public void ChangePasswordSuccessTest_ChecksIfThePasswordIsChangedSuccessfully_VeririesThroughTheReturnedValue() { IUserRepository userRepository = new MockUserRepository(); ISecurityKeysRepository securityKeysRepository = new MockSecurityKeysRepository(); IPasswordEncryptionService passwordEncryptionService = new PasswordEncryptionService(); IIdentityAccessPersistenceRepository persistenceRepository = new MockPersistenceRepository(false); UserApplicationService userApplicationService = new UserApplicationService(userRepository, securityKeysRepository, passwordEncryptionService, persistenceRepository, new MockEmailService(), new PasswordCodeGenerationService()); // Store the Securiyty Keys with the Username of the User at hand (securityKeysRepository as MockSecurityKeysRepository).AddSecurityKeysPair(new SecurityKeysPair( new ApiKey("123456789").Value, new SecretKey("987654321").Value, "desc", 0, true)); // We need to encrypt the password in the test case ourselves, as we are not registering the user through // the proper service here (userRepository as MockUserRepository).AddUser(new User("*****@*****.**", "linkinpark", passwordEncryptionService.EncryptPassword("burnitdown"), "USA", TimeZone.CurrentTimeZone, "", "")); User userBeforePasswordChange = userRepository.GetUserByUserName("linkinpark"); string passwordBeforeChange = userBeforePasswordChange.Password; // Give the API key that is already stored in the Security keys repository mentioned with the User Name //UserValidationEssentials userValidationEssentials = new UserValidationEssentials(new Tuple<ApiKey, SecretKey>( // new ApiKey("123456789"), new SecretKey("987654321")), new TimeSpan(0,0,10,0)); ChangePasswordResponse changePasswordResponse = userApplicationService.ChangePassword(new ChangePasswordCommand( "123456789", "burnitdown", "burnitdowntwice")); Assert.IsTrue(changePasswordResponse.ChangeSuccessful); User userAfterPasswordChange = userRepository.GetUserByUserName("linkinpark"); string passwordAfterChange = userAfterPasswordChange.Password; // Verify the old and new password do not match Assert.AreNotEqual(passwordBeforeChange, passwordAfterChange); }
public void ActivateAccountSuccessTest_ChecksIfTheAccountIsActivatedSuccessfully_VeririesThroughTheReturnedValue() { IUserRepository userRepository = new MockUserRepository(); ISecurityKeysRepository securityKeysRepository = new MockSecurityKeysRepository(); IPasswordEncryptionService passwordEncryptionService = new PasswordEncryptionService(); IIdentityAccessPersistenceRepository persistenceRepository = new MockPersistenceRepository(false); UserApplicationService userApplicationService = new UserApplicationService(userRepository, securityKeysRepository, passwordEncryptionService, persistenceRepository, new MockEmailService(), new PasswordCodeGenerationService()); // Store the Securiyty Keys with the Username of the User at hand (securityKeysRepository as MockSecurityKeysRepository).AddSecurityKeysPair(new SecurityKeysPair( new ApiKey("123456789").Value, new SecretKey("987654321").Value, "desc", 0, true)); string activationKey = "123456789"; string username = "******"; string password = "******"; User user = new User("*****@*****.**", username, passwordEncryptionService.EncryptPassword(password), "USA", TimeZone.CurrentTimeZone, "", activationKey); user.AddTierStatus(Status.NonVerified, new Tier(TierLevelConstant.Tier0, TierLevelConstant.Tier0)); // We need to encrypt the password in the test case ourselves, as we are not registering the user through // the proper service here (userRepository as MockUserRepository).AddUser(user); bool changeSuccessful = userApplicationService.ActivateAccount(new ActivationCommand(activationKey, username, password)); Assert.IsTrue(changeSuccessful); User user1 = (persistenceRepository as MockPersistenceRepository).GetUser(username); Assert.IsNotNull(user1); Assert.IsTrue(user1.IsActivationKeyUsed.Value); Assert.IsFalse(user1.IsUserBlocked.Value); }
