public void MfaAuthorizationSuccessfulTest_ChecksThatServiceReturnsTrueIfNoMfaSubscriptionIsSubscribed_VerifiesThroughReturnsValue() { IIdentityAccessPersistenceRepository persistenceRepository = (IIdentityAccessPersistenceRepository)ContextRegistry.GetContext()["IdentityAccessPersistenceRepository"]; IUserRepository userRepository = (IUserRepository)ContextRegistry.GetContext()["UserRepository"]; ISecurityKeysRepository securityKeysPairRepository = (ISecurityKeysRepository)ContextRegistry.GetContext()["SecurityKeysPairRepository"]; IMfaCodeSenderService mfaSmsService = (IMfaCodeSenderService)ContextRegistry.GetContext()["MfaSmsService"]; IMfaCodeSenderService mfaEmailService = (IMfaCodeSenderService)ContextRegistry.GetContext()["MfaEmailService"]; IMfaCodeGenerationService mfaCodeGenerationService = (IMfaCodeGenerationService)ContextRegistry.GetContext()["MfaCodeGenerationService"]; IMfaAuthorizationService mfaAuthorizationService = new MfaAuthorizationService(persistenceRepository, userRepository, securityKeysPairRepository, mfaSmsService, mfaEmailService, mfaCodeGenerationService); string apiKey = "123"; string userName = "******"; string phoneNumber = "2233344"; string email = "*****@*****.**"; User user = new User(userName, "asdf", "12345", "xyz", email, Language.English, TimeZone.CurrentTimeZone, new TimeSpan(1, 1, 1, 1), DateTime.Now, "Pakistan", "", phoneNumber, "1234"); persistenceRepository.SaveUpdate(user); user = userRepository.GetUserByUserName(userName); Assert.IsNotNull(user); SecurityKeysPair securityKeysPair = new SecurityKeysPair(user.Id, apiKey, "secret123", true, "#1"); persistenceRepository.SaveUpdate(securityKeysPair); Tuple <bool, string> authorizeAccess = mfaAuthorizationService.AuthorizeAccess(apiKey, MfaConstants.Deposit, ""); Assert.IsTrue(authorizeAccess.Item1); }
/// <summary> /// Initializes a new instance of the <see cref="T:System.Object"/> class. /// </summary> public MfaAuthorizationService(IIdentityAccessPersistenceRepository persistenceRepository, IUserRepository userRepository, ISecurityKeysRepository securityKeysRepository, IMfaCodeSenderService smsService, IMfaCodeSenderService emailService, IMfaCodeGenerationService codeGenerationService) { _persistenceRepository = persistenceRepository; _userRepository = userRepository; _securityKeysRepository = securityKeysRepository; _smsService = smsService; _emailService = emailService; _codeGenerationService = codeGenerationService; }
public void MfaAuthorizationFailTest_ChecksThatServiceReturnsTrueIfMfaCodesDontMatch_VerifiesThroughReturnsValue() { IIdentityAccessPersistenceRepository persistenceRepository = (IIdentityAccessPersistenceRepository)ContextRegistry.GetContext()["IdentityAccessPersistenceRepository"]; IUserRepository userRepository = (IUserRepository)ContextRegistry.GetContext()["UserRepository"]; ISecurityKeysRepository securityKeysPairRepository = (ISecurityKeysRepository)ContextRegistry.GetContext()["SecurityKeysPairRepository"]; IMfaCodeSenderService mfaSmsService = (IMfaCodeSenderService)ContextRegistry.GetContext()["MfaSmsService"]; IMfaCodeSenderService mfaEmailService = (IMfaCodeSenderService)ContextRegistry.GetContext()["MfaEmailService"]; IMfaCodeGenerationService mfaCodeGenerationService = (IMfaCodeGenerationService)ContextRegistry.GetContext()["MfaCodeGenerationService"]; IMfaSubscriptionRepository mfaSubscriptionRepository = (IMfaSubscriptionRepository)ContextRegistry.GetContext()["MfaSubscriptionRepository"]; IMfaAuthorizationService mfaAuthorizationService = new MfaAuthorizationService(persistenceRepository, userRepository, securityKeysPairRepository, mfaSmsService, mfaEmailService, mfaCodeGenerationService); string apiKey = "123"; string userName = "******"; string phoneNumber = "2233344"; string email = "*****@*****.