public async Task CanLogInAfterConfirmingEmail_WithGlobalAuthorizeFilter()
{
// Arrange
var emailSender = new ContosoEmailSender();
void ConfigureTestServices(IServiceCollection services) => services
.SetupTestEmailSender(emailSender)
.SetupEmailRequired()
.SetupGlobalAuthorizeFilter();
var server = ServerFactory.WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices));
var client = server.CreateClient();
var newClient = server.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"[PLACEHOLDER]-1a";
var loggedIn = await UserStories.RegisterNewUserAsync(client, userName, password);
// Act & Assert
// Use a new client to simulate a new browser session.
var email = Assert.Single(emailSender.SentEmails);
await UserStories.ConfirmEmailAsync(email, newClient);
await UserStories.LoginExistingUserAsync(newClient, userName, password);
}
public async Task UserNotLockedOut_AfterMaxFailedAccessAttempts_WithGlobalAuthorizeFilter()
{
// Arrange
var emailSender = new ContosoEmailSender();
void ConfigureTestServices(IServiceCollection services) =>
services.SetupGlobalAuthorizeFilter().SetupMaxFailedAccessAttempts().SetupTestEmailSender(emailSender);
var server = ServerFactory.WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices));
var client = server.CreateClient();
var newClient = server.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
var wrongPassword = $"!Wrong.Password1$";
await UserStories.RegisterNewUserAsync(client, userName, password);
var registrationEmail = Assert.Single(emailSender.SentEmails);
await UserStories.ConfirmEmailAsync(registrationEmail, client);
// Act & Assert
await UserStories.LoginFailsWithWrongPasswordAsync(newClient, userName, wrongPassword);
}
public async Task CanResendConfirmingEmail()
{
// Arrange
var emailSender = new ContosoEmailSender();
void ConfigureTestServices(IServiceCollection services) => services
.SetupTestEmailSender(emailSender)
.SetupEmailRequired();
var server = ServerFactory.WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices));
var client = server.CreateClient();
var newClient = server.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"[PLACEHOLDER]-1a";
var loggedIn = await UserStories.RegisterNewUserAsync(client, userName, password);
// Act & Assert
// Use a new client to simulate a new browser session.
await UserStories.ResendConfirmEmailAsync(server.CreateClient(), userName);
Assert.Equal(2, emailSender.SentEmails.Count);
var email = emailSender.SentEmails.Last();
await UserStories.ConfirmEmailAsync(email, newClient);
}
public async Task CanLogInWithTwoFactorAuthentication_WithGlobalAuthorizeFilter()
{
// Arrange
void ConfigureTestServices(IServiceCollection services) =>
services.SetupGlobalAuthorizeFilter();
var server = ServerFactory
.WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices));
var client = server.CreateClient();
var newClient = server.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
var loggedIn = await UserStories.RegisterNewUserAsync(client, userName, password);
var showRecoveryCodes = await UserStories.EnableTwoFactorAuthentication(loggedIn);
var twoFactorKey = showRecoveryCodes.Context.AuthenticatorKey;
// Act & Assert
// Use a new client to simulate a new browser session.
await UserStories.LoginExistingUser2FaAsync(newClient, userName, password, twoFactorKey);
}
public async Task CanResetPassword_WithGlobalAuthorizeFilter()
{
// Arrange
var emailSender = new ContosoEmailSender();
void ConfigureTestServices(IServiceCollection services) =>
services.SetupGlobalAuthorizeFilter().SetupTestEmailSender(emailSender);
var server = ServerFactory.WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices));
var client = server.CreateClient();
var resetPasswordClient = server.CreateClient();
var newClient = server.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
var newPassword = $"!New.Password1$";
await UserStories.RegisterNewUserAsync(client, userName, password);
var registrationEmail = Assert.Single(emailSender.SentEmails);
await UserStories.ConfirmEmailAsync(registrationEmail, client);
// Act & Assert
await UserStories.ForgotPasswordAsync(resetPasswordClient, userName);
Assert.Equal(2, emailSender.SentEmails.Count);
var email = emailSender.SentEmails[1];
await UserStories.ResetPasswordAsync(resetPasswordClient, email, userName, newPassword);
