public async Task GivenUserAlreadyAuthenticated_ItRedirectsToReturnUrl()
{
// Arrange
var controller = GetController <AuthenticationController>();
controller.SetCurrentUser(Fakes.User);
// Act
var result = await controller.SignIn(new LogOnViewModel(), "/foo/bar/baz", linkingAccount : false);
// Assert
ResultAssert.IsSafeRedirectTo(result, "/foo/bar/baz");
Assert.Equal(Strings.AlreadyLoggedIn, controller.TempData["Message"]);
}
public void GivenUserAlreadyAuthenticated_ItRedirectsToReturnUrl()
{
// Arrange
var controller = GetController <AuthenticationController>();
controller.SetCurrentUser(Fakes.User);
// Act
var result = controller.LogOn("/foo/bar/baz");
// Assert
ResultAssert.IsSafeRedirectTo(result, "/foo/bar/baz");
Assert.Equal(Strings.AlreadyLoggedIn, controller.TempData["Message"]);
}
public async Task WillCreateAndLogInTheUserWhenNotLinking()
{
// Arrange
var authUser = new AuthenticatedUser(
new User("theUsername")
{
UnconfirmedEmailAddress = "*****@*****.**",
EmailConfirmationToken = "t0k3n"
},
new Credential());
var authenticationService = GetMock <AuthenticationService>();
var controller = GetController <AuthenticationController>();
authenticationService.Setup(x => x.Register(authUser.User.Username, authUser.User.UnconfirmedEmailAddress, It.IsAny <Credential>()))
.CompletesWith(authUser);
authenticationService
.Setup(x => x.CreateSessionAsync(controller.OwinContext, authUser))
.Returns(Task.FromResult(0))
.Verifiable();
// Act
var result = await controller.Register(
new LogOnViewModel()
{
Register = new RegisterViewModel
{
Username = authUser.User.Username,
Password = "******",
EmailAddress = authUser.User.UnconfirmedEmailAddress,
}
}, "/theReturnUrl", linkingAccount : false);
// Assert
GetMock <AuthenticationService>().VerifyAll();
var expectedAddress = new MailAddress(authUser.User.UnconfirmedEmailAddress, authUser.User.Username);
GetMock <IMessageService>()
.Verify(x => x.SendNewAccountEmail(
expectedAddress,
TestUtility.GallerySiteRootHttps + "account/confirm/" + authUser.User.Username + "/" + authUser.User.EmailConfirmationToken));
ResultAssert.IsSafeRedirectTo(result, "/theReturnUrl");
}
public async Task CanLogTheUserOnWithEmailAddress()
{
// Arrange
var authUser = new AuthenticatedUser(
new User("theUsername")
{
EmailAddress = "*****@*****.**"
},
new Credential()
{
Type = "Foo"
});
var authResult =
new PasswordAuthenticationResult(PasswordAuthenticationResult.AuthenticationResult.Success, authUser);
GetMock <AuthenticationService>()
.Setup(x => x.Authenticate("*****@*****.**", "thePassword"))
.CompletesWith(authResult);
var controller = GetController <AuthenticationController>();
GetMock <AuthenticationService>()
.Setup(a => a.CreateSessionAsync(controller.OwinContext, authUser))
.Returns(Task.FromResult(0))
.Verifiable();
// Act
var result = await controller.SignIn(
new LogOnViewModel(
new SignInViewModel(
"*****@*****.**",
"thePassword")),
"theReturnUrl", linkingAccount : false);
// Assert
ResultAssert.IsSafeRedirectTo(result, "theReturnUrl");
GetMock <AuthenticationService>().VerifyAll();
}
public async Task GivenAdminLogsInWithExternalIdentity_ItChallengesWhenNotUsingRequiredExternalProvider(string providerUsedForLogin, bool shouldChallenge)
{
// Arrange
var enforcedProvider = "AzureActiveDirectory";
var configurationService = GetConfigurationService();
configurationService.Current.ConfirmEmailAddresses = false;
configurationService.Current.EnforcedAuthProviderForAdmin = enforcedProvider;
var externalCred = new CredentialBuilder().CreateExternalCredential(providerUsedForLogin, "blorg", "Bloog");
var authUser = new AuthenticatedUser(
new User("theUsername")
{
UnconfirmedEmailAddress = "*****@*****.**",
EmailConfirmationToken = "t0k3n",
Roles =
{
new Role {
Name = Constants.AdminRoleName
}
}
},
externalCred);
GetMock <AuthenticationService>()
.Setup(x => x.Register("theUsername", "theEmailAddress", externalCred))
.CompletesWith(authUser);
EnableAllAuthenticators(Get <AuthenticationService>());
var controller = GetController <AuthenticationController>();
if (shouldChallenge)
{
GetMock <AuthenticationService>()
.Setup(x => x.Challenge(enforcedProvider, It.IsAny <string>()))
.Returns(new ChallengeResult(enforcedProvider, null))
.Verifiable();
}
else
{
GetMock <AuthenticationService>()
.Setup(x => x.CreateSessionAsync(controller.OwinContext, authUser))
.Returns(Task.FromResult(0))
.Verifiable();
}
GetMock <AuthenticationService>()
.Setup(x => x.ReadExternalLoginCredential(controller.OwinContext))
