public void FindsUsersByEmailAddress()
{
var user = new User
{
Username = "******",
HashedPassword = "******",
EmailAddress = "*****@*****.**",
PasswordHashAlgorithm = "PBKDF2"
};
var service = new TestableUserService();
service.MockUserRepository
.Setup(r => r.GetAll())
.Returns(new[] { user }.AsQueryable());
service.MockCrypto
.Setup(c => c.ValidateSaltedHash(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <string>()))
.Returns(true);
var foundByEmailAddress = service.FindByUsernameOrEmailAddressAndPassword("*****@*****.**", "thePassword");
Assert.NotNull(foundByEmailAddress);
Assert.Same(user, foundByEmailAddress);
}
public void FindsUsersUpdatesPasswordIfUsingLegacyHashAlgorithm()
{
var user = new User
{
Username = "******",
HashedPassword = "******",
EmailAddress = "*****@*****.**",
PasswordHashAlgorithm = "SHA1"
};
var service = new TestableUserService();
service.MockUserRepository
.Setup(r => r.GetAll())
.Returns(new[] { user }.AsQueryable());
service.MockUserRepository
.Setup(r => r.CommitChanges())
.Verifiable();
service.MockCrypto
.Setup(c => c.ValidateSaltedHash("theHashedPassword", "thePassword", "SHA1"))
.Returns(true);
service.MockCrypto
.Setup(c => c.GenerateSaltedHash("thePassword", "PBKDF2"))
.Returns("theBetterHashedPassword");
service.FindByUsernameOrEmailAddressAndPassword("*****@*****.**", "thePassword");
Assert.Equal("PBKDF2", user.PasswordHashAlgorithm);
Assert.Equal("theBetterHashedPassword", user.HashedPassword);
service.MockUserRepository.Verify(r => r.CommitChanges(), Times.Once());
}
public void FindsUsersByEmailAddress()
{
var user = new User
{
Username = "******",
HashedPassword = CryptographyService.GenerateSaltedHash("thePassword", Constants.PBKDF2HashAlgorithmId),
EmailAddress = "*****@*****.**",
PasswordHashAlgorithm = "PBKDF2"
};
var service = new TestableUserService();
service.MockUserRepository
.Setup(r => r.GetAll())
.Returns(new[] { user }.AsQueryable());
var foundByEmailAddress = service.FindByUsernameOrEmailAddressAndPassword("*****@*****.**", "thePassword");
Assert.NotNull(foundByEmailAddress);
Assert.Same(user, foundByEmailAddress);
}
public void FindsUsersByEmailAddress()
{
var user = new User
{
Username = "******",
HashedPassword = CryptographyService.GenerateSaltedHash("thePassword", Constants.PBKDF2HashAlgorithmId),
EmailAddress = "*****@*****.**",
PasswordHashAlgorithm = "PBKDF2"
};
var service = new TestableUserService();
service.MockUserRepository
.Setup(r => r.GetAll())
.Returns(new[] { user }.AsQueryable());
var foundByEmailAddress = service.FindByUsernameOrEmailAddressAndPassword("*****@*****.**", "thePassword");
Assert.NotNull(foundByEmailAddress);
Assert.Same(user, foundByEmailAddress);
}
public void FindsUsersUpdatesPasswordIfUsingLegacyHashAlgorithm()
{
var user = new User
{
Username = "******",
HashedPassword = CryptographyService.GenerateSaltedHash("thePassword", "SHA1"),
PasswordHashAlgorithm = "SHA1",
EmailAddress = "*****@*****.**",
};
var service = new TestableUserService();
service.MockUserRepository
.Setup(r => r.GetAll())
.Returns(new[] { user }.AsQueryable());
service.MockUserRepository
.Setup(r => r.CommitChanges())
.Verifiable();
service.FindByUsernameOrEmailAddressAndPassword("*****@*****.**", "thePassword");
Assert.Equal("PBKDF2", user.PasswordHashAlgorithm);
Assert.True(VerifyPasswordHash(user, "thePassword"));
