public void MfaAuthorizationSuccessfulTest_ChecksThatServiceReturnsTrueIfNoMfaSubscriptionIsSubscribed_VerifiesThroughReturnsValue() { IIdentityAccessPersistenceRepository persistenceRepository = (IIdentityAccessPersistenceRepository)ContextRegistry.GetContext()["IdentityAccessPersistenceRepository"]; IUserRepository userRepository = (IUserRepository)ContextRegistry.GetContext()["UserRepository"]; ISecurityKeysRepository securityKeysPairRepository = (ISecurityKeysRepository)ContextRegistry.GetContext()["SecurityKeysPairRepository"]; IMfaCodeSenderService mfaSmsService = (IMfaCodeSenderService)ContextRegistry.GetContext()["MfaSmsService"]; IMfaCodeSenderService mfaEmailService = (IMfaCodeSenderService)ContextRegistry.GetContext()["MfaEmailService"]; IMfaCodeGenerationService mfaCodeGenerationService = (IMfaCodeGenerationService)ContextRegistry.GetContext()["MfaCodeGenerationService"]; IMfaAuthorizationService mfaAuthorizationService = new MfaAuthorizationService(persistenceRepository, userRepository, securityKeysPairRepository, mfaSmsService, mfaEmailService, mfaCodeGenerationService); string apiKey = "123"; string userName = "******"; string phoneNumber = "2233344"; string email = "*****@*****.**"; User user = new User(userName, "asdf", "12345", "xyz", email, Language.English, TimeZone.CurrentTimeZone, new TimeSpan(1, 1, 1, 1), DateTime.Now, "Pakistan", "", phoneNumber, "1234"); persistenceRepository.SaveUpdate(user); user = userRepository.GetUserByUserName(userName); Assert.IsNotNull(user); SecurityKeysPair securityKeysPair = new SecurityKeysPair(user.Id, apiKey, "secret123", true, "#1"); persistenceRepository.SaveUpdate(securityKeysPair); Tuple <bool, string> authorizeAccess = mfaAuthorizationService.AuthorizeAccess(apiKey, MfaConstants.Deposit, ""); Assert.IsTrue(authorizeAccess.Item1); }
public void LoginMfaAuthorizationTest_ChecksIfMfaAuthorizationIsDoneSuccessfully_VerifiesThroughReturnValue() { ILoginApplicationService loginApplicationService = (ILoginApplicationService)_applicationContext["LoginApplicationService"]; ILogoutApplicationService logoutApplicationService = (ILogoutApplicationService)_applicationContext["LogoutApplicationService"]; IMfaSubscriptionRepository mfaSubscriptionRepository = (IMfaSubscriptionRepository)_applicationContext["MfaSubscriptionRepository"]; IMfaCodeGenerationService mfaCodeGenerationService = (IMfaCodeGenerationService)ContextRegistry.GetContext()["MfaCodeGenerationService"]; Assert.IsNotNull(loginApplicationService); IRegistrationApplicationService registrationService = (IRegistrationApplicationService)_applicationContext["RegistrationApplicationService"]; string username = "******"; string activationKey = registrationService.CreateAccount(new SignupUserCommand( "*****@*****.**", username, "alice", "Wonderland", TimeZone.CurrentTimeZone, "")); Assert.IsNotNull(activationKey); IUserApplicationService userApplicationService = (IUserApplicationService)_applicationContext["UserApplicationService"]; bool accountActivated = userApplicationService.ActivateAccount(new ActivationCommand(activationKey, "Bob", "alice")); Assert.IsTrue(accountActivated); UserValidationEssentials userValidationEssentials = loginApplicationService.Login(new LoginCommand("Bob", "alice")); Assert.IsNotNull(userValidationEssentials); Assert.IsNotNull(userValidationEssentials.ApiKey); Assert.IsNotNull(userValidationEssentials.SecretKey); Assert.IsNotNull(userValidationEssentials.SessionLogoutTime); IList <MfaSubscription> allSubscriptions = mfaSubscriptionRepository.GetAllSubscriptions(); List <Tuple <string, string, bool> > mfaSubscriptions = new List <Tuple <string, string, bool> >(); foreach (var subscription in allSubscriptions) { mfaSubscriptions.Add(new Tuple <string, string, bool>(subscription.MfaSubscriptionId, subscription.MfaSubscriptionName, true)); } SubmitMfaSettingsResponse submitMfaSettingsResponse = userApplicationService.SubmitMfaSettings( new MfaSettingsCommand(false, null, userValidationEssentials.ApiKey, mfaSubscriptions)); Assert.IsTrue(submitMfaSettingsResponse.Successful); logoutApplicationService.Logout(new LogoutCommand(userValidationEssentials.ApiKey)); UserValidationEssentials validationEssentials = loginApplicationService.Login(new LoginCommand("Bob", "alice", null)); Assert.IsFalse(validationEssentials.LoginSuccessful); Assert.IsNull(validationEssentials.ApiKey); // As we are using the stub implementation for MfaCodeGenerationService, the service returns only the same code every // time. So we can use the code in this test case validationEssentials = loginApplicationService.Login(new LoginCommand("Bob", "alice", mfaCodeGenerationService.GenerateCode())); Assert.IsTrue(validationEssentials.LoginSuccessful); Assert.IsNotNull(validationEssentials.ApiKey); Assert.IsNotNull(validationEssentials.SecretKey); }
