public IHttpActionResult ConfirmSecurityQuestionAnswers([FromBody] ResetPasswordDto resetPasswordDto) { // Model Binding Validation if (!ModelState.IsValid) { return(BadRequest(GeneralErrorMessages.MODEL_STATE_ERROR)); } try { var resetPasswordManager = new ResetPasswordManager(resetPasswordDto); var response = resetPasswordManager.ConfirmSecurityQuestionAnswers(); if (response.Error != null) { return(BadRequest(response.Error)); } // Sending HTTP response 200 Status return(Ok()); } // Catch exceptions catch (Exception) { // Sending HTTP response 400 Status return(InternalServerError()); } }
public void DuplicateParameters(Fields field, Values value) { var defaultCompanyLoginId = TestContext.CurrentContext.Test.Properties.Get("companyName").ToString(); var defaultUserName = TestContext.CurrentContext.Test.Properties.Get("adminUserLogin").ToString(); var tokenFromCurrentCompany = Common.RefreshToken(defaultCompanyLoginId, defaultUserName); var tokenFromOtherCompany = Common.RefreshToken(TestContext.CurrentContext.Test.Properties.Get("otherCompanyName").ToString(), TestContext.CurrentContext.Test.Properties.Get("otherAdminUserLogin").ToString()); var parametersSameValue = new Dictionary <Fields, object> { [Fields.CompanyLoginId] = $"{{\"companyLoginId\": \"{defaultCompanyLoginId}\", \"companyLoginId\": \"{defaultCompanyLoginId}\", \"username\": \"{defaultUserName}\", \"newPassword\": \"{NewPassword}\", \"token\": \"{tokenFromCurrentCompany}\"}}", [Fields.NewPassword] = $"{{\"companyLoginId\": \"{defaultCompanyLoginId}\", \"username\": \"{defaultUserName}\", \"newPassword\": \"{NewPassword }\", \"newPassword\": \"{NewPassword}\", \"token\": \"{tokenFromCurrentCompany}\"}}", [Fields.Username] = $"{{\"companyLoginId\": \"{defaultCompanyLoginId}\", \"username\": \"{defaultUserName}\", \"username\": \"{defaultUserName}\", \"newPassword\": \"{NewPassword}\", \"token\": \"{tokenFromCurrentCompany}\"}}", [Fields.Token] = $"{{\"companyLoginId\": \"{defaultCompanyLoginId}\", \"username\": \"{defaultUserName}\", \"newPassword\": \"{NewPassword}\", \"token\": \"{tokenFromCurrentCompany}\", \"token\": \"{tokenFromCurrentCompany}\"}}", [Fields.CheckOldPasswords] = $"{{\"companyLoginId\": \"{defaultCompanyLoginId}\", \"username\": \"{defaultUserName}\", \"newPassword\": \"{NewPassword}\", \"token\": \"{tokenFromCurrentCompany}\", \"checkOldPasswords\": \"1\", \"checkOldPasswords\": \"1\"}}", }; var parametersNotSameValue = new Dictionary <Fields, object> { [Fields.CompanyLoginId] = $"{{\"companyLoginId\": \"{defaultCompanyLoginId}\", \"companyLoginId\": \"{TestContext.CurrentContext.Test.Properties.Get("otherCompanyName").ToString()}\", \"username\": \"{defaultUserName}\", \"newPassword\": \"{NewPassword}\", \"token\": \"{tokenFromCurrentCompany}\"}}", [Fields.NewPassword] = $"{{\"companyLoginId\": \"{defaultCompanyLoginId}\", \"username\": \"{defaultUserName}\", \"newPassword\": \"{NewPassword }\", \"newPassword\": \"123456789\", \"token\": \"{tokenFromCurrentCompany}\"}}", [Fields.Username] = $"{{\"companyLoginId\": \"{defaultCompanyLoginId}\", \"username\": \"{defaultUserName}\", \"username\": \"{TestContext.CurrentContext.Test.Properties.Get("otherAdminUserLogin").ToString()}\", \"newPassword\": \"{NewPassword}\", \"token\": \"{tokenFromCurrentCompany}\"}}", [Fields.Token] = $"{{\"companyLoginId\": \"{defaultCompanyLoginId}\", \"username\": \"{defaultUserName}\", \"newPassword\": \"{NewPassword}\", \"token\": \"{tokenFromCurrentCompany}\", \"token\": \"{tokenFromOtherCompany}\"}}", [Fields.CheckOldPasswords] = $"{{\"companyLoginId\": \"{defaultCompanyLoginId}\", \"username\": \"{defaultUserName}\", \"newPassword\": \"{NewPassword}\", \"token\": \"{tokenFromCurrentCompany}\", \"checkOldPasswords\": \"1\", \"checkOldPasswords\": \"3\"}}", }; var