private async Task CreateNewUser()
{
var userIdentity = new UserIdentityModel();
foreach (var claim in User.Claims)
{
if (claim.Type == "sub")
{
userIdentity.sub = claim.Value;
}
if (claim.Type == "given_name")
{
userIdentity.given_name = claim.Value;
}
if (claim.Type == "family_name")
{
userIdentity.given_name = claim.Value;
}
}
var existUser = await _userManager.FindByIdAsync(userIdentity.sub);
if (existUser == null)
{
}
}
public void AuthenticateCommand_PresentWrongPassword_ThrowsException()
{
// ---- Arrange ----
const string email = "*****@*****.**";
const string name = "Test user";
const string wrongPassword = "******";
const string password = "******";
var passwordHash = AuthUtils.GetMd5Hash(password);
var testUser = new UserIdentityModel(
Guid.NewGuid(),
email,
"Test user",
name,
passwordHash,
Instant.MinValue);
_authRepositoryMock.Setup(r => r.GetUserIdentity(email))
.ReturnsAsync(() => testUser);
var command = new AuthenticateUserCommand(email, wrongPassword);
var handler = new AuthenticateUserCommandHandler(_repositoryProviderMock.Object, _configuration);
// ---- Act & Assert ----
Assert.ThrowsAsync <WrongPasswordException>(
async() => await handler.Handle(command, CancellationToken.None));
_authRepositoryMock.Verify(r => r.GetUserIdentity(email), Times.Once);
}
public UserIdentityModel Register(UserIdentityModel model)
{
_userRepository.Save(model);
_userRepository.Dispose();
return(model);
}
public static List <UserIdentityModel> ToUserCredentialModel(DbDataReader readers)
{
if (readers == null)
{
return(null);
}
var models = new List <UserIdentityModel>();
while (readers.Read())
{
var model = new UserIdentityModel
{
Id = Convert.IsDBNull(readers["Id"]) ? string.Empty : Convert.ToString(readers["Id"]),
Email = Convert.IsDBNull(readers["Email"]) ? string.Empty : Convert.ToString(readers["Email"]),
PhoneNumber = Convert.IsDBNull(readers["PhoneNumber"]) ? string.Empty : Convert.ToString(readers["PhoneNumber"]),
FullName = Convert.IsDBNull(readers["FullName"]) ? string.Empty : Convert.ToString(readers["FullName"]),
UserTypeId = Convert.ToInt32(readers["UserTypeId"]),
IsActive = Convert.ToBoolean(readers["IsActive"]),
LoginID = Convert.IsDBNull(readers["LoginID"]) ? string.Empty : Convert.ToString(readers["LoginID"]),
};
models.Add(model);
}
return(models);
}
public ResponseModel Save(UserIdentityModel model)
{
var err = string.Empty;
const string sql = @"INSERT INTO UserCredentials(Id,LoginID,Password,UserName,Email,UserTypeId,IsActive,DesignationId,DepartmentId,RoomId,PhoneNumber)
VALUES(@Id,@LoginID,@Password,@UserName,@Email,@UserTypeId,1,@DesignationId,@DepartmentId,@RoomId,@PhoneNumber)";
var queryParamList = new QueryParamList
{
new QueryParamObj {
ParamName = "@Id", ParamValue = Guid.NewGuid().ToString()
},
new QueryParamObj {
ParamName = "@LoginID", ParamValue = model.LoginID
},
new QueryParamObj {
ParamName = "@Password", ParamValue = model.Password
},
new QueryParamObj {
ParamName = "@Email", ParamValue = model.Email
},
new QueryParamObj {
ParamName = "@UserTypeId", ParamValue = model.UserTypeId
},
new QueryParamObj {
ParamName = "@PhoneNumber", ParamValue = model.PhoneNumber
}
};
DBExecCommandEx(sql, queryParamList, ref err);
return(new ResponseModel {
Success = string.IsNullOrEmpty(err)
});
}
private void UserIdentityModelTest()
{
var userIdentityString = @"!def!xyz%[email protected]";
UserIdentityModel userIdentityModel = new UserIdentityModel(userIdentityString);