public void CancelAccountActivationSuccessfulTest_MakesSureAccountActivationGetsCancelledWhenEverythingIsGivenAsExpected_VerifiesByReturnedValueAndQueryingRepository() { IUserRepository userRepository = new MockUserRepository(); ISecurityKeysRepository securityKeysRepository = new MockSecurityKeysRepository(); IPasswordEncryptionService passwordEncryptionService = new PasswordEncryptionService(); IIdentityAccessPersistenceRepository persistenceRepository = new MockPersistenceRepository(false); UserApplicationService userApplicationService = new UserApplicationService(userRepository, securityKeysRepository, passwordEncryptionService, persistenceRepository, new MockEmailService(), new PasswordCodeGenerationService()); string activationKey = "123456789"; string username = "******"; string password = "******"; User user = new User("*****@*****.**", username, passwordEncryptionService.EncryptPassword(password), "USA", TimeZone.CurrentTimeZone, "", activationKey); user.AddTierStatus(Status.NonVerified, new Tier(TierLevelConstant.Tier0, TierLevelConstant.Tier0)); // We need to encrypt the password in the test case ourselves, as we are not registering the user through // the proper service here (userRepository as MockUserRepository).AddUser(user); bool accountActivationCancelled = userApplicationService.CancelAccountActivation(new CancelActivationCommand(activationKey)); Assert.IsTrue(accountActivationCancelled); User userByUserName = userRepository.GetUserByUserName(username); Assert.IsNull(userByUserName); }
public void ActivateAccountFailDueToBlankPasswordTest_MakesSureThatTheAccountIsNotActivatedWhenBlankPasswordIsGiven_VeririesThroughTheReturnedValue() { IUserRepository userRepository = new MockUserRepository(); ISecurityKeysRepository securityKeysRepository = new MockSecurityKeysRepository(); IPasswordEncryptionService passwordEncryptionService = new PasswordEncryptionService(); IIdentityAccessPersistenceRepository persistenceRepository = new MockPersistenceRepository(false); UserApplicationService userApplicationService = new UserApplicationService(userRepository, securityKeysRepository, passwordEncryptionService, persistenceRepository, new MockEmailService(), new PasswordCodeGenerationService()); // Store the Securiyty Keys with the Username of the User at hand (securityKeysRepository as MockSecurityKeysRepository).AddSecurityKeysPair(new SecurityKeysPair( new ApiKey("123456789").Value, new SecretKey("987654321").Value, "desc", 0, true)); string activationKey = "123456789"; string username = "******"; string password = "******"; User user = new User("*****@*****.**", username, passwordEncryptionService.EncryptPassword(password), "USA", TimeZone.CurrentTimeZone, "", activationKey); user.AddTierStatus(Status.NonVerified, new Tier(TierLevelConstant.Tier0, TierLevelConstant.Tier0)); // We need to encrypt the password in the test case ourselves, as we are not registering the user through // the proper service here (userRepository as MockUserRepository).AddUser(user); userApplicationService.ActivateAccount(new ActivationCommand(activationKey, username, password + "pass")); }
public void LoginSuccessfulTest_ChecksIfTheSecurityKeysAreProperlyReturnedWhileLoggingIn_VerifiesTheReturnedKeysToConfirm() { IUserRepository userRepository = new MockUserRepository(); IIdentityAccessPersistenceRepository persistRepository = new MockPersistenceRepository(false); ISecurityKeysApplicationService securityKeysApplicationService = new SecurityKeysApplicationService(new SecurityKeysGenerationService(), persistRepository, null, null); IPasswordEncryptionService passwordEncryptionService = new PasswordEncryptionService(); IMfaAuthorizationService mockMfaAuthorizationService = new MockMfaAuthorizationService(); ILoginApplicationService loginApplicationService = new LoginApplicationService(userRepository, passwordEncryptionService, securityKeysApplicationService, new MockPersistenceRepository(false), mockMfaAuthorizationService); string enteredPassword = "******"; User user = new User("*****@*****.**", "brucewayne", passwordEncryptionService.EncryptPassword(enteredPassword), "Ninja County", TimeZone.CurrentTimeZone, "", ""); user.AutoLogout = new TimeSpan(0, 0, 0, 60); user.IsActivationKeyUsed = new IsActivationKeyUsed(true); // Add this user to the MockUserRepository (userRepository as MockUserRepository).AddUser(user); UserValidationEssentials userValidationEssentials = loginApplicationService.Login( new LoginCommand("brucewayne", enteredPassword)); Assert.IsNotNull(userValidationEssentials); Assert.IsNotNull(userValidationEssentials.ApiKey); Assert.IsNotNull(userValidationEssentials.SecretKey); Assert.AreEqual(userValidationEssentials.SessionLogoutTime, user.AutoLogout); }
public void CompareFalseEncrytionTest_EncryptsAPasswordTwiceAndThenComparesBothToBeDifferent_FailsIfTheyAreEqual() { PasswordEncryptionService passwordEncryption = new PasswordEncryptionService(); string password = "******"; string encryptPassword = passwordEncryption.EncryptPassword(password); Assert.IsNotNull(encryptPassword); // Last letter is different string secondPassword = "******"; string secondEncryptPassword = passwordEncryption.EncryptPassword(secondPassword); Assert.IsNotNull(secondEncryptPassword); Assert.AreNotEqual(encryptPassword, secondEncryptPassword); }
