public void MfaAuthorizationNotSubscribedTest_TestsIfResultIsTrueWhenMfaIsNotSubscribedForAnyAction_VerifiesByReturnValue()
{
MockPersistenceRepository mockPersistenceRepository = new MockPersistenceRepository(true);
MockUserRepository mockUserRepository = new MockUserRepository();
MockMfaEmailService mockMfaEmailService = new MockMfaEmailService();
MockSmsService mockSmsService = new MockSmsService();
MockMfaCodeGenerationService mockMfaCodeGenerationService = new MockMfaCodeGenerationService();
string userName = "******";
string phoneNumber = "2233344";
string email = "*****@*****.**";
User user = new User(userName, "asdf", "12345", "xyz", email, Language.English, TimeZone.CurrentTimeZone,
new TimeSpan(1, 1, 1, 1), DateTime.Now, "Pakistan", "", phoneNumber, "1234");
MockSecurityKeysRepository mockSecurityKeysRepository = new MockSecurityKeysRepository();
string apiKey = "apikey123";
// Add Api Key to mock implementation
mockSecurityKeysRepository.AddSecurityKeysPair(new SecurityKeysPair(user.Id, apiKey, "secretkey123", true, "Desc"));
// Add user to mock implementation
mockUserRepository.AddUser(user);
MfaAuthorizationService mfaAuthorizationService = new MfaAuthorizationService(mockPersistenceRepository,
mockUserRepository, mockSecurityKeysRepository, mockSmsService, mockMfaEmailService, mockMfaCodeGenerationService);
Tuple <bool, string> authorizeAccess = mfaAuthorizationService.AuthorizeAccess(apiKey, "Login", null);
Assert.IsTrue(authorizeAccess.Item1);
}
public void MfaAuthorizationSubscribedFailsTest_ChecksThatResponseIsFalseWhenMfaCodeIsNotPresent_VerifiesByReturnValue()
{
// The first time of authorization, the user des not have the MFA code present, but the second time it is present
// as it has been sent to the user
MockPersistenceRepository mockPersistenceRepository = new MockPersistenceRepository(false);
MockUserRepository mockUserRepository = new MockUserRepository();
MockMfaEmailService mockMfaEmailService = new MockMfaEmailService();
MockSmsService mockSmsService = new MockSmsService();
MockMfaCodeGenerationService mockMfaCodeGenerationService = new MockMfaCodeGenerationService();
string userName = "******";
string phoneNumber = "2233344";
string email = "*****@*****.**";
User user = new User(userName, "asdf", "12345", "xyz", email, Language.English, TimeZone.CurrentTimeZone,
new TimeSpan(1, 1, 1, 1), DateTime.Now, "Pakistan", "", phoneNumber, "1234");
Tuple <string, string, bool> loginSubscription = new Tuple <string, string, bool>("LOG", "Login", true);
Tuple <string, string, bool> depositSubscription = new Tuple <string, string, bool>("DEP", "Deposit", true);
Tuple <string, string, bool> withdrawSubscription = new Tuple <string, string, bool>("WD", "Withdraw", true);
Tuple <string, string, bool> placeOrderSubscription = new Tuple <string, string, bool>("PO", "PlaceOrder", true);
Tuple <string, string, bool> cancelOrderSubscription = new Tuple <string, string, bool>("CO", "CancelOrder", true);
IList <Tuple <string, string, bool> > subscriptionsList = new List <Tuple <string, string, bool> >();
subscriptionsList.Add(loginSubscription);
subscriptionsList.Add(depositSubscription);
subscriptionsList.Add(withdrawSubscription);
subscriptionsList.Add(placeOrderSubscription);
subscriptionsList.Add(cancelOrderSubscription);
user.AssignMfaSubscriptions(subscriptionsList);
MockSecurityKeysRepository mockSecurityKeysRepository = new MockSecurityKeysRepository();
string apiKey = "apikey123";
// Add Api Key to mock implementation
mockSecurityKeysRepository.AddSecurityKeysPair(new SecurityKeysPair(user.Id, apiKey, "secretkey123", true, "Desc"));
// Add user to mock implementation
mockUserRepository.AddUser(user);
MfaAuthorizationService mfaAuthorizationService = new MfaAuthorizationService(mockPersistenceRepository,
mockUserRepository, mockSecurityKeysRepository, mockSmsService, mockMfaEmailService, mockMfaCodeGenerationService);
// Login MFA
Tuple <bool, string> authorizeAccess1 = mfaAuthorizationService.AuthorizeAccess(apiKey, loginSubscription.Item2, null);
Assert.IsFalse(authorizeAccess1.Item1);
}
//[ExpectedException(typeof(InvalidOperationException))]
public void MfaAuthorizationSubscribedFailtTest_ChecksThatExceptionIsRaisedWhenMfaCodesDontMatch_VerifiesByReturnValue()
{
MockPersistenceRepository mockPersistenceRepository = new MockPersistenceRepository(false);
MockUserRepository mockUserRepository = new MockUserRepository();
MockMfaEmailService mockMfaEmailService = new MockMfaEmailService();
MockSmsService mockSmsService = new MockSmsService();
MockMfaCodeGenerationService mockMfaCodeGenerationService = new MockMfaCodeGenerationService();
string userName = "******";
string phoneNumber = "2233344";
string email = "*****@*****.**";
User user = new User(userName, "asdf", "12345", "xyz", email, Language.English, TimeZone.CurrentTimeZone,
new TimeSpan(1, 1, 1, 1), DateTime.Now, "Pakistan", "", phoneNumber, "1234");
Tuple <string, string, bool> loginSubscription = new Tuple <string, string, bool>("LOG", "Login", true);
IList <Tuple <string, string, bool> > subscriptionsList = new List <Tuple <string, string, bool> >();
subscriptionsList.Add(loginSubscription);
user.AssignMfaSubscriptions(subscriptionsList);
MockSecurityKeysRepository mockSecurityKeysRepository = new MockSecurityKeysRepository();
string apiKey = "apikey123";
// Add Api Key to mock implementation
mockSecurityKeysRepository.AddSecurityKeysPair(new SecurityKeysPair(user.Id, apiKey, "secretkey123", true, "Desc"));
// Add user to mock implementation
mockUserRepository.AddUser(user);
MfaAuthorizationService mfaAuthorizationService = new MfaAuthorizationService(mockPersistenceRepository,
mockUserRepository, mockSecurityKeysRepository, mockSmsService, mockMfaEmailService, mockMfaCodeGenerationService);
// Login MFA
Tuple <bool, string> authorizeAccess1 = mfaAuthorizationService.AuthorizeAccess(apiKey, loginSubscription.Item2, null);
Assert.IsFalse(authorizeAccess1.Item1);
// This time the code should be assigned to the user, so verify that
authorizeAccess1 = mfaAuthorizationService.AuthorizeAccess(apiKey, loginSubscription.Item2, user.MfaCode + "1");
Assert.IsFalse(authorizeAccess1.Item1);
}