ValidateAndShowValidationResult(userIdentityModel, nameof(userIdentityModel));
}
public Member(DbContext context)
{
var user = context.Set <User>().FirstOrDefault(u => u.Login == "*****@*****.**" && u.Name == "Test User");
_user = new UserIdentityModel {
Id = user.Id, Login = user.Login, Name = user.Name
};
}
public UserLoginFailed(Guid operationId, UserIdentityModel user)
{
Assert.NotNull("user", user);
OperationId = operationId;
Code = "LOGIN_FAILED";
Description = string.Format("User [{0}] could not to log in.", user.UserName);
Data = null;
}
public async Task <UserModel> RegisterUser(UserIdentityModel user)
{
var userDbEntity = user.ToDbEntity();
_dbContext.Users.Add(userDbEntity);
await _dbContext.SaveChangesAsync();
return(userDbEntity.ToDomainModel());
}
public static UserDbEntity ToDbEntity(this UserIdentityModel userIdentity) =>
new UserDbEntity()
{
Id = userIdentity.Id,
Email = userIdentity.Email,
Name = userIdentity.Name,
Role = userIdentity.Role,
RegistrationDate = userIdentity.RegistrationDate.ToUnixTimeMilliseconds(),
PasswordHash = userIdentity.PasswordHash
};
private ClaimsIdentity GetClaimsIdentity(UserIdentityModel userIdentity)
{
var claims = new[]
{
new Claim(ClaimTypes.PrimarySid, userIdentity.Id.ToString()),
new Claim(ClaimTypes.NameIdentifier, userIdentity.Email)
};
return(new ClaimsIdentity(claims, AuthUtils.Jwt.AuthType));
}
public UserLoggedIn(Guid operationId, UserIdentityModel user)
{
if (user == null)
{
throw new ArgumentNullException("user");
}
OperationId = operationId;
Code = "LOGIN";
Description = string.Format("User [{0}] successfully logged in.", user.UserName);
Data = null;
}
public IActionResult Register([FromBody] UserIdentityModel model)
{
var user = _authenticationBusiness.Register(model);
if (user == null)
{
return(BadRequest(new { message = "Username or password is incorrect" }));
}
return(Ok(user));
}
private IEnumerable <Claim> GenerateIdentityClaims(UserIdentityModel userIdentity)
{
var claims = new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, userIdentity.Id.ToString()),
new Claim(ClaimTypes.Name, userIdentity.UserName)
};
claims.AddRange(userIdentity.Roles.Select(userRole => new Claim(ClaimTypes.Role, userRole)));
return(claims);
}
public void AuthenticateCommand_AuthUser_SuccessAuth()
{
// ---- Arrange ----
const string email = "*****@*****.**";
const string name = "Test user";
const string password = "******";
var passwordHash = AuthUtils.GetMd5Hash(password);
var clock = new FakeClock(SystemClock.Instance.GetCurrentInstant());
var testUser = new UserIdentityModel(
Guid.NewGuid(),
email,
name,
"user",
passwordHash,
clock.GetCurrentInstant());
_authRepositoryMock.Setup(r => r.GetUserIdentity(email))
.ReturnsAsync(() => testUser);
var command = new AuthenticateUserCommand(email, password);
var handler = new AuthenticateUserCommandHandler(_repositoryProviderMock.Object, _configuration)
{
Clock = clock
};
AuthAccessModel result = null;
var lifetime = DurationUtils.FromString(
_configuration[$"{AuthUtils.Jwt.ConfigKeys.Section}:{AuthUtils.Jwt.ConfigKeys.LifetimeKey}"]);
// ---- Act ----
Assert.DoesNotThrowAsync(async() => {
result = await handler.Handle(command, CancellationToken.None);
});
clock.Advance(lifetime); // for check expires token instant
// ---- Assert ----
Assert.IsNotNull(result);
Assert.AreEqual(testUser.Id, result.Id);
Assert.AreEqual(testUser.Email, result.Email);
Assert.AreEqual(clock.GetCurrentInstant(), result.ExpiresAt);
Assert.AreEqual(clock.GetCurrentInstant(), result.ExpiresAt);
