public async Task SuccessfulAuthenticationRequest_ReturnsAuthenticationResult_AndStatusCodeOk() { var fakeAccessToken = "fakeAccessToken"; var fakeIdToken = "fakeIdToken"; var fakeRefreshToken = "fakeRefreshToken"; var user = new AwsCognitoUser { UserName = "******", Password = "******" }; _cognitoAdapterHelper.UserExists(Arg.Any <AwsCognitoUser>()).Returns(true); _cognitoAdapterHelper.UserIsConfirmed(Arg.Any <AwsCognitoUser>()).Returns(true); _awsCognitoClient.InitiateAuthAsync(Arg.Any <InitiateAuthRequest>()).Returns(new InitiateAuthResponse { AuthenticationResult = new AuthenticationResultType { AccessToken = fakeAccessToken, IdToken = fakeIdToken, RefreshToken = fakeRefreshToken } }); var authResponse = await _authAdapter.AuthenticateUserAsync(user); var content = await authResponse.Content.ReadAsStringAsync(); var authenticationResult = JsonConvert.DeserializeObject <AuthenticationResultType>(content); Assert.AreEqual(HttpStatusCode.OK, authResponse.StatusCode); Assert.AreEqual(fakeAccessToken, authenticationResult.AccessToken); Assert.AreEqual(fakeIdToken, authenticationResult.IdToken); Assert.AreEqual(fakeRefreshToken, authenticationResult.RefreshToken); }
public async Task <IActionResult> CreateAccount([FromBody] AwsCognitoUser cognitoUser) { try { var signUpResponse = await _authAdapter.RegisterNewUserAsync(cognitoUser); switch (signUpResponse.StatusCode) { case HttpStatusCode.Conflict: return(new ConflictObjectResult($"The email address {cognitoUser.UserName} already has an account associated with it.")); case HttpStatusCode.Created: return(new OkObjectResult($"Account successfully created. Please check your email for a confirmation code.")); default: return(new ContentResult { ContentType = "text/plain", Content = "An error has occurred", StatusCode = (int)signUpResponse.StatusCode }); } } catch (Exception e) { Console.WriteLine(e); throw; } }
public void OneTimeSetUp() { _testServer = new TestServer(); _httpClient = _testServer.CreateClient(); var secretsClient = new AmazonSecretsManagerClient(RegionEndpoint.USWest2); var secretResponse = secretsClient.GetSecretValueAsync(new GetSecretValueRequest { SecretId = TestUserSecretId }).Result; _testUserCreds = JsonConvert.DeserializeObject <TestUserCreds>(secretResponse.SecretString); _emailAdapter = new EmailAdapter(); _user = new AwsCognitoUser { FirstName = "test", LastName = "user", PhoneNumber = "+12223334444", UserName = _testUserCreds.TraceTestUserEmail, Password = _testUserCreds.TraceTestUserPassword }; var serviceProvider = _testServer.GetTestServiceProvider(); _authAdapter = serviceProvider.GetRequiredService <IAuthAdapter>(); _httpHandler = new HttpHandler(_clientConfig, _httpClient); _apiClient = new TraceApiClient(_httpHandler); }
public async Task SuccessfulAuthentication_ReturnsCorrectAuthHeaders_AndRedirectsTo_GetRemindersView() { var fakeAccessToken = "fakeAccessToken"; var fakeIdToken = "fakeIdToken"; var fakeRefreshToken = "fakeRefreshToken"; var user = new AwsCognitoUser { UserName = "******", Password = "******" }; var mockAuthResult = new AuthenticationResultType { AccessToken = fakeAccessToken, IdToken = fakeIdToken, RefreshToken = fakeRefreshToken }; _authAdapter.AuthenticateUserAsync(Arg.Any <AwsCognitoUser>()).Returns(new HttpResponseMessage { StatusCode = HttpStatusCode.OK, Content = new StringContent(JsonConvert.SerializeObject(mockAuthResult)) }); var context = _accountsController.ControllerContext.HttpContext = new DefaultHttpContext(); var authResponse = await _accountsController.Login(user) as RedirectToActionResult; Assert.AreEqual("GetRemindersView", authResponse.ActionName); }