await UserStories.LoginExistingUserAsync(newClient, userName, newPassword);
}
public async Task CanDownloadPersonalData(bool twoFactor, bool social)
{
// Arrange
void ConfigureTestServices(IServiceCollection services) =>
services.SetupTestThirdPartyLogin();
var client = ServerFactory
.WithWebHostBuilder(whb => whb.ConfigureTestServices(ConfigureTestServices))
.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var guid = Guid.NewGuid();
var email = userName;
var index = social
? await UserStories.RegisterNewUserWithSocialLoginAsync(client, userName, email)
: await UserStories.RegisterNewUserAsync(client, email, "!TestPassword1");
if (twoFactor)
{
await UserStories.EnableTwoFactorAuthentication(index);
}
// Act & Assert
var jsonData = await UserStories.DownloadPersonalData(index, userName);
Assert.NotNull(jsonData);
Assert.True(jsonData.ContainsKey("Id"));
Assert.NotNull(jsonData["Id"]);
Assert.True(jsonData.ContainsKey("UserName"));
Assert.Equal(userName, (string)jsonData["UserName"]);
Assert.True(jsonData.ContainsKey("Email"));
Assert.Equal(userName, (string)jsonData["Email"]);
Assert.True(jsonData.ContainsKey("EmailConfirmed"));
Assert.False((bool)jsonData["EmailConfirmed"]);
Assert.True(jsonData.ContainsKey("PhoneNumber"));
Assert.Equal("null", (string)jsonData["PhoneNumber"]);
Assert.True(jsonData.ContainsKey("PhoneNumberConfirmed"));
Assert.False((bool)jsonData["PhoneNumberConfirmed"]);
Assert.Equal(twoFactor, (bool)jsonData["TwoFactorEnabled"]);
if (twoFactor)
{
Assert.NotNull(jsonData["Authenticator Key"]);
}
else
{
Assert.Null((string)jsonData["Authenticator Key"]);
}
if (social)
{
Assert.Equal(userName, (string)jsonData["Contoso external login provider key"]);
}
else
{
Assert.Null((string)jsonData["Contoso external login provider key"]);
}
}
public async Task CanRegisterAUser()
{
// Arrange
var client = ServerFactory.CreateDefaultClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
// Act & Assert
await UserStories.RegisterNewUserAsync(client, userName, password);
}
public async Task AuthenticatedUserCanAccessAuthorizedPages(string url)
{
// Arrange
var client = ServerFactory.CreateDefaultClient();
await UserStories.RegisterNewUserAsync(client);
// Act
var response = await client.GetAsync(url);
// Assert
await ResponseAssert.IsHtmlDocumentAsync(response);
}
public async Task CanEnableTwoFactorAuthentication()
{
// Arrange
var client = ServerFactory.CreateDefaultClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
var index = await UserStories.RegisterNewUserAsync(client, userName, password);
// Act & Assert
await UserStories.EnableTwoFactorAuthentication(index, twoFactorEnabled : false);
}
public async Task GetOnDownloadPersonalData_ReturnsNotFound()
{
// Arrange
var client = ServerFactory
.CreateClient();
await UserStories.RegisterNewUserAsync(client);
// Act
var response = await client.GetAsync("/Identity/Account/Manage/DownloadPersonalData");
// Assert
Assert.Equal(HttpStatusCode.NotFound, response.StatusCode);
}
public async Task CanDeleteUser()
{
// Arrange
var client = ServerFactory
.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"[PLACEHOLDER]-1a";
var index = await UserStories.RegisterNewUserAsync(client, userName, password);
// Act & Assert
await UserStories.DeleteUser(index, password);
}
public async Task CannotEnableTwoFactorAuthenticationWithoutCookieConsent()
{
// Arrange
var client = ServerFactory
.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
var index = await UserStories.RegisterNewUserAsync(client, userName, password);
// Act & Assert
Assert.Null(await UserStories.EnableTwoFactorAuthentication(index, consent: false));
}
public async Task CanEnableTwoFactorAuthentication()
{
// Arrange
var client = ServerFactory
.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"[PLACEHOLDER]-1a";
var index = await UserStories.RegisterNewUserAsync(client, userName, password);
// Act & Assert
Assert.NotNull(await UserStories.EnableTwoFactorAuthentication(index));
}
public async Task CanLogInWithAPreviouslyRegisteredUser()
{
// Arrange
var client = ServerFactory.CreateClient();
var newClient = ServerFactory.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"[PLACEHOLDER]-1a";
// Act & Assert
await UserStories.RegisterNewUserAsync(client, userName, password);
// Use a new client to simulate a new browser session.
