalUserAssociationRepository.Save(user.UserID, externalAuthenticationResult.Issuer, externalAuthenticationResult.ProviderKey, externalAuthenticationResult.Name);
_securityLogService.CreateLogEntry(user, user, ip, String.Format("Issuer: {0}, Provider: {1}, Name: {2}", externalAuthenticationResult.Issuer, externalAuthenticationResult.ProviderKey, externalAuthenticationResult.Name), SecurityLogType.ExternalAssociationSet);
}
}
public void ExternalUserAssociationCheckResultTrueWithHydratedResultIfMatchingAssociationAndUser()
{
var manager = GetManager();
var association = new ExternalUserAssociation { Issuer = "Google", UserID = 123, ProviderKey = "abc"};
var user = new User(association.UserID, DateTime.MinValue);
_externalUserAssociationRepo.Setup(x => x.Get(association.Issuer, association.ProviderKey)).Returns(association);
_userRepo.Setup(x => x.GetUser(association.UserID)).Returns(user);
var authResult = new ExternalAuthenticationResult {Issuer = "Google", ProviderKey = "abc"};
var result = manager.ExternalUserAssociationCheck(authResult, "");
Assert.IsTrue(result.Successful);
Assert.AreSame(user, result.User);
Assert.AreSame(association, result.ExternalUserAssociation);
}
public void Associate(User user, ExternalAuthenticationResult externalAuthenticationResult, string ip)
{
if (user == null)
{
throw new ArgumentNullException("user");
}
if (externalAuthenticationResult != null)
{
if (String.IsNullOrEmpty(externalAuthenticationResult.Issuer))
{
throw new NullReferenceException("The identity claims contain no issuer.");
}
if (String.IsNullOrEmpty(externalAuthenticationResult.ProviderKey))
{
throw new NullReferenceException("The identity claims contain no provider key");
}
_externalUserAssociationRepository.Save(user.UserID, externalAuthenticationResult.Issuer, externalAuthenticationResult.ProviderKey, externalAuthenticationResult.Name);
_securityLogService.CreateLogEntry(user, user, ip, String.Format("Issuer: {0}, Provider: {1}, Name: {2}", externalAuthenticationResult.Issuer, externalAuthenticationResult.ProviderKey, externalAuthenticationResult.Name), SecurityLogType.ExternalAssociationSet);
}
}
public async Task <ExternalAuthenticationResult> GetAuthenticationResult(IAuthenticationManager authenticationManager)
{
var authResult = await authenticationManager.AuthenticateAsync(ExternalCookieName);
if (authResult == null)
{
return(null);
}
if (!authResult.Identity.IsAuthenticated)
{
return(null);
}
var externalIdentity = authResult.Identity;
var providerKeyClaim = externalIdentity.FindFirst(ClaimTypes.NameIdentifier);
var issuer = providerKeyClaim.Issuer;
var providerKey = providerKeyClaim.Value;
var name = externalIdentity.FindFirstValue(ClaimTypes.Name);
var email = externalIdentity.FindFirstValue(ClaimTypes.Email);
if (String.IsNullOrEmpty(issuer))
{
throw new NullReferenceException("The identity claims contain no issuer.");
}
if (String.IsNullOrEmpty(providerKey))
{
throw new NullReferenceException("The identity claims contain no provider key");
}
var result = new ExternalAuthenticationResult
{
Issuer = issuer,
ProviderKey = providerKey,
Name = name,
Email = email
};
return(result);
}
public void LoginAndAssociateSuccess()
{
const string email = "*****@*****.**";
const string password = "******";
var user = new User(12, DateTime.MaxValue) {Email = email};
const bool persist = true;
var controller = GetController();
var contextHelper = new HttpContextHelper();
contextHelper.MockRequest.Setup(x => x.UserHostAddress).Returns(String.Empty);
controller.ControllerContext = new ControllerContext(contextHelper.MockContext.Object, new RouteData(), controller);
_userService.Setup(u => u.Login(email, password, persist, contextHelper.MockContext.Object)).Returns(true);
_userService.Setup(x => x.GetUserByEmail(email)).Returns(user);
var authManager = new Mock<IAuthenticationManager>();
_owinContext.Setup(x => x.Authentication).Returns(authManager.Object);
var externalAuthResult = new ExternalAuthenticationResult();
var authResult = Task.FromResult(externalAuthResult);
_externalAuth.Setup(x => x.GetAuthenticationResult(authManager.Object)).Returns(authResult);
var result = controller.LoginAndAssociate(email, password, persist).Result;
_userAssociation.Verify(x => x.Associate(user, authResult.Result, It.IsAny<string>()));
_userService.Verify(u => u.Login(email, password, persist, contextHelper.MockContext.Object), Times.Once());
Assert.IsInstanceOf<JsonResult>(result);
var resultObject = (BasicJsonMessage)result.Data;