public async Task <HttpResponseMessage> RegisterNewUserAsync(AwsCognitoUser user) { if (await _cognitoAdapterHelper.UserExists(user)) { return(new HttpResponseMessage(HttpStatusCode.Conflict)); } var signUpRequest = new SignUpRequest() { Username = user.UserName, Password = user.Password, ClientId = _clientId, UserAttributes = new List <AttributeType> { new AttributeType { Name = "given_name", Value = user.FirstName }, new AttributeType { Name = "family_name", Value = user.LastName }, new AttributeType { Name = "phone_number", Value = user.PhoneNumber } } }; var signUpResponse = await _awsCognitoClient.SignUpAsync(signUpRequest); return(new HttpResponseMessage(HttpStatusCode.Created)); }
public async Task <HttpResponseMessage> ConfirmPasswordWithRetryAsync(AwsCognitoUser user) { return(await Policy.HandleResult(_circuitBreaker) .WaitAndRetryAsync(DecorrelatedJitter()) .ExecuteAsync(ex => _httpHandler.SendRequestWithBodyAsync(user, HttpMethod.Post, ConfirmPasswordEndpoint, _token), CancellationToken.None)); }
public async Task <IActionResult> CreateAccount(AwsCognitoUser cognitoUser, string message = "") { //use this to display info messages after redirect ViewBag.InfoMessage = message; HttpResponseMessage signUpResponse; try { signUpResponse = await _authAdapter.RegisterNewUserAsync(cognitoUser); } catch (Exception ex) { _logger.LogError(ex); return(RedirectToAction("GetCreateAccountView", "Accounts", new { message = "An error has occurred." })); } switch (signUpResponse.StatusCode) { case HttpStatusCode.Conflict: return(RedirectToAction("GetCreateAccountView", "Accounts", new { message = $"The email address {cognitoUser.UserName} already has an account associated with it." })); case HttpStatusCode.Created: await _userRepository.AddUserAsync(cognitoUser.UserName); return(RedirectToAction("GetConfirmAccountView", "Accounts", new { message = $"Account successfully created. Please check your email for a confirmation code." })); default: _logger.LogError(signUpResponse); return(RedirectToAction("GetCreateAccountView", "Accounts", new { message = "An error has occurred." })); } }
public async Task <HttpResponseMessage> AuthenticateUserAsync(AwsCognitoUser user) { if (!await _cognitoAdapterHelper.UserExists(user)) { return(new HttpResponseMessage(HttpStatusCode.NotFound)); } if (!await _cognitoAdapterHelper.UserIsConfirmed(user)) { return(new HttpResponseMessage(HttpStatusCode.BadRequest)); } var authRequest = new InitiateAuthRequest { AuthFlow = AuthFlowType.USER_PASSWORD_AUTH, AuthParameters = new Dictionary <string, string> { { "USERNAME", user.UserName }, { "PASSWORD", user.Password } }, ClientId = _clientId }; var authResponse = await _awsCognitoClient.InitiateAuthAsync(authRequest); return(new HttpResponseMessage { StatusCode = HttpStatusCode.OK, Content = new StringContent(JsonConvert.SerializeObject(authResponse.AuthenticationResult)) }); }
public async Task <HttpResponseMessage> LoginWithRetryAsync(AwsCognitoUser user) { var respsone = await Policy.HandleResult(_circuitBreaker) .WaitAndRetryAsync(DecorrelatedJitter()) .ExecuteAsync(ex => _httpHandler.SendRequestWithBodyAsync(user, HttpMethod.Post, LoginEndpoint), CancellationToken.None); _token = JsonConvert.DeserializeObject <TokenResponse>(await respsone.Content.ReadAsStringAsync()); return(respsone); }
internal async Task AdminDeleteUser(AwsCognitoUser user) { var userInfo = await _cognitoAdapterHelper.GetUserInfo(user); await _awsCognitoClient.AdminDeleteUserAsync(new AdminDeleteUserRequest { UserPoolId = _cognitoConfig.UserPoolId, Username = userInfo.Username }); }
public async Task AttemptToConfirmAccount_ButUserIsAlreadyConfirmed_RedirectsTo_GetLoginView() { _authAdapter.ConfirmUserAsync(Arg.Any <AwsCognitoUser>()).Returns(new HttpResponseMessage(HttpStatusCode.Conflict)); var user = new AwsCognitoUser { UserName = "******", ConfirmationCode = "123456" }; var confirmAccountResponse = await _accountsController.ConfirmAccount(user) as RedirectToActionResult; Assert.AreEqual("GetLoginView", confirmAccountResponse.ActionName); }
