public void LoginMfaAuthorizationTest_ChecksIfMfaAuthorizationIsDoneSuccessfully_VerifiesThroughReturnValue()
{
ILoginApplicationService loginApplicationService = (ILoginApplicationService)_applicationContext["LoginApplicationService"];
ILogoutApplicationService logoutApplicationService = (ILogoutApplicationService)_applicationContext["LogoutApplicationService"];
IMfaSubscriptionRepository mfaSubscriptionRepository = (IMfaSubscriptionRepository)_applicationContext["MfaSubscriptionRepository"];
IMfaCodeGenerationService mfaCodeGenerationService = (IMfaCodeGenerationService)ContextRegistry.GetContext()["MfaCodeGenerationService"];
Assert.IsNotNull(loginApplicationService);
IRegistrationApplicationService registrationService = (IRegistrationApplicationService)_applicationContext["RegistrationApplicationService"];
string username = "******";
string activationKey = registrationService.CreateAccount(new SignupUserCommand(
"*****@*****.**", username, "alice", "Wonderland", TimeZone.CurrentTimeZone, ""));
Assert.IsNotNull(activationKey);
IUserApplicationService userApplicationService = (IUserApplicationService)_applicationContext["UserApplicationService"];
bool accountActivated = userApplicationService.ActivateAccount(new ActivationCommand(activationKey, "Bob", "alice"));
Assert.IsTrue(accountActivated);
UserValidationEssentials userValidationEssentials = loginApplicationService.Login(new LoginCommand("Bob", "alice"));
Assert.IsNotNull(userValidationEssentials);
Assert.IsNotNull(userValidationEssentials.ApiKey);
Assert.IsNotNull(userValidationEssentials.SecretKey);
Assert.IsNotNull(userValidationEssentials.SessionLogoutTime);
IList <MfaSubscription> allSubscriptions = mfaSubscriptionRepository.GetAllSubscriptions();
List <Tuple <string, string, bool> > mfaSubscriptions = new List <Tuple <string, string, bool> >();
foreach (var subscription in allSubscriptions)
{
mfaSubscriptions.Add(new Tuple <string, string, bool>(subscription.MfaSubscriptionId, subscription.MfaSubscriptionName,
true));
}
SubmitMfaSettingsResponse submitMfaSettingsResponse = userApplicationService.SubmitMfaSettings(
new MfaSettingsCommand(false, null, userValidationEssentials.ApiKey, mfaSubscriptions));
Assert.IsTrue(submitMfaSettingsResponse.Successful);
logoutApplicationService.Logout(new LogoutCommand(userValidationEssentials.ApiKey));
UserValidationEssentials validationEssentials = loginApplicationService.Login(new LoginCommand("Bob", "alice", null));
Assert.IsFalse(validationEssentials.LoginSuccessful);
Assert.IsNull(validationEssentials.ApiKey);
// As we are using the stub implementation for MfaCodeGenerationService, the service returns only the same code every
// time. So we can use the code in this test case
validationEssentials = loginApplicationService.Login(new LoginCommand("Bob", "alice", mfaCodeGenerationService.GenerateCode()));
Assert.IsTrue(validationEssentials.LoginSuccessful);
Assert.IsNotNull(validationEssentials.ApiKey);
Assert.IsNotNull(validationEssentials.SecretKey);
}
public void MfaAuthorizationFailTest_ChecksThatServiceReturnsTrueIfMfaCodesDontMatch_VerifiesThroughReturnsValue()
{
IIdentityAccessPersistenceRepository persistenceRepository = (IIdentityAccessPersistenceRepository)ContextRegistry.GetContext()["IdentityAccessPersistenceRepository"];
