Esempio n. 1
0
            public async Task GivenValidCredentials_RespondsWithBearerTokenWithRolesClaim()
            {
                // Arrange
                var url = GetAuthenticateUrl();

                var          userId             = Guid.NewGuid();
                const string emailAddress       = "*****@*****.**";
                const string password           = "******";
                const string productKey         = "This is a product key";
                const string testProductOneName = "Test Product One Name";
                const string testProductTwoName = "Test product Two Name";

                var hashedPassword = BCrypt.Net.BCrypt.HashPassword(password);

                var authenticate = new TestAuthenticateRequestBuilder()
                                   .WithEmailAddress(emailAddress)
                                   .WithPassword(password)
                                   .Build();

                var user = new TestUserEntityBuilder()
                           .WithId(userId)
                           .WithEmailAddress(emailAddress)
                           .WithPassword(hashedPassword)
                           .WithRole(UserRole.Administrator)
                           .Build();

                await _userCollection.InsertOneAsync(user);

                var license = new TestLicenseEntityBuilder()
                              .WithUserId(userId)
                              .WithKey(productKey)
                              .WithProduct(new TestLicenseProductEntityBuilder()
                                           .WithName(testProductOneName)
                                           .Build())
                              .WithProduct(new TestLicenseProductEntityBuilder()
                                           .WithName(testProductTwoName)
                                           .Build())
                              .Build();

                await _licenseCollection.InsertOneAsync(license);

                // Act
                var response = await HttpClient.PostAsJsonAsync(url, authenticate);

                // Assert
                var responseData = await response.Content.ReadFromJsonAsync <AuthenticatedResponse>();

                var jwtSecurityTokenHander = new JwtSecurityTokenHandler();
                var securityToken          = jwtSecurityTokenHander.ReadJwtToken(responseData.BearerToken);

                Assert.Multiple(() =>
                {
                    Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.OK));

                    var roleClaims             = securityToken.Claims.Where(x => x.Type == SubmarineRegisteredClaimNames.Roles);
                    var administratorRoleClaim = roleClaims.FirstOrDefault(x => x.Value == UserRole.Administrator.ToString());

                    Assert.That(administratorRoleClaim, Is.Not.Null);
                });
            }
Esempio n. 2
0
            public async Task GivenInvalidPasswordForUser_RespondsWithBadRequest()
            {
                var url = GetAuthenticateUrl();

                const string emailAddress = "*****@*****.**";
                const string password     = "******";

                var authenticate = new TestAuthenticateRequestBuilder()
                                   .WithEmailAddress(emailAddress)
                                   .WithPassword(password)
                                   .Build();

                var user = new TestUserEntityBuilder()
                           .WithEmailAddress(emailAddress)
                           .Build();

                await _userCollection.InsertOneAsync(user);

                // Act
                var response = await HttpClient.PostAsJsonAsync(url, authenticate);

                // Assert
                var responseData = await response.Content.ReadFromJsonAsync <ExceptionResponse>();

                Assert.Multiple(() =>
                {
                    Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.Conflict));
                    Assert.That(responseData.ExceptionCode, Is.EqualTo((int)ExceptionCode.DataMismatchException));
                    Assert.That(responseData.TechnicalMessage, Is.Not.Null);
                    Assert.That(responseData.UserMessage, Is.EqualTo(ExceptionMessages.Authentication.PasswordIsIncorrect));
                });
            }
Esempio n. 3
0
            public async Task GivenNoUserWithEmail_RespondsWithNotFound()
            {
                // Arrange
                var url = GetAuthenticateUrl();

                const string emailAddress = "*****@*****.**";
                const string password     = "******";

                var authenticate = new TestAuthenticateRequestBuilder()
                                   .WithEmailAddress(emailAddress)
                                   .WithPassword(password)
                                   .Build();

                // Act
                var response = await HttpClient.PostAsJsonAsync(url, authenticate);