public async Task IsUerDoesNotExist_ConfirmAccount_ReturnsStatusCode_NotFound() { var user = new AwsCognitoUser { UserName = "******", ConfirmationCode = "123456" }; _cognitoAdapterHelper.UserExists(Arg.Any <AwsCognitoUser>()).Returns(false); var confirmUserResponse = await _authAdapter.ConfirmUserAsync(user); Assert.AreEqual(HttpStatusCode.NotFound, confirmUserResponse.StatusCode); }
public async Task IfUserExists_RegisterNewUser_ReturnsStatusCode_Conflict() { var user = new AwsCognitoUser { UserName = "******", Password = "******" }; _cognitoAdapterHelper.UserExists(Arg.Any <AwsCognitoUser>()).Returns(true); var registerUserResponse = await _authAdapter.RegisterNewUserAsync(user); Assert.AreEqual(HttpStatusCode.Conflict, registerUserResponse.StatusCode); }
public async Task IfUserDoesNotExist_AuthenticateUser_ReturnsStatusCode_NotFound() { var user = new AwsCognitoUser { UserName = "******", Password = "******" }; _cognitoAdapterHelper.UserExists(Arg.Any <AwsCognitoUser>()).Returns(false); var authResponse = await _authAdapter.AuthenticateUserAsync(user); Assert.AreEqual(HttpStatusCode.NotFound, authResponse.StatusCode); }
public async Task IfExpiredCodeException_IsThrownBy_ConfirmNewUserAsync_ExceptionIsLogged_AndUserRedirectedTo_ResendConfirmationCodeView() { _authAdapter.ConfirmUserAsync(Arg.Any <AwsCognitoUser>()).Throws(new ExpiredCodeException("expired code")); var user = new AwsCognitoUser { UserName = "******", ConfirmationCode = "123456" }; var confirmAccountResponse = await _accountsController.ConfirmAccount(user) as RedirectToActionResult; _logger.Received(1).LogError(Arg.Any <object>()); Assert.AreEqual("GetResendConfirmationCodeView", confirmAccountResponse.ActionName); }
public async Task SuccessfulCreationOfAccount_ReturnsStatusCode_Created() { var user = new AwsCognitoUser { UserName = "******", Password = "******" }; _cognitoAdapterHelper.UserExists(Arg.Any <AwsCognitoUser>()).Returns(false); _awsCognitoClient.SignUpAsync(Arg.Any <SignUpRequest>()).Returns(new SignUpResponse()); var registerUserResponse = await _authAdapter.RegisterNewUserAsync(user); Assert.AreEqual(HttpStatusCode.Created, registerUserResponse.StatusCode); }
public async Task IsUerIsAlreadyConfirmed_ConfirmAccount_ReturnsStatusCode_Conflict() { var user = new AwsCognitoUser { UserName = "******", ConfirmationCode = "123456" }; _cognitoAdapterHelper.UserExists(Arg.Any <AwsCognitoUser>()).Returns(true); _cognitoAdapterHelper.UserIsConfirmed(Arg.Any <AwsCognitoUser>()).Returns(true); var confirmUserResponse = await _authAdapter.ConfirmUserAsync(user); Assert.AreEqual(HttpStatusCode.Conflict, confirmUserResponse.StatusCode); }
public async Task IfUserIsNotConfirmed_AuthenticateUser_ReturnsStatusCode_BadRequest() { var user = new AwsCognitoUser { UserName = "******", Password = "******" }; _cognitoAdapterHelper.UserExists(Arg.Any <AwsCognitoUser>()).Returns(true); _cognitoAdapterHelper.UserIsConfirmed(Arg.Any <AwsCognitoUser>()).Returns(false); var authResponse = await _authAdapter.AuthenticateUserAsync(user); Assert.AreEqual(HttpStatusCode.BadRequest, authResponse.StatusCode); }
public async Task AttemptToCreateAccount_ButUserExists_RedirectsToCorrectAction() { _authAdapter.RegisterNewUserAsync(Arg.Any <AwsCognitoUser>()).Returns(new HttpResponseMessage(HttpStatusCode.Conflict)); var user = new AwsCognitoUser { UserName = "******", Password = "******" }; var createAccountResponse = await _accountsController.CreateAccount(user) as RedirectToActionResult; await _userRepository.Received(0).AddUserAsync(Arg.Any <string>()); Assert.AreEqual("GetCreateAccountView", createAccountResponse.ActionName); }
