コード例 #1
0
            public async Task GivenValidCredentials_RespondsWithBearerTokenWithRolesClaim()
            {
                // Arrange
                var url = GetAuthenticateUrl();

                var          userId             = Guid.NewGuid();
                const string emailAddress       = "*****@*****.**";
                const string password           = "******";
                const string productKey         = "This is a product key";
                const string testProductOneName = "Test Product One Name";
                const string testProductTwoName = "Test product Two Name";

                var hashedPassword = BCrypt.Net.BCrypt.HashPassword(password);

                var authenticate = new TestAuthenticateRequestBuilder()
                                   .WithEmailAddress(emailAddress)
                                   .WithPassword(password)
                                   .Build();

                var user = new TestUserEntityBuilder()
                           .WithId(userId)
                           .WithEmailAddress(emailAddress)
                           .WithPassword(hashedPassword)
                           .WithRole(UserRole.Administrator)
                           .Build();

                await _userCollection.InsertOneAsync(user);

                var license = new TestLicenseEntityBuilder()
                              .WithUserId(userId)
                              .WithKey(productKey)
                              .WithProduct(new TestLicenseProductEntityBuilder()
                                           .WithName(testProductOneName)
                                           .Build())
                              .WithProduct(new TestLicenseProductEntityBuilder()
                                           .WithName(testProductTwoName)
                                           .Build())
                              .Build();

                await _licenseCollection.InsertOneAsync(license);

                // Act
                var response = await HttpClient.PostAsJsonAsync(url, authenticate);

                // Assert
                var responseData = await response.Content.ReadFromJsonAsync <AuthenticatedResponse>();

                var jwtSecurityTokenHander = new JwtSecurityTokenHandler();
                var securityToken          = jwtSecurityTokenHander.ReadJwtToken(responseData.BearerToken);

                Assert.Multiple(() =>
                {
                    Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.OK));

                    var roleClaims             = securityToken.Claims.Where(x => x.Type == SubmarineRegisteredClaimNames.Roles);
                    var administratorRoleClaim = roleClaims.FirstOrDefault(x => x.Value == UserRole.Administrator.ToString());

                    Assert.That(administratorRoleClaim, Is.Not.Null);
                });
            }
コード例 #2
0
            public async Task GivenValidCredentials_RespondsWithBearerTokenWithAudienceClaim()
            {
                // Arrange
                var url = GetAuthenticateUrl();

                var          userId             = Guid.NewGuid();
                const string emailAddress       = "*****@*****.**";
                const string password           = "******";
                const string productKey         = "This is a product key";
                const string testProductOneName = "Test Product One Name";
                const string testProductTwoName = "Test product Two Name";

                var hashedPassword = BCrypt.Net.BCrypt.HashPassword(password);

                var authenticate = new TestAuthenticateRequestBuilder()
                                   .WithEmailAddress(emailAddress)
                                   .WithPassword(password)
                                   .Build();

                var user = new TestUserEntityBuilder()
                           .WithId(userId)
                           .WithEmailAddress(emailAddress)
                           .WithPassword(hashedPassword)
                           .Build();

                await _userCollection.InsertOneAsync(user);

                var license = new TestLicenseEntityBuilder()
                              .WithUserId(userId)
                              .WithKey(productKey)
                              .WithProduct(new TestLicenseProductEntityBuilder()
                                           .WithName(testProductOneName)
                                           .Build())
                              .WithProduct(new TestLicenseProductEntityBuilder()
                                           .WithName(testProductTwoName)
                                           .Build())
                              .Build();

                await _licenseCollection.InsertOneAsync(license);

                // Act
                var response = await HttpClient.PostAsJsonAsync(url, authenticate);

                // Assert
                var responseData = await response.Content.ReadFromJsonAsync <AuthenticatedResponse>();

                var jwtSecurityTokenHander = new JwtSecurityTokenHandler();
                var securityToken          = jwtSecurityTokenHander.ReadJwtToken(responseData.BearerToken);

                Assert.Multiple(() =>
                {
                    Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.OK));
                    Assert.That(securityToken.Audiences.Contains(license.Key));
                });
            }
コード例 #3
0
            public async Task GivenValidCredentials_ReturnsBearerToken()
            {
                // Arrange
                var          userId            = Guid.NewGuid();
                const string emailAddress      = "This is an email address";
                const string plainTextPassword = "******";
                const string licenseKey        = "This is a license key";

                var authentication = new TestAuthenticationDtoBuilder()
                                     .WithEmailAddress(emailAddress)
                                     .WithPlainTextPassword(plainTextPassword)
                                     .Build();

                var user = new TestUserEntityBuilder()
                           .WithId(userId)
                           .WithEmailAddress(emailAddress)
                           .WithRole(UserRole.Standard)
                           .Build();

                const bool isPasswordValid = true;

                var unexpiredProduct = new TestLicenseProductEntityBuilder()
                                       .WithName("Unexpired Product Name")
                                       .WithExpiration(DateTime.UtcNow.AddDays(1))
                                       .Build();

                var expiredProduct = new TestLicenseProductEntityBuilder()
                                     .WithName("Expired Product Name")
                                     .WithExpiration(DateTime.UtcNow.AddDays(-2))
                                     .Build();

                var license = new TestLicenseEntityBuilder()
                              .WithKey(licenseKey)
                              .WithProduct(unexpiredProduct)
                              .WithProduct(expiredProduct)
                              .Build();

                const string bearerToken = "This is a bearer token";

                _mediator.SetupHandler <GetUserByEmailQuery, UserEntity>().ReturnsAsync(user);
                _mediator.SetupHandler <CompareHashTextQuery, bool>().ReturnsAsync(isPasswordValid);
                _mediator.SetupHandler <GetLicenseByUserIdQuery, LicenseEntity>().ReturnsAsync(license);
                _mediator.SetupHandler <GenerateBearerTokenQuery, string>().ReturnsAsync(bearerToken);

                // Act
                var result = await _classUnderTest.AuthenticateAsync(authentication, CancellationToken.None);

                // Assert
                Assert.That(result.BearerToken, Is.EqualTo(bearerToken));

                _mediator.VerifyHandler <GetUserByEmailQuery, UserEntity>(query => query.EmailAddress == emailAddress, Times.Once());
                _mediator.VerifyHandler <CompareHashTextQuery, bool>(query => query.Hash == user.Password && query.Text == plainTextPassword, Times.Once());
                _mediator.VerifyHandler <GenerateBearerTokenQuery, string>(query => ValidateGenerateBearerTokenQuery(query, user, licenseKey), Times.Once());
            }