public void Constructor_GiveValidArguments_PropertiesAreSet()
{
var command = new RevokeAuthenticatorDeviceCommand(TestVariables.AuthenticatorDeviceId, "password");
Assert.Equal(TestVariables.AuthenticatorDeviceId, command.DeviceId);
Assert.Equal("password", command.Password);
}
public async Task Handle_GivenDeviceDoesNotExist_ExpectFailedResult()
{
var user = new Mock <IUser>();
user.Setup(x => x.AuthenticatorDevices).Returns(new List <AuthenticatorDevice>());
user.Setup(x => x.PasswordHash).Returns(BCrypt.Net.BCrypt.HashPassword("password"));
var userRepository = new Mock <IUserRepository>();
var unitOfWork = new Mock <IUnitOfWork>();
unitOfWork.Setup(x => x.SaveEntitiesAsync(It.IsAny <CancellationToken>())).ReturnsAsync(() => true);
userRepository.Setup(x => x.UnitOfWork).Returns(unitOfWork.Object);
userRepository.Setup(x => x.Find(It.IsAny <Guid>(), It.IsAny <CancellationToken>()))
.ReturnsAsync(() => Maybe.From(user.Object));
var systemUser = new Mock <ISystemUser>();
var currentAuthenticatedUserProvider = new Mock <ICurrentAuthenticatedUserProvider>();
currentAuthenticatedUserProvider.Setup(x => x.CurrentAuthenticatedUser)
.Returns(Maybe.From(systemUser.Object));
var clock = new Mock <IClock>();
var handler =
new RevokeAuthenticatorDeviceCommandHandler(userRepository.Object, currentAuthenticatedUserProvider.Object, clock.Object);
var cmd = new RevokeAuthenticatorDeviceCommand(TestVariables.AuthenticatorDeviceId, "password");
var result = await handler.Handle(cmd, CancellationToken.None);
Assert.True(result.IsFailure);
Assert.Equal(ErrorCodes.DeviceNotFound, result.Error.Code);
}
public async Task Handle_GivenNoUserAppearsToBeAuthenticate_ExpectFailedResult()
{
var userRepository = new Mock <IUserRepository>();
var unitOfWork = new Mock <IUnitOfWork>();
unitOfWork.Setup(x => x.SaveEntitiesAsync(It.IsAny <CancellationToken>())).ReturnsAsync(() => true);
userRepository.Setup(x => x.UnitOfWork).Returns(unitOfWork.Object);
var currentAuthenticatedUserProvider = new Mock <ICurrentAuthenticatedUserProvider>();
currentAuthenticatedUserProvider.Setup(x => x.CurrentAuthenticatedUser)
.Returns(Maybe <ISystemUser> .Nothing);
var clock = new Mock <IClock>();
var handler =
new RevokeAuthenticatorDeviceCommandHandler(userRepository.Object, currentAuthenticatedUserProvider.Object, clock.Object);
var cmd = new RevokeAuthenticatorDeviceCommand(TestVariables.AuthenticatorDeviceId, "password");
var result = await handler.Handle(cmd, CancellationToken.None);
Assert.True(result.IsFailure);
Assert.Equal(ErrorCodes.UserNotFound, result.Error.Code);
}
private async Task <ResultWithError <ErrorData> > Process(
RevokeAuthenticatorDeviceCommand request, CancellationToken cancellationToken)
{
var currentUser = this._currentAuthenticatedUserProvider.CurrentAuthenticatedUser;
if (currentUser.HasNoValue)
{
return(ResultWithError.Fail(new ErrorData(ErrorCodes.UserNotFound)));
}
var userMaybe = await this._userRepository.Find(currentUser.Value.UserId, cancellationToken);
if (userMaybe.HasNoValue)
{
return(ResultWithError.Fail(new ErrorData(ErrorCodes.UserNotFound)));
}
var user = userMaybe.Value;
if (!BCrypt.Net.BCrypt.Verify(request.Password, user.PasswordHash))
{
return(ResultWithError.Fail(new ErrorData(ErrorCodes.PasswordNotCorrect)));
}
if (user.AuthenticatorDevices.All(x => x.Id != request.DeviceId))
{
return(ResultWithError.Fail(new ErrorData(ErrorCodes.DeviceNotFound)));
}
user.RevokeAuthenticatorDevice(request.DeviceId, this._clock.GetCurrentInstant().ToDateTimeUtc());
this._userRepository.Update(user);
return(ResultWithError.Ok <ErrorData>());
}
public void Validate_GivenAllPropertiesAreValid_ExpectValidationSuccess()
{
var cmd = new RevokeAuthenticatorDeviceCommand(TestVariables.AuthenticatorDeviceId, "password");
var validator = new RevokeAuthenticatorDeviceCommandValidator();
var result = validator.Validate(cmd);
Assert.True(result.IsValid);
}
public void Validate_GivenPasswordIsNull_ExpectValidationFailure()
{
var cmd = new RevokeAuthenticatorDeviceCommand(TestVariables.AuthenticatorDeviceId, null);
var validator = new RevokeAuthenticatorDeviceCommandValidator();
var result = validator.Validate(cmd);
Assert.False(result.IsValid);
