Exemple #1
0
        public async Task CanRegisterAUserWithRequiredConfirmation()
        {
            // Arrange
            void ConfigureTestServices(IServiceCollection services)
            {
                services.Configure <IdentityOptions>(o => o.SignIn.RequireConfirmedAccount = true);
            };

            var server = ServerFactory
                         .WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices));
            var client  = server.CreateClient();
            var client2 = server.CreateClient();

            var userName = $"{Guid.NewGuid()}@example.com";
            var password = $"!Test.Password1$";

            // Act & Assert
            var register = await UserStories.RegisterNewUserAsyncWithConfirmation(client, userName, password);

            // Since we aren't confirmed yet, login should fail until we confirm
            await UserStories.LoginFailsWithWrongPasswordAsync(client, userName, password);

            await register.ClickConfirmLinkAsync();

            await UserStories.LoginExistingUserAsync(client, userName, password);
        }
Exemple #2
0
        public async Task CanChangePassword()
        {
            // Arrange
            var principals = new List <ClaimsPrincipal>();

            void ConfigureTestServices(IServiceCollection services) =>
            services.SetupGetUserClaimsPrincipal(user => principals.Add(user), IdentityConstants.ApplicationScheme);

            var server = ServerFactory
                         .WithWebHostBuilder(whb => whb.ConfigureTestServices(ConfigureTestServices));

            var client    = server.CreateClient();
            var newClient = server.CreateClient();

            var userName = $"{Guid.NewGuid()}@example.com";
            var password = "******";

            var index = await UserStories.RegisterNewUserAsync(client, userName, password);

            // Act 1
            var changedPassword = await UserStories.ChangePasswordAsync(index, "!Test.Password1", "!Test.Password2");

            // Assert 1
            // RefreshSignIn generates a new security stamp claim
            AssertClaimsNotEqual(principals[0], principals[1], "AspNet.Identity.SecurityStamp");

            // Act 2
            await UserStories.LoginExistingUserAsync(newClient, userName, "!Test.Password2");

            // Assert 2
            // Signing in again with a different client uses the same security stamp claim
            AssertClaimsEqual(principals[1], principals[2], "AspNet.Identity.SecurityStamp");
        }
Exemple #3
0
        public async Task CanResetPassword_WithGlobalAuthorizeFilter()
        {
            // Arrange
            var emailSender = new ContosoEmailSender();

            void ConfigureTestServices(IServiceCollection services) =>
            services.SetupGlobalAuthorizeFilter().SetupTestEmailSender(emailSender);

            var server = ServerFactory.WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices));

            var client = server.CreateClient();
            var resetPasswordClient = server.CreateClient();
            var newClient           = server.CreateClient();

            var userName    = $"{Guid.NewGuid()}@example.com";
            var password    = $"[PLACEHOLDER]-1a";
            var newPassword = $"[PLACEHOLDER]-1a-updated";

            await UserStories.RegisterNewUserAsync(client, userName, password);

            var registrationEmail = Assert.Single(emailSender.SentEmails);
            await UserStories.ConfirmEmailAsync(registrationEmail, client);

            // Act & Assert
            await UserStories.ForgotPasswordAsync(resetPasswordClient, userName);

            Assert.Equal(2, emailSender.SentEmails.Count);
            var email = emailSender.SentEmails[1];
            await UserStories.ResetPasswordAsync(resetPasswordClient, email, userName, newPassword);

            await UserStories.LoginExistingUserAsync(newClient, userName, newPassword);
        }
Exemple #4
0
        public async Task CanLogInAfterConfirmingEmail_WithGlobalAuthorizeFilter()
        {
            // Arrange
            var emailSender = new ContosoEmailSender();

            void ConfigureTestServices(IServiceCollection services) => services
            .SetupTestEmailSender(emailSender)
            .SetupEmailRequired()
            .SetupGlobalAuthorizeFilter();

            var server = ServerFactory.WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices));

            var client    = server.CreateClient();
            var newClient = server.CreateClient();

            var userName = $"{Guid.NewGuid()}@example.com";
            var password = $"[PLACEHOLDER]-1a";

            var loggedIn = await UserStories.RegisterNewUserAsync(client, userName, password);