resetPassHandler = new ResetPasswordManager(); var response = resetPassHandler.ResetPassword(value == Values.Same ? parametersSameValue[field] : parametersNotSameValue[field], System.Net.Http.HttpMethod.Post); LastPassword = Common.CheckUpdatedPassword(response) ? NewPassword : string.Empty; PrAssert.That(response, PrIs.ErrorResponse().And.HttpCode(System.Net.HttpStatusCode.BadRequest)); }
public IHttpActionResult ResetPassword(HttpRequestMessage request) { try { var result = new SsoTokenManager(request.Headers.Authorization.Parameter).ManageResetPasswordToken(); if (result.Error != null) { // Send 401 Response HTTP Status Code return(Unauthorized()); } var resetPasswordManager = new ResetPasswordManager(result.Data); var updateResponse = resetPasswordManager.SsoUpdatePassword(); if (updateResponse.Error != null) { // Send 401 Response HTTP Status Code return(Unauthorized()); } // Send 200 Response HTTP Status Code return(Ok()); } catch (Exception) { // Send 500 Response HTTP Status Code return(InternalServerError()); } }
public AccountController() { _userManager = new UserManager(); _addressManager = new AddressManager(); _orderManager = new OrderManager(); _resetPasswordManager = new ResetPasswordManager(); }
public void InvalidEntrySpecial(InvalidSpecialCondition inputType) { var defaultCompanyLoginId = TestContext.CurrentContext.Test.Properties.Get("companyName").ToString(); var defaultUserName = TestContext.CurrentContext.Test.Properties.Get("adminUserLogin").ToString(); var tokenFromCurrentCompany = Common.RefreshToken(defaultCompanyLoginId, defaultUserName); var resetPassHandler = new ResetPasswordManager(); var parameterRequest = new Dictionary <string, object>(Common.ResetPasswordParameters); PrivateApiResponse <object> response = null; parameterRequest["companyLoginId"] = defaultCompanyLoginId; parameterRequest["username"] = defaultUserName; parameterRequest["newPassword"] = NewPassword; parameterRequest["token"] = tokenFromCurrentCompany; if (inputType == InvalidSpecialCondition.WrongContentType) { response = resetPassHandler.ResetPassword(parameterRequest, System.Net.Http.HttpMethod.Post, Common.InvalidEntrySpecialTestCasesMapper[InvalidSpecialCondition.WrongContentType].ToString()); } else { string jsonContent = string.Empty; if (inputType == InvalidSpecialCondition.BrokenJsonFormat) { jsonContent = "{\"companyLoginId\": \"" + defaultCompanyLoginId + "\", \"username\": \"" + defaultUserName + "\", \"newPassword\": \"" + NewPassword + "\", \"token\": \"" + Common.RefreshToken(defaultCompanyLoginId, defaultUserName) + "\""; } else { jsonContent = Common.InvalidEntrySpecialTestCasesMapper[inputType].ToString(); } response = resetPassHandler.ResetPassword(jsonContent, System.Net.Http.HttpMethod.Post); } LastPassword = Common.CheckUpdatedPassword(response) ? parameterRequest["newPassword"].ToString() : string.Empty; PrAssert.That(response, PrIs.ErrorResponse().And.HttpCode(InvalidSpecialCondition.WrongContentType == inputType ? System.Net.HttpStatusCode.UnsupportedMediaType : System.Net.HttpStatusCode.BadRequest)); }