Assert.Contains(
result.Errors,
failure => failure.ErrorCode.Equals(ValidationCodes.FieldIsRequired) &&
failure.PropertyName == "Password");
}
public void Validate_GivenDeviceIdIsEmpty_ExpectValidationFailure()
{
var cmd = new RevokeAuthenticatorDeviceCommand(Guid.Empty, "password");
var validator = new RevokeAuthenticatorDeviceCommandValidator();
var result = validator.Validate(cmd);
Assert.False(result.IsValid);
Assert.Contains(
result.Errors,
failure => failure.ErrorCode.Equals(ValidationCodes.FieldIsRequired) &&
failure.PropertyName == "DeviceId");
}
public async Task <ResultWithError <ErrorData> > Handle(
RevokeAuthenticatorDeviceCommand request, CancellationToken cancellationToken)
{
var result = await this.Process(request, cancellationToken);
var dbResult = await this._userRepository.UnitOfWork.SaveEntitiesAsync(cancellationToken);
if (!dbResult)
{
return(ResultWithError.Fail(new ErrorData(
ErrorCodes.SavingChanges, "Failed To Save Database")));
}
return(result);
}
public async Task Handle_GivenSavingFails_ExpectFailedResult()
{
var user = new Mock <IUser>();
user.Setup(x => x.AuthenticatorDevices).Returns(new List <AuthenticatorDevice>
{
new AuthenticatorDevice(TestVariables.AuthenticatorDeviceId, TestVariables.Now,
TestVariables.AuthenticatorDevicePublicKey, TestVariables.AuthenticatorDeviceCredentialId,
TestVariables.AuthenticatorDeviceAaguid, 1, "name", "cred-type"),
});
user.Setup(x => x.PasswordHash).Returns(BCrypt.Net.BCrypt.HashPassword("current-password"));
var userRepository = new Mock <IUserRepository>();
var unitOfWork = new Mock <IUnitOfWork>();
unitOfWork.Setup(x => x.SaveEntitiesAsync(It.IsAny <CancellationToken>())).ReturnsAsync(() => false);
userRepository.Setup(x => x.UnitOfWork).Returns(unitOfWork.Object);
userRepository.Setup(x => x.Find(It.IsAny <Guid>(), It.IsAny <CancellationToken>()))
.ReturnsAsync(() => Maybe.From(user.Object));
var systemUser = new Mock <ISystemUser>();
var currentAuthenticatedUserProvider = new Mock <ICurrentAuthenticatedUserProvider>();
currentAuthenticatedUserProvider.Setup(x => x.CurrentAuthenticatedUser)
.Returns(Maybe.From(systemUser.Object));
var clock = new Mock <IClock>();
var handler =
new RevokeAuthenticatorDeviceCommandHandler(userRepository.Object, currentAuthenticatedUserProvider.Object, clock.Object);
var cmd = new RevokeAuthenticatorDeviceCommand(TestVariables.AuthenticatorDeviceId, "password");
var result = await handler.Handle(cmd, CancellationToken.None);
Assert.True(result.IsFailure);
Assert.Equal(ErrorCodes.SavingChanges, result.Error.Code);
}
public async Task Handle_GivenDeviceExists_ExpectDeviceToBeRevoked()
{
var user = new Mock <IUser>();
user.Setup(x => x.AuthenticatorDevices).Returns(new List <AuthenticatorDevice>
{
new AuthenticatorDevice(TestVariables.AuthenticatorDeviceId, TestVariables.Now,
TestVariables.AuthenticatorDevicePublicKey, TestVariables.AuthenticatorDeviceCredentialId,
TestVariables.AuthenticatorDeviceAaguid, 1, "name", "cred-type"),
});
user.Setup(x => x.PasswordHash).Returns(BCrypt.Net.BCrypt.HashPassword("password"));
var userRepository = new Mock <IUserRepository>();
var unitOfWork = new Mock <IUnitOfWork>();
unitOfWork.Setup(x => x.SaveEntitiesAsync(It.IsAny <CancellationToken>())).ReturnsAsync(() => true);
userRepository.Setup(x => x.UnitOfWork).Returns(unitOfWork.Object);
userRepository.Setup(x => x.Find(It.IsAny <Guid>(), It.IsAny <CancellationToken>()))
.ReturnsAsync(() => Maybe.From(user.Object));
var systemUser = new Mock <ISystemUser>();
var currentAuthenticatedUserProvider = new Mock <ICurrentAuthenticatedUserProvider>();
currentAuthenticatedUserProvider.Setup(x => x.CurrentAuthenticatedUser)
.Returns(Maybe.From(systemUser.Object));
var clock = new Mock <IClock>();
var handler =
new RevokeAuthenticatorDeviceCommandHandler(userRepository.Object, currentAuthenticatedUserProvider.Object, clock.Object);
var cmd = new RevokeAuthenticatorDeviceCommand(TestVariables.AuthenticatorDeviceId, "password");
await handler.Handle(cmd, CancellationToken.None);
user.Verify(x => x.RevokeAuthenticatorDevice(It.IsAny <Guid>(), It.IsAny <DateTime>()), Times.Once);
userRepository.Verify(x => x.Update(It.IsAny <IUser>()), Times.Once);
}
