コード例 #1
0
        public void MfaAuthorizationNotSubscribedTest_TestsIfResultIsTrueWhenMfaIsNotSubscribedForAnyAction_VerifiesByReturnValue()
        {
            MockPersistenceRepository    mockPersistenceRepository    = new MockPersistenceRepository(true);
            MockUserRepository           mockUserRepository           = new MockUserRepository();
            MockMfaEmailService          mockMfaEmailService          = new MockMfaEmailService();
            MockSmsService               mockSmsService               = new MockSmsService();
            MockMfaCodeGenerationService mockMfaCodeGenerationService = new MockMfaCodeGenerationService();

            string userName    = "******";
            string phoneNumber = "2233344";
            string email       = "*****@*****.**";

            User user = new User(userName, "asdf", "12345", "xyz", email, Language.English, TimeZone.CurrentTimeZone,
                                 new TimeSpan(1, 1, 1, 1), DateTime.Now, "Pakistan", "", phoneNumber, "1234");

            MockSecurityKeysRepository mockSecurityKeysRepository = new MockSecurityKeysRepository();
            string apiKey = "apikey123";

            // Add Api Key to mock implementation
            mockSecurityKeysRepository.AddSecurityKeysPair(new SecurityKeysPair(user.Id, apiKey, "secretkey123", true, "Desc"));
            // Add user to mock implementation
            mockUserRepository.AddUser(user);

            MfaAuthorizationService mfaAuthorizationService = new MfaAuthorizationService(mockPersistenceRepository,
                                                                                          mockUserRepository, mockSecurityKeysRepository, mockSmsService, mockMfaEmailService, mockMfaCodeGenerationService);
            Tuple <bool, string> authorizeAccess = mfaAuthorizationService.AuthorizeAccess(apiKey, "Login", null);

            Assert.IsTrue(authorizeAccess.Item1);
        }
        public void MfaAuthorizationSuccessfulTest_ChecksThatServiceReturnsTrueIfNoMfaSubscriptionIsSubscribed_VerifiesThroughReturnsValue()
        {
            IIdentityAccessPersistenceRepository persistenceRepository = (IIdentityAccessPersistenceRepository)ContextRegistry.GetContext()["IdentityAccessPersistenceRepository"];
            IUserRepository           userRepository             = (IUserRepository)ContextRegistry.GetContext()["UserRepository"];
            ISecurityKeysRepository   securityKeysPairRepository = (ISecurityKeysRepository)ContextRegistry.GetContext()["SecurityKeysPairRepository"];
            IMfaCodeSenderService     mfaSmsService            = (IMfaCodeSenderService)ContextRegistry.GetContext()["MfaSmsService"];
            IMfaCodeSenderService     mfaEmailService          = (IMfaCodeSenderService)ContextRegistry.GetContext()["MfaEmailService"];
            IMfaCodeGenerationService mfaCodeGenerationService = (IMfaCodeGenerationService)ContextRegistry.GetContext()["MfaCodeGenerationService"];
            IMfaAuthorizationService  mfaAuthorizationService  = new MfaAuthorizationService(persistenceRepository,
                                                                                             userRepository, securityKeysPairRepository, mfaSmsService, mfaEmailService, mfaCodeGenerationService);

            string apiKey      = "123";
            string userName    = "******";
            string phoneNumber = "2233344";
            string email       = "*****@*****.**";

            User user = new User(userName, "asdf", "12345", "xyz", email, Language.English, TimeZone.CurrentTimeZone,
                                 new TimeSpan(1, 1, 1, 1), DateTime.Now, "Pakistan", "", phoneNumber, "1234");

            persistenceRepository.SaveUpdate(user);

            user = userRepository.GetUserByUserName(userName);
            Assert.IsNotNull(user);
            SecurityKeysPair securityKeysPair = new SecurityKeysPair(user.Id, apiKey, "secret123", true, "#1");

            persistenceRepository.SaveUpdate(securityKeysPair);
            Tuple <bool, string> authorizeAccess = mfaAuthorizationService.AuthorizeAccess(apiKey, MfaConstants.Deposit, "");