**"; User user = new User(userName, "asdf", "12345", "xyz", email, Language.English, TimeZone.CurrentTimeZone, new TimeSpan(1, 1, 1, 1), DateTime.Now, "Pakistan", "", phoneNumber, "1234"); persistenceRepository.SaveUpdate(user); user = userRepository.GetUserByUserName(userName); Assert.IsNotNull(user); SecurityKeysPair securityKeysPair = new SecurityKeysPair(user.Id, apiKey, "secret123", true, "#1"); persistenceRepository.SaveUpdate(securityKeysPair); Tuple <bool, string> authorizeAccess = mfaAuthorizationService.AuthorizeAccess(apiKey, MfaConstants.Deposit, ""); Assert.IsTrue(authorizeAccess.Item1); IList <MfaSubscription> allSubscriptions = mfaSubscriptionRepository.GetAllSubscriptions(); IList <Tuple <string, string, bool> > mfaSubscriptions = new List <Tuple <string, string, bool> >(); foreach (var subscription in allSubscriptions) { mfaSubscriptions.Add(new Tuple <string, string, bool>(subscription.MfaSubscriptionId, subscription.MfaSubscriptionName, true)); } user.AssignMfaSubscriptions(mfaSubscriptions); persistenceRepository.SaveUpdate(user); authorizeAccess = mfaAuthorizationService.AuthorizeAccess(apiKey, MfaConstants.Deposit, null); Assert.IsFalse(authorizeAccess.Item1); // The Stub Implementation always generates and returns the same MFA Code. We manuipulate it so that the code is // incorrect string mfaCode = mfaCodeGenerationService.GenerateCode(); authorizeAccess = mfaAuthorizationService.AuthorizeAccess(apiKey, MfaConstants.Deposit, mfaCode + "1"); Assert.IsFalse(authorizeAccess.Item1); }
public void InitializationTest_TestsThatTheServiceIsInitializedUsingSpringDi_VerifiesThroughInstanceVariable() { IMfaCodeSenderService smsService = (IMfaCodeSenderService)ContextRegistry.GetContext()["MfaSmsService"]; Assert.IsNotNull(smsService); }
/// <summary> /// Check and validate Mfa Subscription for the given user action in the case of a system generated key /// </summary> /// <param name="user"></param> /// <param name="userId"></param> /// <param name="currentAction"></param> /// <param name="mfaCode"></param> /// <returns></returns> private Tuple <bool, string> CheckSystemGeneratedKeySubscription(User user, int userId, string currentAction, string mfaCode) { if (user != null) { // Check if the user has asked for the TFA for the current given action if (user.CheckMfaSubscriptions(currentAction)) { // If yes, check if the user contains a TFA code. If he does, verify the code if (!string.IsNullOrEmpty(user.MfaCode)) { // If the given code is not null or empty if (!string.IsNullOrEmpty(mfaCode)) { // If the given code matches the user's stored mfa code, then return true if (user.VerifyMfaCode(mfaCode)) { return(new Tuple <bool, string>(true, "Verification Successful")); } else { Log.Error( string.Format("MFA code could not be verified: User ID = {0}, Action = {1}", userId, currentAction)); //throw new InvalidOperationException("MFA code could not be verified"); return(new Tuple <bool, string>(false, "Mfa Code is incorrect")); } } else { Log.Error(string.Format("MFA code is null: User ID = {0}, Action = {1}", userId, currentAction)); //throw new NullReferenceException(string.Format("Given MFA code is null: User ID = {0}", userId)); return(new Tuple <bool, string>(false, string.Format("Given MFA code is null: User ID = {0}", userId))); } } // Else, send the user a new code, via email or SMS, to whichever the user has subscribed to else { // Generate a new one time pass code string theCode = _codeGenerationService.GenerateCode(); // Returns if email is enabled or not, and Email Address/Phone Number respectively Tuple <bool, string> isEmailMfaEnabled = user.IsEmailMfaEnabled(); // Assign the MFA code to the user instance user.AssignMfaCode(theCode); // Save user instance with changes _persistenceRepository.SaveUpdate(user); // Get the service to which the user has subscribed to, Email or SMS IMfaCodeSenderService mfaCodeSenderService = GetService(isEmailMfaEnabled.Item1); // Send the user an MFA Code and assign it to the current user mfaCodeSenderService.SendCode(isEmailMfaEnabled.Item2, theCode); return(new Tuple <bool, string>(false, "Enter TFA")); } } // If the user has not subscribed TFA for any action, then let the user go ahead without any more checks else { Log.Debug(string.Format("MFA not enabled: User ID = {0} | Action = {1}. Request will proceed", userId, currentAction)); return(new Tuple <bool, string>(true, "No MFA subscription enabled")); } } // If no user instance is found else { Log.Error(string.Format("No User found during MFA verification: User ID = {0}, Action = {1}", userId, currentAction)); //throw new NullReferenceException(string.Format("No User found for ID = {0}", userId)); return(new Tuple <bool, string>(false, string.Format("No User found for ID = {0}", userId))); } }