public void MfaAuthorizationNotSubscribedTest_TestsIfResultIsTrueWhenMfaIsNotSubscribedForAnyAction_VerifiesByReturnValue() { MockPersistenceRepository mockPersistenceRepository = new MockPersistenceRepository(true); MockUserRepository mockUserRepository = new MockUserRepository(); MockMfaEmailService mockMfaEmailService = new MockMfaEmailService(); MockSmsService mockSmsService = new MockSmsService(); MockMfaCodeGenerationService mockMfaCodeGenerationService = new MockMfaCodeGenerationService(); string userName = "******"; string phoneNumber = "2233344"; string email = "*****@*****.**"; User user = new User(userName, "asdf", "12345", "xyz", email, Language.English, TimeZone.CurrentTimeZone, new TimeSpan(1, 1, 1, 1), DateTime.Now, "Pakistan", "", phoneNumber, "1234"); MockSecurityKeysRepository mockSecurityKeysRepository = new MockSecurityKeysRepository(); string apiKey = "apikey123"; // Add Api Key to mock implementation mockSecurityKeysRepository.AddSecurityKeysPair(new SecurityKeysPair(user.Id, apiKey, "secretkey123", true, "Desc")); // Add user to mock implementation mockUserRepository.AddUser(user); MfaAuthorizationService mfaAuthorizationService = new MfaAuthorizationService(mockPersistenceRepository, mockUserRepository, mockSecurityKeysRepository, mockSmsService, mockMfaEmailService, mockMfaCodeGenerationService); Tuple <bool, string> authorizeAccess = mfaAuthorizationService.AuthorizeAccess(apiKey, "Login", null); Assert.IsTrue(authorizeAccess.Item1); }
public void MfaAuthorizationSuccessfulTest_ChecksThatServiceReturnsTrueIfNoMfaSubscriptionIsSubscribed_VerifiesThroughReturnsValue() { IIdentityAccessPersistenceRepository persistenceRepository = (IIdentityAccessPersistenceRepository)ContextRegistry.GetContext()["IdentityAccessPersistenceRepository"]; IUserRepository userRepository = (IUserRepository)ContextRegistry.GetContext()["UserRepository"]; ISecurityKeysRepository securityKeysPairRepository = (ISecurityKeysRepository)ContextRegistry.GetContext()["SecurityKeysPairRepository"]; IMfaCodeSenderService mfaSmsService = (IMfaCodeSenderService)ContextRegistry.GetContext()["MfaSmsService"]; IMfaCodeSenderService mfaEmailService = (IMfaCodeSenderService)ContextRegistry.GetContext()["MfaEmailService"]; IMfaCodeGenerationService mfaCodeGenerationService = (IMfaCodeGenerationService)ContextRegistry.GetContext()["MfaCodeGenerationService"]; IMfaAuthorizationService mfaAuthorizationService = new MfaAuthorizationService(persistenceRepository, userRepository, securityKeysPairRepository, mfaSmsService, mfaEmailService, mfaCodeGenerationService); string apiKey = "123"; string userName = "******"; string phoneNumber = "2233344"; string email = "*****@*****.**"; User user = new User(userName, "asdf", "12345", "xyz", email, Language.English, TimeZone.CurrentTimeZone, new TimeSpan(1, 1, 1, 1), DateTime.Now, "Pakistan", "", phoneNumber, "1234"); persistenceRepository.SaveUpdate(user); user = userRepository.GetUserByUserName(userName); Assert.IsNotNull(user); SecurityKeysPair securityKeysPair = new SecurityKeysPair(user.Id, apiKey, "secret123", true, "#1"); persistenceRepository.SaveUpdate(securityKeysPair); Tuple <bool, string> authorizeAccess = mfaAuthorizationService.AuthorizeAccess(apiKey, MfaConstants.Deposit, ""); Assert.IsTrue(authorizeAccess.Item1); }
