Exemple #1
0
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void shouldNotSlowRequestRateOnLessThanMaxFailedAttempts()
        public virtual void ShouldNotSlowRequestRateOnLessThanMaxFailedAttempts()
        {
            // Given
            FakeClock clock = FakeClock;
            AuthenticationStrategy authStrategy = NewAuthStrategy(clock, 3);
            User user = (new User.Builder("user", LegacyCredential.ForPassword("right"))).build();

            // When we've failed two times
            assertThat(authStrategy.Authenticate(user, password("wrong")), equalTo(AuthenticationResult.FAILURE));
            assertThat(authStrategy.Authenticate(user, password("wrong")), equalTo(AuthenticationResult.FAILURE));

            // Then
            assertThat(authStrategy.Authenticate(user, password("right")), equalTo(AuthenticationResult.SUCCESS));
        }
Exemple #2
0
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void shouldReturnFailureForInvalidAttempt()
        public virtual void ShouldReturnFailureForInvalidAttempt()
        {
            // Given
            FakeClock clock = FakeClock;
            AuthenticationStrategy authStrategy = NewAuthStrategy(clock, 3);
            User user = (new User.Builder("user", LegacyCredential.ForPassword("right"))).build();

            // Then
            assertThat(authStrategy.Authenticate(user, password("wrong")), equalTo(AuthenticationResult.FAILURE));
        }
Exemple #3
0
        public async Task <IActionResult> Post([FromBody] UserModel userModel)
        {
            if (!ModelState.IsValid)
            {
                logger.LogInformation($"Invalid model state: {string.Concat(ModelState.Values.Select(x => x.Errors.Select(r => r.ErrorMessage)))}");
                return(BadRequest(ModelState));
            }

            var authenticationResult = await authenticationStrategy.Authenticate(userModel, HttpContext.GetMobileHeader());

            if (authenticationResult.Succeed)
            {
                var authenticatedUser = await authenticationStrategy.GetAuthenticatedUser();

                return(Ok(authenticatedUser));
            }
            else
            {
                return(BadRequest(authenticationResult.Error));
            }
        }
Exemple #4
0
        private void TestUnlimitedFailedAuthAttempts(int maxFailedAttempts)
        {
            FakeClock clock = FakeClock;
            AuthenticationStrategy authStrategy = NewAuthStrategy(clock, maxFailedAttempts);
            User user = (new User.Builder("user", LegacyCredential.ForPassword("right"))).build();

            int attempts = ThreadLocalRandom.current().Next(5, 100);

            for (int i = 0; i < attempts; i++)
            {
                assertEquals(AuthenticationResult.FAILURE, authStrategy.Authenticate(user, password("wrong")));
            }
        }
Exemple #5
0
        private void TestSlowRequestRateOnMultipleFailedAttemptsWhereAttemptIsValid(int maxFailedAttempts, Duration lockDuration)
        {
            // Given
            FakeClock clock = FakeClock;
            AuthenticationStrategy authStrategy = NewAuthStrategy(clock, maxFailedAttempts, lockDuration);
            User user = (new User.Builder("user", LegacyCredential.ForPassword("right"))).build();

            // When we've failed max number of times
            for (int i = 0; i < maxFailedAttempts; i++)
            {
                assertThat(authStrategy.Authenticate(user, password("wrong")), equalTo(AuthenticationResult.FAILURE));
            }

            // Then
            assertThat(authStrategy.Authenticate(user, password("right")), equalTo(AuthenticationResult.TOO_MANY_ATTEMPTS));

            // But when time heals all wounds
            clock.Forward(lockDuration.plus(1, SECONDS));

            // Then things should be alright
            assertThat(authStrategy.Authenticate(user, password("right")), equalTo(AuthenticationResult.SUCCESS));
        }