public void IsInvalid_WhenEmailVerificationByTicket_IsNotAllowedPurpose( EmailVerificationPurpose entityPurpose, EmailVerificationPurpose allowedPurpose1, EmailVerificationPurpose?allowedPurpose2) { var ticket = FakeData.String(); var queries = new Mock <IProcessQueries>(MockBehavior.Strict); var command = new FakeMustBePurposedVerifyEmailTicketCommand { Ticket = ticket, Purpose1 = allowedPurpose1, Purpose2 = allowedPurpose2, }; var entity = new EmailVerification { Ticket = ticket, Purpose = entityPurpose, }; Expression <Func <EmailVerificationBy, bool> > expectedQuery = x => x.Ticket == command.Ticket; queries.Setup(x => x.Execute(It.Is(expectedQuery))) .Returns(Task.FromResult(entity)); var validator = new FakeMustBePurposedVerifyEmailTicketValidator(queries.Object); var result = validator.Validate(command); result.IsValid.ShouldBeFalse(); Func <ValidationFailure, bool> ticketError = x => x.PropertyName == command.PropertyName(y => y.Ticket); result.Errors.Count(ticketError).ShouldEqual(1); result.Errors.Single(ticketError).ErrorMessage.ShouldEqual(Resources .Validation_EmailVerificationTicket_IsWrongPurpose .Replace("{PropertyName}", EmailVerification.Constraints.Label.ToLower()) ); queries.Verify(x => x.Execute(It.Is(expectedQuery)), Times.Once); validator.ShouldHaveValidationErrorFor(x => x.Ticket, command); queries.Verify(x => x.Execute(It.Is(expectedQuery)), Times.Exactly(2)); }
public void IsValid_WhenEmailVerificationByTicketIsFound_AndTokenIsValid_AndTokensAreEqual_AndTokenIsNotEmpty() { string token = FakeData.String(); string ticket = FakeData.String(); var queries = new Mock <IProcessQueries>(MockBehavior.Strict); var command = new FakeMustHaveValidVerifyEmailTokenCommand { Ticket = ticket, Token = token, }; var entity = new EmailVerification { Ticket = ticket, Token = token, Purpose = EmailVerificationPurpose.ForgotPassword, }; Expression <Func <EmailVerificationBy, bool> > ticketQuery = x => x.Ticket == command.Ticket; queries.Setup(x => x.Execute(It.Is(ticketQuery))).Returns(Task.FromResult(entity)); Expression <Func <EmailVerificationTokenIsValid, bool> > verifyQuery = x => x.Ticket == command.Ticket && x.Token == token && x.Purpose == entity.Purpose; queries.Setup(x => x.Execute(It.Is(verifyQuery))).Returns(Task.FromResult(true)); var validator = new FakeMustHaveValidVerifyEmailTokenValidator(queries.Object); var result = validator.Validate(command); result.IsValid.ShouldBeTrue(); queries.Verify(x => x.Execute(It.Is(ticketQuery)), Times.Once); queries.Verify(x => x.Execute(It.Is(verifyQuery)), Times.Once); validator.ShouldNotHaveValidationErrorFor(x => x.Ticket, command); queries.Verify(x => x.Execute(It.Is(ticketQuery)), Times.Exactly(2)); queries.Verify(x => x.Execute(It.Is(verifyQuery)), Times.Exactly(2)); }
public void IsValid_WhenEmailVerificationByTicket_IsAllowedPurpose( EmailVerificationPurpose entityPurpose, EmailVerificationPurpose allowedPurpose1, EmailVerificationPurpose?allowedPurpose2) { var ticket = FakeData.String(); var queries = new Mock <IProcessQueries>(MockBehavior.Strict); var command = new FakeMustBePurposedVerifyEmailTicketCommand { Ticket = ticket, Purpose1 = allowedPurpose1, Purpose2 = allowedPurpose2, }; var entity = new EmailVerification { Ticket = ticket, Purpose = entityPurpose, }; Expression <Func <EmailVerificationBy, bool> > expectedQuery = x => x.Ticket == command.Ticket; queries.Setup(x => x.Execute(It.Is(expectedQuery))) .Returns(Task.FromResult(entity)); var validator = new FakeMustBePurposedVerifyEmailTicketValidator(queries.Object); var result = validator.Validate(command); result.IsValid.ShouldBeTrue(); queries.Verify(x => x.Execute(It.Is(expectedQuery)), Times.Once); validator.ShouldNotHaveValidationErrorFor(x => x.Ticket, command); queries.Verify(x => x.Execute(It.Is(expectedQuery)), Times.Exactly(2)); }