public void MfaAuthorizationFailTest_ChecksThatServiceReturnsTrueIfMfaCodesDontMatch_VerifiesThroughReturnsValue() { IIdentityAccessPersistenceRepository persistenceRepository = (IIdentityAccessPersistenceRepository)ContextRegistry.GetContext()["IdentityAccessPersistenceRepository"]; IUserRepository userRepository = (IUserRepository)ContextRegistry.GetContext()["UserRepository"]; ISecurityKeysRepository securityKeysPairRepository = (ISecurityKeysRepository)ContextRegistry.GetContext()["SecurityKeysPairRepository"]; IMfaCodeSenderService mfaSmsService = (IMfaCodeSenderService)ContextRegistry.GetContext()["MfaSmsService"]; IMfaCodeSenderService mfaEmailService = (IMfaCodeSenderService)ContextRegistry.GetContext()["MfaEmailService"]; IMfaCodeGenerationService mfaCodeGenerationService = (IMfaCodeGenerationService)ContextRegistry.GetContext()["MfaCodeGenerationService"]; IMfaSubscriptionRepository mfaSubscriptionRepository = (IMfaSubscriptionRepository)ContextRegistry.GetContext()["MfaSubscriptionRepository"]; IMfaAuthorizationService mfaAuthorizationService = new MfaAuthorizationService(persistenceRepository, userRepository, securityKeysPairRepository, mfaSmsService, mfaEmailService, mfaCodeGenerationService); string apiKey = "123"; string userName = "******"; string phoneNumber = "2233344"; string email = "*****@*****.**"; User user = new User(userName, "asdf", "12345", "xyz", email, Language.English, TimeZone.CurrentTimeZone, new TimeSpan(1, 1, 1, 1), DateTime.Now, "Pakistan", "", phoneNumber, "1234"); persistenceRepository.SaveUpdate(user); user = userRepository.GetUserByUserName(userName); Assert.IsNotNull(user); SecurityKeysPair securityKeysPair = new SecurityKeysPair(user.Id, apiKey, "secret123", true, "#1"); persistenceRepository.SaveUpdate(securityKeysPair); Tuple <bool, string> authorizeAccess = mfaAuthorizationService.AuthorizeAccess(apiKey, MfaConstants.Deposit, ""); Assert.IsTrue(authorizeAccess.Item1); IList <MfaSubscription> allSubscriptions = mfaSubscriptionRepository.GetAllSubscriptions(); IList <Tuple <string, string, bool> > mfaSubscriptions = new List <Tuple <string, string, bool> >(); foreach (var subscription in allSubscriptions) { mfaSubscriptions.Add(new Tuple <string, string, bool>(subscription.MfaSubscriptionId, subscription.MfaSubscriptionName, true)); } user.AssignMfaSubscriptions(mfaSubscriptions); persistenceRepository.SaveUpdate(user); authorizeAccess = mfaAuthorizationService.AuthorizeAccess(apiKey, MfaConstants.Deposit, null); Assert.IsFalse(authorizeAccess.Item1); // The Stub Implementation always generates and returns the same MFA Code. We manuipulate it so that the code is // incorrect string mfaCode = mfaCodeGenerationService.GenerateCode(); authorizeAccess = mfaAuthorizationService.AuthorizeAccess(apiKey, MfaConstants.Deposit, mfaCode + "1"); Assert.IsFalse(authorizeAccess.Item1); }
public void MfaAuthorizationSubscribedFailsTest_ChecksThatResponseIsFalseWhenMfaCodeIsNotPresent_VerifiesByReturnValue() { // The first time of authorization, the user des not have the MFA code present, but the second time it is present // as it has been sent to the user MockPersistenceRepository mockPersistenceRepository = new MockPersistenceRepository(false); MockUserRepository mockUserRepository = new MockUserRepository(); MockMfaEmailService mockMfaEmailService = new MockMfaEmailService(); MockSmsService mockSmsService = new MockSmsService(); MockMfaCodeGenerationService mockMfaCodeGenerationService = new MockMfaCodeGenerationService(); string userName = "******"; string phoneNumber = "2233344"; string email = "*****@*****.