            // Act & Assert
            // Use a new client to simulate a new browser session.
            var email = Assert.Single(emailSender.SentEmails);
            await UserStories.ConfirmEmailAsync(email, newClient);

            await UserStories.LoginExistingUserAsync(newClient, userName, password);
        }
Exemple #5
0
        public async Task CanChangeEmail()
        {
            // Arrange
            var emails = new ContosoEmailSender();

            void ConfigureTestServices(IServiceCollection services) =>
            services.SetupTestEmailSender(emails);

            var server = ServerFactory
                         .WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices));
            var client       = server.CreateClient();
            var newClient    = server.CreateClient();
            var failedClient = server.CreateClient();

            var userName = $"{Guid.NewGuid()}@example.com";
            var password = $"[PLACEHOLDER]-1a";
            var newEmail = "*****@*****.**";

            var index = await UserStories.RegisterNewUserAsync(client, userName, password);

            var email = await UserStories.SendUpdateEmailAsync(index, newEmail);

            // Act & Assert
            Assert.Equal(2, emails.SentEmails.Count);
            await UserStories.ConfirmEmailAsync(emails.SentEmails[1], client);

            // Verify can login with new email, fails with old
            await UserStories.LoginExistingUserAsync(newClient, newEmail, password);

            await UserStories.LoginFailsWithWrongPasswordAsync(failedClient, userName, password);
        }
Exemple #6
0
        public async Task CanLogInAfterConfirmingEmail()
        {
            // Arrange
            TestEmailSender testEmailSender = new TestEmailSender();
            var             server          = ServerFactory.CreateServer(builder =>
            {
                builder.ConfigureServices(services => services
                                          .AddSingleton <IEmailSender>(testEmailSender)
                                          .Configure <IdentityOptions>(opt => opt.SignIn.RequireConfirmedEmail = true));
            });

            var client    = ServerFactory.CreateDefaultClient(server);
            var newClient = ServerFactory.CreateDefaultClient(server);

            var userName = $"{Guid.NewGuid()}@example.com";
            var password = $"!Test.Password1$";

            var loggedIn = await UserStories.RegisterNewUserAsync(client, userName, password);

            // Act & Assert
            // Use a new client to simulate a new browser session.
            var emailBody   = HtmlAssert.IsHtmlFragment(testEmailSender.HtmlMessage);
            var linkElement = HtmlAssert.HasElement("a", emailBody);
            var link        = Assert.IsAssignableFrom <IHtmlAnchorElement>(linkElement);
            var response    = await newClient.GetAsync(link.Href);

            await UserStories.LoginExistingUserAsync(newClient, userName, password);
        }
Exemple #7
0
        public async Task CanLogInAfterResettingThePassword()
        {
            using (StartLog(out var loggerFactory))
            {
                // Arrange
                var emailSender = new ContosoEmailSender();
                var server      = ServerFactory.CreateServer(loggerFactory, b => b.ConfigureServices(s =>
                                                                                                     s.SetupTestEmailSender(emailSender)));
                var client = ServerFactory.CreateDefaultClient(server);
                var resetPasswordClient = ServerFactory.CreateDefaultClient(server);
                var newClient           = ServerFactory.CreateDefaultClient(server);

                var userName    = $"{Guid.NewGuid()}@example.com";
                var password    = $"!Test.Password1$";
                var newPassword = $"!New.Password1$";

                await UserStories.RegisterNewUserAsync(client, userName, password);

                var registrationEmail = Assert.Single(emailSender.SentEmails);
                await UserStories.ConfirmEmailAsync(registrationEmail, client);

                // Act & Assert
                await UserStories.ForgotPasswordAsync(resetPasswordClient, userName);

                Assert.Equal(2, emailSender.SentEmails.Count);
                var email = emailSender.SentEmails[1];
                await UserStories.ResetPasswordAsync(resetPasswordClient, email, userName, newPassword);

                await UserStories.LoginExistingUserAsync(newClient, userName, newPassword);
            }
        }
Exemple #8
0
        public async Task CanLogInAfterConfirmingEmail()
        {
            using (StartLog(out var loggerFactory))
            {
                // Arrange
                var emailSender = new ContosoEmailSender();
                var server      = ServerFactory.CreateServer(loggerFactory, builder =>
                {
                    builder.ConfigureServices(services => services
                                              .SetupTestEmailSender(emailSender)
                                              .SetupEmailRequired());
                });

                var client    = ServerFactory.CreateDefaultClient(server);
                var newClient = ServerFactory.CreateDefaultClient(server);

                var userName = $"{Guid.NewGuid()}@example.com";
                var password = $"!Test.Password1$";

                var loggedIn = await UserStories.RegisterNewUserAsync(client, userName, password);