IUserRepository userRepository = (IUserRepository)ContextRegistry.GetContext()["UserRepository"];
ISecurityKeysRepository securityKeysPairRepository = (ISecurityKeysRepository)ContextRegistry.GetContext()["SecurityKeysPairRepository"];
IMfaCodeSenderService mfaSmsService = (IMfaCodeSenderService)ContextRegistry.GetContext()["MfaSmsService"];
IMfaCodeSenderService mfaEmailService = (IMfaCodeSenderService)ContextRegistry.GetContext()["MfaEmailService"];
IMfaCodeGenerationService mfaCodeGenerationService = (IMfaCodeGenerationService)ContextRegistry.GetContext()["MfaCodeGenerationService"];
IMfaSubscriptionRepository mfaSubscriptionRepository = (IMfaSubscriptionRepository)ContextRegistry.GetContext()["MfaSubscriptionRepository"];
IMfaAuthorizationService mfaAuthorizationService = new MfaAuthorizationService(persistenceRepository,
userRepository, securityKeysPairRepository, mfaSmsService, mfaEmailService, mfaCodeGenerationService);
string apiKey = "123";
string userName = "******";
string phoneNumber = "2233344";
string email = "*****@*****.**";
User user = new User(userName, "asdf", "12345", "xyz", email, Language.English, TimeZone.CurrentTimeZone,
new TimeSpan(1, 1, 1, 1), DateTime.Now, "Pakistan", "", phoneNumber, "1234");
persistenceRepository.SaveUpdate(user);
user = userRepository.GetUserByUserName(userName);
Assert.IsNotNull(user);
SecurityKeysPair securityKeysPair = new SecurityKeysPair(user.Id, apiKey, "secret123", true, "#1");
persistenceRepository.SaveUpdate(securityKeysPair);
Tuple <bool, string> authorizeAccess = mfaAuthorizationService.AuthorizeAccess(apiKey, MfaConstants.Deposit, "");
Assert.IsTrue(authorizeAccess.Item1);
IList <MfaSubscription> allSubscriptions = mfaSubscriptionRepository.GetAllSubscriptions();
IList <Tuple <string, string, bool> > mfaSubscriptions = new List <Tuple <string, string, bool> >();
foreach (var subscription in allSubscriptions)
{
mfaSubscriptions.Add(new Tuple <string, string, bool>(subscription.MfaSubscriptionId,
subscription.MfaSubscriptionName, true));
}
user.AssignMfaSubscriptions(mfaSubscriptions);
persistenceRepository.SaveUpdate(user);
authorizeAccess = mfaAuthorizationService.AuthorizeAccess(apiKey, MfaConstants.Deposit, null);
Assert.IsFalse(authorizeAccess.Item1);
// The Stub Implementation always generates and returns the same MFA Code. We manuipulate it so that the code is
// incorrect
string mfaCode = mfaCodeGenerationService.GenerateCode();
authorizeAccess = mfaAuthorizationService.AuthorizeAccess(apiKey, MfaConstants.Deposit, mfaCode + "1");
Assert.IsFalse(authorizeAccess.Item1);
}
public void GetAllSubscriptionsTest_GetsTheListOfAllTheSubscriptions_VerifiesThroughDatabaseQuery()
{
IMfaSubscriptionRepository mfaSubscriptionRepository = (IMfaSubscriptionRepository)ContextRegistry.GetContext()["MfaSubscriptionRepository"];
IList <MfaSubscription> allSubscriptions = mfaSubscriptionRepository.GetAllSubscriptions();
Assert.IsNotNull(allSubscriptions);
Assert.AreEqual(5, allSubscriptions.Count);
Assert.AreEqual("Login", allSubscriptions[0].MfaSubscriptionName);
Assert.AreEqual("Deposit", allSubscriptions[1].MfaSubscriptionName);
