public async Task Register_CantRegisterWithWeakPassword()
{
//Arrange
var request = new MerchantAuthRequest {
Email = "*****@*****.**", Password = "******"
};
//Act
var response = await TestClient.PostAsJsonAsync(ApiRoutes.Identity.Register, request);
//Assert
response.StatusCode.Should().Be(HttpStatusCode.BadRequest);
}
public SecurityErrorType CheckRequest(MerchantAuthRequest request)
{
var content = new StringContent(Newtonsoft.Json.JsonConvert.SerializeObject(request), Encoding.UTF8, "application/json");
var result = _client.PostAsync(ServiceUrl, content).Result;
if (result.StatusCode != HttpStatusCode.OK)
{
throw new HttpRequestException($"The request returne error {(int)result.StatusCode}");
}
return((SecurityErrorType)int.Parse(result.Content.ReadAsStringAsync().Result));
}
public async Task Login_CantLoginWithWrongCredentials()
{
//Arrange
var request = new MerchantAuthRequest {
Email = "*****@*****.**", Password = "******"
};
//Act
var response = await TestClient.PostAsJsonAsync(ApiRoutes.Identity.Login, request);
//Assert
response.StatusCode.Should().Be(HttpStatusCode.BadRequest);
var errors = await response.Content.ReadAsAsync <ErrorResponse>();
errors.Errors.Select(e => e.ErrorName == "Wrong credentials").Should().NotBeEmpty();
}
public async Task Register_CanRegisterWithCorrectCredentials()
{
//Arrange
var request = new MerchantAuthRequest {
Email = "*****@*****.**", Password = "******"
};
//Act
var response = await TestClient.PostAsJsonAsync(ApiRoutes.Identity.Register, request);
//Assert
response.StatusCode.Should().Be(HttpStatusCode.OK);
var result = await response.Content.ReadAsAsync <MerchantAuthSuccessResponse>();
result.Token.Should().NotBeNullOrEmpty();
}
public async Task Register_CantRegisterWithWrongEmail()
{
//Arrange
var request = new MerchantAuthRequest {
Email = "Wrong Email", Password = "******"
};
//Act
var response = await TestClient.PostAsJsonAsync(ApiRoutes.Identity.Register, request);
//Assert
response.StatusCode.Should().Be(HttpStatusCode.BadRequest);
var errors = await response.Content.ReadAsAsync <ErrorResponse>();
errors.Errors.Select(e => e.ErrorName == "Email").Should().NotBeEmpty();
}
public async Task <IActionResult> Login([FromBody] MerchantAuthRequest request)
{
var result = await _identityService.LoginMerchant(request.Email, request.Password);
if (!result.IsSuccessfull)
{
logger.LogInformation("Failed to login merchant");
return(BadRequest(new ErrorResponse {
Errors = result.Errors.ToList()
}));
}
logger.LogInformation($"Merchant {request.Email} successfully logged in");
return(Ok(new MerchantAuthSuccessResponse
{
Token = result.Token
}));
}
public async Task <IActionResult> Register([FromBody] MerchantAuthRequest request)
{
var result = await _identityService.RegisterMerchant(request.Email, request.Password);
if (!result.IsSuccessfull)
{
logger.LogInformation("Failed to register new merchant");
return(BadRequest(error: new ErrorResponse {
Errors = result.Errors.ToList()
}));
}
logger.LogInformation("Successfully created new account for merchant");
return(Ok(new MerchantAuthSuccessResponse
{
Token = result.Token
}));
}
public async Task <SecurityErrorType> Post([FromBody] MerchantAuthRequest request)
{
if (request == null)
{
return(SecurityErrorType.MerchantUnknown);
}
var merchant = await _merchantRepository.GetAsync(request.MerchantId);
if (merchant == null)
{
return(SecurityErrorType.MerchantUnknown);
}
return(_securityHelper.CheckRequest(request.StringToSign, merchant.MerchantId, request.Sign,
merchant.PublicKey, merchant.ApiKey));
}