                // Act & Assert
                // Use a new client to simulate a new browser session.
                var email = Assert.Single(emailSender.SentEmails);
                await UserStories.ConfirmEmailAsync(email, newClient);

                await UserStories.LoginExistingUserAsync(newClient, userName, password);
            }
        }
Exemple #9
0
        public async Task CannotLogInWithoutRequiredEmailConfirmation()
        {
            using (StartLog(out var loggerFactory))
            {
                // Arrange
                var emailSender = new ContosoEmailSender();
                var server      = ServerFactory.CreateServer(loggerFactory, builder =>
                {
                    builder.ConfigureServices(services => services
                                              .SetupTestEmailSender(emailSender)
                                              .SetupEmailRequired());
                });

                var client    = ServerFactory.CreateDefaultClient(server);
                var newClient = ServerFactory.CreateDefaultClient(server);

                var userName = $"{Guid.NewGuid()}@example.com";
                var password = $"!Test.Password1$";

                var loggedIn = await UserStories.RegisterNewUserAsync(client, userName, password);

                // Act & Assert
                // Use a new client to simulate a new browser session.
                await Assert.ThrowsAnyAsync <XunitException>(() => UserStories.LoginExistingUserAsync(newClient, userName, password));
            }
        }
Exemple #10
0
        public async Task CanLogInAfterResettingThePassword()
        {
            // Arrange
            var emailSender = new ContosoEmailSender();

            void ConfigureTestServices(IServiceCollection services) => services
            .SetupTestEmailSender(emailSender);

            var server = ServerFactory.WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices));

            ServerFactory.EnsureDatabaseCreated();

            var client = server.CreateClient();
            var resetPasswordClient = server.CreateClient();
            var newClient           = server.CreateClient();

            var userName    = $"{Guid.NewGuid()}@example.com";
            var password    = $"!Test.Password1$";
            var newPassword = $"!New.Password1$";

            await UserStories.RegisterNewUserAsync(client, userName, password);

            var registrationEmail = Assert.Single(emailSender.SentEmails);
            await UserStories.ConfirmEmailAsync(registrationEmail, client);

            // Act & Assert
            await UserStories.ForgotPasswordAsync(resetPasswordClient, userName);

            Assert.Equal(2, emailSender.SentEmails.Count);
            var email = emailSender.SentEmails[1];
            await UserStories.ResetPasswordAsync(resetPasswordClient, email, userName, newPassword);

            await UserStories.LoginExistingUserAsync(newClient, userName, newPassword);
        }
Exemple #11
0
        public async Task CanLogInWithAPreviouslyRegisteredUser()
        {
            // Arrange
            var client    = ServerFactory.CreateClient();
            var newClient = ServerFactory.CreateClient();

            var userName = $"{Guid.NewGuid()}@example.com";
            var password = $"[PLACEHOLDER]-1a";

            // Act & Assert
            await UserStories.RegisterNewUserAsync(client, userName, password);

            // Use a new client to simulate a new browser session.
            await UserStories.LoginExistingUserAsync(newClient, userName, password);
        }
Exemple #12
0
        public async Task CanLogInWithAPreviouslyRegisteredUser()
        {
            using (StartLog(out var loggerFactory))
            {
                // Arrange
                var server    = ServerFactory.CreateDefaultServer(loggerFactory);
                var client    = ServerFactory.CreateDefaultClient(server);
                var newClient = ServerFactory.CreateDefaultClient(server);

                var userName = $"{Guid.NewGuid()}@example.com";
                var password = $"!Test.Password1$";

                // Act & Assert
                await UserStories.RegisterNewUserAsync(client, userName, password);

