public ExternalUserAssociationMatchResult ExternalUserAssociationCheck(ExternalAuthenticationResult externalAuthenticationResult, string ip) { if (externalAuthenticationResult == null) throw new ArgumentNullException("externalAuthenticationResult"); var match = _externalUserAssociationRepository.Get(externalAuthenticationResult.Issuer, externalAuthenticationResult.ProviderKey); if (match == null) { _securityLogService.CreateLogEntry((int?)null, null, ip, String.Format("Issuer: {0}, Provider: {1}, Name: {2}", externalAuthenticationResult.Issuer, externalAuthenticationResult.ProviderKey, externalAuthenticationResult.Name), SecurityLogType.ExternalAssociationCheckFailed); return new ExternalUserAssociationMatchResult {Successful = false}; } var user = _userRepository.GetUser(match.UserID); if (user == null) { _securityLogService.CreateLogEntry((int?)null, null, ip, String.Format("Issuer: {0}, Provider: {1}, Name: {2}", externalAuthenticationResult.Issuer, externalAuthenticationResult.ProviderKey, externalAuthenticationResult.Name), SecurityLogType.ExternalAssociationCheckFailed); return new ExternalUserAssociationMatchResult {Successful = false}; } var result = new ExternalUserAssociationMatchResult { Successful = true, ExternalUserAssociation = match, User = user }; _securityLogService.CreateLogEntry(user, user, ip, String.Format("Issuer: {0}, Provider: {1}, Name: {2}", match.Issuer, match.ProviderKey, match.Name), SecurityLogType.ExternalAssociationCheckSuccessful); return result; }
public ExternalUserAssociationMatchResult ExternalUserAssociationCheck(ExternalAuthenticationResult externalAuthenticationResult, string ip) { if (externalAuthenticationResult == null) { throw new ArgumentNullException("externalAuthenticationResult"); } var match = _externalUserAssociationRepository.Get(externalAuthenticationResult.Issuer, externalAuthenticationResult.ProviderKey); if (match == null) { _securityLogService.CreateLogEntry((int?)null, null, ip, String.Format("Issuer: {0}, Provider: {1}, Name: {2}", externalAuthenticationResult.Issuer, externalAuthenticationResult.ProviderKey, externalAuthenticationResult.Name), SecurityLogType.ExternalAssociationCheckFailed); return(new ExternalUserAssociationMatchResult { Successful = false }); } var user = _userRepository.GetUser(match.UserID); if (user == null) { _securityLogService.CreateLogEntry((int?)null, null, ip, String.Format("Issuer: {0}, Provider: {1}, Name: {2}", externalAuthenticationResult.Issuer, externalAuthenticationResult.ProviderKey, externalAuthenticationResult.Name), SecurityLogType.ExternalAssociationCheckFailed); return(new ExternalUserAssociationMatchResult { Successful = false }); } var result = new ExternalUserAssociationMatchResult { Successful = true, ExternalUserAssociation = match, User = user }; _securityLogService.CreateLogEntry(user, user, ip, String.Format("Issuer: {0}, Provider: {1}, Name: {2}", match.Issuer, match.ProviderKey, match.Name), SecurityLogType.ExternalAssociationCheckSuccessful); return(result); }
public async Task<ExternalAuthenticationResult> GetAuthenticationResult(IAuthenticationManager authenticationManager) { var authResult = await authenticationManager.AuthenticateAsync(ExternalCookieName); if (authResult == null) return null; if (!authResult.Identity.IsAuthenticated) return null; var externalIdentity = authResult.Identity; var providerKeyClaim = externalIdentity.FindFirst(ClaimTypes.NameIdentifier); var issuer = providerKeyClaim.Issuer; var providerKey = providerKeyClaim.Value; var name = externalIdentity.FindFirstValue(ClaimTypes.Name); var email = externalIdentity.FindFirstValue(ClaimTypes.Email); if (String.IsNullOrEmpty(issuer)) throw new NullReferenceException("The identity claims contain no issuer."); if (String.IsNullOrEmpty(providerKey)) throw new NullReferenceException("The identity claims contain no provider key"); var result = new ExternalAuthenticationResult { Issuer = issuer, ProviderKey = providerKey, Name = name, Email = email }; return result; }
public void Associate(User user, ExternalAuthenticationResult externalAuthenticationResult, string ip) { if (user == null) throw new ArgumentNullException("user"); if (externalAuthenticationResult != null) { if (String.IsNullOrEmpty(externalAuthenticationResult.Issuer)) throw new NullReferenceException("The identity claims contain no issuer."); if (String.IsNullOrEmpty(externalAuthenticationResult.ProviderKey)) throw new NullReferenceException("The identity claims contain no provider key"); _externalUserAssociationRepository.Save(user.UserID, externalAuthenticationResult.Issuer, externalAuthenticationResult.ProviderKey, externalAuthenticationResult.Name); _securityLogService.CreateLogEntry(user, user, ip, String.Format("Issuer: {0}, Provider: {1}, Name: {2}", externalAuthenticationResult.Issuer, externalAuthenticationResult.ProviderKey, externalAuthenticationResult.Name), SecurityLogType.ExternalAssociationSet); } }