public void EncryptPasswordTest_EncryptsTwoPasswordAndCheckifNotNullAndLength_VerifiesThroughHashedValues() { PasswordEncryptionService passwordEncryption = new PasswordEncryptionService(); string password = "******"; string encryptPassword = passwordEncryption.EncryptPassword(password); Assert.IsNotNull(encryptPassword); Assert.AreNotEqual(password, encryptPassword); string secondPassword = "******"; string secondEncryptPassword = passwordEncryption.EncryptPassword(secondPassword); Assert.IsNotNull(secondEncryptPassword); Assert.AreNotEqual(secondPassword, secondEncryptPassword); Assert.AreEqual(encryptPassword.Length, secondEncryptPassword.Length); }
public void DeveReconhecerSenhaEncriptada() { var texto = Guid.NewGuid().ToString(); var encryptionService = new PasswordEncryptionService(); var hash = encryptionService.EncryptPassword(texto); Assert.IsTrue(encryptionService.ComparePasswords(texto, hash)); }
public void DeveGerarHashesIguaisVariasVezes() { var texto = Guid.NewGuid().ToString(); var hash1 = new PasswordEncryptionService().EncryptPassword(texto); var hash2 = new PasswordEncryptionService().EncryptPassword(texto); var passwordEncryptionService = new PasswordEncryptionService(); var hash3 = passwordEncryptionService.EncryptPassword(texto); var hash4 = passwordEncryptionService.EncryptPassword(texto); Assert.AreEqual(hash1, hash2, "Hash 1 e 2 são diferentes"); Assert.AreEqual(hash3, hash4, "Hash 3 e 4 são diferentes"); Assert.AreEqual(hash1, hash3, "Hash 1 e 3 são diferentes"); Assert.AreEqual(hash1, hash4, "Hash 1 e 4 são diferentes"); Assert.AreEqual(hash2, hash3, "Hash 2 e 3 são diferentes"); Assert.AreEqual(hash2, hash4, "Hash 2 e 4 são diferentes"); }
public void EncryptPasswordTwiceAndCompareTest_EncryptsAPasswordTwiceAndThenComparesBothToBeTheSame_FailsIfNotEqual() { PasswordEncryptionService passwordEncryption = new PasswordEncryptionService(); string password = "******"; string hasedPassword = passwordEncryption.EncryptPassword(password); Assert.IsNotNull(hasedPassword); string samePassword = "******"; Assert.IsTrue(passwordEncryption.VerifyPassword(samePassword, hasedPassword)); }
public void CompareFalseEncrytionTest_EncryptsAPasswordTwiceAndThenComparesBothToBeDifferentByVerifyMethod_FailsIfTheyAreEqual() { PasswordEncryptionService passwordEncryption = new PasswordEncryptionService(); string password = "******"; string hashedPassword = passwordEncryption.EncryptPassword(password); Assert.IsNotNull(hashedPassword); // Last letter is different string secondPassword = "******"; Assert.IsFalse(passwordEncryption.VerifyPassword(secondPassword, hashedPassword)); }
public async Task <bool> ChangePassword(UserChangePassDTO userInfo) { using (_unitOfWork) { User user = await _unitOfWork.UserRepository.FindByID(userInfo.UserId); if (!PasswordEncryptionService.IsPasswordCorrect(user.Password, userInfo.OldPassword, _appSettings.SaltLength)) { return(false); } user.Password = PasswordEncryptionService.EncryptPassword(userInfo.NewPassword, _appSettings.SaltLength); _unitOfWork.UserRepository.Update(user); return(await _unitOfWork.Save()); } }
public void LoginFailDueToBlankPasswordTest_MakesSureLoginFailsInCaseOfBlankPassword_VerifiesTheReturnedNullResultToConfirm() { IUserRepository userRepository = new MockUserRepository(); IIdentityAccessPersistenceRepository persistRepository = new MockPersistenceRepository(false); ISecurityKeysApplicationService securityKeysApplicationService = new SecurityKeysApplicationService(new SecurityKeysGenerationService(), persistRepository, null, null); IPasswordEncryptionService passwordEncryptionService = new PasswordEncryptionService(); IMfaAuthorizationService mockMfaAuthorizationService = new MockMfaAuthorizationService(); ILoginApplicationService loginApplicationService = new LoginApplicationService(userRepository, passwordEncryptionService, securityKeysApplicationService, new MockPersistenceRepository(false), mockMfaAuthorizationService); string enteredPassword = "******"; User user = new User("*****@*****.**", "brucewayne", passwordEncryptionService.EncryptPassword(enteredPassword), "Ninja County", TimeZone.CurrentTimeZone, "", ""); user.AutoLogout = new TimeSpan(0, 0, 0, 60); // Add this user to the MockUserRepository (userRepository as MockUserRepository).AddUser(user); loginApplicationService.Login(new LoginCommand("brucewayne", "")); }
