public async Task Alias_IndexPatchMatchingOld_NoContentWithChangedPassword() { using (IdentityWsDbContext ef = CreateEf()) { Being being = new Being { SaltedHashedPassword = Sha512Util.SaltAndHashNewPassword("password1") }; ef.Aliases.Add(new Alias { EmailAddress = "*****@*****.**", Being = being }); await ef.SaveChangesAsync(); AliasesController patient = new AliasesController(ef, dummyLog, now, dummyRunner); AliasesController.IndexPatchRequestBody body = new AliasesController.IndexPatchRequestBody { oldPassword = "******", password = "******" }; IActionResult result = await patient.IndexPatch("*****@*****.**", body); result.Should().BeOfType <NoContentResult>($"'{nameof(body.oldPassword)}' matched"); Sha512Util.TestPassword("p@ssword1", being.SaltedHashedPassword).Should().BeTrue("the password should have been changed"); } }
public async Task Alias_IndexPatchOldSameAsNew_Conflict() { using (IdentityWsDbContext ef = CreateEf()) { ef.Aliases.Add(new Alias { EmailAddress = "*****@*****.**", Being = new Being { SaltedHashedPassword = Sha512Util.SaltAndHashNewPassword("password1") } }); await ef.SaveChangesAsync(); AliasesController patient = new AliasesController(ef, dummyLog, now, dummyRunner); AliasesController.IndexPatchRequestBody body = new AliasesController.IndexPatchRequestBody { oldPassword = "******", password = "******" }; IActionResult result = await patient.IndexPatch("*****@*****.**", body); result.Should().BeOfType <StatusCodeResult>() .Which.StatusCode.Should().Be(409, $"'{nameof(body.password)}' must differ from '{nameof(body.oldPassword)}'"); } }
public async Task Alias_IndexPatchExpiredReset_NotAuthorized() { using (IdentityWsDbContext ef = CreateEf()) { ef.Aliases.Add(new Alias { EmailAddress = "*****@*****.**", Being = new Being { PasswordResetToken = "abracadabra", PasswordResetTokenValidUntil = now.UtcNow, SaltedHashedPassword = Sha512Util.SaltAndHashNewPassword("password1") } }); await ef.SaveChangesAsync(); AliasesController patient = new AliasesController(ef, dummyLog, now, dummyRunner); AliasesController.IndexPatchRequestBody body = new AliasesController.IndexPatchRequestBody { resetToken = "abracadabra", password = "******" }; IActionResult result = await patient.IndexPatch("*****@*****.**", body); result.Should().BeOfType <UnauthorizedResult>($"the reset token is expired"); } }
public async Task Alias_IndexPatchMismatchingOld_NotAuthorized() { using (IdentityWsDbContext ef = CreateEf()) { ef.Aliases.Add(new Alias { EmailAddress = "*****@*****.**", Being = new Being { SaltedHashedPassword = Sha512Util.SaltAndHashNewPassword("password1") } }); await ef.SaveChangesAsync(); AliasesController patient = new AliasesController(ef, dummyLog, now, dummyRunner); AliasesController.IndexPatchRequestBody body = new AliasesController.IndexPatchRequestBody { oldPassword = "******", password = "******" }; IActionResult result = await patient.IndexPatch("*****@*****.**", body); result.Should().BeOfType <UnauthorizedResult>($"'{nameof(body.oldPassword)}' does not match"); } }
public async Task NoAlias_IndexPatch_NotFound() { using (IdentityWsDbContext ef = CreateEf()) { AliasesController patient = new AliasesController(ef, dummyLog, now, dummyRunner); AliasesController.IndexPatchRequestBody body = new AliasesController.IndexPatchRequestBody { password = "******" }; IActionResult result = await patient.IndexPatch("*****@*****.**", body); result.Should().BeOfType <NotFoundResult>("the alias does not exist in the database"); } }
public async Task Alias_IndexPatchNoOldPasswordOrResetToken_BadRequest() { using (IdentityWsDbContext ef = CreateEf()) { ef.Aliases.Add(new Alias { EmailAddress = "*****@*****.**", Being = new Being { SaltedHashedPassword = Sha512Util.SaltAndHashNewPassword("password1") } }); await ef.SaveChangesAsync(); AliasesController patient = new AliasesController(ef, dummyLog, now, dummyRunner); AliasesController.IndexPatchRequestBody body = new AliasesController.IndexPatchRequestBody { password = "******" }; IActionResult result = await patient.IndexPatch("*****@*****.**", body); result.Should().BeOfType <BadRequestResult>($"neither {nameof(body.resetToken)} nor {nameof(body.oldPassword)} was provided"); } }