public void should_call_generate_new_jwt_token() { List <RefreshToken> tokens = new() { new RefreshTokenBuilder().Build() }; User user = new UserBuilder().WithRefreshTokens(tokens).Build(); UserDb userFromDb = user.Map(); var usersFromDb = new List <UserDb> { userFromDb }; DateTime now = DateTime.UtcNow; var newRefreshToken = new RefreshTokenBuilder().Build(); bool newJwtTokenGenerated = false; Action <User> generateJwtToken = (usr) => { newJwtTokenGenerated = true; }; _users.Setup(n => n.Get(It.IsAny <Expression <Func <UserDb, bool> > >(), null, "")).Returns(usersFromDb); _mapper.Setup(n => n.Map <User>(userFromDb)).Returns(user); _dateTimeProvider.Setup(n => n.Now).Returns(now); _jwtUtils.Setup(n => n.GenerateRefreshToken(IP_ADDRESS)).Returns(newRefreshToken); _jwtUtils.Setup(n => n.GenerateJwtToken(user)).Callback(generateJwtToken); _sut.RefreshToken(tokens.First().Token, IP_ADDRESS); newJwtTokenGenerated.Should().BeTrue(); }
public void should_revoke_old_tokens_when_add_new_refresh_token() { List <RefreshToken> tokens = new() { new RefreshTokenBuilder().Build() }; User user = new UserBuilder().WithRefreshTokens(tokens).Build(); UserDb userFromDb = user.Map(); var usersFromDb = new List <UserDb> { userFromDb }; DateTime now = DateTime.UtcNow; string reason = ApiResponses.ReplacedByNewToken; var newRefreshToken = new RefreshTokenBuilder().Build(); var lastTokenRevoked = getLastTokenRevoked(tokens, now, reason, newRefreshToken.Token); List <RefreshToken> expectedRefreshTokens = new() { lastTokenRevoked, newRefreshToken }; User result = null; Action <User, UserDb> mapFinalUser = (a, b) => { result = a; }; _users.Setup(n => n.Get(It.IsAny <Expression <Func <UserDb, bool> > >(), null, "")).Returns(usersFromDb); _mapper.Setup(n => n.Map <User>(userFromDb)).Returns(user); _dateTimeProvider.Setup(n => n.Now).Returns(now); _jwtUtils.Setup(n => n.GenerateRefreshToken(IP_ADDRESS)).Returns(newRefreshToken); _mapper.Setup(n => n.Map(user, userFromDb)).Callback(mapFinalUser); _sut.RefreshToken(tokens.First().Token, IP_ADDRESS); result.RefreshTokens.Should().BeEquivalentTo(expectedRefreshTokens); }
public void should_remove_old_refresh_tokens() { List <RefreshToken> tokens = generateFakeReplacedTokensChain(2); // new RefreshTokenBuilder().Build(2); User user = new UserBuilder().WithRefreshTokens(tokens).Build(); UserDb userFromDb = user.Map(); DateTime now = new DateTime(2022, 05, 05); string reason = ApiResponses.ReplacedByNewToken; var usersFromDb = new List <UserDb> { userFromDb }; tokens[0].Created = new DateTime(2022, 01, 01); tokens[0].Revoked = new DateTime(2022, 01, 02); tokens[1].Created = new DateTime(2022, 05, 05); var newRefreshToken = new RefreshTokenBuilder().WithCreated(new DateTime(2022, 05, 10)).Build(); var lastTokenRevoked = getLastTokenRevoked(tokens, now, reason, newRefreshToken.Token); var expectedTokens = new List <RefreshToken> { lastTokenRevoked, newRefreshToken }; User result = null; Action <User, UserDb> mapFinalUser = (a, b) => { result = a; }; _users.Setup(n => n.Get(It.IsAny <Expression <Func <UserDb, bool> > >(), null, "")).Returns(usersFromDb); _mapper.Setup(n => n.Map <User>(userFromDb)).Returns(user); _dateTimeProvider.Setup(n => n.Now).Returns(now); _jwtUtils.Setup(n => n.GenerateRefreshToken(IP_ADDRESS)).Returns(newRefreshToken); _mapper.Setup(n => n.Map(user, userFromDb)).Callback(mapFinalUser); _sut.RefreshToken(tokens[1].Token, IP_ADDRESS); result.RefreshTokens.Should().BeEquivalentTo(expectedTokens); }
