public async Task <LocalLoginResultOutput> ExecuteAsync(string email, string password, bool rememberLogin, string returnUrl)
{
var authRequest = await _authorizationService.GetAuthorizationRequestAsync(returnUrl);
var getAccountResult = await _accountGetterService.GetByEmailAsync(email);
if (!getAccountResult.Success)
{
return(LocalLoginResultOutput.Fail(authRequest != null, getAccountResult.Errors));
}
var accountCanBeAuthenticatedVerificationResult =
_accountVerificationService.VerifyAccountCanBeAuthenticated(getAccountResult.Value, password);
if (!accountCanBeAuthenticatedVerificationResult.Success)
{
return(LocalLoginResultOutput.Fail(authRequest != null,
accountCanBeAuthenticatedVerificationResult.Errors));
}
var claims = await _accountClaimsCreatorService.CreateAccountClaimsAsync(getAccountResult.Value);
await _signInService.SignInAsync(getAccountResult.Value.Id, getAccountResult.Value.Email, rememberLogin,
claims);
return(LocalLoginResultOutput.Ok(authRequest != null, authRequest?.IsNativeClient));
}
public async Task ValidateAsync(ResourceOwnerPasswordValidationContext context)
{
var invalidCredentialsResult = new GrantValidationResult(TokenRequestErrors.InvalidTarget, "Invalid credentials");
var getAccountResult = await _accountGetterService.GetByEmailAsync(context.UserName);
if (!getAccountResult.Success)
{
context.Result = invalidCredentialsResult;
return;
}
var accountCanBeAuthenticatedResult = _accountVerificationService.VerifyAccountCanBeAuthenticated(getAccountResult.Value, context.Password);
if (!accountCanBeAuthenticatedResult.Success)
{
var error = accountCanBeAuthenticatedResult.Errors.Single();
context.Result = error.ErrorCode.Equals(AccountErrorCodeEnumeration.PasswordIsNotSet) || error.ErrorCode.Equals(AccountErrorCodeEnumeration.IncorrectPassword)
? invalidCredentialsResult
: new GrantValidationResult(TokenRequestErrors.InvalidTarget, error.ErrorMessage);
return;
}
var claims = await _accountClaimsCreatorService.CreateAccountClaimsAsync(getAccountResult.Value);
context.Result = new GrantValidationResult(getAccountResult.Value.Id.ToString(),
context.Request.GrantType, claims);
}
public void VerifyAccountCanBeAuthenticated_Should_Return_VerificationResult_With_Success_True()
{
var account = Account.Builder()
.SetId(Guid.NewGuid())
.SetEmail("*****@*****.**")
.SetConfirmed(true)
.SetPasswordHash("PasswordHash")
.SetSecurityStamp(Guid.NewGuid())
.SetCreated(DateTimeOffset.UtcNow)
.SetRoles(new List <Guid> {
Guid.NewGuid()
})
.Build();
var expectedResult = VerificationResult.Ok();
_passwordServiceMock.Setup(x => x.VerifyHashedPassword(It.IsAny <string>(), It.IsAny <string>()))
.Returns(true);
var result = _accountVerificationService.VerifyAccountCanBeAuthenticated(account, "password");
result.Should().BeEquivalentTo(expectedResult);
}