Assert.AreEqual("user", testUser.Role);
Assert.IsNotEmpty(result.Token);
_authRepositoryMock.Verify(r => r.GetUserIdentity(email), Times.Once);
}
public async Task <UserIdentityModel> GetCurrentUserAsync()
{
var identityUser = await _userManager.GetUserAsync(User);
var currentUser = new UserIdentityModel
{
Id = identityUser.Id,
Name = identityUser.UserName,
Email = identityUser.Email
};
return(currentUser);
}
public UserIdentityModel Handle(UserIdentityModel model)
{
if (string.IsNullOrWhiteSpace(model?.Login))
{
throw new AuthenticationException();
}
var userRepo = GetRepository <IUserRepository>();
var userDb = userRepo.Query().FirstOrDefault(u => u.Login == model.Login) ?? userRepo.Create(model.Login, null, null);
Update(userDb, model);
return(model);
}
private async Task CreateUserSession(User user, UserIdentityModel result)
{
result.Token = await BuildToken(user.Id, user.UserRole.Name);
result.User = new UserCookieModel
{
Username = user.Username,
Email = user.Email,
Firstname = user.FirstName,
Lastname = user.LastName,
Role = user.UserRole.Name,
UserId = user.Id,
CompanyId = user.CompanyId
};
}
public async Task UserCartServicesClean()
{
// Arrange
var user = new User();
user.balance = 10000;
user.userId = 1;
var userId = new UserIdentityModel(user.userId);
var item1 = new Item();
item1.cost = 100;
item1.id = 1;
var item2 = new Item();
item2.cost = 200;
item2.id = 2;
var item3 = new Item();
item3.cost = 300;
item3.id = 3;
var userCart = new UserCart();
userCart.cartItems = new Dictionary <int, int>();
userCart.cartItems[1] = 1;
userCart.cartItems[2] = 2;
userCart.cartItems[3] = 3;
var userDataAccess = new Mock <IUserDataAccess>();
var userCartDataAccess = new Mock <IUserCartDataAccess>();
var itemDataAccess = new Mock <IItemDataAccess>();
userDataAccess.Setup(x => x.GetAsync(userId)).ReturnsAsync(user);
userCartDataAccess.Setup(x => x.GetAsync(userId)).ReturnsAsync(userCart);
itemDataAccess.Setup(x => x.GetAsync(item1.id)).ReturnsAsync(item1);
itemDataAccess.Setup(x => x.GetAsync(item2.id)).ReturnsAsync(item2);
itemDataAccess.Setup(x => x.GetAsync(item3.id)).ReturnsAsync(item3);
var userCartServices = new UserCartServices(userId, userDataAccess.Object, itemDataAccess.Object, userCartDataAccess.Object);
userCartServices.User.userCart.cartItems.Count.Should().Be(3);
userCartServices.Clear();
userCartServices.User.userCart.cartItems.Count.Should().Be(0);
userCartServices.User.userCart.choosenBonus.Should().Be(null);
}
/// <exception cref="InvalidEmailFormatException"></exception>
/// <exception cref="UserAlreadyExistsException"></exception>
/// <exception cref="InvalidNameFormatException"></exception>
/// <exception cref="WeakPasswordException"></exception>
public async Task <UserModel> Handle(RegisterUserCommand request, CancellationToken cancellationToken)
{
// Check is email valid
if (!AuthUtils.ValidateEmail(request.Email))
{
throw new InvalidEmailFormatException(request.Email);
}
// Check is user already exists
var isExists = await _usersRepository.IsUserIdentityExists(request.Email);
if (isExists)
{
throw new UserAlreadyExistsException(request.Email);
}
// Check name
if (!AuthUtils.ValidateName(request.Name))
{
throw new InvalidNameFormatException(request.Name);
}
// Check password stronger
if (!AuthUtils.CheckPasswordComplexity(request.Password))
{
throw new WeakPasswordException();
}
// Generate password hash
var passwordHash = AuthUtils.GetMd5Hash(request.Password);