public void should_add_new_refresh_token() { List <RefreshToken> tokens = new() { new RefreshTokenBuilder().Build() }; User user = new UserBuilder().WithRefreshTokens(tokens).Build(); UserDb userFromDb = user.Map(); var usersFromDb = new List <UserDb> { userFromDb }; DateTime now = DateTime.UtcNow; var newRefreshToken = new RefreshTokenBuilder().Build(); User result = null; Action <User, UserDb> mapFinalUser = (a, b) => { result = a; }; _users.Setup(n => n.Get(It.IsAny <Expression <Func <UserDb, bool> > >(), null, "")).Returns(usersFromDb); _mapper.Setup(n => n.Map <User>(userFromDb)).Returns(user); _dateTimeProvider.Setup(n => n.Now).Returns(now); _jwtUtils.Setup(n => n.GenerateRefreshToken(IP_ADDRESS)).Returns(newRefreshToken); _mapper.Setup(n => n.Map(user, userFromDb)).Callback(mapFinalUser); _sut.RefreshToken(tokens.First().Token, IP_ADDRESS); result.RefreshTokens.Should().Contain(newRefreshToken); }
public void should_add_new_refresh_token_to_users_tokens() { AuthenticateRequest request = createFakeRequest(); string hashedPassword = BCrypt.Net.BCrypt.HashPassword(request.Password); User user = new UserBuilder() .WithUsername(request.Username).WithPasswordHash(hashedPassword).Build(); List <UserDb> usersFromDb = new() { user.Map() }; DateTime now = DateTime.UtcNow; DateTime dateValid = now.AddDays(_appSettings.Value.RefreshTokenTTL + 5); RefreshToken generatedRefreshToken = new RefreshTokenBuilder().WithCreated(dateValid).Build(); User result = null; Action <User, UserDb> mapUserToUserDb = (usr, usrfromdb) => { result = usr; }; List <RefreshToken> expectedResult = new() { generatedRefreshToken }; _users.Setup(n => n.Get(It.IsAny <Expression <Func <UserDb, bool> > >(), null, "")) .Returns(usersFromDb); _mapper.Setup(n => n.Map <User>(It.IsAny <UserDb>())).Returns(user); _jwtUtils.Setup(n => n.GenerateJwtToken(It.IsAny <User>())).Returns(GENERATED_JWT_TOKEN); _jwtUtils.Setup(n => n.GenerateRefreshToken(IP_ADDRESS)).Returns(generatedRefreshToken); _dateTimeProvider.Setup(n => n.Now).Returns(now); _mapper.Setup(n => n.Map(It.IsAny <User>(), It.IsAny <UserDb>())).Callback(mapUserToUserDb); _sut.Authenticate(request, IP_ADDRESS); result.RefreshTokens.Should().BeEquivalentTo(expectedResult); }
public void should_return_authenticate_response() { AuthenticateRequest request = createFakeRequest(); string hashedPassword = BCrypt.Net.BCrypt.HashPassword(request.Password); User user = new UserBuilder().WithUsername(request.Username).WithPasswordHash(hashedPassword).Build(); List <UserDb> usersFromDb = new() { user.Map() }; DateTime now = DateTime.UtcNow; DateTime dateValid = now.AddDays(_appSettings.Value.RefreshTokenTTL + 5); RefreshToken generatedRefreshToken = new RefreshTokenBuilder().WithCreated(dateValid).Build(); AuthenticateResponse expectedResult = new(user, GENERATED_JWT_TOKEN, generatedRefreshToken.Token); _users.Setup(n => n.Get(It.IsAny <Expression <Func <UserDb, bool> > >(), null, "")) .Returns(usersFromDb); _mapper.Setup(n => n.Map <User>(It.IsAny <UserDb>())).Returns(user); _jwtUtils.Setup(n => n.GenerateJwtToken(It.IsAny <User>())).Returns(GENERATED_JWT_TOKEN); _jwtUtils.Setup(n => n.GenerateRefreshToken(IP_ADDRESS)).Returns(generatedRefreshToken); _dateTimeProvider.Setup(n => n.Now).Returns(now); var result = _sut.Authenticate(request, IP_ADDRESS); result.Should().BeEquivalentTo(expectedResult); }
public void should_remove_old_refresh_tokens() { AuthenticateRequest request = createFakeRequest(); string hashedPassword = BCrypt.Net.BCrypt.HashPassword(request.Password); User user = new UserBuilder() .WithUsername(request.Username).WithPasswordHash(hashedPassword).Build(); List <UserDb> usersFromDb = new() { user.Map() }; DateTime now = DateTime.UtcNow; DateTime dateExpired = now.Subtract(TimeSpan.FromDays(3)); var inactiveTokens = new RefreshTokenBuilder().Inactive().WithCreated(dateExpired).Build(5); user.RefreshTokens = inactiveTokens; List <RefreshToken> expectedResult = new(); User