public async Task <UserAuthenticateResponseDTO> AddUserAccount(UserRegisterDTO userInfo) { using (_unitOfWork) { if (_unitOfWork.UserRepository.UsernameTaken(userInfo.Username)) { return(null); } userInfo.Password = PasswordEncryptionService.EncryptPassword(userInfo.Password, _appSettings.SaltLength); User newUser = _mapper.Map <UserRegisterDTO, User>(userInfo); await _unitOfWork.UserRepository.Create(newUser); await _unitOfWork.Save(); UserAuthenticateResponseDTO returnUser = _mapper.Map <User, UserAuthenticateResponseDTO>(newUser); returnUser.Token = _tokenManager.GenerateToken(newUser.UserId); returnUser.UnseenNotifications = _unitOfWork.UserRepository.GetUnseenNotificationNumber(newUser.UserId); return(returnUser); } }
public void CancelAccountActivationFailedDueToBlankActivationKey_MakesSureAccountActivationDoesNotGetCancelledWhenBlankActivationKeyIsGiven_VerifiesByExpectingException() { IUserRepository userRepository = new MockUserRepository(); ISecurityKeysRepository securityKeysRepository = new MockSecurityKeysRepository(); IPasswordEncryptionService passwordEncryptionService = new PasswordEncryptionService(); IIdentityAccessPersistenceRepository persistenceRepository = new MockPersistenceRepository(false); UserApplicationService userApplicationService = new UserApplicationService(userRepository, securityKeysRepository, passwordEncryptionService, persistenceRepository, new MockEmailService(), new PasswordCodeGenerationService()); string activationKey = "123456789"; string username = "******"; string password = "******"; User user = new User("*****@*****.**", username, passwordEncryptionService.EncryptPassword(password), "USA", TimeZone.CurrentTimeZone, "", activationKey); user.AddTierStatus(Status.NonVerified, new Tier(TierLevelConstant.Tier0, TierLevelConstant.Tier0)); // We need to encrypt the password in the test case ourselves, as we are not registering the user through // the proper service here (userRepository as MockUserRepository).AddUser(user); userApplicationService.CancelAccountActivation(new CancelActivationCommand("")); }
//[ExpectedException(typeof(Exception))] public void ChangePasswordFailDueToSessionTimeoutTest_ChecksThePasswordDoesNotGetChangedWhenSessionTimeoutHasExpired_VerifiesByExpectingException() { IUserRepository userRepository = new MockUserRepository(); ISecurityKeysRepository securityKeysRepository = new MockSecurityKeysRepository(); IPasswordEncryptionService passwordEncryptionService = new PasswordEncryptionService(); IIdentityAccessPersistenceRepository persistenceRepository = new MockPersistenceRepository(false); UserApplicationService userApplicationService = new UserApplicationService(userRepository, securityKeysRepository, passwordEncryptionService, persistenceRepository, new MockEmailService(), new PasswordCodeGenerationService()); // Store the Securiyty Keys with the Username of the User at hand (securityKeysRepository as MockSecurityKeysRepository).AddSecurityKeysPair(new SecurityKeysPair( new ApiKey("123456789").Value, new SecretKey("987654321").Value, "desc", 0, true)); var user = new User("*****@*****.**", "linkinpark", passwordEncryptionService.EncryptPassword("burnitdown"), "USA", TimeZone.CurrentTimeZone, "", ""); // We need to encrypt the password in the test case ourselves, as we are not registering the user through // the proper service here (userRepository as MockUserRepository).AddUser(user); User userBeforePasswordChange = userRepository.GetUserByUserName("linkinpark"); string passwordBeforeChange = userBeforePasswordChange.Password; // Give the API key that is already stored in the Security keys repository mentioned with the User Name //UserValidationEssentials userValidationEssentials = new UserValidationEssentials(new Tuple<ApiKey, SecretKey>( // new ApiKey("123456789"), new SecretKey("987654321")), new TimeSpan(0, 0, 0, 0, 1)); (userRepository as MockUserRepository).DeleteUser(user); user.AutoLogout = new TimeSpan(0, 0, 0, 0, 1); (userRepository as MockUserRepository).AddUser(user); // Wrong password given userApplicationService.ChangePassword(new ChangePasswordCommand("123456789", "burnitdown", "burnitdowntwice")); User userAfterPasswordChange = userRepository.GetUserByUserName("linkinpark"); string passwordAfterChange = userAfterPasswordChange.Password; // Verify the old and new password do not match Assert.AreNotEqual(passwordBeforeChange, passwordAfterChange); }