public void ExternalUserAssociationCheckResultTrueWithHydratedResultIfMatchingAssociationAndUser() { var manager = GetManager(); var association = new ExternalUserAssociation { Issuer = "Google", UserID = 123, ProviderKey = "abc"}; var user = new User(association.UserID, DateTime.MinValue); _externalUserAssociationRepo.Setup(x => x.Get(association.Issuer, association.ProviderKey)).Returns(association); _userRepo.Setup(x => x.GetUser(association.UserID)).Returns(user); var authResult = new ExternalAuthenticationResult {Issuer = "Google", ProviderKey = "abc"}; var result = manager.ExternalUserAssociationCheck(authResult, ""); Assert.IsTrue(result.Successful); Assert.AreSame(user, result.User); Assert.AreSame(association, result.ExternalUserAssociation); }
public void Associate(User user, ExternalAuthenticationResult externalAuthenticationResult, string ip) { if (user == null) { throw new ArgumentNullException("user"); } if (externalAuthenticationResult != null) { if (String.IsNullOrEmpty(externalAuthenticationResult.Issuer)) { throw new NullReferenceException("The identity claims contain no issuer."); } if (String.IsNullOrEmpty(externalAuthenticationResult.ProviderKey)) { throw new NullReferenceException("The identity claims contain no provider key"); } _externalUserAssociationRepository.Save(user.UserID, externalAuthenticationResult.Issuer, externalAuthenticationResult.ProviderKey, externalAuthenticationResult.Name); _securityLogService.CreateLogEntry(user, user, ip, String.Format("Issuer: {0}, Provider: {1}, Name: {2}", externalAuthenticationResult.Issuer, externalAuthenticationResult.ProviderKey, externalAuthenticationResult.Name), SecurityLogType.ExternalAssociationSet); } }
public async Task <ExternalAuthenticationResult> GetAuthenticationResult(IAuthenticationManager authenticationManager) { var authResult = await authenticationManager.AuthenticateAsync(ExternalCookieName); if (authResult == null) { return(null); } if (!authResult.Identity.IsAuthenticated) { return(null); } var externalIdentity = authResult.Identity; var providerKeyClaim = externalIdentity.FindFirst(ClaimTypes.NameIdentifier); var issuer = providerKeyClaim.Issuer; var providerKey = providerKeyClaim.Value; var name = externalIdentity.FindFirstValue(ClaimTypes.Name); var email = externalIdentity.FindFirstValue(ClaimTypes.Email); if (String.IsNullOrEmpty(issuer)) { throw new NullReferenceException("The identity claims contain no issuer."); } if (String.IsNullOrEmpty(providerKey)) { throw new NullReferenceException("The identity claims contain no provider key"); } var result = new ExternalAuthenticationResult { Issuer = issuer, ProviderKey = providerKey, Name = name, Email = email }; return(result); }
public void LoginAndAssociateSuccess() { const string email = "*****@*****.**"; const string password = "******"; var user = new User(12, DateTime.MaxValue) {Email = email}; const bool persist = true; var controller = GetController(); var contextHelper = new HttpContextHelper(); contextHelper.MockRequest.Setup(x => x.UserHostAddress).Returns(String.Empty); controller.ControllerContext = new ControllerContext(contextHelper.MockContext.Object, new RouteData(), controller); _userService.Setup(u => u.Login(email, password, persist, contextHelper.MockContext.Object)).Returns(true); _userService.Setup(x => x.GetUserByEmail(email)).Returns(user); var authManager = new Mock<IAuthenticationManager>(); _owinContext.Setup(x => x.Authentication).Returns(authManager.Object); var externalAuthResult = new ExternalAuthenticationResult(); var authResult = Task.FromResult(externalAuthResult); _externalAuth.Setup(x => x.GetAuthenticationResult(authManager.Object)).Returns(authResult); var result = controller.LoginAndAssociate(email, password, persist).Result; _userAssociation.Verify(x => x.Associate(user, authResult.Result, It.IsAny<string>())); _userService.Verify(u => u.Login(email, password, persist, contextHelper.MockContext.Object), Times.Once()); Assert.IsInstanceOf<JsonResult>(result); var resultObject = (BasicJsonMessage)result.Data; Assert.IsTrue(resultObject.Result); }