await UserStories.LoginExistingUserAsync(newClient, userName, password);
}
public async Task AuthenticatedUserCanAccessAuthorizedPages(string url)
{
using (StartLog(out var loggerFactory, $"{nameof(AuthenticatedUserCanAccessAuthorizedPages)}_{WebUtility.UrlEncode(url)}"))
{
// Arrange
var client = ServerFactory.CreateDefaultClient(loggerFactory);
await UserStories.RegisterNewUserAsync(client);
// Act
var response = await client.GetAsync(url);
// Assert
await ResponseAssert.IsHtmlDocumentAsync(response);
}
}
public async Task CanDeleteUser()
{
using (StartLog(out var loggerFactory))
{
// Arrange
var client = ServerFactory.CreateDefaultClient(loggerFactory);
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
var index = await UserStories.RegisterNewUserAsync(client, userName, password);
// Act & Assert
await UserStories.DeleteUser(index, password);
}
}
public async Task CanRegisterAUser_WithGlobalAuthorizeFilter()
{
// Arrange
void ConfigureTestServices(IServiceCollection services) =>
services.SetupGlobalAuthorizeFilter();
var client = ServerFactory
.WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices))
.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
// Act & Assert
await UserStories.RegisterNewUserAsync(client, userName, password);
}
public async Task CanRegisterAUser()
{
// Arrange
void ConfigureTestServices(IServiceCollection services)
{
return;
};
var client = ServerFactory
.WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices))
.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"[PLACEHOLDER]-1a";
// Act & Assert
await UserStories.RegisterNewUserAsync(client, userName, password);
}
public async Task CanLogInWithTwoFactorAuthentication()
{
// Arrange
var client = ServerFactory.CreateClient();
var newClient = ServerFactory.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"[PLACEHOLDER]-1a";
var loggedIn = await UserStories.RegisterNewUserAsync(client, userName, password);
var showRecoveryCodes = await UserStories.EnableTwoFactorAuthentication(loggedIn);
var twoFactorKey = showRecoveryCodes.Context.AuthenticatorKey;
// Act & Assert
// Use a new client to simulate a new browser session.
await UserStories.LoginExistingUser2FaAsync(newClient, userName, password, twoFactorKey);
}
public async Task CanLogInWithRecoveryCode()
{
// Arrange
var client = ServerFactory.CreateClient();
var newClient = ServerFactory.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
var loggedIn = await UserStories.RegisterNewUserAsync(client, userName, password);
var showRecoveryCodes = await UserStories.EnableTwoFactorAuthentication(loggedIn);
var recoveryCode = showRecoveryCodes.Context.RecoveryCodes.First();
// Act & Assert
// Use a new client to simulate a new browser session.
await UserStories.LoginExistingUserRecoveryCodeAsync(newClient, userName, password, recoveryCode);
}
public async Task CanLogInWithAPreviouslyRegisteredUser()
{
using (StartLog(out var loggerFactory))
{
// Arrange
var server = ServerFactory.CreateDefaultServer(loggerFactory);
var client = ServerFactory.CreateDefaultClient(server);
var newClient = ServerFactory.CreateDefaultClient(server);
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
// Act & Assert
await UserStories.RegisterNewUserAsync(client, userName, password);
// Use a new client to simulate a new browser session.
await UserStories.LoginExistingUserAsync(newClient, userName, password);
}
}
public async Task CanLogInWithTwoFactorAuthentication()
{
// Arrange
var server = ServerFactory.CreateDefaultServer();
var client = ServerFactory.CreateDefaultClient(server);
var newClient = ServerFactory.CreateDefaultClient(server);
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
var loggedIn = await UserStories.RegisterNewUserAsync(client, userName, password);
var showRecoveryCodes = await UserStories.EnableTwoFactorAuthentication(loggedIn, twoFactorEnabled : false);
var twoFactorKey = showRecoveryCodes.Context[EnableAuthenticator.AuthenticatorKey];
// Act & Assert
// Use a new client to simulate a new browser session.
await UserStories.LoginExistingUser2FaAsync(newClient, userName, password, twoFactorKey);
}
public async Task CanConfirmEmail()
{
// Arrange
var emails = new ContosoEmailSender();
var server = ServerFactory.CreateServer(builder =>
builder.ConfigureServices(s => s.SetupTestEmailSender(emails)));
var client = ServerFactory.CreateDefaultClient(server);
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
var index = await UserStories.RegisterNewUserAsync(client, userName, password);
var manageIndex = await UserStories.SendEmailConfirmationLinkAsync(index);
// Act & Assert
Assert.Equal(2, emails.SentEmails.Count);
var email = emails.SentEmails[1];
await UserStories.ConfirmEmailAsync(email, client);
}
public async Task CanLogInWithAPreviouslyRegisteredUser_WithGlobalAuthorizeFilter()
{
// Arrange
void ConfigureTestServices(IServiceCollection services) =>
services.SetupGlobalAuthorizeFilter();
var server = ServerFactory
.WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices));
var client = server.CreateClient();
var newClient = server.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"[PLACEHOLDER]-1a";
// Act & Assert
await UserStories.RegisterNewUserAsync(client, userName, password);
// Use a new client to simulate a new browser session.
