public void Recovery_withSecondaryAgent()
{
var alias = Alias();
var member = tokenClient.CreateMemberBlocking(alias);
var memberId = member.MemberId();
var primaryAgentId = member.GetDefaultAgentBlocking();
var secondaryAgent = tokenClient.CreateMemberBlocking(Alias());
var unusedSecondaryAgent = tokenClient.CreateMemberBlocking(Alias());
member.AddRecoveryRuleBlocking(new RecoveryRule
{
PrimaryAgent = primaryAgentId,
SecondaryAgents = { secondaryAgent.MemberId(), unusedSecondaryAgent.MemberId() }
});
var cryptoEngine = new TokenCryptoEngine(memberId, new InMemoryKeyStore());
var key = cryptoEngine.GenerateKey(Privileged);
var verificationId = tokenClient.BeginRecoveryBlocking(alias);
var authorization = new Authorization
{
MemberId = memberId,
MemberKey = key,
PrevHash = member.GetLastHashBlocking()
};
var signature = secondaryAgent.AuthorizeRecoveryBlocking(authorization);
var op1 = tokenClient.GetRecoveryAuthorizationBlocking(verificationId, "code", key);
var op2 = new MemberRecoveryOperation
{
Authorization = authorization,
AgentSignature = signature
};
var recovered = tokenClient.CompleteRecoveryBlocking(
memberId,
new[] { op1, op2 },
key,
cryptoEngine);
Assert.Equal(member.MemberId(), recovered.MemberId());
Assert.Equal(3, recovered.GetKeysBlocking().Count);
Assert.Empty(recovered.GetAliasesBlocking());
Assert.False(tokenClient.AliasExistsBlocking(alias));
recovered.VerifyAliasBlocking(verificationId, "code");
Assert.True(tokenClient.AliasExistsBlocking(alias));
CollectionAssert.Equivalent(new[] { alias.ToNormalized() }, recovered.GetAliasesBlocking());
}