public void CreateValidCallExternalAuthAssociateWithAuthResult() { var controller = GetController(); MockUpUrl(controller); _userService.Setup(u => u.IsEmailInUse(It.IsAny<string>())).Returns(false); _userService.Setup(u => u.IsNameInUse(It.IsAny<string>())).Returns(false); var user = UserServiceTests.GetDummyUser("Diana", "*****@*****.**"); var signUp = new SignupData { Email = "*****@*****.**", IsCoppa = true, IsDaylightSaving = true, IsSubscribed = true, IsTos = true, Name = "Diana", Password = "******", PasswordRetype = "passwerd", TimeZone = -5 }; _userService.Setup(u => u.CreateUser(signUp, It.IsAny<string>())).Returns(user); _newAccountMailer.Setup(n => n.Send(It.IsAny<User>(), It.IsAny<string>())).Returns(System.Net.Mail.SmtpStatusCode.CommandNotImplemented); var settings = new Settings { IsNewUserApproved = true }; _settingsManager.Setup(s => s.Current).Returns(settings); var authManager = new Mock<IAuthenticationManager>(); _owinContext.Setup(x => x.Authentication).Returns(authManager.Object); var externalAuthResult = new ExternalAuthenticationResult(); var authResult = Task.FromResult(externalAuthResult); _externalAuth.Setup(x => x.GetAuthenticationResult(authManager.Object)).Returns(authResult); var result = controller.Create(signUp).Result; _userAssociationManager.Verify(x => x.Associate(user, externalAuthResult, It.IsAny<string>()), Times.Once()); }
public void ExternalUserAssociationCheckResultFalseNoMatchCallsSecurityLog() { var manager = GetManager(); var user = new User(123, DateTime.MinValue); _externalUserAssociationRepo.Setup(x => x.Get(It.IsAny<string>(), It.IsAny<string>())).Returns((ExternalUserAssociation)null); const string ip = "1.1.1.1"; var authResult = new ExternalAuthenticationResult { Issuer = "Google", ProviderKey = "abc" }; manager.ExternalUserAssociationCheck(authResult, ip); _securityLogService.Verify(x => x.CreateLogEntry((int?)null, null, ip, It.IsAny<string>(), SecurityLogType.ExternalAssociationCheckFailed), Times.Once()); }
public void ExternalUserAssociationCheckResultTrueCallsSecurityLog() { var manager = GetManager(); var association = new ExternalUserAssociation { Issuer = "Google", UserID = 123, ProviderKey = "abc" }; var user = new User(association.UserID, DateTime.MinValue); _externalUserAssociationRepo.Setup(x => x.Get(association.Issuer, association.ProviderKey)).Returns(association); _userRepo.Setup(x => x.GetUser(association.UserID)).Returns(user); const string ip = "1.1.1.1"; var authResult = new ExternalAuthenticationResult { Issuer = "Google", ProviderKey = "abc" }; manager.ExternalUserAssociationCheck(authResult, ip); _securityLogService.Verify(x => x.CreateLogEntry(user, user, ip, It.IsAny<string>(), SecurityLogType.ExternalAssociationCheckSuccessful)); }
public void AssociateSuccessCallsSecurityLog() { var manager = GetManager(); var user = new User(123, DateTime.MinValue); var externalAuthResult = new ExternalAuthenticationResult { Issuer = "weihf", ProviderKey = "weoihf", Name = "woehf" }; const string ip = "1.1.1.1"; manager.Associate(user, externalAuthResult, ip); _securityLogService.Verify(x => x.CreateLogEntry(user, user, ip, It.IsAny<string>(), SecurityLogType.ExternalAssociationSet), Times.Once()); }
public void AssociateMapsObjectsToRepoCall() { var manager = GetManager(); var user = new User(123, DateTime.MinValue); var externalAuthResult = new ExternalAuthenticationResult {Issuer = "weihf", ProviderKey = "weoihf", Name = "woehf"}; manager.Associate(user, externalAuthResult, String.Empty); _externalUserAssociationRepo.Verify(x => x.Save(user.UserID, externalAuthResult.Issuer, externalAuthResult.ProviderKey, externalAuthResult.Name), Times.Once()); }
public void ExternalUserAssociationCheckResultFalseNoUserCallsSecurityLog() { var manager = GetManager(); var association = new ExternalUserAssociation { Issuer = "Google", UserID = 123, ProviderKey = "abc" }; _externalUserAssociationRepo.Setup(x => x.Get(association.Issuer, association.ProviderKey)).Returns(association); _userRepo.Setup(x => x.GetUser(association.UserID)).Returns((User)null); const string ip = "1.1.1.1"; var authResult = new ExternalAuthenticationResult { Issuer = "Google", ProviderKey = "abc" }; manager.ExternalUserAssociationCheck(authResult, ip); _securityLogService.Verify(x => x.CreateLogEntry((int?)null, null, ip, It.IsAny<string>(), SecurityLogType.ExternalAssociationCheckFailed), Times.Once()); }