public void IsInvalid_WhenEmailVerification_IsAlreadyRedeemed() { var ticket = FakeData.String(); var queries = new Mock <IProcessQueries>(MockBehavior.Strict); var command = new FakeMustBeRedeemableVerifyEmailTicketCommand { Ticket = ticket, }; var entity = new EmailVerification { Ticket = ticket, RedeemedOnUtc = DateTime.UtcNow.AddMinutes(-1), }; Expression <Func <EmailVerificationBy, bool> > expectedQuery = x => x.Ticket == ticket; queries.Setup(x => x.Execute(It.Is(expectedQuery))).Returns(Task.FromResult(entity)); var validator = new FakeMustBeRedeemableVerifyEmailTicketValidator(queries.Object); var result = validator.Validate(command); result.IsValid.ShouldBeFalse(); Func <ValidationFailure, bool> ticketError = x => x.PropertyName == command.PropertyName(y => y.Ticket); result.Errors.Count(ticketError).ShouldEqual(1); result.Errors.Single(ticketError).ErrorMessage.ShouldEqual(Resources .Validation_EmailVerificationTicket_IsRedeemed .Replace("{PropertyName}", EmailVerification.Constraints.Label.ToLower()) ); queries.Verify(x => x.Execute(It.Is(expectedQuery)), Times.Exactly(2)); validator.ShouldHaveValidationErrorFor(x => x.Ticket, command.Ticket); queries.Verify(x => x.Execute(It.Is(expectedQuery)), Times.Exactly(4)); }
public void IsInvalid_WhenEmailVerificationByTicket_HasSecretNotEqualToCommandSecret() { string secret = FakeData.String().ToUpper(); string ticket = FakeData.String(); var queries = new Mock <IProcessQueries>(MockBehavior.Strict); var command = new FakeMustBeVerifiedEmailSecretCommand { Secret = secret, Ticket = ticket, }; var entity = new EmailVerification { Secret = secret.ToLower(), Ticket = ticket, }; Expression <Func <EmailVerificationBy, bool> > expectedQuery = x => x.Ticket == command.Ticket; queries.Setup(x => x.Execute(It.Is(expectedQuery))).Returns(Task.FromResult(entity)); var validator = new FakeMustBeVerifiedEmailSecretValidator(queries.Object); var result = validator.Validate(command); result.IsValid.ShouldBeFalse(); Func <ValidationFailure, bool> secretError = x => x.PropertyName == command.PropertyName(y => y.Secret); result.Errors.Count(secretError).ShouldEqual(1); result.Errors.Single(secretError).ErrorMessage.ShouldEqual(Resources .Validation_EmailVerificationSecret_IsWrong .Replace("{PropertyName}", EmailVerification.Constraints.SecretLabel.ToLower()) .Replace("{PropertyValue}", command.Secret) ); queries.Verify(x => x.Execute(It.Is(expectedQuery)), Times.Once); validator.ShouldHaveValidationErrorFor(x => x.Secret, command); queries.Verify(x => x.Execute(It.Is(expectedQuery)), Times.Exactly(2)); }
public async Task Handle(CreateEmailVerification command) { // find or create the email address var emailAddress = await _entities.Get <EmailAddress>().ByValueAsync(command.EmailAddress) ?? new EmailAddress { Value = command.EmailAddress.ToLower(), // TODO: allow users to change capitalization of email? HashedValue = await _queries.Execute(new HashedEmailValueBy(command.EmailAddress)), }; // create random secret and ticket // note that changing the length of the secret requires updating the // email messages sent to the address, since those mention secret length var secret = _queries.Execute(new RandomSecret(10, 12)); var ticket = _queries.Execute(new RandomSecret(20, 25)); // make sure ticket is unique while (_entities.Query <EmailVerification>().ByTicket(ticket) != null) { ticket = _queries.Execute(new RandomSecret(20, 25)); } // serialize a new user token to a string var token = await _userManager.UserTokenProvider.GenerateAsync(command.Purpose.ToString(), _userManager, new UserTicket { UserName = ticket, }); // create the verification var verification = new EmailVerification { EmailAddress = emailAddress, Purpose = command.Purpose, Secret = secret, Ticket = ticket, Token = token, // change this, and you have to change the content of the email messages to reflect new expiration ExpiresOnUtc = DateTime.UtcNow.AddMinutes(30), }; _entities.Create(verification); if (command.Commit) { await _entities.SaveChangesAsync(); } command.CreatedEntity = verification; }
public void IsInvalid_WhenCommandToken_DoesNotEqualEntityToken() { string token = FakeData.String().ToUpper(); string ticket = FakeData.String(); var queries = new Mock <IProcessQueries>(MockBehavior.Strict); var command = new FakeMustHaveValidVerifyEmailTokenCommand { Ticket = ticket, Token = token, }; var entity = new EmailVerification { Ticket = ticket, Token = token.ToLower(), Purpose = EmailVerificationPurpose.ForgotPassword, }; Expression <Func <EmailVerificationBy, bool> > ticketQuery = x => x.Ticket == command.Ticket; queries.Setup(x => x.Execute(It.Is(ticketQuery))).Returns(Task.FromResult(entity)); Expression <Func <EmailVerificationTokenIsValid, bool> > verifyQuery = x => x.Ticket == command.Ticket && x.Token == token && x.Purpose == entity.Purpose; queries.Setup(x => x.Execute(It.Is(verifyQuery))).Returns(Task.FromResult(true)); var