public void HasGetSet()
{
const int value = 2;
var entity = new EmailConfirmation(EmailConfirmationIntent.ResetPassword) { Id = value };
entity.ShouldNotBeNull();
entity.Id.ShouldEqual(value);
}
public void IsInvalidWhen_MatchesUnintendedEntity()
{
var confirmation = new EmailConfirmation(EmailConfirmationIntent.CreatePassword)
{
ExpiresOnUtc = DateTime.UtcNow.AddMinutes(-1),
};
var command = new ResetPasswordCommand
{
Token = confirmation.Token,
};
var scenarioOptions = new ScenarioOptions
{
EmailConfirmation = confirmation,
Command = command,
};
var validator = CreateValidator(scenarioOptions);
var results = validator.Validate(command);
results.IsValid.ShouldBeFalse();
results.Errors.Count.ShouldBeInRange(1, int.MaxValue);
var error = results.Errors.SingleOrDefault(e => e.PropertyName == "Token");
error.ShouldNotBeNull();
// ReSharper disable PossibleNullReferenceException
error.ErrorMessage.ShouldEqual(string.Format(
ValidateEmailConfirmation.FailedBecauseIntentWasIncorrect,
confirmation.Intent, confirmation.Token));
// ReSharper restore PossibleNullReferenceException
}
public void HasGetSet()
{
const int value = 0;
var entity = new EmailConfirmation(EmailConfirmationIntent.CreatePassword) { PersonId = value };
entity.ShouldNotBeNull();
entity.PersonId.ShouldEqual(value);
}
public void SetsIssuedOnUtc_ToUtcNow()
{
var entity = new EmailConfirmation(EmailConfirmationIntent.ResetPassword);
entity.ShouldNotBeNull();
entity.IssuedOnUtc.ShouldBeInRange(
DateTime.UtcNow.AddSeconds(-5),
DateTime.UtcNow.AddSeconds(5));
}
public void SetsExpiresOnUtc_ToUtcNow_PlusTwoHours()
{
var entity = new EmailConfirmation(EmailConfirmationIntent.CreatePassword);
entity.ShouldNotBeNull();
entity.ExpiresOnUtc.ShouldBeInRange(
DateTime.UtcNow.AddSeconds((60 * 60 * 2) - 5),
DateTime.UtcNow.AddSeconds((60 * 60 * 2) + 5));
}
public void IgnoresPasswordConfirmation()
{
var source = new EmailConfirmation(EmailConfirmationIntent.CreatePassword);
var destination = Mapper.Map<ResetPasswordForm>(source);
destination.ShouldNotBeNull();
destination.PasswordConfirmation.ShouldBeNull();
}
public void MapsToken()
{
var source = new EmailConfirmation(EmailConfirmationIntent.CreatePassword);
var destination = Mapper.Map<ResetPasswordForm>(source);
destination.ShouldNotBeNull();
destination.Token.ShouldEqual(source.Token);
}
public void IgnoresIsUrlConfirmation()
{
var source = new EmailConfirmation(EmailConfirmationIntent.ResetPassword);
var destination = Mapper.Map<ConfirmEmailForm>(source);
destination.ShouldNotBeNull();
destination.IsUrlConfirmation.ShouldBeFalse();
}
public void MapsIntent()
{
var source = new EmailConfirmation(EmailConfirmationIntent.ResetPassword);
var destination = Mapper.Map<ConfirmEmailForm>(source);
destination.ShouldNotBeNull();
destination.Intent.ShouldEqual(source.Intent);
}
public void IgnoresSecretCode()
{
var source = new EmailConfirmation(EmailConfirmationIntent.CreatePassword)
{
SecretCode = "its a secret",
};
var destination = Mapper.Map<ConfirmEmailForm>(source);
// SECRET CODE MUST NOT MAP FROM ENTITY TO MODEL!