Assert.AreEqual("Withdraw", allSubscriptions[2].MfaSubscriptionName);
Assert.AreEqual("CreateOrder", allSubscriptions[3].MfaSubscriptionName);
Assert.AreEqual("CancelOrder", allSubscriptions[4].MfaSubscriptionName);
}
public void SubscribeToRandomMfaSubscriptions_ChecksIfSubscribedMfaSUbscriptionsCanBeUnSubscribedAsExpected_VerifiesThourghDatabaseQuery()
{
// Enables only some of the subscriptions, and disables others, and checks if the subscriptions are being handled properly
IIdentityAccessPersistenceRepository persistenceRepository = (IIdentityAccessPersistenceRepository)ContextRegistry.GetContext()["IdentityAccessPersistenceRepository"];
IUserRepository userRepository = (IUserRepository)ContextRegistry.GetContext()["UserRepository"];
IMfaSubscriptionRepository mfaSubscriptionRepository = (IMfaSubscriptionRepository)ContextRegistry.GetContext()["MfaSubscriptionRepository"];
string userName = "******";
User user = new User(userName, "asdf", "12345", "xyz", "*****@*****.**", Language.English, TimeZone.CurrentTimeZone, new TimeSpan(1, 1, 1, 1), DateTime.Now, "Pakistan", "", "2233344", "1234");
user.IsActivationKeyUsed = new IsActivationKeyUsed(true);
user.IsUserBlocked = new IsUserBlocked(false);
persistenceRepository.SaveUpdate(user);
User receivedUser = userRepository.GetUserByUserName(userName);
Assert.NotNull(receivedUser);
IList <MfaSubscription> allSubscriptions = mfaSubscriptionRepository.GetAllSubscriptions();
Assert.IsNotNull(allSubscriptions);
Assert.GreaterOrEqual(allSubscriptions.Count, 5);
IList <Tuple <string, string, bool> > subscriptionsStringList = new List <Tuple <string, string, bool> >();
// Only add alternative elements from the list, but not all
subscriptionsStringList.Add(new Tuple <string, string, bool>(allSubscriptions[0].MfaSubscriptionId, allSubscriptions[0].MfaSubscriptionName, true));
subscriptionsStringList.Add(new Tuple <string, string, bool>(allSubscriptions[2].MfaSubscriptionId, allSubscriptions[2].MfaSubscriptionName, true));
subscriptionsStringList.Add(new Tuple <string, string, bool>(allSubscriptions[4].MfaSubscriptionId, allSubscriptions[4].MfaSubscriptionName, true));
receivedUser.AssignMfaSubscriptions(subscriptionsStringList);
persistenceRepository.SaveUpdate(receivedUser);
receivedUser = userRepository.GetUserByUserName(userName);
Assert.NotNull(receivedUser);
bool mfaSubscription1 = receivedUser.CheckMfaSubscriptions(allSubscriptions[0].MfaSubscriptionName);
Assert.IsTrue(mfaSubscription1);
bool mfaSubscription2 = receivedUser.CheckMfaSubscriptions(allSubscriptions[1].MfaSubscriptionName);
Assert.IsFalse(mfaSubscription2);
bool mfaSubscription3 = receivedUser.CheckMfaSubscriptions(allSubscriptions[2].MfaSubscriptionName);
Assert.IsTrue(mfaSubscription3);
bool mfaSubscription4 = receivedUser.CheckMfaSubscriptions(allSubscriptions[3].MfaSubscriptionName);
Assert.IsFalse(mfaSubscription4);
bool mfaSubscription5 = receivedUser.CheckMfaSubscriptions(allSubscriptions[4].MfaSubscriptionName);
Assert.IsTrue(mfaSubscription5);
}
public void SecurityKeysMfaVerification_ChecksIfMfaSubscriptionsAreAddedAsExpected_VerifiesByQueryingTheDatabase()
{