public void PasswordInvalidMethodTests(HttpMethod type) { var token = Common.GetToken(); var defaultUser = CommonData.GetDefaultUser(); var requestDic = new Dictionary <string, object>() { ["companyLoginId"] = defaultUser.Company.Name, ["username"] = defaultUser.Login, ["newPassword"] = "******", ["token"] = token.Result.Token }; var passwordMng = new ResetPasswordManager(); var httpMethod = new Dictionary <HttpMethod, System.Net.Http.HttpMethod>() { [HttpMethod.GET] = System.Net.Http.HttpMethod.Get, [HttpMethod.PUT] = System.Net.Http.HttpMethod.Put, [HttpMethod.DELETE] = System.Net.Http.HttpMethod.Delete, }; var oldPassword = Common.GetOldPassword(); var response = passwordMng.ResetPassword <ResetPasswordResponse>(requestDic, httpMethod[type]); Common.RecoverOldPassword(requestDic, passwordMng, oldPassword); defaultUser.Dispose(); PrAssert.That(response, PrIs.ErrorResponse().With.HttpCode(System.Net.HttpStatusCode.MethodNotAllowed)); }
public void PasswordInvalidSpecialTests(InvalidSpecial inputValue) { var requestDic = InvalidSpecialMapper[inputValue]; var passwordMng = new ResetPasswordManager(); var response = passwordMng.ResetPassword <ResetPasswordResponse>(requestDic, HttpMethod.Post); PrAssert.That(response, PrIs.ErrorResponse().With.HttpCode(System.Net.HttpStatusCode.BadRequest)); }
public void TestResetPasswordInvalid(Fields field, InvalidTestCases inputType) { var parameterRequest = GetParameters(inputType, field); var resetPassHandler = new ResetPasswordManager(); var response = resetPassHandler.ResetPassword(parameterRequest, System.Net.Http.HttpMethod.Post); LastPassword = Common.CheckUpdatedPassword(response) ? parameterRequest["newPassword"].ToString() : string.Empty; PrAssert.That(response, PrIs.ErrorResponse().And.HttpCode(System.Net.HttpStatusCode.BadRequest)); }
public static void RecoverOldPassword(Dictionary <string, object> prop, ResetPasswordManager passwordMng, string currentUserPass) { var token = GetToken(); prop["newPassword"] = currentUserPass; prop.Remove("checkOldPasswords"); prop["token"] = token.Result.Token; passwordMng.ResetPassword <ResetPasswordResponse>(prop, HttpMethod.Post); }
public void SetUp() { user = new User(); database = new Mock <IDatabase>(); database.Setup(d => d.UserRepository.FindUserByUsername("test")).ReturnsAsync(user); hashGenerator = new Mock <IHashGenerator>(); service = new ResetPasswordManager(database.Object, hashGenerator.Object); }
private void ResetPassword(string companyId, string newPassword) { var token = GetRefreshToken(companyId); var resetPassRequest = new Dictionary <string, object> { ["companyLoginId"] = companyId, ["username"] = TestContext.CurrentContext.Test.Properties.Get("adminUser2Login").ToString(), ["newPassword"] = newPassword, ["token"] = token.Token, }; var resetPassHandler = new ResetPasswordManager(); var response = resetPassHandler.ResetPassword(resetPassRequest, HttpMethod.Post); PrAssert.That(response, PrIs.SuccessfulResponse()); }
