public void ValidateUserNameValidPassword() { var controller = new IdentityController(); // 1- Get a random password challenge string from the web service. const string requestId = "ec609a4f"; var challengeString = controller.GetPasswordChallenge(requestId); Assert.IsFalse(string.IsNullOrEmpty(challengeString)); // 2 - Hash the challenge string with the correct password and ask the web service to validate the hash. var result = controller.GetIsValid("JohnDoe", requestId, CreatePasswordHash("pwd", challengeString)); // 3- Verify that credentials were validated. Assert.IsNotNull(result); Assert.AreEqual(result.UserName, "JohnDoe"); }
public void ValidateUserNameInvalidPassword() { var sawException = false; var controller = new IdentityController(); // 1- Get a random password challenge string from the web service. const string requestId = "ec609a4f"; var challengeString = controller.GetPasswordChallenge(requestId); Assert.IsFalse(string.IsNullOrEmpty(challengeString)); try { // 2 - Hash the challenge string with an invalid password and ask the web service to validate the hash. var result = controller.GetIsValid("JohnDoe", requestId, CreatePasswordHash("InvalidPassword", challengeString)); } catch (HttpResponseException ex) { // 3- Verify that a 401 Status code was returned through the exception (handled by ASP.NET) Assert.AreEqual(HttpStatusCode.Unauthorized, ex.Response.StatusCode); sawException = true; } // Verify that authentication failed for invalid password Assert.IsTrue(sawException); }