IIdentityAccessPersistenceRepository persistenceRepository = (IIdentityAccessPersistenceRepository)ContextRegistry.GetContext()["IdentityAccessPersistenceRepository"];
ISecurityKeysRepository securityKeysRepository = (ISecurityKeysRepository)ContextRegistry.GetContext()["SecurityKeysPairRepository"];
IMfaSubscriptionRepository mfaSubscriptionRepository = (IMfaSubscriptionRepository)ContextRegistry.GetContext()["MfaSubscriptionRepository"];
string apiKey = "123456";
SecurityKeysPair originalPair = new SecurityKeysPair("1", apiKey, "secretkey", 1, DateTime.Today.AddDays(1), DateTime.Today.AddDays(-20), DateTime.Today, DateTime.Now, false, null);
persistenceRepository.SaveUpdate(originalPair);
SecurityKeysPair retrievedPair = securityKeysRepository.GetByApiKey(apiKey);
Assert.IsNotNull(retrievedPair);
IList <MfaSubscription> allSubscriptions = mfaSubscriptionRepository.GetAllSubscriptions();
Assert.IsNotNull(allSubscriptions);
Assert.AreEqual(5, allSubscriptions.Count);
Assert.AreEqual("CancelOrder", allSubscriptions[0].MfaSubscriptionName);
Assert.AreEqual("Deposit", allSubscriptions[1].MfaSubscriptionName);
Assert.AreEqual("Login", allSubscriptions[2].MfaSubscriptionName);
Assert.AreEqual("PlaceOrder", allSubscriptions[3].MfaSubscriptionName);
Assert.AreEqual("Withdraw", allSubscriptions[4].MfaSubscriptionName);
IList <Tuple <string, string, bool> > subscriptionsStringList = new List <Tuple <string, string, bool> >();
foreach (var subscription in allSubscriptions)
{
subscriptionsStringList.Add(new Tuple <string, string, bool>(subscription.MfaSubscriptionId,
subscription.MfaSubscriptionName, true));
}
retrievedPair.AssignMfaSubscriptions(subscriptionsStringList);
persistenceRepository.SaveUpdate(retrievedPair);
retrievedPair = securityKeysRepository.GetByApiKey(apiKey);
Assert.IsNotNull(retrievedPair);
}
public void InstanceInitializationTest_ChecksIfInstanceIsCreatedUsingSpringDiAsExpected_VerifiesThroughInstanceValue()
{
IMfaSubscriptionRepository mfaSubscriptionRepository = (IMfaSubscriptionRepository)ContextRegistry.GetContext()["MfaSubscriptionRepository"];
Assert.IsNotNull(mfaSubscriptionRepository);
}
public void UserMfaSUbscriptionsAdditionTest_ChecksIfAllTheSubscriptionsAreAddedToUserAsExpected_VerifiesThroughDatabaseQuery()
{
IIdentityAccessPersistenceRepository persistenceRepository = (IIdentityAccessPersistenceRepository)ContextRegistry.GetContext()["IdentityAccessPersistenceRepository"];
IUserRepository userRepository = (IUserRepository)ContextRegistry.GetContext()["UserRepository"];
IMfaSubscriptionRepository mfaSubscriptionRepository = (IMfaSubscriptionRepository)ContextRegistry.GetContext()["MfaSubscriptionRepository"];
string userName = "******";
User user = new User(userName, "asdf", "12345", "xyz", "*****@*****.**", Language.English, TimeZone.CurrentTimeZone, new TimeSpan(1, 1, 1, 1), DateTime.Now, "Pakistan", "", "2233344", "1234");
user.IsActivationKeyUsed = new IsActivationKeyUsed(true);
user.IsUserBlocked = new IsUserBlocked(false);
persistenceRepository.SaveUpdate(user);
User receivedUser = userRepository.GetUserByUserName(userName);
Assert.NotNull(receivedUser);
Assert.AreEqual(receivedUser.Username, receivedUser.Username);
Assert.AreEqual(receivedUser.Password, receivedUser.Password);