                // Assert
                var responseData = await response.Content.ReadFromJsonAsync <ExceptionResponse>();

                Assert.Multiple(() =>
                {
                    Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.NotFound));
                    Assert.That(responseData.ExceptionCode, Is.EqualTo((int)ExceptionCode.EntityNotFound));
                    Assert.That(responseData.TechnicalMessage, Is.Not.Null);
                    Assert.That(responseData.UserMessage, Is.EqualTo(ExceptionMessages.User.UserNotFound));
                });
            }
Esempio n. 4
0
            public async Task GivenNoEmailAddress_RespondsWithModelState()
            {
                var url = GetAuthenticateUrl();

                const string password = "******";

                var authenticate = new TestAuthenticateRequestBuilder()
                                   .WithPassword(password)
                                   .Build();

                // Act
                var response = await HttpClient.PostAsJsonAsync(url, authenticate);

                // Assert
                var responseData = await response.Content.ReadFromJsonAsync <ValidationResponse>();

                Assert.Multiple(() =>
                {
                    Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.BadRequest));
                    DiagnoseaAssert.Contains(
                        responseData.Errors,
                        nameof(AuthenticateRequest.EmailAddress),
                        ExceptionMessages.Interchange.Required);
                });
            }
Esempio n. 5
0
            public async Task GivenValidCredentials_RespondsWithBearerTokenWithAudienceClaim()
            {
                // Arrange
                var url = GetAuthenticateUrl();

                var          userId             = Guid.NewGuid();
                const string emailAddress       = "*****@*****.**";
                const string password           = "******";
                const string productKey         = "This is a product key";
                const string testProductOneName = "Test Product One Name";
                const string testProductTwoName = "Test product Two Name";

                var hashedPassword = BCrypt.Net.BCrypt.HashPassword(password);

                var authenticate = new TestAuthenticateRequestBuilder()
                                   .WithEmailAddress(emailAddress)
                                   .WithPassword(password)
                                   .Build();

                var user = new TestUserEntityBuilder()
                           .WithId(userId)
                           .WithEmailAddress(emailAddress)
                           .WithPassword(hashedPassword)
                           .Build();

                await _userCollection.InsertOneAsync(user);

                var license = new TestLicenseEntityBuilder()
                              .WithUserId(userId)
                              .WithKey(productKey)
                              .WithProduct(new TestLicenseProductEntityBuilder()
                                           .WithName(testProductOneName)
                                           .Build())
                              .WithProduct(new TestLicenseProductEntityBuilder()
                                           .WithName(testProductTwoName)
                                           .Build())
                              .Build();

                await _licenseCollection.InsertOneAsync(license);

                // Act
                var response = await HttpClient.PostAsJsonAsync(url, authenticate);

                // Assert
                var responseData = await response.Content.ReadFromJsonAsync <AuthenticatedResponse>();

                var jwtSecurityTokenHander = new JwtSecurityTokenHandler();
                var securityToken          = jwtSecurityTokenHander.ReadJwtToken(responseData.BearerToken);

                Assert.Multiple(() =>
                {
                    Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.OK));
                    Assert.That(securityToken.Audiences.Contains(license.Key));
                });
            }
Esempio n. 6
0
            public async Task GivenNoPassword_RespondsWithModelState()
            {
                var url = GetAuthenticateUrl();

                const string emailAddress = "*****@*****.**";

                var authenticate = new TestAuthenticateRequestBuilder()
                                   .WithEmailAddress(emailAddress)
                                   .Build();

                // Act
                var response = await HttpClient.PostAsJsonAsync(url, authenticate);

                // Assert
                var responseData = await response.Content.ReadFromJsonAsync <ValidationResponse>();

                Assert.Multiple(() =>
                {
                    Assert.AreEqual(HttpStatusCode.BadRequest, response.StatusCode);
                    DiagnoseaAssert.Contains(responseData.Errors, nameof(AuthenticateRequest.Password), ExceptionMessages.Interchange.Required);
                });
            }