public async Task CanResetAuthenticator()
        {
            using (StartLog(out var loggerFactory))
            {
                // Arrange
                var principals = new List <ClaimsPrincipal>();
                var server     = ServerFactory.CreateServer(loggerFactory, builder =>
                                                            builder.ConfigureTestServices(s => s.SetupTestThirdPartyLogin()
                                                                                          .SetupGetUserClaimsPrincipal(user => principals.Add(user), IdentityConstants.ApplicationScheme)));

                var client    = ServerFactory.CreateDefaultClient(server);
                var newClient = ServerFactory.CreateDefaultClient(server);

                var userName = $"{Guid.NewGuid()}@example.com";
                var password = $"!Test.Password1$";

                // Act
                var loggedIn = await UserStories.RegisterNewUserAsync(client, userName, password);

                var showRecoveryCodes = await UserStories.EnableTwoFactorAuthentication(loggedIn);

                var twoFactorKey = showRecoveryCodes.Context.AuthenticatorKey;

                // Use a new client to simulate a new browser session.
                var index = await UserStories.LoginExistingUser2FaAsync(newClient, userName, password, twoFactorKey);

                await UserStories.ResetAuthenticator(index);

                // RefreshSignIn generates a new security stamp claim
                AssertClaimsNotEqual(principals[1], principals[2], "AspNet.Identity.SecurityStamp");
            }
        }
Exemple #2
0
        public async Task CanResetAuthenticator()
        {
            // Arrange
            var principals = new List <ClaimsPrincipal>();

            void ConfigureTestServices(IServiceCollection services) =>
            services
            .SetupTestThirdPartyLogin()
            .SetupGetUserClaimsPrincipal(user => principals.Add(user), IdentityConstants.ApplicationScheme);

            var server = ServerFactory
                         .WithWebHostBuilder(whb => whb.ConfigureTestServices(ConfigureTestServices));

            var client    = server.CreateClient();
            var newClient = server.CreateClient();

            var userName = $"{Guid.NewGuid()}@example.com";
            var password = $"[PLACEHOLDER]-1a";

            // Act
            var loggedIn = await UserStories.RegisterNewUserAsync(client, userName, password);

            var showRecoveryCodes = await UserStories.EnableTwoFactorAuthentication(loggedIn);

            var twoFactorKey = showRecoveryCodes.Context.AuthenticatorKey;

            // Use a new client to simulate a new browser session.
            await UserStories.AcceptCookiePolicy(newClient);

            var index = await UserStories.LoginExistingUser2FaAsync(newClient, userName, password, twoFactorKey);

            await UserStories.ResetAuthenticator(index);

            // RefreshSignIn generates a new security stamp claim
            AssertClaimsNotEqual(principals[1], principals[2], "AspNet.Identity.SecurityStamp");
        }