service.MockUserRepository.Verify(r => r.CommitChanges(), Times.Once());
}
public void FindsUsersByEmailAddress()
{
var user = new User
{
Username = "******",
HashedPassword = "******",
EmailAddress = "*****@*****.**",
PasswordHashAlgorithm = "PBKDF2"
};
var service = new TestableUserService();
service.MockUserRepository
.Setup(r => r.GetAll())
.Returns(new[] { user }.AsQueryable());
service.MockCrypto
.Setup(c => c.ValidateSaltedHash(It.IsAny<string>(), It.IsAny<string>(), It.IsAny<string>()))
.Returns(true);
var foundByEmailAddress = service.FindByUsernameOrEmailAddressAndPassword("*****@*****.**", "thePassword");
Assert.NotNull(foundByEmailAddress);
Assert.Same(user, foundByEmailAddress);
}
public void GivenASHA1AndAPBKDF2CredentialItAuthenticatesUserAndRemovesTheSHA1Cred()
{
var user = CreateAUser("theUsername", password: null, emailAddress: "*****@*****.**");
user.Credentials.Add(CredentialBuilder.CreateSha1Password("thePassword"));
user.Credentials.Add(CredentialBuilder.CreatePbkdf2Password("thePassword"));
var service = new TestableUserService();
service.MockUserRepository.HasData(user);
service.MockCredentialRepository.HasData(user.Credentials);
var foundByUserName = service.FindByUsernameOrEmailAddressAndPassword("*****@*****.**", "thePassword");
var cred = foundByUserName.Credentials.Single();
Assert.Same(user, foundByUserName);
Assert.Equal(CredentialTypes.Password.Pbkdf2, cred.Type);
Assert.True(CryptographyService.ValidateSaltedHash(cred.Value, "thePassword", Constants.PBKDF2HashAlgorithmId));
}
public void GivenASHA1AndAPBKDF2CredentialItAuthenticatesUserWithEitherCredential()
{
var user = CreateAUser("*****@*****.**", password: null, emailAddress: "*****@*****.**");
user.Credentials.Add(CredentialBuilder.CreateSha1Password("thePassword1"));
user.Credentials.Add(CredentialBuilder.CreatePbkdf2Password("thePassword2"));
var service = new TestableUserService();
service.MockUserRepository.HasData(user);
service.MockCredentialRepository.HasData(user.Credentials);
var foundByPassword1 = service.FindByUsernameOrEmailAddressAndPassword("*****@*****.**", "thePassword1");
var foundByPassword2 = service.FindByUsernameOrEmailAddressAndPassword("*****@*****.**", "thePassword2");
Assert.Same(user, foundByPassword1);
Assert.Same(foundByPassword1, foundByPassword2);
}
public void GivenAPBKDF2PasswordColumnAndNoCredentialsItAuthenticatesUser()
{
var user = CreateAUser("*****@*****.**", "thePassword", "*****@*****.**", hashAlgorithm: Constants.PBKDF2HashAlgorithmId);
var service = new TestableUserService();
service.MockUserRepository.HasData(user);
var foundByUserName = service.FindByUsernameOrEmailAddressAndPassword("*****@*****.**", "thePassword");
Assert.Same(user, foundByUserName);
Assert.Empty(user.Credentials);
}
public void IfSomehowBothPasswordsExistItFindsUserBasedOnPasswordInCredentialsTable()
{
var user = CreateAUser("theUsername", "theWrongPassword", "*****@*****.**");
user.Credentials.Add(CreatePasswordCredential("thePassword"));
var service = new TestableUserService();
service.MockUserRepository.HasData(user);
service.MockCredentialRepository.HasData(user.Credentials);
var foundByUserName = service.FindByUsernameOrEmailAddressAndPassword("*****@*****.**", "thePassword");
Assert.NotNull(foundByUserName);
Assert.Same(user, foundByUserName);
}
