//[Fact]
public async System.Threading.Tasks.Task VerifyConsentCode__WithABadCode()
{
var loginUser = randomNewUserName("NewLoginUser", 6);
var strId = await LoginAndRegisterAsNewUser(loginUser);
var id = Guid.NewGuid();
var individualId = Guid.NewGuid();
ViewModels.SecurityConsentConfirmation securityConsentConfirmation = new ViewModels.SecurityConsentConfirmation()
{
email = "",
parentid = id.ToString(),
individualid = individualId.ToString()
};
//Use a random encryption key
string _encryptionKey = Guid.NewGuid().ToString();
string json = JsonConvert.SerializeObject(securityConsentConfirmation);
string code = System.Net.WebUtility.UrlEncode(Utility.EncryptionUtility.EncryptString(json, _encryptionKey));
var request = new HttpRequestMessage(HttpMethod.Get, $"/api/{service}/{id}/verifyconsentcode/{individualId}/?code={code}");
var response = await _client.SendAsync(request);
var jsonResult = await response.Content.ReadAsStringAsync();
string result = JsonConvert.DeserializeObject <String>(jsonResult);
response.EnsureSuccessStatusCode();
Assert.Equal("error", result, true);
await LogoutAndCleanupTestUser(strId);
}
public JsonResult VerifyConsentCode(string id, string individualid, string code)
{
string result = "Error";
// validate the code.
string decrypted = EncryptionUtility.DecryptString(code, _encryptionKey);
if (decrypted != null)
{
// convert the json back to an object.
ViewModels.SecurityConsentConfirmation consentConfirmation = JsonConvert.DeserializeObject <ViewModels.SecurityConsentConfirmation>(decrypted);
// check that the keys match.
if (id.Equals(consentConfirmation.parentid) && individualid.Equals(consentConfirmation.individualid))
{
// update the appropriate dynamics record here.
result = "Success";
}
}
return(Json(result));
}
/// <summary>
/// Generate a link to be sent to an email address.
/// </summary>
/// <param name="email"></param>
/// <param name="individualId"></param>
/// <param name="parentId"></param>
/// <returns></returns>
private string GetConsentLink(string email, string individualId, string parentId)
{
string result = Configuration["BASE_URI"] + Configuration["BASE_PATH"];
result += "/bcservice?path=/security-consent/" + parentId + "/" + individualId + "?code=";
// create a newsletter confirmation object.
ViewModels.SecurityConsentConfirmation securityConsentConfirmation = new ViewModels.SecurityConsentConfirmation()
{
email = email,
parentid = parentId,
individualid = individualId
};
// convert it to a json string.
string json = JsonConvert.SerializeObject(securityConsentConfirmation);
// encrypt that using two way encryption.
result += System.Net.WebUtility.UrlEncode(EncryptionUtility.EncryptString(json, _encryptionKey));
return(result);
}