/// <summary> /// Initializes a new instance of the <see cref="T:System.Object"/> class. /// </summary> public MfaAuthorizationService(IIdentityAccessPersistenceRepository persistenceRepository, IUserRepository userRepository, ISecurityKeysRepository securityKeysRepository, IMfaCodeSenderService smsService, IMfaCodeSenderService emailService, IMfaCodeGenerationService codeGenerationService) { _persistenceRepository = persistenceRepository; _userRepository = userRepository; _securityKeysRepository = securityKeysRepository; _smsService = smsService; _emailService = emailService; _codeGenerationService = codeGenerationService; }
public void MfaAuthorizationFailTest_ChecksThatServiceReturnsTrueIfMfaCodesDontMatch_VerifiesThroughReturnsValue() { IIdentityAccessPersistenceRepository persistenceRepository = (IIdentityAccessPersistenceRepository)ContextRegistry.GetContext()["IdentityAccessPersistenceRepository"]; IUserRepository userRepository = (IUserRepository)ContextRegistry.GetContext()["UserRepository"]; ISecurityKeysRepository securityKeysPairRepository = (ISecurityKeysRepository)ContextRegistry.GetContext()["SecurityKeysPairRepository"]; IMfaCodeSenderService mfaSmsService = (IMfaCodeSenderService)ContextRegistry.GetContext()["MfaSmsService"]; IMfaCodeSenderService mfaEmailService = (IMfaCodeSenderService)ContextRegistry.GetContext()["MfaEmailService"]; IMfaCodeGenerationService mfaCodeGenerationService = (IMfaCodeGenerationService)ContextRegistry.GetContext()["MfaCodeGenerationService"]; IMfaSubscriptionRepository mfaSubscriptionRepository = (IMfaSubscriptionRepository)ContextRegistry.GetContext()["MfaSubscriptionRepository"]; IMfaAuthorizationService mfaAuthorizationService = new MfaAuthorizationService(persistenceRepository, userRepository, securityKeysPairRepository, mfaSmsService, mfaEmailService, mfaCodeGenerationService); string apiKey = "123"; string userName = "******"; string phoneNumber = "2233344"; string email = "*****@*****.**"; User user = new User(userName, "asdf", "12345", "xyz", email, Language.English, TimeZone.CurrentTimeZone, new TimeSpan(1, 1, 1, 1), DateTime.Now, "Pakistan", "", phoneNumber, "1234"); persistenceRepository.SaveUpdate(user); user = userRepository.GetUserByUserName(userName); Assert.IsNotNull(user); SecurityKeysPair securityKeysPair = new SecurityKeysPair(user.Id, apiKey, "secret123", true, "#1"); persistenceRepository.SaveUpdate(securityKeysPair); Tuple <bool, string> authorizeAccess = mfaAuthorizationService.AuthorizeAccess(apiKey, MfaConstants.Deposit, ""); Assert.IsTrue(authorizeAccess.Item1); IList <MfaSubscription> allSubscriptions = mfaSubscriptionRepository.GetAllSubscriptions(); IList <Tuple <string, string, bool> > mfaSubscriptions = new List <Tuple <string, string, bool> >(); foreach (var subscription in allSubscriptions) { mfaSubscriptions.Add(new Tuple <string, string, bool>(subscription.MfaSubscriptionId, subscription.MfaSubscriptionName, true)); } user.AssignMfaSubscriptions(mfaSubscriptions); persistenceRepository.SaveUpdate(user); authorizeAccess = mfaAuthorizationService.AuthorizeAccess(apiKey, MfaConstants.Deposit, null); Assert.IsFalse(authorizeAccess.Item1); // The Stub Implementation always generates and returns the same MFA Code. We manuipulate it so that the code is // incorrect string mfaCode = mfaCodeGenerationService.GenerateCode(); authorizeAccess = mfaAuthorizationService.AuthorizeAccess(apiKey, MfaConstants.Deposit, mfaCode + "1"); Assert.IsFalse(authorizeAccess.Item1); }
public void InitializationTest_ChecksIftheInstanceOfTheServiceIsInitializedAsExpectedUsingSpring_VerifiesThroughTheInstanceVariable() { IMfaCodeGenerationService smsService = (IMfaCodeGenerationService)ContextRegistry.GetContext()["MfaCodeGenerationService"]; Assert.IsNotNull(smsService); }