public void ResetPasswordByOtherUserName(SpecialCommon inputType) { var parameterRequest = new Dictionary <string, object>(Common.ResetPasswordParameters); var defaultCompanyLoginId = TestContext.CurrentContext.Test.Properties.Get("companyName").ToString(); var defaultUserName = TestContext.CurrentContext.Test.Properties.Get("adminUserLogin").ToString(); var tokenFromCurrentCompany = Common.RefreshToken(defaultCompanyLoginId, defaultUserName); parameterRequest["companyLoginId"] = defaultCompanyLoginId; parameterRequest["newPassword"] = NewPassword; parameterRequest["token"] = tokenFromCurrentCompany; parameterRequest["username"] = SpecialCommon.SecondUser == inputType?TestContext.CurrentContext.Test.Properties.Get("adminUser2Login").ToString() : TestContext.CurrentContext.Test.Properties.Get("otherAdminUserLogin").ToString(); var resetPassHandler = new ResetPasswordManager(); var response = resetPassHandler.ResetPassword(parameterRequest, System.Net.Http.HttpMethod.Post); LastPassword = Common.CheckUpdatedPassword(response) ? parameterRequest["newPassword"].ToString() : string.Empty; PrAssert.That(response, PrIs.ErrorResponse().And.HttpCode(System.Net.HttpStatusCode.BadRequest)); }
public void ResetPasswordInjection(Fields field, InjectionInput inputType) { var parameterRequest = new Dictionary <string, object>(Common.ResetPasswordParameters); var defaultCompanyLoginId = TestContext.CurrentContext.Test.Properties.Get("companyName").ToString(); var defaultUserName = TestContext.CurrentContext.Test.Properties.Get("adminUserLogin").ToString(); var tokenFromCurrentCompany = Common.RefreshToken(defaultCompanyLoginId, defaultUserName); parameterRequest["companyLoginId"] = defaultCompanyLoginId; parameterRequest["username"] = defaultUserName; parameterRequest["newPassword"] = NewPassword; parameterRequest["token"] = tokenFromCurrentCompany; parameterRequest[Char.ToLowerInvariant(field.ToString()[0]) + field.ToString().Substring(1)] = InjectionInputData.InjectionInputMapper[inputType]; var resetPassHandler = new ResetPasswordManager(); var response = resetPassHandler.ResetPassword(parameterRequest, System.Net.Http.HttpMethod.Post); LastPassword = Common.CheckUpdatedPassword(response) ? parameterRequest["newPassword"].ToString() : string.Empty; PrAssert.That(response, PrIs.ErrorResponse().And.HttpCode(System.Net.HttpStatusCode.BadRequest)); }
public void ResetPassAccessEndpointTests(AccessState accessState, HttpStatusCode httpStatusCode, ResultCode resultCode) { var accessEndpointHandler = new AccessEndpointManager(); var token = Common.GetToken(); var defaultUser = CommonData.GetDefaultUser(); var requestContent = new Dictionary <string, object>() { ["companyLoginId"] = defaultUser.Company.Name, ["username"] = defaultUser.Login, ["newPassword"] = "******", ["token"] = token.Result.Token }; var oldPassword = Common.GetOldPassword(); var passwordMng = new ResetPasswordManager(); var response = accessEndpointHandler.AccessEndpoint <ResetPasswordResponse>(accessState, Endpoint, requestContent, HttpMethod.Post); Common.RecoverOldPassword(requestContent, passwordMng, oldPassword); defaultUser.Dispose(); PrAssert.That(response, PrIs.ErrorResponse().And.HttpCode(httpStatusCode).And.ErrorCode((int)resultCode)); }
public UserManager() { _resetPasswordManager = new ResetPasswordManager(); db = new DatabaseContext(); var roleStore = new RoleStore <ApplicationRole>(db); _roleManager = new RoleManager <ApplicationRole>(roleStore); var userStore = new UserStore <ApplicationUser>(db); _userManager = new UserManager <ApplicationUser>(userStore); _userManager.UserValidator = new UserValidator <ApplicationUser>(_userManager) { RequireUniqueEmail = true, AllowOnlyAlphanumericUserNames = true }; }