                // Use a new client to simulate a new browser session.
                await UserStories.LoginExistingUserAsync(newClient, userName, password);
            }
        }
Exemple #13
0
        public async Task CanLogInWithAPreviouslyRegisteredUser_WithGlobalAuthorizeFilter()
        {
            // Arrange
            void ConfigureTestServices(IServiceCollection services) =>
            services.SetupGlobalAuthorizeFilter();

            var server = ServerFactory
                         .WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices));

            var client    = server.CreateClient();
            var newClient = server.CreateClient();

            var userName = $"{Guid.NewGuid()}@example.com";
            var password = $"[PLACEHOLDER]-1a";

            // Act & Assert
            await UserStories.RegisterNewUserAsync(client, userName, password);

            // Use a new client to simulate a new browser session.
            await UserStories.LoginExistingUserAsync(newClient, userName, password);
        }
Exemple #14
0
        public async Task CanSetPasswordWithExternalLogin()
        {
            // Arrange
            var principals = new List <ClaimsPrincipal>();

            void ConfigureTestServices(IServiceCollection services) =>
            services
            .SetupTestThirdPartyLogin()
            .SetupGetUserClaimsPrincipal(user => principals.Add(user), IdentityConstants.ApplicationScheme);

            var server = ServerFactory
                         .WithWebHostBuilder(whb => whb.ConfigureTestServices(ConfigureTestServices));

            var client    = server.CreateClient();
            var newClient = server.CreateClient();
            var loginAfterSetPasswordClient = server.CreateClient();

            var guid     = Guid.NewGuid();
            var userName = $"{guid}";
            var email    = $"{guid}@example.com";

            // Act 1
            var index = await UserStories.RegisterNewUserWithSocialLoginAsync(client, userName, email);

            index = await UserStories.LoginWithSocialLoginAsync(newClient, userName);

            // Assert 1
            Assert.NotNull(principals[1].Identities.Single().Claims.Single(c => c.Type == ClaimTypes.AuthenticationMethod).Value);

            // Act 2
            await UserStories.SetPasswordAsync(index, "!Test.Password2");

            // Assert 2
            // RefreshSignIn uses the same AuthenticationMethod claim value
            AssertClaimsEqual(principals[1], principals[2], ClaimTypes.AuthenticationMethod);

            // Act & Assert 3
            // Can log in with the password set above
            await UserStories.LoginExistingUserAsync(loginAfterSetPasswordClient, email, "!Test.Password2");
        }
Exemple #15
0
        public async Task CannotLogInWithoutRequiredEmailConfirmation()
        {
            // Arrange
            var emailSender = new ContosoEmailSender();

            void ConfigureTestServices(IServiceCollection services) => services
            .SetupTestEmailSender(emailSender)
            .SetupEmailRequired();

            var server = ServerFactory.WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices));

            var client    = server.CreateClient();
            var newClient = server.CreateClient();

            var userName = $"{Guid.NewGuid()}@example.com";
            var password = $"[PLACEHOLDER]-1a";

            var loggedIn = await UserStories.RegisterNewUserAsync(client, userName, password);

            // Act & Assert
            // Use a new client to simulate a new browser session.
            await Assert.ThrowsAnyAsync <XunitException>(() => UserStories.LoginExistingUserAsync(newClient, userName, password));
        }
Exemple #16
0
        public async Task CannotLogInWithoutRequiredEmailConfirmation()
        {
            // Arrange
            var testEmailSender = new TestEmailSender();
            var server          = ServerFactory.CreateServer(builder =>
            {
                builder.ConfigureServices(services => services
                                          .AddSingleton <IEmailSender>(testEmailSender)
                                          .Configure <IdentityOptions>(opt => opt.SignIn.RequireConfirmedEmail = true));
            });

            var client    = ServerFactory.CreateDefaultClient(server);
            var newClient = ServerFactory.CreateDefaultClient(server);

            var userName = $"{Guid.NewGuid()}@example.com";
            var password = $"!Test.Password1$";

            var loggedIn = await UserStories.RegisterNewUserAsync(client, userName, password);

            // Act & Assert
            // Use a new client to simulate a new browser session.
            await Assert.ThrowsAnyAsync <XunitException>(() => UserStories.LoginExistingUserAsync(newClient, userName, password));
        }