destination.ShouldNotBeNull();
destination.SecretCode.ShouldBeNull();
}
public static bool TokenMatchesEntity(Guid token, IQueryEntities entities,
IEnumerable<Expression<Func<EmailConfirmation, object>>> eagerLoad, out EmailConfirmation entity)
{
if (token == Guid.Empty)
{
entity = null;
return false;
}
entity = entities.Query<EmailConfirmation>().EagerLoad(entities, eagerLoad).ByToken(token);
// return true (valid) if there is an entity
return entity != null;
}
private bool ValidateToken(ActionExecutingContext filterContext)
{
// get the token
var token = GetToken(filterContext);
// get the confirmation
EmailConfirmation catchEntity;
var found = ValidateEmailConfirmation.TokenMatchesEntity
(token, Entities, out catchEntity);
EmailConfirmation = catchEntity;
// valid when matches an entity
if (token != Guid.Empty && found) return true;
filterContext.Result = new HttpNotFoundResult();
return false;
}
public void ExecutesUpdate_OnEmailConfirmation_WhenNotRedeeed()
{
var confirmation = new EmailConfirmation(EmailConfirmationIntent.CreatePassword)
{
EmailAddress = new EmailAddress(),
};
var command = new RedeemEmailConfirmationCommand
{
Token = confirmation.Token,
};
var queryProcessor = new Mock<IProcessQueries>(MockBehavior.Strict);
queryProcessor.Setup(m => m.Execute(It.Is(RandomSecretGeneration(256))))
.Returns(null as string);
var entities = new Mock<ICommandEntities>(MockBehavior.Strict).Initialize();
entities.Setup(m => m.Get<EmailConfirmation>()).Returns(new[] { confirmation }.AsQueryable);
entities.Setup(m => m.Update(It.Is(ConfirmationEntity(confirmation))));
var handler = new RedeemEmailConfirmationHandler(entities.Object);
handler.Handle(command);
entities.Verify(m => m.Update(It.Is(ConfirmationEntity(confirmation))),
Times.Once());
}
public void SetsNoResult_WhenTokenMatchesEntity_Unexpired_Redeemed_Unretired_WithCorrectTicketAndIntent()
{
const string paramName = "some value";
const EmailConfirmationIntent intent = EmailConfirmationIntent.CreatePassword;
const string ticket = "ticket value";
var confirmation = new EmailConfirmation(intent)
{
ExpiresOnUtc = DateTime.UtcNow.AddHours(1),
RedeemedOnUtc = DateTime.UtcNow.AddSeconds(-5),
Ticket = ticket,
};
var entities = new Mock<IQueryEntities>(MockBehavior.Strict).Initialize();
entities.Setup(m => m.Query<EmailConfirmation>())
.Returns(new[] { confirmation }.AsQueryable);
var attribute = new ValidateRedeemTicketAttribute(paramName, intent)
{
Entities = entities.Object,
};
var controller = new ConfirmEmailController(null);
controller.TempData.EmailConfirmationTicket(ticket);
var filterContext = CreateFilterContext(paramName, confirmation.Token, controller);
attribute.OnActionExecuting(filterContext);
filterContext.Result.ShouldBeNull();
controller.TempData.EmailConfirmationTicket().ShouldEqual(ticket);
}
public void SetsResult_ToPartialCrashDenaial_WhenIntent_ConflictsWithEntity()
{
const string paramName = "some value";
const EmailConfirmationIntent intent = EmailConfirmationIntent.ResetPassword;
const string ticket = "ticket value";
var confirmation = new EmailConfirmation(EmailConfirmationIntent.CreatePassword)
{
ExpiresOnUtc = DateTime.UtcNow.AddHours(1),
RedeemedOnUtc = DateTime.UtcNow.AddSeconds(-5),
Ticket = ticket,
};
var entities = new Mock<IQueryEntities>(MockBehavior.Strict).Initialize();
entities.Setup(m => m.Query<EmailConfirmation>())