Assert.IsTrue(resultObject.Result);
}
public void CreateValidCallExternalAuthAssociateWithAuthResult()
{
var controller = GetController();
MockUpUrl(controller);
_userService.Setup(u => u.IsEmailInUse(It.IsAny<string>())).Returns(false);
_userService.Setup(u => u.IsNameInUse(It.IsAny<string>())).Returns(false);
var user = UserServiceTests.GetDummyUser("Diana", "*****@*****.**");
var signUp = new SignupData { Email = "*****@*****.**", IsCoppa = true, IsDaylightSaving = true, IsSubscribed = true, IsTos = true, Name = "Diana", Password = "******", PasswordRetype = "passwerd", TimeZone = -5 };
_userService.Setup(u => u.CreateUser(signUp, It.IsAny<string>())).Returns(user);
_newAccountMailer.Setup(n => n.Send(It.IsAny<User>(), It.IsAny<string>())).Returns(System.Net.Mail.SmtpStatusCode.CommandNotImplemented);
var settings = new Settings { IsNewUserApproved = true };
_settingsManager.Setup(s => s.Current).Returns(settings);
var authManager = new Mock<IAuthenticationManager>();
_owinContext.Setup(x => x.Authentication).Returns(authManager.Object);
var externalAuthResult = new ExternalAuthenticationResult();
var authResult = Task.FromResult(externalAuthResult);
_externalAuth.Setup(x => x.GetAuthenticationResult(authManager.Object)).Returns(authResult);
var result = controller.Create(signUp).Result;
_userAssociationManager.Verify(x => x.Associate(user, externalAuthResult, It.IsAny<string>()), Times.Once());
}
public void ExternalUserAssociationCheckResultFalseNoMatchCallsSecurityLog()
{
var manager = GetManager();
var user = new User(123, DateTime.MinValue);
_externalUserAssociationRepo.Setup(x => x.Get(It.IsAny<string>(), It.IsAny<string>())).Returns((ExternalUserAssociation)null);
const string ip = "1.1.1.1";
var authResult = new ExternalAuthenticationResult { Issuer = "Google", ProviderKey = "abc" };
manager.ExternalUserAssociationCheck(authResult, ip);
_securityLogService.Verify(x => x.CreateLogEntry((int?)null, null, ip, It.IsAny<string>(), SecurityLogType.ExternalAssociationCheckFailed), Times.Once());
}
public void ExternalUserAssociationCheckResultTrueCallsSecurityLog()
{
var manager = GetManager();
var association = new ExternalUserAssociation { Issuer = "Google", UserID = 123, ProviderKey = "abc" };
var user = new User(association.UserID, DateTime.MinValue);
_externalUserAssociationRepo.Setup(x => x.Get(association.Issuer, association.ProviderKey)).Returns(association);
_userRepo.Setup(x => x.GetUser(association.UserID)).Returns(user);
const string ip = "1.1.1.1";
var authResult = new ExternalAuthenticationResult { Issuer = "Google", ProviderKey = "abc" };
manager.ExternalUserAssociationCheck(authResult, ip);
_securityLogService.Verify(x => x.CreateLogEntry(user, user, ip, It.IsAny<string>(), SecurityLogType.ExternalAssociationCheckSuccessful));
}
public void AssociateSuccessCallsSecurityLog()
{
var manager = GetManager();
var user = new User(123, DateTime.MinValue);
var externalAuthResult = new ExternalAuthenticationResult { Issuer = "weihf", ProviderKey = "weoihf", Name = "woehf" };
const string ip = "1.1.1.1";
manager.Associate(user, externalAuthResult, ip);
_securityLogService.Verify(x => x.CreateLogEntry(user, user, ip, It.IsAny<string>(), SecurityLogType.ExternalAssociationSet), Times.Once());
}
public void AssociateMapsObjectsToRepoCall()
{
var manager = GetManager();
var user = new User(123, DateTime.MinValue);
var externalAuthResult = new ExternalAuthenticationResult {Issuer = "weihf", ProviderKey = "weoihf", Name = "woehf"};
manager.Associate(user, externalAuthResult, String.Empty);
_externalUserAssociationRepo.Verify(x => x.Save(user.UserID, externalAuthResult.Issuer, externalAuthResult.ProviderKey, externalAuthResult.Name), Times.Once());
}
public void ExternalUserAssociationCheckResultFalseNoUserCallsSecurityLog()
{
var manager = GetManager();
var association = new ExternalUserAssociation { Issuer = "Google", UserID = 123, ProviderKey = "abc" };
_externalUserAssociationRepo.Setup(x => x.Get(association.Issuer, association.ProviderKey)).Returns(association);
_userRepo.Setup(x => x.GetUser(association.UserID)).Returns((User)null);
const string ip = "1.1.1.1";
var authResult = new ExternalAuthenticationResult { Issuer = "Google", ProviderKey = "abc" };
manager.ExternalUserAssociationCheck(authResult, ip);
_securityLogService.Verify(x => x.CreateLogEntry((int?)null, null, ip, It.IsAny<string>(), SecurityLogType.ExternalAssociationCheckFailed), Times.Once());
}