public async Task NullPassword_ThrowsException()
{
// Arrange
var userManager = SecurityMockHelpers.TestCustomUserManager();
var target = userManager.PasswordValidators.First();
// Act, Assert
await Assert.ThrowsAsync <ArgumentNullException>(async() => await target.ValidateAsync(userManager, new ApplicationUser(), null));
}
public async Task PasswordValidator_ValidatesByPasswordOptions(
string password,
bool requireUpperCase,
bool requireLowerCase,
bool requireDigits,
bool requireSpecialCharacters,
int minLength,
bool expectedIsValid,
bool expectedMustBeLonger,
bool expectedMustHaveUpper,
bool expectedMustHaveLower,
bool expectedMustHaveDigit,
bool expectedMustHaveNonAlphanumeric)
{
// Arrange
var options = new IdentityOptions
{
Password = new PasswordOptions
{
RequiredLength = minLength,
RequireUppercase = requireUpperCase,
RequireLowercase = requireLowerCase,
RequireDigit = requireDigits,
RequireNonAlphanumeric = requireSpecialCharacters
}
};
var user = new ApplicationUser {
Id = "id1"
};
var userStoreMock = new Mock <IUserStore <ApplicationUser> >();
userStoreMock.Setup(x => x.FindByIdAsync(user.Id, CancellationToken.None)).ReturnsAsync(user);
var userManager = SecurityMockHelpers.TestCustomUserManager(userStoreMock, identityOptions: options);
var target = userManager.PasswordValidators.First();
//var target = new CustomPasswordValidator(new CustomIdentityErrorDescriber(), _repositoryFactory, null);
// Act
var result = await target.ValidateAsync(userManager, user, password);
// Assert
Assert.Equal(expectedIsValid, result.Succeeded);
Assert.Equal(expectedMustBeLonger, ExistsErrorByCode(result, nameof(IdentityErrorDescriber.PasswordTooShort)));
if (expectedMustBeLonger)
{
var tooShort = TryFindErrorByCode(result, nameof(IdentityErrorDescriber.PasswordTooShort));
Assert.IsType <CustomIdentityError>(tooShort);
Assert.Equal(minLength, ((CustomIdentityError)tooShort).ErrorParameter);
}
Assert.Equal(expectedMustHaveUpper, ExistsErrorByCode(result, nameof(IdentityErrorDescriber.PasswordRequiresUpper)));
Assert.Equal(expectedMustHaveLower, ExistsErrorByCode(result, nameof(IdentityErrorDescriber.PasswordRequiresLower)));
Assert.Equal(expectedMustHaveDigit, ExistsErrorByCode(result, nameof(IdentityErrorDescriber.PasswordRequiresDigit)));
Assert.Equal(expectedMustHaveNonAlphanumeric, ExistsErrorByCode(result, nameof(IdentityErrorDescriber.PasswordRequiresNonAlphanumeric)));
}
public async Task UpdateUser_CheckEvents(ApplicationUser user, ApplicationUser oldUser, Action <IEvent>[] assertions)
{
//Arrange
var userStoreMock = new Mock <IUserStore <ApplicationUser> >();
userStoreMock.Setup(x => x.FindByIdAsync(user.Id, CancellationToken.None)).ReturnsAsync(oldUser);
var eventPublisher = new EventPublisherStub();
var userManager = SecurityMockHelpers.TestCustomUserManager(userStoreMock, eventPublisher);
//Act
var result = await userManager.UpdateAsync(user);
//Assert
result.Succeeded.Should().BeTrue();
eventPublisher.Events.Should().SatisfyRespectively(assertions);
}
public async Task ChangePassword_CheckEvents(ApplicationUser user, Action <IEvent>[] assertions)
{
//Arrange
var userStoreMock = new Mock <IUserStore <ApplicationUser> >();
userStoreMock.Setup(x => x.FindByIdAsync(user.Id, CancellationToken.None)).ReturnsAsync(user);
userStoreMock.As <IUserPasswordStore <ApplicationUser> >()
.Setup(x => x.GetPasswordHashAsync(It.IsAny <ApplicationUser>(), It.IsAny <CancellationToken>()))
.ReturnsAsync(user.PasswordHash);
var eventPublisher = new EventPublisherStub();
var userManager = SecurityMockHelpers.TestCustomUserManager(userStoreMock, eventPublisher);