public async Task IfExpiredCodeException_IsThrownBy_AuthenticateUserAsync_ExceptionIsLogged_AndUserRedirectedTo_GetLoginView() { _authAdapter.AuthenticateUserAsync(Arg.Any <AwsCognitoUser>()).Throws(new Exception()); var user = new AwsCognitoUser { UserName = "******", Password = "******" }; var authResponse = await _accountsController.Login(user) as RedirectToActionResult; _logger.Received(1).LogError(Arg.Any <object>()); Assert.AreEqual("GetLoginView", authResponse.ActionName); }
public async Task UserExists_ReturnsFalse_IfUserDoesNotExist() { var user = new AwsCognitoUser { UserName = "******", Password = "******" }; _awsCognitoClient.ListUsersAsync(Arg.Any <ListUsersRequest>()).Returns(new ListUsersResponse { Users = new List <UserType>() }); var userExists = await _cognitoAdapterHelper.UserExists(user); Assert.IsFalse(userExists); }
public async Task IfExceptionIsThrown_ByAuthAdapter_ExceptionIsLogged_AndUserIsRedirectedBackToCreateAccountView() { _authAdapter.RegisterNewUserAsync(Arg.Any <AwsCognitoUser>()).Throws(new Exception()); var user = new AwsCognitoUser { UserName = "******", Password = "******" }; var createAccountResponse = await _accountsController.CreateAccount(user) as RedirectToActionResult; _logger.Received(1).LogError(Arg.Any <object>()); await _userRepository.Received(0).AddUserAsync(Arg.Any <string>()); Assert.AreEqual("GetCreateAccountView", createAccountResponse.ActionName); }
public async Task SuccessfulConfirmation_OfAccount_ReturnsStatusCode_Ok() { var user = new AwsCognitoUser { UserName = "******", ConfirmationCode = "123456" }; _cognitoAdapterHelper.UserExists(Arg.Any <AwsCognitoUser>()).Returns(true); _cognitoAdapterHelper.UserIsConfirmed(Arg.Any <AwsCognitoUser>()).Returns(false); _awsCognitoClient.ConfirmSignUpAsync(Arg.Any <ConfirmSignUpRequest>()).Returns(new ConfirmSignUpResponse()); var confirmUserResponse = await _authAdapter.ConfirmUserAsync(user); Assert.AreEqual(HttpStatusCode.OK, confirmUserResponse.StatusCode); }
public async Task <IActionResult> ConfirmAccount([FromBody] AwsCognitoUser cognitoUser) { HttpResponseMessage confirmSignUpResponse; try { confirmSignUpResponse = await _authAdapter.ConfirmUserAsync(cognitoUser); } catch (CodeMismatchException) { return(new ContentResult { Content = "Invalid verification code provided.", ContentType = "text/plain", StatusCode = (int)HttpStatusCode.BadRequest }); } catch (ExpiredCodeException) { return(new ContentResult { Content = "Verification code expired. Client must request a new code.", ContentType = "text/plain", StatusCode = (int)HttpStatusCode.BadRequest }); } switch (confirmSignUpResponse.StatusCode) { case HttpStatusCode.NotFound: return(new NotFoundObjectResult($"The username {cognitoUser.UserName} does not exist.")); case HttpStatusCode.Conflict: return(new ConflictObjectResult($"The username {cognitoUser.UserName} is already confirmed. Login to continue.")); case HttpStatusCode.OK: return(new OkObjectResult("Account confirmed. Please login to continue.")); default: return(new ContentResult { ContentType = "text/plain", Content = "An error has occurred", StatusCode = (int)confirmSignUpResponse.StatusCode }); } }
public async Task <HttpResponseMessage> AdminDeleteUser(AwsCognitoUser user) { if (!await _cognitoAdapterHelper.UserExists(user)) { return(new HttpResponseMessage(HttpStatusCode.NotFound)); } var userInfo = await _cognitoAdapterHelper.GetUserInfo(user); await _awsCognitoClient.AdminDeleteUserAsync(new AdminDeleteUserRequest { UserPoolId = _cognitoConfig.UserPoolId, Username = userInfo.Username }); return(new HttpResponseMessage(HttpStatusCode.OK)); }
public async Task AttemptToLogin_ButUserIsNotConfirmed_RedirectsToConfirmAccountView() { var user = new AwsCognitoUser { UserName = "******", Password = "******" }; _authAdapter.AuthenticateUserAsync(Arg.Any <AwsCognitoUser>()).Returns(new HttpResponseMessage { StatusCode = HttpStatusCode.BadRequest }); var authResponse = await _accountsController.Login(user) as RedirectToActionResult; Assert.AreEqual("GetConfirmAccountView", authResponse.ActionName); }
