public async Task UnlockUserTest()
{
var user = await CreateRandomUser(true);
var client = new HttpClientAuthenticationHelper(_factory.CreateClient());
for (var i = 0; i < 5; i++)
{
await client.Login(user.UserName, "NotMyPAssword");
}
Assert.IsFalse((await client.Login(user.UserName, user.Password)).Value, "The user should be locked out");
var adminUser = await CreateRandomUser(true);
await client.Login(adminUser.UserName, adminUser.Password);
var unlockResponse = await client.UnlockUser(adminUser.UserName);
Assert.IsTrue(unlockResponse.Error.ContainsAll("You are not authorized for action", "claim is not set"));
AddClaimToUser(adminUser.UserName, AuthenticationServiceClaims.UnlockUserClaim);
var unlockResponseAfterSetClaim = await client.UnlockUser(user.UserName);
Assert.IsFalse(unlockResponseAfterSetClaim.IsError);
Assert.IsTrue((await client.Login(user.UserName, user.Password)).Value, "The user should be able to log in after the account has been unlocked.");
}
public async Task GeneratePasswordResetTokenTest()
{
var adminUser = await CreateRandomUser(true);
var user = await CreateRandomUser(true);
var newPassword = GetRandomPassword();
string token;
{
var client = new HttpClientAuthenticationHelper(_factory.CreateClient());
AddClaimToUser(adminUser.UserName, AuthenticationServiceClaims.GeneratePasswordResetTokenClaim);
await client.Login(adminUser.UserName, adminUser.Password);
token = (await client.GeneratePasswordResetToken(user.UserName)).Value;
}
{
var client = new HttpClientAuthenticationHelper(_factory.CreateClient());
await client.ResetPassword(user.UserName, token, newPassword);
Assert.IsTrue((await client.Login(user.UserName, newPassword)).Value);
}
}
public async Task LoginWithUserTest()
{
var user = await CreateRandomUser(true);
var client = new HttpClientAuthenticationHelper(_factory.CreateClient());
Assert.IsTrue((await client.Login(user.UserName, user.Password)).Value);
}
public async Task LoginWithoutMembershiplTest()
{
var user = await CreateRandomUser(false);
var client = new HttpClientAuthenticationHelper(_factory.CreateClient());
Assert.IsFalse((await client.Login(user.UserName, "test")).Value, "User without membership should not be able to log in.");
}
public async Task MethodsThatNeedAuthorizationTest()
{
var client = new HttpClientAuthenticationHelper(_factory.CreateClient());
ShouldReturnUnathorized(await client.ChangeMyPassword("test", "test"));
ShouldReturnUnathorized(await client.SetPassword("test", "test", false));
ShouldReturnUnathorized(await client.UnlockUser("test"));
}
public async Task CheckForClaimsTest()
{
var client = new HttpClientAuthenticationHelper(_factory.CreateClient());
var user = await CreateRandomUser(true);
await client.Login(user.UserName, user.Password);
ShouldReturnRequiresClaim(await client.SetPassword(user.UserName, "test", false), AuthenticationServiceClaims.SetPasswordClaim);
AddClaimToUser(user.UserName, AuthenticationServiceClaims.SetPasswordClaim);
ShouldReturnRequiresClaim(await client.SetPassword(user.UserName, "test", true), AuthenticationServiceClaims.IgnorePasswordStrengthPolicyClaim);
ShouldReturnRequiresClaim(await client.UnlockUser(user.UserName), AuthenticationServiceClaims.UnlockUserClaim);
ShouldReturnRequiresClaim(await client.GeneratePasswordResetToken(user.UserName), AuthenticationServiceClaims.GeneratePasswordResetTokenClaim);
}
public async Task SendPasswordResetTokenTest()
{
var user = await CreateRandomUser(true);
var client = new HttpClientAuthenticationHelper(_factory.CreateClient());
var additionalInfo = new Dictionary <string, string> {
{ "test", "test" }
};
await client.SendPasswordResetToken(user.UserName, additionalInfo);
var lastSentToken = SendPasswordResetTokenMock.SentTokens.Last();
Assert.AreEqual("test", lastSentToken.additionalClientInfo["test"]);
var newPassword = GetRandomPassword();
Assert.IsTrue((await client.ResetPassword(user.UserName, lastSentToken.passwordResetToken, newPassword)).Value);
//Assert.IsTrue((await client.Login(user.UserName, newPassword)).Value);
}
public async Task LoginWithoutPrincipalTest()
{
var client = new HttpClientAuthenticationHelper(_factory.CreateClient());
Assert.IsFalse((await client.Login(GetRandomUserName(), "test")).Value, "User with not Principal should not be able to log in.");
}