.Returns(new[] { confirmation }.AsQueryable);
var attribute = new ValidateRedeemTicketAttribute(paramName, intent)
{
Entities = entities.Object,
};
var controller = new ConfirmEmailController(null);
controller.TempData.EmailConfirmationTicket(ticket);
var filterContext = CreateFilterContext(paramName, confirmation.Token, controller);
attribute.OnActionExecuting(filterContext);
filterContext.Result.ShouldNotBeNull();
filterContext.Result.ShouldBeType<PartialViewResult>();
var partialView = (PartialViewResult)filterContext.Result;
partialView.ViewName.ShouldEqual(MVC.Identity.ConfirmEmail.Views._denied_all);
partialView.Model.ShouldNotBeNull();
partialView.Model.ShouldBeType<ConfirmDeniedModel>();
var model = (ConfirmDeniedModel)partialView.Model;
model.Reason.ShouldEqual(ConfirmDeniedBecause.OtherCrash);
model.Intent.ShouldEqual(confirmation.Intent);
}
public void SetsResult_ToConfirmEmailRedirect_WhenTicket_ConflictsWithController()
{
const string paramName = "some value";
const EmailConfirmationIntent intent = EmailConfirmationIntent.CreatePassword;
const string ticket = "ticket value";
var confirmation = new EmailConfirmation(intent)
{
ExpiresOnUtc = DateTime.UtcNow.AddHours(1),
RedeemedOnUtc = DateTime.UtcNow.AddSeconds(-5),
Ticket = ticket,
};
var entities = new Mock<IQueryEntities>(MockBehavior.Strict).Initialize();
entities.Setup(m => m.Query<EmailConfirmation>())
.Returns(new[] { confirmation }.AsQueryable);
var attribute = new ValidateRedeemTicketAttribute(paramName, intent)
{
Entities = entities.Object,
};
var controller = new ConfirmEmailController(null);
controller.TempData.EmailConfirmationTicket("a different ticket value");
var filterContext = CreateFilterContext(paramName, confirmation.Token, controller);
attribute.OnActionExecuting(filterContext);
filterContext.Result.ShouldNotBeNull();
filterContext.Result.ShouldBeType<RedirectToRouteResult>();
var routeResult = (RedirectToRouteResult)filterContext.Result;
routeResult.Permanent.ShouldBeFalse();
routeResult.RouteValues["area"].ShouldEqual(MVC.Identity.Name);
routeResult.RouteValues["controller"].ShouldEqual(MVC.Identity.ConfirmEmail.Name);
routeResult.RouteValues["action"].ShouldEqual(MVC.Identity.ConfirmEmail.ActionNames.Get);
routeResult.RouteValues["token"].ShouldEqual(confirmation.Token);
}
public void IsValidWhen_IsCorrect_AndConfirmationIsNotRedeemed()
{
var confirmation = new EmailConfirmation(EmailConfirmationIntent.CreatePassword)
{
SecretCode = "secret1",
};
var validated = new ConfirmEmailForm
{
Token = confirmation.Token,
SecretCode = "secret1",
Intent = EmailConfirmationIntent.CreatePassword,
};
var entities = new Mock<IQueryEntities>(MockBehavior.Strict).Initialize();
entities.Setup(m => m.Query<EmailConfirmation>()).Returns(new[] { confirmation }.AsQueryable);
var validator = new ConfirmEmailValidator(entities.Object);
var results = validator.Validate(validated);
var error = results.Errors.SingleOrDefault(e => e.PropertyName == PropertyName);
error.ShouldBeNull();
}
public void SetsResult_ToPartialExpiredDenial_WhenToken_MatchesExpiredEntity()
{
const string paramName = "some value";
const EmailConfirmationIntent intent = EmailConfirmationIntent.ResetPassword;
var confirmation = new EmailConfirmation(intent)
{
ExpiresOnUtc = DateTime.UtcNow.AddSeconds(-5),
};
var entities = new Mock<IQueryEntities>(MockBehavior.Strict).Initialize();