// User registration instant
var registrationInstant = Clock.GetCurrentInstant();
var user = new UserIdentityModel(
Guid.NewGuid(),
request.Email,
request.Name,
"user",
passwordHash,
registrationInstant
);
// Register user
var registrationResult = await _usersRepository.RegisterUser(user);
return(registrationResult);
}
public IActionResult Get()
{
var userIdentitys = from c in User.Claims
select new UserIdentity
{
Type = c.Type,
Value = c.Value
};
var result = new UserIdentityModel()
{
Description = "Access user order api successfully",
UserIdentitys = userIdentitys.ToList()
};
return(new JsonResult(result));
}
public async Task GetAsyncUser()
{
// Arrange
var user = new User();
user.userId = 1;
var userId = new UserIdentityModel(user.userId);
var userDataAccess = new Mock <IUserDataAccess>();
userDataAccess.Setup(x => x.GetAsync(userId)).ReturnsAsync(user);
var userGetService = new UserGetService(userDataAccess.Object);
// Act
var result = await userGetService.GetAsync(userId);
// Assert
result.Should().Be(user);
}
private void Update(User userDb, UserIdentityModel model)
{
var isNew = userDb.Id == 0;
if (isNew && string.IsNullOrWhiteSpace(model.Name))
{
model.Name = model.Login;
}
if (!string.IsNullOrWhiteSpace(model.Name) && userDb.Name != model.Name)
{
userDb.Name = model.Name;
}
if (string.IsNullOrWhiteSpace(model.Email))
{
model.Email = null;
}
if (userDb.Email != model.Email)
{
userDb.Email = model.Email;
}
using (Transaction())
{
userDb.LastActivityDate = AC.Inst.Offset.Now;
if (isNew)
{
GetRepository <IUserRepository>().Insert(userDb);
}
else
{
GetRepository <IUserRepository>().Update(userDb);
}
Commit();
}
model.Id = userDb.Id;
model.Lang = userDb.Lang;
}
public async Task UserCartServicesAdd()
{
// Arrange
var user = new User();
user.balance = 10000;
user.userId = 1;
var userId = new UserIdentityModel(user.userId);
var item1 = new Item();
item1.cost = 100;
item1.id = 1;
var item2 = new Item();
item2.cost = 200;
item2.id = 2;
var item3 = new Item();
item3.cost = 300;
item3.id = 3;
var userCart = new UserCart();
var userDataAccess = new Mock <IUserDataAccess>();
var userCartDataAccess = new Mock <IUserCartDataAccess>();
var itemDataAccess = new Mock <IItemDataAccess>();
userDataAccess.Setup(x => x.GetAsync(userId)).ReturnsAsync(user);
userCartDataAccess.Setup(x => x.GetAsync(userId)).ReturnsAsync(userCart);
itemDataAccess.Setup(x => x.GetAsync(item1.id)).ReturnsAsync(item1);
itemDataAccess.Setup(x => x.GetAsync(item2.id)).ReturnsAsync(item2);
itemDataAccess.Setup(x => x.GetAsync(item3.id)).ReturnsAsync(item3);
var userCartServices = new UserCartServices(userId, userDataAccess.Object, itemDataAccess.Object, userCartDataAccess.Object);
userCartServices.AddItem(item1);
userCartServices.AddItem(item2);
userCartServices.AddItem(item3);
userCartServices.User.userCart.cartItems.Count.Should().Be(3);
}
public bool InitializeContext()
{
try
{
var actualUser = _accountService.GetLoggedUser();
if (actualUser == null)
{
return(false);
}
var context = new ContextModel
{
User = actualUser,
AllLanguages = _userManagerService.GetLanguages().OrderBy(o => o.IdLanguage).ToList()
};
context.ActualLanguage = context.User.Language == null?context.AllLanguages.FirstOrDefault() :
_userManagerService.GetLanguages().FirstOrDefault(lan => lan.ID == context.User.Language.ID);
SetContext(context);
var userIdentity = new UserIdentityModel(actualUser.Username, new List <string> {
actualUser.Role.ToString().SHA256Encript()
});