            Assert.IsTrue(authorizeAccess.Item1);
        }
        public void MfaAuthorizationFailTest_ChecksThatServiceReturnsTrueIfMfaCodesDontMatch_VerifiesThroughReturnsValue()
        {
            IIdentityAccessPersistenceRepository persistenceRepository = (IIdentityAccessPersistenceRepository)ContextRegistry.GetContext()["IdentityAccessPersistenceRepository"];
            IUserRepository            userRepository             = (IUserRepository)ContextRegistry.GetContext()["UserRepository"];
            ISecurityKeysRepository    securityKeysPairRepository = (ISecurityKeysRepository)ContextRegistry.GetContext()["SecurityKeysPairRepository"];
            IMfaCodeSenderService      mfaSmsService             = (IMfaCodeSenderService)ContextRegistry.GetContext()["MfaSmsService"];
            IMfaCodeSenderService      mfaEmailService           = (IMfaCodeSenderService)ContextRegistry.GetContext()["MfaEmailService"];
            IMfaCodeGenerationService  mfaCodeGenerationService  = (IMfaCodeGenerationService)ContextRegistry.GetContext()["MfaCodeGenerationService"];
            IMfaSubscriptionRepository mfaSubscriptionRepository = (IMfaSubscriptionRepository)ContextRegistry.GetContext()["MfaSubscriptionRepository"];
            IMfaAuthorizationService   mfaAuthorizationService   = new MfaAuthorizationService(persistenceRepository,
                                                                                               userRepository, securityKeysPairRepository, mfaSmsService, mfaEmailService, mfaCodeGenerationService);

            string apiKey      = "123";
            string userName    = "******";
            string phoneNumber = "2233344";
            string email       = "*****@*****.**";

            User user = new User(userName, "asdf", "12345", "xyz", email, Language.English, TimeZone.CurrentTimeZone,
                                 new TimeSpan(1, 1, 1, 1), DateTime.Now, "Pakistan", "", phoneNumber, "1234");

            persistenceRepository.SaveUpdate(user);

            user = userRepository.GetUserByUserName(userName);
            Assert.IsNotNull(user);
            SecurityKeysPair securityKeysPair = new SecurityKeysPair(user.Id, apiKey, "secret123", true, "#1");

            persistenceRepository.SaveUpdate(securityKeysPair);
            Tuple <bool, string> authorizeAccess = mfaAuthorizationService.AuthorizeAccess(apiKey, MfaConstants.Deposit, "");

            Assert.IsTrue(authorizeAccess.Item1);

            IList <MfaSubscription> allSubscriptions = mfaSubscriptionRepository.GetAllSubscriptions();

            IList <Tuple <string, string, bool> > mfaSubscriptions = new List <Tuple <string, string, bool> >();

            foreach (var subscription in allSubscriptions)
            {
                mfaSubscriptions.Add(new Tuple <string, string, bool>(subscription.MfaSubscriptionId,
                                                                      subscription.MfaSubscriptionName, true));
            }
            user.AssignMfaSubscriptions(mfaSubscriptions);
            persistenceRepository.SaveUpdate(user);

            authorizeAccess = mfaAuthorizationService.AuthorizeAccess(apiKey, MfaConstants.Deposit, null);
            Assert.IsFalse(authorizeAccess.Item1);

            // The Stub Implementation always generates and returns the same MFA Code. We manuipulate it so that the code is
            // incorrect
            string mfaCode = mfaCodeGenerationService.GenerateCode();

            authorizeAccess = mfaAuthorizationService.AuthorizeAccess(apiKey, MfaConstants.Deposit, mfaCode + "1");
            Assert.IsFalse(authorizeAccess.Item1);
        }
コード例 #4
0
        public void MfaAuthorizationSubscribedFailsTest_ChecksThatResponseIsFalseWhenMfaCodeIsNotPresent_VerifiesByReturnValue()
        {
            // The first time of authorization, the user des not have the MFA code present, but the second time it is present
            // as it has been sent to the user
            MockPersistenceRepository    mockPersistenceRepository    = new MockPersistenceRepository(false);
            MockUserRepository           mockUserRepository           = new MockUserRepository();
            MockMfaEmailService          mockMfaEmailService          = new MockMfaEmailService();
            MockSmsService               mockSmsService               = new MockSmsService();
            MockMfaCodeGenerationService mockMfaCodeGenerationService = new MockMfaCodeGenerationService();

            string userName    = "******";
            string phoneNumber = "2233344";
            string email       = "*****@*****.**";
            User   user        = new User(userName, "asdf", "12345", "xyz", email, Language.English, TimeZone.CurrentTimeZone,
                                          new TimeSpan(1, 1, 1, 1), DateTime.Now, "Pakistan", "", phoneNumber, "1234");