entities.Setup(m => m.Query<EmailConfirmation>())
.Returns(new[] { confirmation }.AsQueryable);
var attribute = new ValidateRedeemTicketAttribute(paramName, intent)
{
Entities = entities.Object,
};
var filterContext = CreateFilterContext(paramName, confirmation.Token);
attribute.OnActionExecuting(filterContext);
filterContext.Result.ShouldNotBeNull();
filterContext.Result.ShouldBeType<PartialViewResult>();
var partialView = (PartialViewResult)filterContext.Result;
partialView.ViewName.ShouldEqual(MVC.Identity.ConfirmEmail.Views._denied_all);
partialView.Model.ShouldNotBeNull();
partialView.Model.ShouldBeType<ConfirmDeniedModel>();
var model = (ConfirmDeniedModel)partialView.Model;
model.Reason.ShouldEqual(ConfirmDeniedBecause.IsExpired);
model.Intent.ShouldEqual(confirmation.Intent);
}
private static Expression<Func<EmailConfirmation, bool>> ConfirmationEntity(EmailConfirmation entity)
{
Expression<Func<EmailConfirmation, bool>> entityBasedOn = e =>
e == entity
;
return entityBasedOn;
}
public void IsInvalidWhen_IsIncorrect()
{
var confirmation = new EmailConfirmation(EmailConfirmationIntent.ResetPassword)
{
SecretCode = "secret2",
};
var validated = new ConfirmEmailForm
{
Token = confirmation.Token,
SecretCode = "secret1",
Intent = EmailConfirmationIntent.ResetPassword,
};
var entities = new Mock<IQueryEntities>(MockBehavior.Strict).Initialize();
entities.Setup(m => m.Query<EmailConfirmation>()).Returns(new[] { confirmation }.AsQueryable);
var validator = new ConfirmEmailValidator(entities.Object);
var results = validator.Validate(validated);
results.IsValid.ShouldBeFalse();
results.Errors.Count.ShouldBeInRange(1, int.MaxValue);
var error = results.Errors.SingleOrDefault(e => e.PropertyName == PropertyName);
error.ShouldNotBeNull();
// ReSharper disable PossibleNullReferenceException
error.ErrorMessage.ShouldEqual(
ConfirmEmailValidator.FailedBecauseSecretCodeWasIncorrect);
// ReSharper restore PossibleNullReferenceException
}
public void SetsEmailAddressProperty_IsConfirmed_ToTrue_WhenNotRedeemed()
{
var confirmation = new EmailConfirmation(EmailConfirmationIntent.ResetPassword)
{
EmailAddress = new EmailAddress(),
};
var command = new RedeemEmailConfirmationCommand
{
Token = confirmation.Token,
};
var queryProcessor = new Mock<IProcessQueries>(MockBehavior.Strict);
var entities = new Mock<ICommandEntities>(MockBehavior.Strict).Initialize();
entities.Setup(m => m.Get<EmailConfirmation>()).Returns(new[] { confirmation }.AsQueryable);
entities.Setup(m => m.Update(It.Is(ConfirmationEntity(confirmation))));
queryProcessor.Setup(m => m.Execute(It.Is(RandomSecretGeneration(256))))
.Returns(null as string);
var handler = new RedeemEmailConfirmationHandler(entities.Object);
confirmation.EmailAddress.IsConfirmed.ShouldBeFalse();
handler.Handle(command);
confirmation.EmailAddress.IsConfirmed.ShouldBeTrue();
}
public void IsValidWhen_IsNotEmpty_AndIsCorrectMatch()
{
var confirmation = new EmailConfirmation(EmailConfirmationIntent.ResetPassword)
{
Ticket = "tomato",
};
var command = new ResetPasswordCommand
{
Token = confirmation.Token,
Ticket = "tomato"
};
var scenarioOptions = new ScenarioOptions
{
EmailConfirmation = confirmation,
Command = command,
};
var validator = CreateValidator(scenarioOptions);
var results = validator.Validate(command);
var error = results.Errors.SingleOrDefault(e => e.PropertyName == "Ticket");
error.ShouldBeNull();
}
