public void NewUserProfileIsAddedAndResourceReturned()
{
MethodToTest(() => service.GetUserProfile(A <Auth0UserProfile> .Ignored, A <IPrincipal> .Ignored));
var auth0Profile = new Auth0UserProfile();
var auth0UserSet = new FakeDbSet <Auth0User>();
A.CallTo(() => dependencies.StorageService.SetOf <Auth0User>()).Returns(auth0UserSet);
var user = new Auth0User();
A.CallTo(() => service.BuildAuth0User(auth0Profile)).Returns(user);
var claimsIdentity = new ClaimsIdentity();
var resource = new UserProfileResource();
A.CallTo(() => service.BuildUserProfileResource(user)).Returns(resource);
var principal = A.Fake <IPrincipal>();
A.CallTo(() => principal.Identity).Returns(claimsIdentity);
var result = service.GetUserProfile(auth0Profile, principal);
Assert.AreSame(resource, result);
A.CallTo(() => service.VerifyProfile(auth0Profile, claimsIdentity)).MustHaveHappened();
Assert.AreEqual(1, auth0UserSet.Count());
Assert.AreSame(user, auth0UserSet.First());
A.CallTo(() => dependencies.StorageService.SaveChanges()).MustHaveHappened();
}
public void UserIsVerifiedAndResourceReturned()
{
MethodToTest(() => service.GetUserProfile(A <Auth0UserProfile> .Ignored, A <IPrincipal> .Ignored));
var user = new Auth0User {
Id = "someId"
};
var auth0Profile = new Auth0UserProfile {
sub = user.Id
};
var auth0UserSet = new FakeDbSet <Auth0User> {
user
};
A.CallTo(() => dependencies.StorageService.SetOf <Auth0User>()).Returns(auth0UserSet);
A.CallTo(() => service.BuildAuth0User(auth0Profile)).Returns(user);
var claimsIdentity = new ClaimsIdentity();
var resource = new UserProfileResource();
A.CallTo(() => service.BuildUserProfileResource(user)).Returns(resource);
var principal = A.Fake <IPrincipal>();
A.CallTo(() => principal.Identity).Returns(claimsIdentity);
var result = service.GetUserProfile(auth0Profile, principal);
Assert.AreSame(resource, result);
A.CallTo(() => service.VerifyProfile(auth0Profile, claimsIdentity)).MustHaveHappened();
}
public virtual Auth0User BuildAuth0User(Auth0UserProfile auth0Profile)
{
var user = _dependencies.StorageService.SetOf <Auth0User>().Create();
user.Id = auth0Profile.sub;
user.PictureUrl = auth0Profile.Picture;
user.Name = auth0Profile.Name;
return(user);
}
public virtual Auth0User BuildAuth0User(Auth0UserProfile auth0Profile)
{
var user = new Auth0User();
user.Id = auth0Profile.sub;
user.PictureUrl = auth0Profile.Picture;
user.Name = auth0Profile.Name;
return(user);
}
public virtual void VerifyProfile(Auth0UserProfile auth0Profile, ClaimsIdentity claimsIdentity)
{
var authenticatedUserId = GetLoggedInUserId(claimsIdentity);
if (authenticatedUserId != null && authenticatedUserId == auth0Profile.sub)
{
return;
}
if (!claimsIdentity.IsAuthenticated)
{
throw new AccessViolationException("Not authenticated");
}
throw new AccessViolationException("Not authenticated for the identified user");
}
public void NoExceptionIsThrown()
{
MethodToTest(() => service.VerifyProfile(A <Auth0UserProfile> .Ignored, A <ClaimsIdentity> .Ignored));
var profile = new Auth0UserProfile {
sub = "someUserId"
};
var claimsIdentity = A.Fake <ClaimsIdentity>();
A.CallTo(() => service.GetLoggedInUserId(claimsIdentity)).Returns(profile.sub);
//A.CallTo(()=> claimsIdentity.Claims).Returns(
// new[] { new Claim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",profile.user_id) });
A.CallTo(() => claimsIdentity.IsAuthenticated).Returns(true);
service.VerifyProfile(profile, claimsIdentity);
}
public virtual UserProfileResource GetUserProfile(Auth0UserProfile auth0UserProfile, IPrincipal principal)
{
var claimsIdentity = principal.Identity as ClaimsIdentity;
VerifyProfile(auth0UserProfile, claimsIdentity);
var user =
_dependencies.StorageService.SetOf <Auth0User>().FirstOrDefault(x => x.Id == auth0UserProfile.sub);
if (user == null)
{
user = BuildAuth0User(auth0UserProfile);
_dependencies.StorageService.SetOf <Auth0User>().Add(user);
_dependencies.StorageService.SaveChanges();
}
else
{
user.PictureUrl = auth0UserProfile.Picture;
_dependencies.StorageService.SaveChanges();
}
return(BuildUserProfileResource(user));
}
public void NoExceptionIsThrown()
{
MethodToTest(() => service.VerifyProfile(A <Auth0UserProfile> .Ignored, A <ClaimsIdentity> .Ignored));
var profile = new Auth0UserProfile {
sub = "someUserId"
};
var claimsIdentity = A.Fake <ClaimsIdentity>();
A.CallTo(() => service.GetLoggedInUserId(claimsIdentity)).Returns(null);
//A.CallTo(() => claimsIdentity.Claims).Returns(
// new[]
// {
// new Claim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
// profile.user_id)
// });
//A.CallTo(() => claimsIdentity.IsAuthenticated).Returns(false);
var exception =
Assert.Throws <AccessViolationException>(() => service.VerifyProfile(profile, claimsIdentity));
Assert.AreEqual("Not authenticated for the identified user", exception.Message);
}
public void PropertiesSetCorrectly()
{
MethodToTest(() => service.BuildAuth0User(A <Auth0UserProfile> .Ignored));
var auth0Profile = new Auth0UserProfile
{
Name = "someone",
sub = "something from facebookand auth0",
Picture = "some url - maybe just a fake pic"
};
var fakeSet = A.Fake <IDbSet <Auth0User> >();
A.CallTo(() => dependencies.StorageService.SetOf <Auth0User>()).Returns(fakeSet);
var user = new Auth0User();
A.CallTo(() => fakeSet.Create()).Returns(user);
var result = service.BuildAuth0User(auth0Profile);
Assert.AreEqual(auth0Profile.sub, result.Id);
Assert.AreEqual(auth0Profile.Picture, result.PictureUrl);
Assert.AreEqual(auth0Profile.Name, result.Name);
Assert.AreSame(user, result);
}
public UserProfileResource PostFullUserProfileRequest(Auth0UserProfile profile)
{
return(_userService.GetUserProfile(profile, User));
}
public HttpResponseMessage PostFullUserProfileRequest(Auth0UserProfile profile)
{
return(Request.CreateResponse(HttpStatusCode.OK, _userService.GetUserProfile(profile, User)));
}