            Tuple <string, string, bool>          loginSubscription       = new Tuple <string, string, bool>("LOG", "Login", true);
            Tuple <string, string, bool>          depositSubscription     = new Tuple <string, string, bool>("DEP", "Deposit", true);
            Tuple <string, string, bool>          withdrawSubscription    = new Tuple <string, string, bool>("WD", "Withdraw", true);
            Tuple <string, string, bool>          placeOrderSubscription  = new Tuple <string, string, bool>("PO", "PlaceOrder", true);
            Tuple <string, string, bool>          cancelOrderSubscription = new Tuple <string, string, bool>("CO", "CancelOrder", true);
            IList <Tuple <string, string, bool> > subscriptionsList       = new List <Tuple <string, string, bool> >();

            subscriptionsList.Add(loginSubscription);
            subscriptionsList.Add(depositSubscription);
            subscriptionsList.Add(withdrawSubscription);
            subscriptionsList.Add(placeOrderSubscription);
            subscriptionsList.Add(cancelOrderSubscription);
            user.AssignMfaSubscriptions(subscriptionsList);

            MockSecurityKeysRepository mockSecurityKeysRepository = new MockSecurityKeysRepository();
            string apiKey = "apikey123";

            // Add Api Key to mock implementation
            mockSecurityKeysRepository.AddSecurityKeysPair(new SecurityKeysPair(user.Id, apiKey, "secretkey123", true, "Desc"));
            // Add user to mock implementation
            mockUserRepository.AddUser(user);

            MfaAuthorizationService mfaAuthorizationService = new MfaAuthorizationService(mockPersistenceRepository,
                                                                                          mockUserRepository, mockSecurityKeysRepository, mockSmsService, mockMfaEmailService, mockMfaCodeGenerationService);

            // Login MFA
            Tuple <bool, string> authorizeAccess1 = mfaAuthorizationService.AuthorizeAccess(apiKey, loginSubscription.Item2, null);

            Assert.IsFalse(authorizeAccess1.Item1);
        }
コード例 #5
0
        //[ExpectedException(typeof(InvalidOperationException))]
        public void MfaAuthorizationSubscribedFailtTest_ChecksThatExceptionIsRaisedWhenMfaCodesDontMatch_VerifiesByReturnValue()
        {
            MockPersistenceRepository    mockPersistenceRepository    = new MockPersistenceRepository(false);
            MockUserRepository           mockUserRepository           = new MockUserRepository();
            MockMfaEmailService          mockMfaEmailService          = new MockMfaEmailService();
            MockSmsService               mockSmsService               = new MockSmsService();
            MockMfaCodeGenerationService mockMfaCodeGenerationService = new MockMfaCodeGenerationService();

            string userName    = "******";
            string phoneNumber = "2233344";
            string email       = "*****@*****.**";
            User   user        = new User(userName, "asdf", "12345", "xyz", email, Language.English, TimeZone.CurrentTimeZone,
                                          new TimeSpan(1, 1, 1, 1), DateTime.Now, "Pakistan", "", phoneNumber, "1234");

            Tuple <string, string, bool>          loginSubscription = new Tuple <string, string, bool>("LOG", "Login", true);
            IList <Tuple <string, string, bool> > subscriptionsList = new List <Tuple <string, string, bool> >();

            subscriptionsList.Add(loginSubscription);
            user.AssignMfaSubscriptions(subscriptionsList);

            MockSecurityKeysRepository mockSecurityKeysRepository = new MockSecurityKeysRepository();
            string apiKey = "apikey123";

            // Add Api Key to mock implementation
            mockSecurityKeysRepository.AddSecurityKeysPair(new SecurityKeysPair(user.Id, apiKey, "secretkey123", true, "Desc"));
            // Add user to mock implementation
            mockUserRepository.AddUser(user);

            MfaAuthorizationService mfaAuthorizationService = new MfaAuthorizationService(mockPersistenceRepository,
                                                                                          mockUserRepository, mockSecurityKeysRepository, mockSmsService, mockMfaEmailService, mockMfaCodeGenerationService);

            // Login MFA
            Tuple <bool, string> authorizeAccess1 = mfaAuthorizationService.AuthorizeAccess(apiKey, loginSubscription.Item2, null);

            Assert.IsFalse(authorizeAccess1.Item1);
            // This time the code should be assigned to the user, so verify that
            authorizeAccess1 = mfaAuthorizationService.AuthorizeAccess(apiKey, loginSubscription.Item2, user.MfaCode + "1");
            Assert.IsFalse(authorizeAccess1.Item1);
        }