public async Task ShouldReturnCorrectResponseForSuccessLogin() { var credentials = new LoginRequest//Demi credentials { UserName = "******", Password = "******" }; var loginResponse = await _httpClient.PostAsync("api/account/login", new StringContent(JsonSerializer.Serialize(credentials), Encoding.UTF8, MediaTypeNames.Application.Json)); //post to the controller Assert.AreEqual(HttpStatusCode.OK, loginResponse.StatusCode); //Expect status code 200 ok var loginResponseContent = await loginResponse.Content.ReadAsStringAsync(); //Get response content as json string var loginResult = JsonSerializer.Deserialize <LoginResult>(loginResponseContent); //Desirialize the json string back to LoginResult Assert.AreEqual(credentials.UserName, loginResult.UserName); //Username in the LoginResult is the same as the username passed to the contoller Assert.AreEqual(UserRoles.Administrator.ToString(), loginResult.Role); //User role is administrator Assert.IsFalse(string.IsNullOrWhiteSpace(loginResult.AccessToken)); //Access Token is not null and not empty Assert.IsFalse(string.IsNullOrWhiteSpace(loginResult.RefreshToken)); //Refresh Token is not null and not empty var jwtAuthManager = _serviceProvider.GetRequiredService <IJwtAuthManager>(); //Get the IJwtAuthManager service from the service collection var(principal, jwtSecurityToken) = jwtAuthManager.DecodeJwtToken(loginResult.AccessToken); //User DecodeJwtToken from IJwtAuthManager sevice and get the claims+JWTSecurityToken Assert.AreEqual(credentials.UserName, principal.Identity.Name); //The username in the claims should be the same as the username passed to the contoller Assert.AreEqual(UserRoles.Administrator.ToString(), principal.FindFirst(ClaimTypes.Role).Value); //User role in the claims is administrator Assert.IsNotNull(jwtSecurityToken); //Maybe test later that LoginToken in the claims is also valid }
internal static async Task Main_Admin_Login(HttpClient httpClient) { var credentials = new LoginRequest//Demi credentials { UserName = "******", Password = "******" }; var loginResponse = await httpClient.PostAsync("api/account/login", new StringContent(JsonSerializer.Serialize(credentials), Encoding.UTF8, MediaTypeNames.Application.Json)); var loginResponseContent = await loginResponse.Content.ReadAsStringAsync(); //Get response content as json string var loginResult = JsonSerializer.Deserialize <LoginResult>(loginResponseContent); //Desirialize the json string back to LoginResult httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(JwtBearerDefaults.AuthenticationScheme, loginResult.AccessToken); //Set the Jwt access token in the request header }
internal static async Task <CreateCustomerDTO> Customer_Login(HttpClient httpClient, CreateCustomerDTO createCustomerDTO = null) { if (createCustomerDTO == null) { createCustomerDTO = new CreateCustomerDTO { FirstName = "Customer", LastName = "Custom", Address = null, PhoneNumber = "052-1234567", CreditCardNumber = null, User = new CreateUserDTO { UserName = "******", Password = "******", Email = "*****@*****.**", } }; } await Main_Admin_Login(httpClient); await Create_Customer_For_Tests(httpClient, createCustomerDTO); var credentials = new LoginRequest//Demi credentials { UserName = createCustomerDTO.User.UserName, Password = createCustomerDTO.User.Password }; var loginResponse = await httpClient.PostAsync("api/account/login", new StringContent(JsonSerializer.Serialize(credentials), Encoding.UTF8, MediaTypeNames.Application.Json)); var loginResponseContent = await loginResponse.Content.ReadAsStringAsync(); //Get response content as json string var loginResult = JsonSerializer.Deserialize <LoginResult>(loginResponseContent); //Desirialize the json string back to LoginResult httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(JwtBearerDefaults.AuthenticationScheme, loginResult.AccessToken); //Set the Jwt access token in the request header return(createCustomerDTO); }
internal static async Task Airline_Company_Login(HttpClient httpClient, CreateAirlineCompanyDTO createAirlineCompanyDTO = null, bool create_airline = true) { if (createAirlineCompanyDTO == null) { createAirlineCompanyDTO = new CreateAirlineCompanyDTO { Name = "El Al", CountryId = 1, User = new CreateUserDTO { UserName = "******", Password = "******", Email = "*****@*****.**", } }; } if (create_airline) { await Main_Admin_Login(httpClient); await Create_Airline_Company_For_Tests(httpClient, createAirlineCompanyDTO); } var credentials = new LoginRequest//Demi credentials { UserName = createAirlineCompanyDTO.User.UserName, Password = createAirlineCompanyDTO.User.Password }; var loginResponse = await httpClient.PostAsync("api/account/login", new StringContent(JsonSerializer.Serialize(credentials), Encoding.UTF8, MediaTypeNames.Application.Json)); var loginResponseContent = await loginResponse.Content.ReadAsStringAsync(); //Get response content as json string var loginResult = JsonSerializer.Deserialize <LoginResult>(loginResponseContent); //Desirialize the json string back to LoginResult httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(JwtBearerDefaults.AuthenticationScheme, loginResult.AccessToken); //Set the Jwt access token in the request header }
public async Task ShouldBeAbleToLogout() { var credentials = new LoginRequest//Demi credentials { UserName = "******", Password = "******" }; var loginResponse = await _httpClient.PostAsync("api/account/login", new StringContent(JsonSerializer.Serialize(credentials), Encoding.UTF8, MediaTypeNames.Application.Json)); //post to the controller var loginResponseContent = await loginResponse.Content.ReadAsStringAsync(); //Get response content as json string var loginResult = JsonSerializer.Deserialize <LoginResult>(loginResponseContent); //Desirialize the json string back to LoginResult var jwtAuthManager = _serviceProvider.GetRequiredService <IJwtAuthManager>(); //Get the IJwtAuthManager service from the service collection Assert.IsTrue(jwtAuthManager.UsersRefreshTokensReadOnlyDictionary.ContainsKey(loginResult.RefreshToken)); //Check that the refresh tokens dictionary contains the refresh token recived in login result _httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(JwtBearerDefaults.AuthenticationScheme, loginResult.AccessToken); //Set the Jwt access token in the request header var logoutResponse = await _httpClient.PostAsync("api/account/logout", null); //Post to the contoller to logout Assert.AreEqual(HttpStatusCode.OK, logoutResponse.StatusCode); //The response code is 200 ok Assert.IsFalse(jwtAuthManager.UsersRefreshTokensReadOnlyDictionary.ContainsKey(loginResult.RefreshToken)); //The refresh token dictionary no longer contains the refresh token }