HttpContext.Current.User = userIdentity;
var cookie = new HttpCookie(actualUser.Username, actualUser.Role.ToString().SHA256Encript());
HttpContext.Current.Response.Cookies.Add(cookie);
}
catch (Exception ex)
{
LogService.WriteLog(ex.GetStringLog(), LogService.TypeLevel.Error, ex);
}
return(true);
}
private bool ValidatePassword(string providedPassword, UserIdentityModel identity)
{
var hash = AuthUtils.GetMd5Hash(providedPassword);
return(StringComparer.OrdinalIgnoreCase.Compare(hash, identity.PasswordHash) == 0);
}
//
// GetUserInfo
public SocialViewModel GetUserInfo(string token)
{
string space = " ";
using (var client = new HttpClient())
{
client.BaseAddress = new Uri("http://localhost:51639");
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
client.DefaultRequestHeaders.Add("x-token", token);
var res = client.GetAsync($"/api/identity/getUserProfile").Result;
if (res.IsSuccessStatusCode == true)
{
UserIdentityModel userIdentityModel = new UserIdentityModel();
userIdentityModel = res.Content.ReadAsAsync <UserIdentityModel>().Result;
SocialViewModel socialViewModel = new SocialViewModel();
socialViewModel.UserIdentityModel = userIdentityModel;
//set MyName in cookie
HttpCookie MyNameCookie = new HttpCookie("My_Name");
if (userIdentityModel.Name != null)
{
MyNameCookie.Value = userIdentityModel.Name.ToString();
}
else
{
MyNameCookie.Value = space.ToString();
}
Response.Cookies.Add(MyNameCookie); ///
//set MyAge in cookie
HttpCookie MyAgeCookie = new HttpCookie("My_Age");
if (userIdentityModel.Age != null)
{
MyAgeCookie.Value = userIdentityModel.Age.ToString();
}
else
{
MyAgeCookie.Value = space.ToString();
}
Response.Cookies.Add(MyAgeCookie);///
//set MyAddress in cookie
HttpCookie MyAddressCookie = new HttpCookie("My_Address");
if (userIdentityModel.Address != null)
{
MyAddressCookie.Value = userIdentityModel.Address.ToString();
}
else
{
MyAddressCookie.Value = space.ToString();
}
Response.Cookies.Add(MyAddressCookie);///
//set MyWorkPlace in cookie
HttpCookie MyWorkPlaceCookie = new HttpCookie("My_WorkPlace");
if (userIdentityModel.WorkPlace != null)
{
MyWorkPlaceCookie.Value = userIdentityModel.WorkPlace.ToString();
}
else
{
MyWorkPlaceCookie.Value = space.ToString();
}
Response.Cookies.Add(MyWorkPlaceCookie);///
return(socialViewModel);
}
else
{
return(null);
}
};
}
//TODO: common parts of grant refresh token and grant resource owner credentials to separate method
public override Task GrantRefreshToken(OAuthGrantRefreshTokenContext context)
{
var options = new JsonSerializerSettings()
{
ContractResolver = new CamelCasePropertyNamesContractResolver()
};
options.Converters.Insert(0, new HttpServiceErrorConverter());
var identity = context.Ticket.Identity;
if (identity == null)
{
context.SetError("Couldn't deserialize identity from refresh token.");
return(Task.FromResult <object>(null));
}
var userIdClaim = identity.FindFirst(ClaimTypes.Sid);
if (userIdClaim == null)
{
context.SetError("Refresh token doesn't contain user id. Can't grant access.");
return(Task.FromResult <object>(null));
}
var container = context.OwinContext.GetAutofacLifetimeScope();
var transactionFactory = container.Resolve <ITransactionFactory>();
var membershipService = container.Resolve <IAuthorizationService>();
var userId = Guid.Parse(userIdClaim.Value);
UserIdentityModel user = null;
var transaction = transactionFactory.BeginTransaction(IsolationLevel.ReadCommitted);
try
{
user = membershipService.RefreshLogin(new IdentityQuery <Guid>(userId));