public void ResetPasswordInjectionTests(InjectionParam key, InjectionInput value) { var token = Common.GetToken(); var defaultUser = CommonData.GetDefaultUser(); var requestDic = new Dictionary <string, object>() { ["companyLoginId"] = defaultUser.Company.Name, ["username"] = defaultUser.Login, ["newPassword"] = "******", ["token"] = token.Result.Token, ["checkOldPasswords"] = CheckOldPasswords, }; requestDic[String.Format("{0}{1}", key.ToString().Substring(0, 1).ToLower(), key.ToString().Substring(1))] = InjectionInputMapper[value]; var passwordMng = new ResetPasswordManager(); var oldPassword = Common.GetOldPassword(); var response = passwordMng.ResetPassword <ResetPasswordResponse>(requestDic, HttpMethod.Post); Common.RecoverOldPassword(requestDic, passwordMng, oldPassword); defaultUser.Dispose(); PrAssert.That(response, PrIs.ErrorResponse().With.HttpCode(System.Net.HttpStatusCode.BadRequest)); }
public void ResetPasswordValidCheckOldPasswordsTests(CheckOldPasswords checkOldPasswords) { for (int i = 0; i < CheckOldPasswordsMapper[checkOldPasswords]; i++) { ResetPassword(TestContext.CurrentContext.Test.Properties.Get("companyName").ToString(), PasswordList[i]); } var tokenResponse = GetRefreshToken(TestContext.CurrentContext.Test.Properties.Get("companyName").ToString()); PrAssume.That(tokenResponse, PrIs.SuccessfulResponse()); for (int i = 0; i < CheckOldPasswordsMapper[checkOldPasswords]; i++) { var resetPassRequest = new Dictionary <string, object> { ["companyLoginId"] = TestContext.CurrentContext.Test.Properties.Get("companyName").ToString(), ["username"] = TestContext.CurrentContext.Test.Properties.Get("adminUser2Login").ToString(), ["newPassword"] = PasswordList[i], ["token"] = tokenResponse.Token, ["checkOldPasswords"] = CheckOldPasswordsMapper[checkOldPasswords], }; var resetPassHandler = new ResetPasswordManager(); var response = resetPassHandler.ResetPassword(resetPassRequest, HttpMethod.Post); PrAssert.That(response, PrIs.ErrorResponse().With.HttpCode(HttpStatusCode.BadRequest)); } }
public void ResetPasswordByOtherHttpMethod(HttpMethod inputType) { var parameterRequest = new Dictionary <string, object>(Common.ResetPasswordParameters); var defaultCompanyLoginId = TestContext.CurrentContext.Test.Properties.Get("companyName").ToString(); var defaultUserName = TestContext.CurrentContext.Test.Properties.Get("adminUserLogin").ToString(); var tokenFromCurrentCompany = Common.RefreshToken(defaultCompanyLoginId, defaultUserName); parameterRequest["companyLoginId"] = defaultCompanyLoginId; parameterRequest["username"] = defaultUserName; parameterRequest["newPassword"] = NewPassword; parameterRequest["token"] = tokenFromCurrentCompany; var httpMethod = new Dictionary <HttpMethod, System.Net.Http.HttpMethod>() { [HttpMethod.GET] = System.Net.Http.HttpMethod.Get, [HttpMethod.DELETE] = System.Net.Http.HttpMethod.Delete, [HttpMethod.PUT] = System.Net.Http.HttpMethod.Put, }; var resetPassHandler = new ResetPasswordManager(); var response = resetPassHandler.ResetPassword(parameterRequest, httpMethod[inputType]); LastPassword = Common.CheckUpdatedPassword(response) ? parameterRequest["newPassword"].ToString() : string.Empty; PrAssert.That(response, PrIs.ErrorResponse().And.HttpCode(System.Net.HttpStatusCode.BadRequest)); }