/// <summary> /// Resolve verification to create an account on the backend /// and authenticate via tokens. /// </summary> /// <param name="verificationCode">Verification code from the server send via SMS.</param> /// <param name="phoneNumber">Country code and phonenumber concatenated</param> /// <param name="password">Password which should be a GIUD uppercase</param> /// <returns></returns> public async Task <bool> ResolveVerificationCodeAsync(string verificationCode, string phoneNumber, string password) { if (string.IsNullOrWhiteSpace(verificationCode) || string.IsNullOrWhiteSpace(phoneNumber) || string.IsNullOrWhiteSpace(password)) { throw new ArgumentNullException("You must provide all parameters"); } using (var client = new HttpClient(new NativeMessageHandler())) { client.Timeout = _timeOut; var dto = new VerificationResolveDto { VerificationCode = verificationCode, PhoneNumber = phoneNumber, Password = password }; var encodedContent = new FormUrlEncodedContent(dto.ToDictionary()); try { var response = await client.PostAsync(_resolveAddress, encodedContent); return(response.IsSuccessStatusCode); } catch (Exception) { return(false); } } }
public async void ResolveVerification_OnNotMatchingCode_BadRequest() { //Arrange var resolveDto = new VerificationResolveDto { PhoneNumber = "491736890", Password = "******", VerificationCode = "123456" }; var token = new VerificationToken { Expires = DateTime.MaxValue }; var userManagerMock = MockHelpers.GetMockUserManager(); var persistenceMock = new Mock <IIdentityPersistence>(); persistenceMock .Setup(r => r.VerificationTokens .FindByUserAsync(It.IsAny <string>())) .ReturnsAsync(token); var messageSenderMock = new Mock <ISmsSender>(); var configurationMock = new Mock <IConfigurationService>(); //Act var controller = new VerificationController(_logger, persistenceMock.Object, messageSenderMock.Object, configurationMock.Object, userManagerMock.Object); var response = await controller.ResolveVerification(resolveDto); //Assert Assert.IsType <BadRequestObjectResult>(response); }
public async void ResolveVerification_OnNullVerificationRequests_BadRequest() { //Arrange var verificationResponseDto = new VerificationResolveDto { PhoneNumber = "491736890", Password = "******", VerificationCode = "789-789" }; var userManagerMock = MockHelpers.GetMockUserManager(); var persistenceMock = new Mock <IIdentityPersistence>(); persistenceMock .Setup(r => r.VerificationTokens .FindByUserAsync(It.IsAny <string>())) .Returns(Task.FromResult <VerificationToken>(null)); var messageSenderMock = new Mock <ISmsSender>(); var configurationMock = new Mock <IConfigurationService>(); //Act var controller = new VerificationController(_logger, persistenceMock.Object, messageSenderMock.Object, configurationMock.Object, userManagerMock.Object); var response = await controller.ResolveVerification(verificationResponseDto); //Assert Assert.IsType <BadRequestObjectResult>(response); }
public static bool ResolveTokenWithDto(this VerificationToken token, VerificationResolveDto dto) { if (dto == null) { throw new ArgumentNullException(); } if (string.CompareOrdinal(token.User, dto.PhoneNumber) != 0 || string.CompareOrdinal(token.Code, dto.VerificationCode) != 0) { return(false); } return(true); }
public async Task <IActionResult> ResolveVerification([FromForm] VerificationResolveDto dto) { if (!ModelState.IsValid) { return(BadRequest()); } //Retrieve request from db var request = await _dataWorker .VerificationTokens .FindByUserAsync(dto.PhoneNumber); if (request == null) { return(BadRequest($"No verification request found for {dto.PhoneNumber}.")); } //Verify if code matches if (!request.ResolveTokenWithDto(dto)) { _logger.LogInformation($"Code verification failed for [+{dto.PhoneNumber}.\nExpected ({request.Code}) but got ({dto.VerificationCode}).]"); return(BadRequest("Verification code does not match.")); } if (request.IsExpired()) { _logger.LogWarning($"Token has expired, challenge again."); _dataWorker.VerificationTokens.Remove(request); await _dataWorker.CompleteAsync(); return(BadRequest("Token expired")); } //Check if the user already has an account, otherwise create and persist a new one var user = await _userManager.FindByNameAsync(dto.PhoneNumber); if (user == null) { user = new ApplicationUser { UserName = dto.PhoneNumber, Nickname = string.Empty }; var creationResult = await _userManager.CreateAsync(user, dto.Password); if (!creationResult.Succeeded) { return(StatusCode(500)); } _logger.LogInformation($"A new User have been created [{user.UserName}]."); } else { await _userManager.RemovePasswordAsync(user); await _userManager.AddPasswordAsync(user, dto.Password); } //At this step the user is verified and persistet, remove obsolet request from db _dataWorker.VerificationTokens.Remove(request); await _dataWorker.CompleteAsync(); _logger.LogInformation($"Verification was succesfull for User [{user.UserName}.]"); return(Ok()); }