result = null; Action <User, UserDb> mapUserToUserDb = (usr, usrfromdb) => { result = usr; }; _users.Setup(n => n.Get(It.IsAny <Expression <Func <UserDb, bool> > >(), null, "")) .Returns(usersFromDb); _mapper.Setup(n => n.Map <User>(It.IsAny <UserDb>())).Returns(user); _jwtUtils.Setup(n => n.GenerateJwtToken(It.IsAny <User>())); _jwtUtils.Setup(n => n.GenerateRefreshToken(IP_ADDRESS)).Returns(inactiveTokens[0]); _dateTimeProvider.Setup(n => n.Now).Returns(now); _mapper.Setup(n => n.Map(It.IsAny <User>(), It.IsAny <UserDb>())).Callback(mapUserToUserDb); _sut.Authenticate(request, IP_ADDRESS); result.RefreshTokens.Should().BeEquivalentTo(expectedResult); }
public void should_revoke_token() { RefreshToken activeRefreshToken = new RefreshTokenBuilder().Build(); List <RefreshToken> refreshTokens = new() { activeRefreshToken }; User user = new UserBuilder().WithRefreshTokens(refreshTokens).Build(); UserDb userFromDb = user.Map(); List <UserDb> usersFromDb = new() { userFromDb }; User userUpdated = null; Action <object, object> mapFinal = (a, b) => { userUpdated = a as User; }; DateTime now = DateTime.UtcNow; string reason = ApiResponses.RevokedWithoutReplacement; var expectedResult = new List <RefreshToken> { getCopiedRevokedToken(activeRefreshToken, now, reason) }; _users.Setup(n => n.Get(It.IsAny <Expression <Func <UserDb, bool> > >(), null, "")) .Returns(usersFromDb); _mapper.Setup(n => n.Map <User>(userFromDb)).Returns(user); _mapper.Setup(n => n.Map(It.IsAny <User>(), It.IsAny <UserDb>())).Callback(mapFinal); _dateTimeProvider.Setup(n => n.Now).Returns(now); _sut.RevokeToken(activeRefreshToken.Token, IP_ADDRESS); userUpdated.RefreshTokens.Should().BeEquivalentTo(expectedResult); }
private static List <RefreshToken> generateFakeReplacedTokensChain(int count) { var tokens = new RefreshTokenBuilder().Build(count); for (int i = 0; i < count - 1; i++) { tokens[i].ReplacedByToken = tokens[i + 1].Token; tokens[i].Expires = DateTime.UtcNow.AddMonths(5); tokens[i].Revoked = DateTime.UtcNow.Subtract(TimeSpan.FromDays(150)); } return(tokens); }
public void should_throw_exception_when_token_is_inactive() { RefreshToken inactiveRefreshToken = new RefreshTokenBuilder().Inactive().Build(); List <RefreshToken> refreshTokens = new() { inactiveRefreshToken }; User user = new UserBuilder().WithRefreshTokens(refreshTokens).Build(); UserDb userFromDb = user.Map(); List <UserDb> usersFromDb = new() { userFromDb }; _users.Setup(n => n.Get(It.IsAny <Expression <Func <UserDb, bool> > >(), null, "")) .Returns(usersFromDb); _mapper.Setup(n => n.Map <User>(userFromDb)).Returns(user); _sut.Invoking(n => n.RevokeToken(inactiveRefreshToken.Token, IP_ADDRESS)) .Should() .Throw <Exception>() .WithMessage(ApiResponses.InvalidToken); }
public void should_return_new_jwt_and_refresh_token() { List <RefreshToken> tokens = new() { new RefreshTokenBuilder().Build() }; User user = new UserBuilder().WithRefreshTokens(tokens).Build(); UserDb userFromDb = user.Map(); var usersFromDb = new List <UserDb> { userFromDb }; DateTime now = DateTime.UtcNow; var newRefreshToken = new RefreshTokenBuilder().Build(); string newJwtToken = "new jwt token"; AuthenticateResponse expectedResult = new(user, newJwtToken, newRefreshToken.Token); _users.Setup(n => n.Get(It.IsAny <Expression <Func <UserDb, bool> > >(), null, "")).Returns(usersFromDb); _mapper.Setup(n => n.Map <User>(userFromDb)).Returns(user); _dateTimeProvider.Setup(n => n.Now).Returns(now); _jwtUtils.Setup(n => n.GenerateRefreshToken(IP_ADDRESS)).Returns(newRefreshToken); _jwtUtils.Setup(n => n.GenerateJwtToken(user)).Returns(newJwtToken); var result = _sut.RefreshToken(tokens.First().Token, IP_ADDRESS); result.Should().BeEquivalentTo(expectedResult); }