Ejemplo n.º 1
0
        public void ValidateCorrectUserIdAndWrongPassword()
        {
            // Arrange
            _passwordRepoMock.Setup(m => m.SaveUserInfo(It.IsAny <UserPasswordInfo>()))
            .Returns(true);
            _service = new PasswordApi.Service.PasswordService(_passwordRepoMock.Object, _passwordExpiryMock.Object, new Rfc2898CryptoService());
            var sampleUserId  = "user1";
            var password      = _service.GeneratePassword(sampleUserId);
            var wrongPassword = _service.GeneratePassword("user2");
            var hash          = new Rfc2898CryptoService().HashPassword(password);

            _passwordRepoMock.Setup(m => m.GetUserInfo(sampleUserId))
            .Returns(new UserPasswordInfo
            {
                HashedPassword = hash.HashedPassword,
                HashSalt       = hash.HashSalt,
                Expiry         = DateTime.Now.AddSeconds(-1), //valid
            });

            // Act
            var result = _service.IsPasswordValid(sampleUserId, wrongPassword);

            // Assert
            Assert.IsFalse(result, "userid and password must not be valid");
        }