public async Task NullPassword_ThrowsException() { // Arrange var userManager = SecurityMockHelpers.TestCustomUserManager(); var target = userManager.PasswordValidators.First(); // Act, Assert await Assert.ThrowsAsync <ArgumentNullException>(async() => await target.ValidateAsync(userManager, new ApplicationUser(), null)); }
public async Task PasswordValidator_ValidatesByPasswordOptions( string password, bool requireUpperCase, bool requireLowerCase, bool requireDigits, bool requireSpecialCharacters, int minLength, bool expectedIsValid, bool expectedMustBeLonger, bool expectedMustHaveUpper, bool expectedMustHaveLower, bool expectedMustHaveDigit, bool expectedMustHaveNonAlphanumeric) { // Arrange var options = new IdentityOptions { Password = new PasswordOptions { RequiredLength = minLength, RequireUppercase = requireUpperCase, RequireLowercase = requireLowerCase, RequireDigit = requireDigits, RequireNonAlphanumeric = requireSpecialCharacters } }; var user = new ApplicationUser { Id = "id1" }; var userStoreMock = new Mock <IUserStore <ApplicationUser> >(); userStoreMock.Setup(x => x.FindByIdAsync(user.Id, CancellationToken.None)).ReturnsAsync(user); var userManager = SecurityMockHelpers.TestCustomUserManager(userStoreMock, identityOptions: options); var target = userManager.PasswordValidators.First(); //var target = new CustomPasswordValidator(new CustomIdentityErrorDescriber(), _repositoryFactory, null); // Act var result = await target.ValidateAsync(userManager, user, password); // Assert Assert.Equal(expectedIsValid, result.Succeeded); Assert.Equal(expectedMustBeLonger, ExistsErrorByCode(result, nameof(IdentityErrorDescriber.PasswordTooShort))); if (expectedMustBeLonger) { var tooShort = TryFindErrorByCode(result, nameof(IdentityErrorDescriber.PasswordTooShort)); Assert.IsType <CustomIdentityError>(tooShort); Assert.Equal(minLength, ((CustomIdentityError)tooShort).ErrorParameter); } Assert.Equal(expectedMustHaveUpper, ExistsErrorByCode(result, nameof(IdentityErrorDescriber.PasswordRequiresUpper))); Assert.Equal(expectedMustHaveLower, ExistsErrorByCode(result, nameof(IdentityErrorDescriber.PasswordRequiresLower))); Assert.Equal(expectedMustHaveDigit, ExistsErrorByCode(result, nameof(IdentityErrorDescriber.PasswordRequiresDigit))); Assert.Equal(expectedMustHaveNonAlphanumeric, ExistsErrorByCode(result, nameof(IdentityErrorDescriber.PasswordRequiresNonAlphanumeric))); }
public async Task UpdateUser_CheckEvents(ApplicationUser user, ApplicationUser oldUser, Action <IEvent>[] assertions) { //Arrange var userStoreMock = new Mock <IUserStore <ApplicationUser> >(); userStoreMock.Setup(x => x.FindByIdAsync(user.Id, CancellationToken.None)).ReturnsAsync(oldUser); var eventPublisher = new EventPublisherStub(); var userManager = SecurityMockHelpers.TestCustomUserManager(userStoreMock, eventPublisher); //Act var result = await userManager.UpdateAsync(user); //Assert result.Succeeded.Should().BeTrue(); eventPublisher.Events.Should().SatisfyRespectively(assertions); }
public async Task ChangePassword_CheckEvents(ApplicationUser user, Action <IEvent>[] assertions) { //Arrange var userStoreMock = new Mock <IUserStore <ApplicationUser> >(); userStoreMock.Setup(x => x.FindByIdAsync(user.Id, CancellationToken.None)).ReturnsAsync(user); userStoreMock.As <IUserPasswordStore <ApplicationUser> >() .Setup(x => x.GetPasswordHashAsync(It.IsAny <ApplicationUser>(), It.IsAny <CancellationToken>())) .ReturnsAsync(user.PasswordHash); var eventPublisher = new EventPublisherStub(); var userManager = SecurityMockHelpers.TestCustomUserManager(userStoreMock, eventPublisher); //Act var result = await userManager.ChangePasswordAsync(user, "current_pass", "Qwerty123!"); //Assert result.Succeeded.Should().BeTrue(); eventPublisher.Events.Should().SatisfyRespectively(assertions); }