//Act
var result = await userManager.ChangePasswordAsync(user, "current_pass", "Qwerty123!");
//Assert
result.Succeeded.Should().BeTrue();
eventPublisher.Events.Should().SatisfyRespectively(assertions);
}
public async Task PasswordValidator_ValidatesByPasswordHistory(
string password,
int passwordRepeatHistory,
bool expectedIsValid)
{
// Arrange
const string userId = "id1";
string Hash(string p) => $"hash-{p}";
var entities = Enumerable.Range(1, passwordRepeatHistory)
.Select(i => new UserPasswordHistoryEntity {
UserId = userId, PasswordHash = Hash($"paS$word{i}"), CreatedDate = DateTime.UtcNow.AddDays(-i)
})
.ToArray();
var securityRepositoryMock = new Mock <ISecurityRepository>();
securityRepositoryMock.Setup(x => x.GetUserPasswordsHistoryAsync(It.IsAny <string>(), It.IsAny <int>())).ReturnsAsync(entities);
ISecurityRepository repositoryFactory() => securityRepositoryMock.Object;
var passwordHasher = new Mock <IUserPasswordHasher>();
passwordHasher.Setup(x => x.HashPassword(It.IsAny <ApplicationUser>(), It.IsAny <string>()))
.Returns <ApplicationUser, string>((user, password) => Hash(password));
passwordHasher.Setup(x => x.VerifyHashedPassword(It.IsAny <ApplicationUser>(), It.IsAny <string>(), It.IsAny <string>()))
.Returns <ApplicationUser, string, string>((user, hash, password) => hash == Hash(password) ? PasswordVerificationResult.Success : PasswordVerificationResult.Failed);
var userManager = SecurityMockHelpers.TestCustomUserManager(repositoryFactory: repositoryFactory, passwordHasher: passwordHasher);
var user = new ApplicationUser {
Id = userId
};
var target = userManager.PasswordValidators.First();
// Act
var result = await target.ValidateAsync(userManager, user, password);
// Assert
Assert.Equal(expectedIsValid, result.Succeeded);
Assert.Equal(expectedIsValid, !ExistsErrorByCode(result, CustomPasswordValidator.RecentPasswordUsed));
}
public async Task TestUserPasswordExpiry(DateTime?lastPasswordChangedDate, TimeSpan?maxPasswordAge, bool isPasswordExpired)
{
//Arrange
var user = new ApplicationUser {
Id = "id1", LastPasswordChangedDate = lastPasswordChangedDate
};
var userStoreMock = new Mock <IUserStore <ApplicationUser> >();
userStoreMock.Setup(x => x.FindByIdAsync(user.Id, CancellationToken.None)).ReturnsAsync(user);
var userManager = SecurityMockHelpers.TestCustomUserManager(userStoreMock, new UserOptionsExtended
{
MaxPasswordAge = maxPasswordAge
},
GetPlatformMemoryCache());
//Act
user = await userManager.FindByIdAsync(user.Id);
//Assert
Assert.Equal(isPasswordExpired, user.PasswordExpired);
}
public async Task ResetPassword_CheckEvents(ApplicationUser user, Action <IEvent>[] assertions)
{
//Arrange
var userStoreMock = new Mock <IUserStore <ApplicationUser> >();
userStoreMock.Setup(x => x.FindByIdAsync(user.Id, CancellationToken.None)).ReturnsAsync(user);
userStoreMock.As <IUserPasswordStore <ApplicationUser> >()
.Setup(x => x.SetPasswordHashAsync(user, user.PasswordHash, CancellationToken.None))
.Returns(Task.CompletedTask);
var eventPublisher = new EventPublisherStub();
var userManager = SecurityMockHelpers.TestCustomUserManager(userStoreMock, eventPublisher);
userManager.RegisterTokenProvider("Static", new StaticTokenProvider());
userManager.Options.Tokens.PasswordResetTokenProvider = "Static";
var token = await userManager.GeneratePasswordResetTokenAsync(user);
//Act
var result = await userManager.ResetPasswordAsync(user, token, "Qwerty123!");
//Assert
result.Succeeded.Should().BeTrue();
eventPublisher.Events.Should().SatisfyRespectively(assertions);
}