public async Task RefereshToken_When_Refresh_Token_Is_Valid()
{
var assertDatabase = await RfidDatabaseAssert.CreateAsync();
var requestModel = Examples.Administrator();
await RfidHttpClient.RegisterUserAsync(requestModel);
using (var genResponse = await RfidHttpClient.GenerateAuthTokenAsync(requestModel.Email, requestModel.Password))
{
var jtoken = await genResponse.Content.AsJObjectAsync();
using (var refreshResponse = await RfidHttpClient.RefreshAuthTokenAsync(jtoken.Token(), jtoken.RefreshToken()))
{
await AssertAuthTokenResponseAsync(refreshResponse, System.Net.HttpStatusCode.OK);
var rtoken = await refreshResponse.Content.AsJObjectAsync();
Assert.NotEqual(expected: jtoken.Token(), actual: rtoken.Token());
Assert.NotEqual(expected: jtoken.RefreshToken(), actual: rtoken.RefreshToken());
}
}
await assertDatabase.AssertCntAsync(requestModel);
}
public async Task RefreshToken_When_Invalid_Data(String token, String refreshToken)
{
var assertDatabase = await RfidDatabaseAssert.CreateAsync();
using (var httpResponse = await RfidHttpClient.RefreshAuthTokenAsync(token, refreshToken))
{
await AssertAuthTokenResponseAsync(httpResponse, System.Net.HttpStatusCode.BadRequest);
}
await assertDatabase.AssertCntAsync();
}
public async Task RefreshToken_When_Auth_Token_Generated_With_Correct_Alg_But_User_Does_Not_Exists()
{
var assertDatabase = await RfidDatabaseAssert.CreateAsync();
var auth = new RFID.REST.Areas.Auth.Services.Auth(null, null, Settings.GetDevelopmentAuthSettings());
var fakeToken = auth.GenerateToken("*****@*****.**", UserRoles.Admin);
using (var httpResponse = await RfidHttpClient.RefreshAuthTokenAsync(fakeToken.Token, fakeToken.RefreshToken))
{
await AssertAuthTokenResponseAsync(httpResponse, System.Net.HttpStatusCode.NotFound);
}
await assertDatabase.AssertCntAsync();
}
public async Task RefreshToken_When_Auth_Token_Generated_With_Different_Alg()
{
var assertDatabase = await RfidDatabaseAssert.CreateAsync();
var requestModel = Examples.Administrator();
await RfidHttpClient.RegisterUserAsync(requestModel);
var auth = new RFID.REST.Areas.Auth.Services.Auth(null, null, Settings.GetDevelopmentAuthSettings());
var fakeToken = auth.GenerateToken(requestModel.Email, UserRoles.Admin, SecurityAlgorithms.HmacSha384);
using (var httpResponse = await RfidHttpClient.RefreshAuthTokenAsync(fakeToken.Token, fakeToken.RefreshToken))
{
await AssertAuthTokenResponseAsync(httpResponse, System.Net.HttpStatusCode.NotFound);
}
await assertDatabase.AssertCntAsync(requestModel);
}
public async Task RefreshToken_When_User_Refresh_Token_Is_Invalid()
{
var assertDatabase = await RfidDatabaseAssert.CreateAsync();
var requestModel = Examples.Administrator();
await RfidHttpClient.RegisterUserAsync(requestModel);
using (var genResponse = await RfidHttpClient.GenerateAuthTokenAsync(requestModel.Email, requestModel.Password))
{
var jtoken = await genResponse.Content.AsJObjectAsync();
using (var refreshResponse = await RfidHttpClient.RefreshAuthTokenAsync(jtoken.Token(), Path.GetRandomFileName()))
{
await AssertAuthTokenResponseAsync(refreshResponse, System.Net.HttpStatusCode.NotFound);
}
}
await assertDatabase.AssertCntAsync(requestModel);
}
