public async void PostChangePassword_DifferentUserIdUrlAndToken_Unauthorized()
{
// Arrange
var newUserId = Guid.NewGuid();
var httpClient = fakeWebHost.Host.GetTestServer().CreateClient();
httpClient
.DefaultRequestHeaders
.Authorization =
new AuthenticationHeaderValue("Bearer", myDefaultUserToken);
httpClient
.DefaultRequestHeaders
.Accept
.Add(new MediaTypeWithQualityHeaderValue("application/json"));
var jsonObject = new System.Json.JsonObject();
jsonObject.Add("currentPassword", fakeWebHost.DefaultUserPassword.ToString());
jsonObject.Add("newPassword", "Password2!");
var content = new StringContent(
jsonObject.ToString(),
Encoding.UTF8,
"application/json");
// Act
var response = await httpClient.PostAsync(
string.Format("api/users/{0}/accounts/changepassword", newUserId), content);
// Assert
response.StatusCode.Should().Be(HttpStatusCode.Unauthorized);
}
public async void PostAuthenticate_ValidCall_Ok()
{
// Arrange
var httpClient = fakeWebHost.Host.GetTestServer().CreateClient();
httpClient
.DefaultRequestHeaders
.Accept
.Add(new MediaTypeWithQualityHeaderValue("application/json"));
httpClient
.DefaultRequestHeaders
.Add("client_id", fakeWebHost.DefaultApplicationClientId.ToString());
httpClient
.DefaultRequestHeaders
.Add("client_secret", fakeWebHost.DefaultApplicationClientSecret.ToString());
httpClient
.DefaultRequestHeaders
.Add("grant_type", "password");
var jsonObject = new System.Json.JsonObject();
string userEmail = fakeWebHost.DefaultNormalUserEmail.ToString();
jsonObject.Add("email", userEmail);
jsonObject.Add("password", fakeWebHost.DefaultUserPassword.ToString());
var content = new StringContent(
jsonObject.ToString(),
Encoding.UTF8,
"application/json");
// Act
var response = await httpClient.PostAsync("/api/accounts/authenticate", content);
// Assert
response.StatusCode.Should().Be(HttpStatusCode.OK);
}
public async void Post_RegisterEmailServiceDown_OK()
{
// Arrange
var httpClient = fakeWebHost.Host.GetTestServer().CreateClient();
httpClient
.DefaultRequestHeaders
.Accept
.Add(new MediaTypeWithQualityHeaderValue("application/json"));
var jsonObject = new System.Json.JsonObject();
const string userEmail = "*****@*****.**";
jsonObject.Add("email", userEmail);
jsonObject.Add("password", "Password1!");
var content = new StringContent(
jsonObject.ToString(),
Encoding.UTF8,
"application/json");
// Act
var response = await httpClient.PostAsync("api/accounts/register", content);
var responseContent = await response.Content.ReadAsStringAsync();
var responseDeserialized = JsonConvert.DeserializeObject <UserRegistrationReturnDto>(responseContent);
// Assert
response.StatusCode.Should().Be(HttpStatusCode.OK);
responseDeserialized.Email.Should().Be(userEmail);
responseDeserialized.EmailSentDuringRegistration.Should().Be(false);
}
public async void PostAuthenticate_MissingSecretIdHeader_NotFound()
{
// Arrange
var httpClient = fakeWebHost.Host.GetTestServer().CreateClient();
httpClient
.DefaultRequestHeaders
.Accept
.Add(new MediaTypeWithQualityHeaderValue("application/json"));
httpClient
.DefaultRequestHeaders
.Add("client_id", "123");
httpClient
.DefaultRequestHeaders
.Add("client_secret", "");
httpClient
.DefaultRequestHeaders
.Add("grant_type", "password");
var jsonObject = new System.Json.JsonObject();
const string userEmail = "*****@*****.**";
jsonObject.Add("email", userEmail);
jsonObject.Add("password", "Password1!");