await UserStories.LoginExistingUserAsync(newClient, userName, password);
}
public async Task CanDownloadPersonalData()
{
// Arrange
var client = ServerFactory.CreateDefaultClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
var index = await UserStories.RegisterNewUserAsync(client, userName, password);
// Act & Assert
var jsonData = await UserStories.DownloadPersonalData(index, userName);
Assert.Contains($"\"Id\":\"", jsonData);
Assert.Contains($"\"UserName\":\"{userName}\"", jsonData);
Assert.Contains($"\"Email\":\"{userName}\"", jsonData);
Assert.Contains($"\"EmailConfirmed\":\"False\"", jsonData);
Assert.Contains($"\"PhoneNumber\":\"null\"", jsonData);
Assert.Contains($"\"PhoneNumberConfirmed\":\"False\"", jsonData);
Assert.Contains($"\"TwoFactorEnabled\":\"False\"", jsonData);
}
public async Task CanChangeEmail()
{
// Arrange
var emails = new ContosoEmailSender();
var client = ServerFactory
.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
var newEmail = "*****@*****.**";
var index = await UserStories.RegisterNewUserAsync(client, userName, password);
var manageIndex = await UserStories.SendUpdateProfileAsync(index, newEmail);
// Act & Assert
var pageUserName = manageIndex.GetUserName();
Assert.Equal(newEmail, pageUserName);
var pageEmail = manageIndex.GetEmail();
Assert.Equal(newEmail, pageEmail);
}
public async Task CannotLogInWithoutRequiredEmailConfirmation()
{
// Arrange
var testEmailSender = new TestEmailSender();
var server = ServerFactory.CreateServer(builder =>
{
builder.ConfigureServices(services => services
.AddSingleton <IEmailSender>(testEmailSender)
.Configure <IdentityOptions>(opt => opt.SignIn.RequireConfirmedEmail = true));
});
var client = ServerFactory.CreateDefaultClient(server);
var newClient = ServerFactory.CreateDefaultClient(server);
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
var loggedIn = await UserStories.RegisterNewUserAsync(client, userName, password);
// Act & Assert
// Use a new client to simulate a new browser session.
await Assert.ThrowsAnyAsync <XunitException>(() => UserStories.LoginExistingUserAsync(newClient, userName, password));
}
public async Task CannotLogInWithoutRequiredEmailConfirmation()
{
// Arrange
var emailSender = new ContosoEmailSender();
void ConfigureTestServices(IServiceCollection services) => services
.SetupTestEmailSender(emailSender)
.SetupEmailRequired();
var server = ServerFactory.WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices));
var client = server.CreateClient();
var newClient = server.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"[PLACEHOLDER]-1a";
var loggedIn = await UserStories.RegisterNewUserAsync(client, userName, password);
// Act & Assert
// Use a new client to simulate a new browser session.
await Assert.ThrowsAnyAsync <XunitException>(() => UserStories.LoginExistingUserAsync(newClient, userName, password));
}
public async Task CanConfirmEmail()
{
// Arrange
var emails = new ContosoEmailSender();
void ConfigureTestServices(IServiceCollection services) =>
services.SetupTestEmailSender(emails);
var client = ServerFactory
.WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices))
.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
var index = await UserStories.RegisterNewUserAsync(client, userName, password);
var manageIndex = await UserStories.SendEmailConfirmationLinkAsync(index);
// Act & Assert
Assert.Equal(2, emails.SentEmails.Count);
var email = emails.SentEmails[1];
await UserStories.ConfirmEmailAsync(email, client);
}
public async Task CanResetAuthenticator()
{
// Arrange
var principals = new List <ClaimsPrincipal>();
void ConfigureTestServices(IServiceCollection services) =>
services
.SetupTestThirdPartyLogin()
.SetupGetUserClaimsPrincipal(user => principals.Add(user), IdentityConstants.ApplicationScheme);
var server = ServerFactory
.WithWebHostBuilder(whb => whb.ConfigureTestServices(ConfigureTestServices));
var client = server.CreateClient();
var newClient = server.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
// Act
var loggedIn = await UserStories.RegisterNewUserAsync(client, userName, password);
var showRecoveryCodes = await UserStories.EnableTwoFactorAuthentication(loggedIn);
var twoFactorKey = showRecoveryCodes.Context.AuthenticatorKey;
// Use a new client to simulate a new browser session.
await UserStories.AcceptCookiePolicy(newClient);
var index = await UserStories.LoginExistingUser2FaAsync(newClient, userName, password, twoFactorKey);
await UserStories.ResetAuthenticator(index);
// RefreshSignIn generates a new security stamp claim
AssertClaimsNotEqual(principals[1], principals[2], "AspNet.Identity.SecurityStamp");
}
