public async Task RememberBrowserSkipsTwoFactorVerificationSignIn(bool isPersistent) { // Setup var user = new TestUser { UserName = "******" }; var manager = MockHelpers.MockUserManager<TestUser>(); manager.Setup(m => m.GetTwoFactorEnabledAsync(user, CancellationToken.None)).ReturnsAsync(true).Verifiable(); manager.Setup(m => m.SupportsUserLockout).Returns(true).Verifiable(); manager.Setup(m => m.SupportsUserTwoFactor).Returns(true).Verifiable(); manager.Setup(m => m.IsLockedOutAsync(user, CancellationToken.None)).ReturnsAsync(false).Verifiable(); manager.Setup(m => m.FindByNameAsync(user.UserName, CancellationToken.None)).ReturnsAsync(user).Verifiable(); manager.Setup(m => m.GetUserIdAsync(user, CancellationToken.None)).ReturnsAsync(user.Id).Verifiable(); manager.Setup(m => m.CheckPasswordAsync(user, "password", CancellationToken.None)).ReturnsAsync(true).Verifiable(); var context = new Mock<HttpContext>(); var response = new Mock<HttpResponse>(); context.Setup(c => c.Response).Returns(response.Object).Verifiable(); response.Setup(r => r.SignIn(It.Is<ClaimsIdentity>(i => i.AuthenticationType == ClaimsIdentityOptions.DefaultAuthenticationType), It.Is<AuthenticationProperties>(v => v.IsPersistent == isPersistent))).Verifiable(); var id = new ClaimsIdentity(HttpAuthenticationManager.TwoFactorRememberedAuthenticationType); id.AddClaim(new Claim(ClaimTypes.Name, user.Id)); var authResult = new AuthenticationResult(id, new AuthenticationProperties(), new AuthenticationDescription()); context.Setup(c => c.AuthenticateAsync(HttpAuthenticationManager.TwoFactorRememberedAuthenticationType)).ReturnsAsync(authResult).Verifiable(); var contextAccessor = new Mock<IContextAccessor<HttpContext>>(); contextAccessor.Setup(a => a.Value).Returns(context.Object); var signInService = new HttpAuthenticationManager(contextAccessor.Object); var roleManager = MockHelpers.MockRoleManager<TestRole>(); var claimsFactory = new Mock<ClaimsIdentityFactory<TestUser, TestRole>>(manager.Object, roleManager.Object); claimsFactory.Setup(m => m.CreateAsync(user, manager.Object.Options.ClaimsIdentity, CancellationToken.None)).ReturnsAsync(new ClaimsIdentity(ClaimsIdentityOptions.DefaultAuthenticationType)).Verifiable(); var helper = new SignInManager<TestUser>(manager.Object, signInService, claimsFactory.Object); // Act var result = await helper.PasswordSignInAsync(user.UserName, "password", isPersistent, false); // Assert Assert.Equal(SignInStatus.Success, result); manager.VerifyAll(); context.VerifyAll(); response.VerifyAll(); contextAccessor.VerifyAll(); claimsFactory.VerifyAll(); }
public void RememberClientStoresUserId() { // Setup var user = new TestUser { UserName = "******" }; var context = new Mock <HttpContext>(); var response = new Mock <HttpResponse>(); context.Setup(c => c.Response).Returns(response.Object).Verifiable(); response.Setup(r => r.SignIn(It.Is <ClaimsIdentity>(i => i.AuthenticationType == HttpAuthenticationManager.TwoFactorRememberedAuthenticationType))).Verifiable(); var id = new ClaimsIdentity(HttpAuthenticationManager.TwoFactorRememberedAuthenticationType); id.AddClaim(new Claim(ClaimTypes.Name, user.Id)); var authResult = new AuthenticationResult(id, new AuthenticationProperties(), new AuthenticationDescription()); var contextAccessor = new Mock <IContextAccessor <HttpContext> >(); contextAccessor.Setup(a => a.Value).Returns(context.Object); var signInService = new HttpAuthenticationManager(contextAccessor.Object); // Act signInService.RememberClient(user.Id); // Assert context.VerifyAll(); response.VerifyAll(); contextAccessor.VerifyAll(); }
