public void OtpSignInSouldShouldReturnOkResultWhenAllIsCorrect()
{
const string token = "token";
const string validationToken = "validation token";
const int code = 123;
var userId = new Guid("5582f0f2-e904-4240-86cf-e0f865783aa5");
var user = new User()
{
Id = userId
};
var request = new OtpSignInRequest
{
Code = code,
ValidationToken = validationToken,
Token = token
};
var parameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
};
var expected = new SignInResponse();
_mock.Mock <ICaptchaValidationService>()
.Setup(provider => provider.IsValidAsync(validationToken))
.ReturnsAsync(true);
_mock.Mock <ITokenValidationParametersProvider>()
.Setup(provider => provider.GetParameters())
.Returns(parameters);
_mock.Mock <IUserIdFromOtpTokenProvider>()
.Setup(provider => provider.Get(token))
.Returns(userId);
_mock.Mock <IUserManager>()
.Setup(provider => provider.FindByIdAsync(userId))
.ReturnsAsync(user);
_mock.Mock <IOtpSignInValidationService>()
.Setup(provider => provider.Validate(user.Id, code))
.ReturnsAsync(true);
_mock.Mock <ISignInResponseProvider> ()
.Setup(provider => provider.Get(user, false))
.Returns(expected);
var controller = _mock.Create <AuthController>();
var actual = controller.OtpSignIn(request);
ContentAssert.AreEqual(actual.Result, expected);
}
public virtual async Task <SignInResponse> SignIn(OtpSignInRequest command,
CancellationToken cancellationToken = default)
{
Check.NotNull(command, nameof(command));
command.EnsureIsValid();
return(await SignIn(AuthFlowType.CUSTOM_AUTH, command, null, cancellationToken));
}
public void OtpSignInSouldShouldReturnBadRequestWhenOtpCodeIsWrong()
{
const string token = "token";
const string validationToken = "validation token";
const int code = 123;
var userId = new Guid("5582f0f2-e904-4240-86cf-e0f865783aa5");
var user = new User()
{
Id = userId
};
var request = new OtpSignInRequest
{
Code = code,
ValidationToken = validationToken,
Token = token
};
var parameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
};
_mock.Mock <ICaptchaValidationService>()
.Setup(provider => provider.IsValidAsync(validationToken))
.ReturnsAsync(true);
_mock.Mock <ITokenValidationParametersProvider>()
.Setup(provider => provider.GetParameters())
.Returns(parameters);
_mock.Mock <IUserIdFromOtpTokenProvider>()
.Setup(provider => provider.Get(token))
.Returns(userId);
_mock.Mock <IUserManager>()
.Setup(provider => provider.FindByIdAsync(userId))
.ReturnsAsync(user);
_mock.Mock <IOtpSignInValidationService>()
.Setup(provider => provider.Validate(user.Id, code))
.ReturnsAsync(false);
var controller = _mock.Create <AuthController>();
var expected = new BadRequestException("INVALID_OTP_CODE");
ExceptionAssert.ThrowsAsync(expected, () => controller.OtpSignIn(request));
}
public async Task <SignInResponse> OtpSignIn([FromBody] OtpSignInRequest credentials)
{
var isTokenValid = await _captchaValidationService.IsValidAsync(credentials.ValidationToken);
if (!isTokenValid)
{
throw new BadRequestException("CAPTCHA_TOKEN_IS_INVALID");
}
var user = await _userManager.FindByIdAsync(_userIdFromOtpTokenProvider.Get(credentials.Token));
if (!await _otpSignInValidationService.Validate(user.Id, credentials.Code))
{
throw new BadRequestException("INVALID_OTP_CODE");
}
return(_signInResponseProvider.Get(user, false));
}
public void OtpSignInSouldShouldReturnBadRequestWhenValidationTokenIsNotValid()
{
const string token = "token";
const string validationToken = "validation token";
const int code = 123;
var request = new OtpSignInRequest
{
Code = code,
ValidationToken = validationToken,
Token = token
};
_mock.Mock <ICaptchaValidationService>()
.Setup(provider => provider.IsValidAsync(validationToken))
.ReturnsAsync(false);
var controller = _mock.Create <AuthController>();
var expected = new BadRequestException("CAPTCHA_TOKEN_IS_INVALID");
ExceptionAssert.ThrowsAsync(expected, () => controller.OtpSignIn(request));
}