public async Task <HttpResponseMessage> RegisterNewUserAsync(AwsCognitoUser user) { if (await _cognitoAdapterHelper.UserExists(user)) { return(new HttpResponseMessage(HttpStatusCode.Conflict)); } var signUpRequest = new SignUpRequest() { Username = user.UserName, Password = user.Password, ClientId = _clientId }; var signUpResponse = await _awsCognitoClient.SignUpAsync(signUpRequest); return(new HttpResponseMessage(HttpStatusCode.Created)); }
public async Task <IActionResult> Login([FromBody] AwsCognitoUser cognitoUser) { try { var loginResponse = await _authAdapter.AuthenticateUserAsync(cognitoUser); switch (loginResponse.StatusCode) { case HttpStatusCode.OK: var authResult = JsonConvert.DeserializeObject <AuthenticationResultType>( await loginResponse.Content.ReadAsStringAsync()); var tokenResponse = new TokenResponse { IdToken = authResult.IdToken, RefreshToken = authResult.RefreshToken, AccessToken = authResult.AccessToken }; return(new ContentResult { Content = JsonConvert.SerializeObject(tokenResponse), ContentType = "application/json", StatusCode = (int)HttpStatusCode.OK }); case HttpStatusCode.BadRequest: return(new BadRequestObjectResult($"Login failed. User {cognitoUser.UserName} is unconfirmed.")); case HttpStatusCode.NotFound: return(new NotFoundObjectResult($"Login failed. User {cognitoUser.UserName} does not exist.")); default: return(new ContentResult { ContentType = "text/plain", Content = "An error has occurred", StatusCode = (int)loginResponse.StatusCode }); } } catch (Exception e) { Console.WriteLine(e); throw; } }
public async Task <IActionResult> ConfirmAccount(AwsCognitoUser cognitoUser, string message = "") { ViewBag.InfoMessage = message; HttpResponseMessage confirmSignUpResponse; try { confirmSignUpResponse = await _authAdapter.ConfirmUserAsync(cognitoUser); } catch (CodeMismatchException ex) { _logger.LogError(ex); return(RedirectToAction("GetConfirmAccountView", "Accounts", new { message = "Invalid verification code provided. Please try again." })); } catch (ExpiredCodeException ex) { _logger.LogError(ex); return(RedirectToAction("GetResendConfirmationCodeView", "Accounts", new { message = "Verification code expired. Please request a new code." })); } catch (Exception ex) { _logger.LogError(ex); return(RedirectToAction("GetConfirmAccountView", "Accounts", new { message = "An error has occurred." })); } switch (confirmSignUpResponse.StatusCode) { case HttpStatusCode.NotFound: return(RedirectToAction("GetCreateAccountView", "Accounts", new { message = $"The username {cognitoUser.UserName} does not exist. Please create an account." })); case HttpStatusCode.Conflict: return(RedirectToAction("GetLoginView", "Accounts", new { message = $"The username {cognitoUser.UserName} is already confirmed. Please login to continue." })); case HttpStatusCode.OK: return(RedirectToAction("GetLoginView", "Accounts", new { message = "Account confirmed. Please login to continue." })); default: _logger.LogError(confirmSignUpResponse); return(RedirectToAction("GetCreateAccountView", "Accounts", new { message = "An error has occurred." })); } }
public async Task AccountsController_CreateAccountEndpoint_AddsUserToDatabase() { var testCognitoUser = new AwsCognitoUser { UserName = "******", Password = "******" }; _mockAuthAdapter.RegisterNewUserAsync(Arg.Any <AwsCognitoUser>()).Returns(new HttpResponseMessage(HttpStatusCode.Created)); var formContent = new FormUrlEncodedContent(new [] { new KeyValuePair <string, string>("UserName", testCognitoUser.UserName), new KeyValuePair <string, string>("Password", testCognitoUser.Password) }); await _httpClient.PostAsync("accounts/create", formContent); var testUsers = await _testDbContext.GetTestUsers(); Assert.AreEqual(testCognitoUser.UserName, testUsers.First().Username); }