public async Task RememberBrowserSkipsTwoFactorVerificationSignIn(bool isPersistent) { // Setup var user = new TestUser { UserName = "******" }; var manager = MockHelpers.MockUserManager <TestUser>(); manager.Setup(m => m.GetTwoFactorEnabledAsync(user, CancellationToken.None)).ReturnsAsync(true).Verifiable(); manager.Setup(m => m.SupportsUserLockout).Returns(true).Verifiable(); manager.Setup(m => m.SupportsUserTwoFactor).Returns(true).Verifiable(); manager.Setup(m => m.IsLockedOutAsync(user, CancellationToken.None)).ReturnsAsync(false).Verifiable(); manager.Setup(m => m.FindByNameAsync(user.UserName, CancellationToken.None)).ReturnsAsync(user).Verifiable(); manager.Setup(m => m.GetUserIdAsync(user, CancellationToken.None)).ReturnsAsync(user.Id).Verifiable(); manager.Setup(m => m.CheckPasswordAsync(user, "password", CancellationToken.None)).ReturnsAsync(true).Verifiable(); var context = new Mock <HttpContext>(); var response = new Mock <HttpResponse>(); context.Setup(c => c.Response).Returns(response.Object).Verifiable(); response.Setup(r => r.SignIn(It.Is <AuthenticationProperties>(v => v.IsPersistent == isPersistent), It.Is <ClaimsIdentity>(i => i.AuthenticationType == ClaimsIdentityOptions.DefaultAuthenticationType))).Verifiable(); var id = new ClaimsIdentity(HttpAuthenticationManager.TwoFactorRememberedAuthenticationType); id.AddClaim(new Claim(ClaimTypes.Name, user.Id)); var authResult = new AuthenticationResult(id, new AuthenticationProperties(), new AuthenticationDescription()); context.Setup(c => c.AuthenticateAsync(HttpAuthenticationManager.TwoFactorRememberedAuthenticationType)).ReturnsAsync(authResult).Verifiable(); var contextAccessor = new Mock <IContextAccessor <HttpContext> >(); contextAccessor.Setup(a => a.Value).Returns(context.Object); var signInService = new HttpAuthenticationManager(contextAccessor.Object); var roleManager = MockHelpers.MockRoleManager <TestRole>(); var identityOptions = new IdentityOptions(); var claimsFactory = new Mock <ClaimsIdentityFactory <TestUser, TestRole> >(manager.Object, roleManager.Object); claimsFactory.Setup(m => m.CreateAsync(user, identityOptions.ClaimsIdentity, CancellationToken.None)).ReturnsAsync(new ClaimsIdentity(ClaimsIdentityOptions.DefaultAuthenticationType)).Verifiable(); var options = new Mock <IOptionsAccessor <IdentityOptions> >(); options.Setup(a => a.Options).Returns(identityOptions); var helper = new SignInManager <TestUser>(manager.Object, signInService, claimsFactory.Object, options.Object); // Act var result = await helper.PasswordSignInAsync(user.UserName, "password", isPersistent, false); // Assert Assert.Equal(SignInStatus.Success, result); manager.VerifyAll(); context.VerifyAll(); response.VerifyAll(); contextAccessor.VerifyAll(); claimsFactory.VerifyAll(); }
protected AbstractAuthService(HttpAuthenticationManager authenticator) { authenticator_ = authenticator; }
/// <summary> /// Initializes a new instance of the <see cref="SecureService"/> class /// by using the given <see cref="HttpAuthenticationManager"/> object. /// </summary> /// <param name="authenticator_manager"> /// A <see cref="HttpAuthenticationManager"/> object that can be used to /// get a instance of the currently logged in <see cref="ISubject"/>. /// </param> public SecureService(HttpAuthenticationManager authenticator_manager) { authenticator_manager_ = authenticator_manager; }
public void RememberClientStoresUserId() { // Setup var user = new TestUser { UserName = "******" }; var context = new Mock<HttpContext>(); var response = new Mock<HttpResponse>(); context.Setup(c => c.Response).Returns(response.Object).Verifiable(); response.Setup(r => r.SignIn(It.Is<ClaimsIdentity>(i => i.AuthenticationType == HttpAuthenticationManager.TwoFactorRememberedAuthenticationType))).Verifiable(); var id = new ClaimsIdentity(HttpAuthenticationManager.TwoFactorRememberedAuthenticationType); id.AddClaim(new Claim(ClaimTypes.Name, user.Id)); var authResult = new AuthenticationResult(id, new AuthenticationProperties(), new AuthenticationDescription()); var contextAccessor = new Mock<IContextAccessor<HttpContext>>(); contextAccessor.Setup(a => a.Value).Returns(context.Object); var signInService = new HttpAuthenticationManager(contextAccessor.Object); // Act signInService.RememberClient(user.Id); // Assert context.VerifyAll(); response.VerifyAll(); contextAccessor.VerifyAll(); }