validator = new FakeMustHaveValidVerifyEmailTokenValidator(queries.Object); var result = validator.Validate(command); result.IsValid.ShouldBeFalse(); Func <ValidationFailure, bool> ticketError = x => x.PropertyName == command.PropertyName(y => y.Ticket); result.Errors.Count(ticketError).ShouldEqual(1); result.Errors.Single(ticketError).ErrorMessage.ShouldEqual(Resources .Validation_EmailVerificationTicket_HasInvalidToken .Replace("{PropertyName}", EmailVerification.Constraints.Label.ToLower()) ); queries.Verify(x => x.Execute(It.Is(ticketQuery)), Times.Once); queries.Verify(x => x.Execute(It.Is(verifyQuery)), Times.Once); validator.ShouldHaveValidationErrorFor(x => x.Ticket, command); queries.Verify(x => x.Execute(It.Is(ticketQuery)), Times.Exactly(2)); queries.Verify(x => x.Execute(It.Is(verifyQuery)), Times.Exactly(2)); }
public void Handler_ReturnsNullEmailVerification_WhenNotFound_ByTicket() { var ticket = FakeData.String(); var emailVerification = new EmailVerification { Ticket = FakeData.String(), }; var data = new[] { emailVerification }.AsQueryable(); var query = new EmailVerificationBy(ticket); var dbSet = new Mock <DbSet <EmailVerification> >(MockBehavior.Strict).SetupDataAsync(data); var entities = new Mock <IReadEntities>(MockBehavior.Strict); var entitySet = new EntitySet <EmailVerification>(dbSet.Object, entities.Object); entities.Setup(x => x.Query <EmailVerification>()).Returns(entitySet); var handler = new HandleEmailVerificationByQuery(entities.Object); EmailVerification result = handler.Handle(query).Result; result.ShouldBeNull(); entities.Verify(x => x.Query <EmailVerification>(), Times.Once); }
public void IsValid_WhenEmailVerification_IsNotAlreadyRedeemed() { var ticket = FakeData.String(); var queries = new Mock <IProcessQueries>(MockBehavior.Strict); var command = new FakeMustNotBeRedeemedVerifyEmailTicketCommand { Ticket = ticket, }; var entity = new EmailVerification { Ticket = ticket, }; Expression <Func <EmailVerificationBy, bool> > expectedQuery = x => x.Ticket == ticket; queries.Setup(x => x.Execute(It.Is(expectedQuery))).Returns(Task.FromResult(entity)); var validator = new FakeMustNotBeRedeemedVerifyEmailTicketValidator(queries.Object); var result = validator.Validate(command); result.IsValid.ShouldBeTrue(); queries.Verify(x => x.Execute(It.Is(expectedQuery)), Times.Once); validator.ShouldNotHaveValidationErrorFor(x => x.Ticket, command.Ticket); queries.Verify(x => x.Execute(It.Is(expectedQuery)), Times.Exactly(2)); }
public void IsValid_WhenEmailVerificationByTicket_HasSecretEqualingCommandSecret() { string secret = FakeData.String(); string ticket = FakeData.String(); var queries = new Mock <IProcessQueries>(MockBehavior.Strict); var command = new FakeMustBeVerifiedEmailSecretCommand { Secret = secret, Ticket = ticket, }; var entity = new EmailVerification { Secret = secret, Ticket = ticket, }; Expression <Func <EmailVerificationBy, bool> > expectedQuery = x => x.Ticket == command.Ticket; queries.Setup(x => x.Execute(It.Is(expectedQuery))).Returns(Task.FromResult(entity)); var validator = new FakeMustBeVerifiedEmailSecretValidator(queries.Object); var result = validator.Validate(command); result.IsValid.ShouldBeTrue(); queries.Verify(x => x.Execute(It.Is(expectedQuery)), Times.Once); validator.ShouldNotHaveValidationErrorFor(x => x.Secret, command); queries.Verify(x => x.Execute(It.Is(expectedQuery)), Times.Exactly(2)); }
public void IsValid_WhenEmailVerification_IsNotEmpty_AndIsFoundByTicket_AndIsNotRedeemed_AndIsNotExpired() { var ticket = FakeData.String(); var queries = new Mock <IProcessQueries>(MockBehavior.Strict); var command = new FakeMustBeRedeemableVerifyEmailTicketCommand { Ticket = ticket, }; var entity = new EmailVerification { Ticket = ticket, ExpiresOnUtc = DateTime.UtcNow.AddMinutes(1), }; Expression <Func <EmailVerificationBy, bool> > expectedQuery = x => x.Ticket == ticket; queries.Setup(x => x.Execute(It.Is(expectedQuery))).Returns(Task.FromResult(entity)); var validator = new FakeMustBeRedeemableVerifyEmailTicketValidator(queries.Object); var result = validator.Validate(command); result.IsValid.ShouldBeTrue(); queries.Verify(x => x.Execute(It.Is(expectedQuery)), Times.Exactly(3)); validator.ShouldNotHaveValidationErrorFor(x => x.Ticket, command.Ticket); queries.Verify(x => x.Execute(It.Is(expectedQuery)), Times.Exactly(6)); }