**"; User user = new User(userName, "asdf", "12345", "xyz", email, Language.English, TimeZone.CurrentTimeZone, new TimeSpan(1, 1, 1, 1), DateTime.Now, "Pakistan", "", phoneNumber, "1234"); Tuple <string, string, bool> loginSubscription = new Tuple <string, string, bool>("LOG", "Login", true); Tuple <string, string, bool> depositSubscription = new Tuple <string, string, bool>("DEP", "Deposit", true); Tuple <string, string, bool> withdrawSubscription = new Tuple <string, string, bool>("WD", "Withdraw", true); Tuple <string, string, bool> placeOrderSubscription = new Tuple <string, string, bool>("PO", "PlaceOrder", true); Tuple <string, string, bool> cancelOrderSubscription = new Tuple <string, string, bool>("CO", "CancelOrder", true); IList <Tuple <string, string, bool> > subscriptionsList = new List <Tuple <string, string, bool> >(); subscriptionsList.Add(loginSubscription); subscriptionsList.Add(depositSubscription); subscriptionsList.Add(withdrawSubscription); subscriptionsList.Add(placeOrderSubscription); subscriptionsList.Add(cancelOrderSubscription); user.AssignMfaSubscriptions(subscriptionsList); MockSecurityKeysRepository mockSecurityKeysRepository = new MockSecurityKeysRepository(); string apiKey = "apikey123"; // Add Api Key to mock implementation mockSecurityKeysRepository.AddSecurityKeysPair(new SecurityKeysPair(user.Id, apiKey, "secretkey123", true, "Desc")); // Add user to mock implementation mockUserRepository.AddUser(user); MfaAuthorizationService mfaAuthorizationService = new MfaAuthorizationService(mockPersistenceRepository, mockUserRepository, mockSecurityKeysRepository, mockSmsService, mockMfaEmailService, mockMfaCodeGenerationService); // Login MFA Tuple <bool, string> authorizeAccess1 = mfaAuthorizationService.AuthorizeAccess(apiKey, loginSubscription.Item2, null); Assert.IsFalse(authorizeAccess1.Item1); }
//[ExpectedException(typeof(InvalidOperationException))] public void MfaAuthorizationSubscribedFailtTest_ChecksThatExceptionIsRaisedWhenMfaCodesDontMatch_VerifiesByReturnValue() { MockPersistenceRepository mockPersistenceRepository = new MockPersistenceRepository(false); MockUserRepository mockUserRepository = new MockUserRepository(); MockMfaEmailService mockMfaEmailService = new MockMfaEmailService(); MockSmsService mockSmsService = new MockSmsService(); MockMfaCodeGenerationService mockMfaCodeGenerationService = new MockMfaCodeGenerationService(); string userName = "******"; string phoneNumber = "2233344"; string email = "*****@*****.**"; User user = new User(userName, "asdf", "12345", "xyz", email, Language.English, TimeZone.CurrentTimeZone, new TimeSpan(1, 1, 1, 1), DateTime.Now, "Pakistan", "", phoneNumber, "1234"); Tuple <string, string, bool> loginSubscription = new Tuple <string, string, bool>("LOG", "Login", true); IList <Tuple <string, string, bool> > subscriptionsList = new List <Tuple <string, string, bool> >(); subscriptionsList.Add(loginSubscription); user.AssignMfaSubscriptions(subscriptionsList); MockSecurityKeysRepository mockSecurityKeysRepository = new MockSecurityKeysRepository(); string apiKey = "apikey123"; // Add Api Key to mock implementation mockSecurityKeysRepository.AddSecurityKeysPair(new SecurityKeysPair(user.Id, apiKey, "secretkey123", true, "Desc")); // Add user to mock implementation mockUserRepository.AddUser(user); MfaAuthorizationService mfaAuthorizationService = new MfaAuthorizationService(mockPersistenceRepository, mockUserRepository, mockSecurityKeysRepository, mockSmsService, mockMfaEmailService, mockMfaCodeGenerationService); // Login MFA Tuple <bool, string> authorizeAccess1 = mfaAuthorizationService.AuthorizeAccess(apiKey, loginSubscription.Item2, null); Assert.IsFalse(authorizeAccess1.Item1); // This time the code should be assigned to the user, so verify that authorizeAccess1 = mfaAuthorizationService.AuthorizeAccess(apiKey, loginSubscription.Item2, user.MfaCode + "1"); Assert.IsFalse(authorizeAccess1.Item1); }