public void SetsNoConfirmationProperty_RedeemedOnUtc_WhenAlreadyRedeeed()
{
var redeemedOnUtc = DateTime.UtcNow.AddSeconds(-5);
var confirmation = new EmailConfirmation(EmailConfirmationIntent.CreatePassword)
{
EmailAddress = new EmailAddress(),
RedeemedOnUtc = redeemedOnUtc,
};
var command = new RedeemEmailConfirmationCommand
{
Token = confirmation.Token,
};
var queryProcessor = new Mock<IProcessQueries>(MockBehavior.Strict);
queryProcessor.Setup(m => m.Execute(It.Is(RandomSecretGeneration(256))))
.Returns(null as string);
var entities = new Mock<ICommandEntities>(MockBehavior.Strict).Initialize();
entities.Setup(m => m.Get<EmailConfirmation>()).Returns(new[] { confirmation }.AsQueryable);
var handler = new RedeemEmailConfirmationHandler(entities.Object);
handler.Handle(command);
confirmation.RedeemedOnUtc.HasValue.ShouldBeTrue();
// ReSharper disable PossibleInvalidOperationException
confirmation.RedeemedOnUtc.Value.ShouldEqual(redeemedOnUtc);
// ReSharper restore PossibleInvalidOperationException
}
public void SetsNoEmailAddressProperty_IsConfirmed_WhenAlreadyRedeeed()
{
var confirmation = new EmailConfirmation(EmailConfirmationIntent.CreatePassword)
{
EmailAddress = new EmailAddress(),
RedeemedOnUtc = DateTime.UtcNow.AddSeconds(-5),
};
var command = new RedeemEmailConfirmationCommand
{
Token = confirmation.Token,
};
var queryProcessor = new Mock<IProcessQueries>(MockBehavior.Strict);
queryProcessor.Setup(m => m.Execute(It.Is(RandomSecretGeneration(256))))
.Returns(null as string);
var entities = new Mock<ICommandEntities>(MockBehavior.Strict).Initialize();
entities.Setup(m => m.Get<EmailConfirmation>())
.Returns(new[] { confirmation }.AsQueryable);
var handler = new RedeemEmailConfirmationHandler(entities.Object);
confirmation.EmailAddress.IsConfirmed.ShouldBeFalse();
handler.Handle(command);
confirmation.EmailAddress.IsConfirmed.ShouldBeFalse();
}
public void SetsConfirmationProperty_Ticket_WhenNotRedeeed()
{
var confirmation = new EmailConfirmation(EmailConfirmationIntent.ResetPassword)
{
EmailAddress = new EmailAddress(),
};
var command = new RedeemEmailConfirmationCommand
{
Token = confirmation.Token,
};
var queryProcessor = new Mock<IProcessQueries>(MockBehavior.Strict);
queryProcessor.Setup(m => m.Execute(It.Is(RandomSecretGeneration(256))))
.Returns(TwoFiftySixLengthString2);
var entities = new Mock<ICommandEntities>(MockBehavior.Strict).Initialize();
entities.Setup(m => m.Get<EmailConfirmation>()).Returns(new[] { confirmation }.AsQueryable);
entities.Setup(m => m.Update(It.Is(ConfirmationEntity(confirmation))));
var handler = new RedeemEmailConfirmationHandler(entities.Object);
confirmation.Ticket.ShouldBeNull();
handler.Handle(command);
confirmation.Ticket.ShouldNotBeNull();
confirmation.Ticket.Length.ShouldEqual(256);
}
public static bool TokenMatchesEntity(Guid token, IQueryEntities entities, out EmailConfirmation entity)
{
return(TokenMatchesEntity(token, entities, null, out entity));
}
public static bool IntentIsCorrect(EmailConfirmation confirmation, EmailConfirmationIntent intent)
{
// return true (valid) if confirmation intent matches
return(confirmation != null && confirmation.Intent == intent);
}
public void IsValidWhen_MatchesEntity()
{
var confirmation = new EmailConfirmation(EmailConfirmationIntent.ResetPassword);
var validated = new ResetPasswordForm
{
Token = confirmation.Token,
};