transaction.Commit();
}
catch (SecurityException ex)
{
transaction.Commit();
var errorJson = JsonConvert.SerializeObject(ex.UserMessage, options);
context.SetError("LoginFailure", errorJson);
return(Task.FromResult <object>(null));
}
finally
{
transaction.Dispose();
}
if (user == null)
{
throw new InvalidOperationException("Refresh login returned null");
}
var newIdentity = new ClaimsIdentity(context.Options.AuthenticationType);
foreach (var claimModel in user.Claims)
{
newIdentity.AddClaim(new Claim(claimModel.Type, claimModel.Value));
}
var client = context.OwinContext.Get <ApplicationClientModel>("vabank:client");
newIdentity.AddClaim(new Claim(ClaimModel.Types.ClientId, client.Id));
context.OwinContext.Set("vabank:user", user);
// Set CORS header
context.Response.Headers.Set("Access-Control-Allow-Origin", client.AllowedOrigin);
// Set state as validated
context.Validated(newIdentity);
var cookieIdentity = new ClaimsIdentity(identity.Claims, CookieAuthenticationDefaults.AuthenticationType);
context.Request.Context.Authentication.SignIn(cookieIdentity);
return(base.GrantRefreshToken(context));
}
public override Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
//Validate user name and password here
var container = context.OwinContext.GetAutofacLifetimeScope();
var transactionFactory = container.Resolve <ITransactionFactory>();
var membershipService = container.Resolve <IAuthorizationService>();
var options = new JsonSerializerSettings()
{
ContractResolver = new CamelCasePropertyNamesContractResolver()
};
options.Converters.Insert(0, new HttpServiceErrorConverter());
var client = context.OwinContext.Get <ApplicationClientModel>("vabank:client");
if (client != null)
{
var appClientIdentity = new ClaimsIdentity(context.Options.AuthenticationType);
appClientIdentity.AddClaim(new Claim(ClaimModel.Types.ClientId, client.Id));
Thread.CurrentPrincipal = new ClaimsPrincipal(appClientIdentity);
}
var loginCommand = new LoginCommand {
Login = context.UserName, Password = context.Password
};
UserIdentityModel user = null;
var transaction = transactionFactory.BeginTransaction(IsolationLevel.ReadCommitted);
try
{
user = membershipService.Login(loginCommand);
transaction.Commit();
}
catch (ValidationException ex)
{
var error = new HttpServiceError(ex);
context.SetError("LoginValidationError", JsonConvert.SerializeObject(error, options));
transaction.Rollback();
return(Task.FromResult <object>(null));
}
catch (SecurityException ex)
{
transaction.Commit();
var errorJson = JsonConvert.SerializeObject(new HttpServiceError(ex), options);
context.SetError("LoginFailure", errorJson);
return(Task.FromResult <object>(null));
}
finally
{
transaction.Dispose();
}
if (user == null)
{
throw new InvalidOperationException("Service returned null for login command");
}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
foreach (var claimModel in user.Claims)
{
identity.AddClaim(new Claim(claimModel.Type, claimModel.Value));
}
identity.AddClaim(new Claim(ClaimModel.Types.ClientId, client.Id));
context.OwinContext.Set("vabank:user", user);
// Set CORS header
context.Response.Headers.Set("Access-Control-Allow-Origin", client.AllowedOrigin);
// Set state as validated and set cookie
context.Validated(identity);
var cookieIdentity = new ClaimsIdentity(identity.Claims, CookieAuthenticationDefaults.AuthenticationType);
context.Request.Context.Authentication.SignIn(cookieIdentity);
return(base.GrantResourceOwnerCredentials(context));
}
