public HttpResponseMessage DeleteUser([FromBody] SSOUserRequest request)
{
UserManager userMan = new UserManager();
var response = userMan.DeleteUserUsingSSO(request);
return(response);
}
public HttpResponseMessage DeleteUserUsingSSO(SSOUserRequest request)
{
try
{
var isSignatureValid = _signatureService.IsValidClientRequest(request.ssoUserId, request.email, request.timestamp, request.signature);
if (!isSignatureValid)
{
var httpResponse = new HttpResponseMessage(HttpStatusCode.BadRequest)
{
Content = new StringContent("Invalid Session")
};
return(httpResponse);
}
var response = DeleteUser(request.email);
return(response);
}
catch (Exception e)
{
var httpResponse = new HttpResponseMessage(HttpStatusCode.InternalServerError)
{
Content = new StringContent(e.ToString())
};
return(httpResponse);
}
}
public HttpResponseMessage Login([FromBody] SSOUserRequest request)
{
SessionManager sessionMan = new SessionManager();
var response = sessionMan.Login(this, request);
return(response);
}
public HttpResponseMessage Logout([FromBody] SSOUserRequest request)
{
SessionManager sessionMan = new SessionManager();
var response = sessionMan.Logout(request.email);
return(response);
}
public HttpResponseMessage LogoutUsingSSO(SSOUserRequest request)
{
try
{
// Check if signature is valid
var isSignatureValid = _signatureService.IsValidClientRequest(request.ssoUserId, request.email, request.timestamp, request.signature);
if (!isSignatureValid)
{
var httpResponse = new HttpResponseMessage(HttpStatusCode.BadRequest)
{
Content = new StringContent("Invalid Session")
};
return(httpResponse);
}
return(Logout(request.email));
}
catch (Exception)
{
var httpResponse = new HttpResponseMessage(HttpStatusCode.InternalServerError)
{
Content = new StringContent("Unable to log out at this time")
};
return(httpResponse);
}
}
public HttpResponseMessage Login(ApiController controller, SSOUserRequest request)
{
try
{
// Check if signature is valid
var isSignatureValid = _signatureService.IsValidClientRequest(request.ssoUserId, request.email, request.timestamp, request.signature);
if (!isSignatureValid)
{
var httpResponse = new HttpResponseMessage(HttpStatusCode.BadRequest)
{
Content = new StringContent("Invalid Session")
};
return(httpResponse);
}
// Check if user exists
if (_userService.IsUsernameFound(request.email))
{
var generatedToken = _jwtService.CreateToken(request.email, _userService.GetUserUid(request.email));
var redirectURL = baseRedirectURL + generatedToken;
var redirect = controller.Request.CreateResponse(HttpStatusCode.SeeOther);
redirect.Content = new StringContent(redirectURL);
redirect.Headers.Location = new Uri(redirectURL);
return(redirect);
}
else
{
// If user doesn't have account in greetngroup, create account
User createdUser = new User
{
UserId = _userService.GetNextUserID(),
UserName = request.email
};
_userService.InsertUser(createdUser);
_userClaimService.AddDefaultClaims(createdUser);
var generatedToken = _jwtService.CreateToken(request.email, _userService.GetUserUid(request.email));
var redirectURL = baseRedirectURL + generatedToken;
var redirect = controller.Request.CreateResponse(HttpStatusCode.SeeOther);
redirect.Content = new StringContent(redirectURL);
redirect.Headers.Location = new Uri(redirectURL);
return(redirect);
}
}
catch (Exception e)
{
var httpResponse = new HttpResponseMessage(HttpStatusCode.InternalServerError)
{
Content = new StringContent("Unable to login at this time")
};
return(httpResponse);
}
}
public void Logout_Fail_InvalidRequest()
{
// Arrange
SSOUserRequest request = new SSOUserRequest
{
ssoUserId = "b33ae8eb-9cfa-4c7d-91cc-b0e2ecc74792",
email = "*****@*****.**",
timestamp = "1556421373491",
signature = "2d+xE3d0PegywQ812+BBn8TjA4FS/GC/06yMci4OVNU"
};
var expected = new HttpResponseMessage(HttpStatusCode.BadRequest);
// Act
var actual = sessionMan.Logout(request.email);
// Assert
Assert.AreEqual(expected.StatusCode, actual.StatusCode);
}
public void Logout_Pass()
{
// Arrange
SSOUserRequest request = new SSOUserRequest
{
ssoUserId = "b33ae8eb-9cfa-4c7d-91cc-b0e2ecc74792",
email = "*****@*****.**",
timestamp = "1556421373491",
signature = "2d+xE3d0PegywQ812+BBn8TjA4FS/GC/06yMci4OVNU="
};
var expected = new HttpResponseMessage(HttpStatusCode.OK)
{
Content = new StringContent("User has logged out of GreetNGroup")
};
// Act
var actual = sessionMan.Logout(request.email);
// Assert
Assert.AreEqual(expected.StatusCode, actual.StatusCode);
}
public void Logout_Fail_UserNotInDB()
{
// Arrange
SSOUserRequest request = new SSOUserRequest
{
ssoUserId = "b33ae8eb-9cfa-4c7d-91cc-b0e2ecc74792",
email = "*****@*****.**",
timestamp = "1556421373491",
signature = "2d+xE3d0PegywQ812+BBn8TjA4FS/GC/06yMci4OVNU"
};
userMan.DeleteUser("*****@*****.**");
var expected = new HttpResponseMessage(HttpStatusCode.NotFound)
{
Content = new StringContent("User Does Not Exist")
};
// Act
var actual = sessionMan.Logout(request.email);
// Assert
Assert.AreEqual(expected.StatusCode, actual.StatusCode);
}