var content = new StringContent(
jsonObject.ToString(),
Encoding.UTF8,
"application/json");
// Act
var response = await httpClient.PostAsync("/api/accounts/authenticate", content);
// Assert
response.StatusCode.Should().Be(HttpStatusCode.NotFound);
}
public async void PostForgotPassword_EmailServiceDown_BadRequest()
{
// Arrange
var httpClient = fakeWebHost.Host.GetTestServer().CreateClient();
httpClient
.DefaultRequestHeaders
.Accept
.Add(new MediaTypeWithQualityHeaderValue("application/json"));
var jsonObject = new System.Json.JsonObject();
string userEmail = fakeWebHost.DefaultFailEmailUserEmail.ToString();
jsonObject.Add("email", userEmail);
var content = new StringContent(
jsonObject.ToString(),
Encoding.UTF8,
"application/json");
// Act
var response = await httpClient.PostAsync("api/accounts/ForgotPassword", content);
var responseContent = await response.Content.ReadAsStringAsync();
// Assert
response.StatusCode.Should().Be(HttpStatusCode.BadRequest);
responseContent.Should().Contain("Email send failed");
}
public async void PostForgotPassword_UserDoesntExist_Ok()
{
// Arrange
var httpClient = fakeWebHost.Host.GetTestServer().CreateClient();
httpClient
.DefaultRequestHeaders
.Accept
.Add(new MediaTypeWithQualityHeaderValue("application/json"));
var jsonObject = new System.Json.JsonObject();
string userEmail = "*****@*****.**";
jsonObject.Add("email", userEmail);
var content = new StringContent(
jsonObject.ToString(),
Encoding.UTF8,
"application/json");
// Act
var response = await httpClient.PostAsync("api/accounts/ForgotPassword", content);
// Assert
response.StatusCode.Should().Be(HttpStatusCode.OK);
}
public async void PostChangePassword_AdminChangeUsersPassword_Ok()
{
// Arrange
string myAdminUserToken = TokenGeneratorTests.GenerateToken(Guid.NewGuid(), "admin");
// Create new WebHost as user has already changed password
var newFakeWebHost = new FakeWebHostWithDb();
newFakeWebHost.IsDatabaseInitialized = false;
await newFakeWebHost.InitializeAsync();
var httpClient = newFakeWebHost.Host.GetTestServer().CreateClient();
httpClient
.DefaultRequestHeaders
.Authorization =
new AuthenticationHeaderValue("Bearer", myAdminUserToken);
httpClient
.DefaultRequestHeaders
.Accept
.Add(new MediaTypeWithQualityHeaderValue("application/json"));
var jsonObject = new System.Json.JsonObject();
jsonObject.Add("currentPassword", newFakeWebHost.DefaultUserPassword.ToString());
jsonObject.Add("newPassword", "Password2!");
var content = new StringContent(
jsonObject.ToString(),
Encoding.UTF8,
"application/json");
// Act
var response = await httpClient.PostAsync(
string.Format("api/users/{0}/accounts/changepassword", defaultUserId), content);
var responseContent = await response.Content.ReadAsStringAsync();
await newFakeWebHost.DisposeAsync();
// Assert
response.StatusCode.Should().Be(HttpStatusCode.OK);
}
private StringContent CreateEmailJsonObject(Email email)
{
try
{
var jsonObject = new System.Json.JsonObject();
jsonObject.Add("toAddress", email.ToAddress);
jsonObject.Add("callbackUrl", email.CallbackUrl.AbsoluteUri);
jsonObject.Add("token", email.Token);
var customContentType = config["IPMEmailMicroservice:ContentTypeHeader"];
var content = new StringContent(
jsonObject.ToString(),
Encoding.UTF8,
customContentType);
return(content);
}
catch (Exception ex)
{
logger.LogError(string.Format("Error in EmailProvider - SendForgotPasswordEmail. {0}", ex.Message));
throw ex;
}
}