.CompletesWith(new AuthenticateExternalLoginResult()
{
ExternalIdentity = new ClaimsIdentity(),
Credential = externalCred
});
// Act
var result = await controller.Register(
new LogOnViewModel()
{
Register = new RegisterViewModel
{
Username = "******",
EmailAddress = "theEmailAddress",
}
}, "/theReturnUrl", linkingAccount : true);
// Assert
if (shouldChallenge)
{
ResultAssert.IsChallengeResult(result, enforcedProvider);
}
else
{
ResultAssert.IsSafeRedirectTo(result, "/theReturnUrl");
}
GetMock <AuthenticationService>().VerifyAll();
}
public async Task GivenAssociatedLocalAdminUser_ItChallengesWhenNotUsingRequiredExternalProvider(string providerUsedForLogin, bool shouldChallenge)
{
// Arrange
var enforcedProvider = "AzureActiveDirectory";
var mockConfig = GetMock <IGalleryConfigurationService>();
mockConfig.Setup(x => x.Current).Returns(new AppConfiguration
{
ConfirmEmailAddresses = false,
EnforcedAuthProviderForAdmin = enforcedProvider
});
var fakes = Get <Fakes>();
GetMock <AuthenticationService>(); // Force a mock to be created
var controller = GetController <AuthenticationController>();
var cred = new CredentialBuilder().CreateExternalCredential(providerUsedForLogin, "blorg", "Bloog");
var authUser = new AuthenticatedUser(
fakes.CreateUser("test", cred),
cred);
authUser.User.Roles.Add(new Role {
Name = Constants.AdminRoleName
});
GetMock <AuthenticationService>()
.Setup(x => x.AuthenticateExternalLogin(controller.OwinContext))
.CompletesWith(new AuthenticateExternalLoginResult()
{
ExternalIdentity = new ClaimsIdentity(),
Authentication = authUser
});
if (shouldChallenge)
{
GetMock <AuthenticationService>()
.Setup(x => x.Challenge(enforcedProvider, It.IsAny <string>()))
.Returns(new ChallengeResult(enforcedProvider, null))
.Verifiable();
}
else
{
GetMock <AuthenticationService>()
.Setup(x => x.CreateSessionAsync(controller.OwinContext, authUser))
.Returns(Task.FromResult(0))
.Verifiable();
}
// Act
var result = await controller.LinkExternalAccount("theReturnUrl");
// Assert
if (shouldChallenge)
{
ResultAssert.IsChallengeResult(result, enforcedProvider);
}
else
{
ResultAssert.IsSafeRedirectTo(result, "theReturnUrl");
GetMock <AuthenticationService>().VerifyAll();
}
}
public async Task GivenAdminLogsInWithValidExternalAuth_ItChallengesWhenNotUsingRequiredExternalProvider(string providerUsedForLogin, bool shouldChallenge)
{
var enforcedProvider = "AzureActiveDirectory";
var mockConfig = GetMock <IGalleryConfigurationService>();
mockConfig.Setup(x => x.Current).Returns(new AppConfiguration
{
ConfirmEmailAddresses = false,
EnforcedAuthProviderForAdmin = enforcedProvider
});
var externalCred = new CredentialBuilder().CreateExternalCredential(providerUsedForLogin, "blorg", "Bloog");
var authUser = new AuthenticatedUser(
new User("theUsername")
{
UnconfirmedEmailAddress = "*****@*****.**",
Roles =
{
new Role {
Name = Constants.AdminRoleName
}
}
},
externalCred);
var authResult =
new PasswordAuthenticationResult(PasswordAuthenticationResult.AuthenticationResult.Success, authUser);
GetMock <AuthenticationService>()
.Setup(x => x.Authenticate(authUser.User.Username, "thePassword"))
.CompletesWith(authResult);
GetMock <AuthenticationService>()
.Setup(x => x.AddCredential(authUser.User, externalCred))
.Completes()
.Verifiable();
GetMock <IMessageService>()
.Setup(x => x.SendCredentialAddedNotice(authUser.User, externalCred))
.Verifiable();
EnableAllAuthenticators(Get <AuthenticationService>());
var controller = GetController <AuthenticationController>();
if (shouldChallenge)
{
GetMock <AuthenticationService>()
.Setup(x => x.Challenge(enforcedProvider, It.IsAny <string>()))
.Returns(new ChallengeResult(enforcedProvider, null))
.Verifiable();
}
else
{
GetMock <AuthenticationService>()
.Setup(x => x.CreateSessionAsync(controller.OwinContext, It.IsAny <AuthenticatedUser>()))
.Returns(Task.FromResult(0))
.Verifiable();
}
GetMock <AuthenticationService>()
.Setup(x => x.ReadExternalLoginCredential(controller.OwinContext))
.CompletesWith(new AuthenticateExternalLoginResult()
{
ExternalIdentity = new ClaimsIdentity(),
Credential = externalCred
});
// Act
var result = await controller.SignIn(
new LogOnViewModel(
new SignInViewModel(
authUser.User.Username,
"thePassword")),
"theReturnUrl", linkingAccount : true);
// Assert
if (shouldChallenge)
{
ResultAssert.IsChallengeResult(result, enforcedProvider);
}
else
{
ResultAssert.IsSafeRedirectTo(result, "theReturnUrl");
}
GetMock <AuthenticationService>().VerifyAll();
GetMock <IMessageService>().VerifyAll();
}