var entities = new Mock<IQueryEntities>(MockBehavior.Strict).Initialize();
entities.Setup(m => m.Query<EmailConfirmation>()).Returns(new[] { confirmation }.AsQueryable);
var passwords = new Mock<IStorePasswords>(MockBehavior.Strict);
passwords.Setup(p => p.MinimumPasswordLength).Returns(6);
var validator = CreateValidator(entities.Object, passwords.Object);
var results = validator.Validate(validated);
var error = results.Errors.SingleOrDefault(e => e.PropertyName == PropertyName);
error.ShouldBeNull();
}
public void HasGetSet()
{
var value = DateTime.UtcNow;
var entity = new EmailConfirmation(EmailConfirmationIntent.ResetPassword) { IssuedOnUtc = value };
entity.ShouldNotBeNull();
entity.IssuedOnUtc.ShouldEqual(value);
}
public static bool TicketIsCorrect(EmailConfirmation confirmation, string ticket)
{
// return true (valid) if confirmation ticket matches
return(confirmation != null && confirmation.Ticket == ticket);
}
public void CopiesTicketValue_ToCommandProperty_WhenAlreadyRedeeed()
{
var confirmation = new EmailConfirmation(EmailConfirmationIntent.CreatePassword)
{
EmailAddress = new EmailAddress(),
RedeemedOnUtc = DateTime.UtcNow.AddSeconds(-5),
Ticket = TwoFiftySixLengthString2,
};
var command = new RedeemEmailConfirmationCommand
{
Token = confirmation.Token,
};
var queryProcessor = new Mock<IProcessQueries>(MockBehavior.Strict);
queryProcessor.Setup(m => m.Execute(It.Is(RandomSecretGeneration(256))))
.Returns(TwoFiftySixLengthString1);
var entities = new Mock<ICommandEntities>(MockBehavior.Strict).Initialize();
entities.Setup(m => m.Get<EmailConfirmation>()).Returns(new[] { confirmation }.AsQueryable);
var handler = new RedeemEmailConfirmationHandler(entities.Object);
handler.Handle(command);
command.Ticket.ShouldNotBeNull();
command.Ticket.Length.ShouldEqual(256);
command.Ticket.ShouldEqual(confirmation.Ticket);
command.Ticket.ShouldEqual(TwoFiftySixLengthString2);
}
public static bool TokenMatchesEntity(Guid token, IQueryEntities entities,
IEnumerable <Expression <Func <EmailConfirmation, object> > > eagerLoad, out EmailConfirmation entity)
{
if (token == Guid.Empty)
{
entity = null;
return(false);
}
entity = entities.Query <EmailConfirmation>().EagerLoad(entities, eagerLoad).ByToken(token);
// return true (valid) if there is an entity
return(entity != null);
}
public void SetsNoResult_WhenTokenMatchesEntity_Unexpired_Unredeemed_Unretired()
{
const string paramName = "some value";
var confirmation = new EmailConfirmation(EmailConfirmationIntent.ResetPassword)
{
ExpiresOnUtc = DateTime.UtcNow.AddHours(1),
};
var entities = new Mock<IQueryEntities>(MockBehavior.Strict).Initialize();
entities.Setup(m => m.Query<EmailConfirmation>())
.Returns(new[] { confirmation }.AsQueryable);
var attribute = new ValidateConfirmEmailAttribute(paramName)
{
Entities = entities.Object,
};
var filterContext = CreateFilterContext(paramName, confirmation.Token);
attribute.OnActionExecuting(filterContext);
filterContext.Result.ShouldBeNull();
}
public static bool SecretCodeIsCorrect(EmailConfirmation confirmation, string secretCode)
{
// return true (valid) if confirmation secret matches
return(confirmation != null && confirmation.SecretCode == secretCode);
}
public void SetsToken_ToNonEmptyGuid()
{
var entity = new EmailConfirmation(EmailConfirmationIntent.CreatePassword);
entity.ShouldNotBeNull();
entity.Token.ShouldNotEqual(Guid.Empty);
}