public async Task PasswordValidator_ValidatesByPasswordHistory( string password, int passwordRepeatHistory, bool expectedIsValid) { // Arrange const string userId = "id1"; string Hash(string p) => $"hash-{p}"; var entities = Enumerable.Range(1, passwordRepeatHistory) .Select(i => new UserPasswordHistoryEntity { UserId = userId, PasswordHash = Hash($"paS$word{i}"), CreatedDate = DateTime.UtcNow.AddDays(-i) }) .ToArray(); var securityRepositoryMock = new Mock <ISecurityRepository>(); securityRepositoryMock.Setup(x => x.GetUserPasswordsHistoryAsync(It.IsAny <string>(), It.IsAny <int>())).ReturnsAsync(entities); ISecurityRepository repositoryFactory() => securityRepositoryMock.Object; var passwordHasher = new Mock <IUserPasswordHasher>(); passwordHasher.Setup(x => x.HashPassword(It.IsAny <ApplicationUser>(), It.IsAny <string>())) .Returns <ApplicationUser, string>((user, password) => Hash(password)); passwordHasher.Setup(x => x.VerifyHashedPassword(It.IsAny <ApplicationUser>(), It.IsAny <string>(), It.IsAny <string>())) .Returns <ApplicationUser, string, string>((user, hash, password) => hash == Hash(password) ? PasswordVerificationResult.Success : PasswordVerificationResult.Failed); var userManager = SecurityMockHelpers.TestCustomUserManager(repositoryFactory: repositoryFactory, passwordHasher: passwordHasher); var user = new ApplicationUser { Id = userId }; var target = userManager.PasswordValidators.First(); // Act var result = await target.ValidateAsync(userManager, user, password); // Assert Assert.Equal(expectedIsValid, result.Succeeded); Assert.Equal(expectedIsValid, !ExistsErrorByCode(result, CustomPasswordValidator.RecentPasswordUsed)); }
public async Task TestUserPasswordExpiry(DateTime?lastPasswordChangedDate, TimeSpan?maxPasswordAge, bool isPasswordExpired) { //Arrange var user = new ApplicationUser { Id = "id1", LastPasswordChangedDate = lastPasswordChangedDate }; var userStoreMock = new Mock <IUserStore <ApplicationUser> >(); userStoreMock.Setup(x => x.FindByIdAsync(user.Id, CancellationToken.None)).ReturnsAsync(user); var userManager = SecurityMockHelpers.TestCustomUserManager(userStoreMock, new UserOptionsExtended { MaxPasswordAge = maxPasswordAge }, GetPlatformMemoryCache()); //Act user = await userManager.FindByIdAsync(user.Id); //Assert Assert.Equal(isPasswordExpired, user.PasswordExpired); }
public async Task ResetPassword_CheckEvents(ApplicationUser user, Action <IEvent>[] assertions) { //Arrange var userStoreMock = new Mock <IUserStore <ApplicationUser> >(); userStoreMock.Setup(x => x.FindByIdAsync(user.Id, CancellationToken.None)).ReturnsAsync(user); userStoreMock.As <IUserPasswordStore <ApplicationUser> >() .Setup(x => x.SetPasswordHashAsync(user, user.PasswordHash, CancellationToken.None)) .Returns(Task.CompletedTask); var eventPublisher = new EventPublisherStub(); var userManager = SecurityMockHelpers.TestCustomUserManager(userStoreMock, eventPublisher); userManager.RegisterTokenProvider("Static", new StaticTokenProvider()); userManager.Options.Tokens.PasswordResetTokenProvider = "Static"; var token = await userManager.GeneratePasswordResetTokenAsync(user); //Act var result = await userManager.ResetPasswordAsync(user, token, "Qwerty123!"); //Assert result.Succeeded.Should().BeTrue(); eventPublisher.Events.Should().SatisfyRespectively(assertions); }