コード例 #1
0
        public async Task NullPassword_ThrowsException()
        {
            // Arrange
            var userManager = SecurityMockHelpers.TestCustomUserManager();
            var target      = userManager.PasswordValidators.First();

            // Act, Assert
            await Assert.ThrowsAsync <ArgumentNullException>(async() => await target.ValidateAsync(userManager, new ApplicationUser(), null));
        }
コード例 #2
0
        public async Task PasswordValidator_ValidatesByPasswordOptions(
            string password,
            bool requireUpperCase,
            bool requireLowerCase,
            bool requireDigits,
            bool requireSpecialCharacters,
            int minLength,
            bool expectedIsValid,
            bool expectedMustBeLonger,
            bool expectedMustHaveUpper,
            bool expectedMustHaveLower,
            bool expectedMustHaveDigit,
            bool expectedMustHaveNonAlphanumeric)
        {
            // Arrange
            var options = new IdentityOptions
            {
                Password = new PasswordOptions
                {
                    RequiredLength         = minLength,
                    RequireUppercase       = requireUpperCase,
                    RequireLowercase       = requireLowerCase,
                    RequireDigit           = requireDigits,
                    RequireNonAlphanumeric = requireSpecialCharacters
                }
            };

            var user = new ApplicationUser {
                Id = "id1"
            };
            var userStoreMock = new Mock <IUserStore <ApplicationUser> >();

            userStoreMock.Setup(x => x.FindByIdAsync(user.Id, CancellationToken.None)).ReturnsAsync(user);

            var userManager = SecurityMockHelpers.TestCustomUserManager(userStoreMock, identityOptions: options);
            var target      = userManager.PasswordValidators.First();
            //var target = new CustomPasswordValidator(new CustomIdentityErrorDescriber(), _repositoryFactory, null);

            // Act
            var result = await target.ValidateAsync(userManager, user, password);

            // Assert
            Assert.Equal(expectedIsValid, result.Succeeded);

            Assert.Equal(expectedMustBeLonger, ExistsErrorByCode(result, nameof(IdentityErrorDescriber.PasswordTooShort)));
            if (expectedMustBeLonger)
            {
                var tooShort = TryFindErrorByCode(result, nameof(IdentityErrorDescriber.PasswordTooShort));
                Assert.IsType <CustomIdentityError>(tooShort);
                Assert.Equal(minLength, ((CustomIdentityError)tooShort).ErrorParameter);
            }
            Assert.Equal(expectedMustHaveUpper, ExistsErrorByCode(result, nameof(IdentityErrorDescriber.PasswordRequiresUpper)));
            Assert.Equal(expectedMustHaveLower, ExistsErrorByCode(result, nameof(IdentityErrorDescriber.PasswordRequiresLower)));
            Assert.Equal(expectedMustHaveDigit, ExistsErrorByCode(result, nameof(IdentityErrorDescriber.PasswordRequiresDigit)));
            Assert.Equal(expectedMustHaveNonAlphanumeric, ExistsErrorByCode(result, nameof(IdentityErrorDescriber.PasswordRequiresNonAlphanumeric)));
        }
コード例 #3
0
        public async Task UpdateUser_CheckEvents(ApplicationUser user, ApplicationUser oldUser, Action <IEvent>[] assertions)
        {
            //Arrange
            var userStoreMock = new Mock <IUserStore <ApplicationUser> >();

            userStoreMock.Setup(x => x.FindByIdAsync(user.Id, CancellationToken.None)).ReturnsAsync(oldUser);
            var eventPublisher = new EventPublisherStub();

            var userManager = SecurityMockHelpers.TestCustomUserManager(userStoreMock, eventPublisher);

            //Act
            var result = await userManager.UpdateAsync(user);

            //Assert
            result.Succeeded.Should().BeTrue();
            eventPublisher.Events.Should().SatisfyRespectively(assertions);
        }
コード例 #4
0
        public async Task ChangePassword_CheckEvents(ApplicationUser user, Action <IEvent>[] assertions)
        {
            //Arrange
            var userStoreMock = new Mock <IUserStore <ApplicationUser> >();

            userStoreMock.Setup(x => x.FindByIdAsync(user.Id, CancellationToken.None)).ReturnsAsync(user);
            userStoreMock.As <IUserPasswordStore <ApplicationUser> >()
            .Setup(x => x.GetPasswordHashAsync(It.IsAny <ApplicationUser>(), It.IsAny <CancellationToken>()))
            .ReturnsAsync(user.PasswordHash);
            var eventPublisher = new EventPublisherStub();

            var userManager = SecurityMockHelpers.TestCustomUserManager(userStoreMock, eventPublisher);