Assert.AreEqual(receivedUser.PublicKey, receivedUser.PublicKey);
Assert.AreEqual(receivedUser.Language, receivedUser.Language);
Assert.AreEqual(receivedUser.AutoLogout, receivedUser.AutoLogout);
Assert.AreEqual(receivedUser.TimeZone.ToString(), receivedUser.TimeZone.ToString());
Assert.AreEqual(receivedUser.Country, receivedUser.Country);
Assert.AreEqual(receivedUser.State, receivedUser.State);
Assert.AreEqual(receivedUser.PhoneNumber, receivedUser.PhoneNumber);
Assert.AreEqual(receivedUser.Address1, receivedUser.Address1);
Assert.AreEqual(receivedUser.ActivationKey, receivedUser.ActivationKey);
Assert.AreEqual(receivedUser.IsActivationKeyUsed.Value, true);
Assert.AreEqual(receivedUser.IsUserBlocked.Value, false);
IList <MfaSubscription> allSubscriptions = mfaSubscriptionRepository.GetAllSubscriptions();
Assert.IsNotNull(allSubscriptions);
Assert.AreEqual(5, allSubscriptions.Count);
Assert.AreEqual("CancelOrder", allSubscriptions[0].MfaSubscriptionName);
Assert.AreEqual("Deposit", allSubscriptions[1].MfaSubscriptionName);
Assert.AreEqual("Login", allSubscriptions[2].MfaSubscriptionName);
Assert.AreEqual("PlaceOrder", allSubscriptions[3].MfaSubscriptionName);
Assert.AreEqual("Withdraw", allSubscriptions[4].MfaSubscriptionName);
IList <Tuple <string, string, bool> > subscriptionsStringList = new List <Tuple <string, string, bool> >();
foreach (var subscription in allSubscriptions)
{
subscriptionsStringList.Add(new Tuple <string, string, bool>(subscription.MfaSubscriptionId,
subscription.MfaSubscriptionName, true));
}
receivedUser.AssignMfaSubscriptions(subscriptionsStringList);
persistenceRepository.SaveUpdate(receivedUser);
receivedUser = userRepository.GetUserByUserName(userName);
Assert.AreEqual(receivedUser.Username, receivedUser.Username);
Assert.AreEqual(receivedUser.Password, receivedUser.Password);
Assert.AreEqual(receivedUser.PublicKey, receivedUser.PublicKey);
Assert.AreEqual(receivedUser.Language, receivedUser.Language);
Assert.AreEqual(receivedUser.AutoLogout, receivedUser.AutoLogout);
Assert.AreEqual(receivedUser.TimeZone.ToString(), receivedUser.TimeZone.ToString());
Assert.AreEqual(receivedUser.Country, receivedUser.Country);
Assert.AreEqual(receivedUser.State, receivedUser.State);
Assert.AreEqual(receivedUser.PhoneNumber, receivedUser.PhoneNumber);
Assert.AreEqual(receivedUser.Address1, receivedUser.Address1);
Assert.AreEqual(receivedUser.ActivationKey, receivedUser.ActivationKey);
Assert.AreEqual(receivedUser.IsActivationKeyUsed.Value, true);
Assert.AreEqual(receivedUser.IsUserBlocked.Value, false);
bool mfaSubscription1 = receivedUser.CheckMfaSubscriptions(allSubscriptions[0].MfaSubscriptionName);
Assert.IsTrue(mfaSubscription1);
bool mfaSubscription2 = receivedUser.CheckMfaSubscriptions(allSubscriptions[1].MfaSubscriptionName);
Assert.IsTrue(mfaSubscription2);
bool mfaSubscription3 = receivedUser.CheckMfaSubscriptions(allSubscriptions[2].MfaSubscriptionName);
Assert.IsTrue(mfaSubscription3);
bool mfaSubscription4 = receivedUser.CheckMfaSubscriptions(allSubscriptions[3].MfaSubscriptionName);
Assert.IsTrue(mfaSubscription4);
bool mfaSubscription5 = receivedUser.CheckMfaSubscriptions(allSubscriptions[4].MfaSubscriptionName);
Assert.IsTrue(mfaSubscription5);
}