            //Act
            var result = await userManager.ChangePasswordAsync(user, "current_pass", "Qwerty123!");

            //Assert
            result.Succeeded.Should().BeTrue();
            eventPublisher.Events.Should().SatisfyRespectively(assertions);
        }
コード例 #5
0
        public async Task PasswordValidator_ValidatesByPasswordHistory(
            string password,
            int passwordRepeatHistory,
            bool expectedIsValid)
        {
            // Arrange
            const string userId = "id1";

            string Hash(string p) => $"hash-{p}";

            var entities = Enumerable.Range(1, passwordRepeatHistory)
                           .Select(i => new UserPasswordHistoryEntity {
                UserId = userId, PasswordHash = Hash($"paS$word{i}"), CreatedDate = DateTime.UtcNow.AddDays(-i)
            })
                           .ToArray();

            var securityRepositoryMock = new Mock <ISecurityRepository>();

            securityRepositoryMock.Setup(x => x.GetUserPasswordsHistoryAsync(It.IsAny <string>(), It.IsAny <int>())).ReturnsAsync(entities);
            ISecurityRepository repositoryFactory() => securityRepositoryMock.Object;

            var passwordHasher = new Mock <IUserPasswordHasher>();

            passwordHasher.Setup(x => x.HashPassword(It.IsAny <ApplicationUser>(), It.IsAny <string>()))
            .Returns <ApplicationUser, string>((user, password) => Hash(password));
            passwordHasher.Setup(x => x.VerifyHashedPassword(It.IsAny <ApplicationUser>(), It.IsAny <string>(), It.IsAny <string>()))
            .Returns <ApplicationUser, string, string>((user, hash, password) => hash == Hash(password) ? PasswordVerificationResult.Success : PasswordVerificationResult.Failed);

            var userManager = SecurityMockHelpers.TestCustomUserManager(repositoryFactory: repositoryFactory, passwordHasher: passwordHasher);
            var user        = new ApplicationUser {
                Id = userId
            };
            var target = userManager.PasswordValidators.First();

            // Act
            var result = await target.ValidateAsync(userManager, user, password);

            // Assert
            Assert.Equal(expectedIsValid, result.Succeeded);
            Assert.Equal(expectedIsValid, !ExistsErrorByCode(result, CustomPasswordValidator.RecentPasswordUsed));
        }
コード例 #6
0
        public async Task TestUserPasswordExpiry(DateTime?lastPasswordChangedDate, TimeSpan?maxPasswordAge, bool isPasswordExpired)
        {
            //Arrange
            var user = new ApplicationUser {
                Id = "id1", LastPasswordChangedDate = lastPasswordChangedDate
            };
            var userStoreMock = new Mock <IUserStore <ApplicationUser> >();

            userStoreMock.Setup(x => x.FindByIdAsync(user.Id, CancellationToken.None)).ReturnsAsync(user);

            var userManager = SecurityMockHelpers.TestCustomUserManager(userStoreMock, new UserOptionsExtended
            {
                MaxPasswordAge = maxPasswordAge
            },
                                                                        GetPlatformMemoryCache());

            //Act
            user = await userManager.FindByIdAsync(user.Id);

            //Assert
            Assert.Equal(isPasswordExpired, user.PasswordExpired);
        }
コード例 #7
0
        public async Task ResetPassword_CheckEvents(ApplicationUser user, Action <IEvent>[] assertions)
        {
            //Arrange
            var userStoreMock = new Mock <IUserStore <ApplicationUser> >();

            userStoreMock.Setup(x => x.FindByIdAsync(user.Id, CancellationToken.None)).ReturnsAsync(user);
            userStoreMock.As <IUserPasswordStore <ApplicationUser> >()
            .Setup(x => x.SetPasswordHashAsync(user, user.PasswordHash, CancellationToken.None))
            .Returns(Task.CompletedTask);
            var eventPublisher = new EventPublisherStub();

            var userManager = SecurityMockHelpers.TestCustomUserManager(userStoreMock, eventPublisher);

            userManager.RegisterTokenProvider("Static", new StaticTokenProvider());
            userManager.Options.Tokens.PasswordResetTokenProvider = "Static";
            var token = await userManager.GeneratePasswordResetTokenAsync(user);

            //Act
            var result = await userManager.ResetPasswordAsync(user, token, "Qwerty123!");

            //Assert
            result.Succeeded.Should().BeTrue();
            eventPublisher.Events.Should().SatisfyRespectively(assertions);
        }