public static ApiSessionToken CreateApiSessionToken(EFDbContext dbContext, User user) { var apiSessionToken = new ApiSessionToken(user, 20); dbContext.ApiSessionTokens.Add(apiSessionToken); dbContext.SaveChanges(); return(apiSessionToken); }
public ApiSessionToken Add(User user, int timeout) { var apiToken = new ApiSessionToken(user, timeout); _apiSessionTokenRepository.Add(apiToken); _unitOfWork.Commit(); return(apiToken); }
public override void OnActionExecuted(HttpActionExecutedContext actionExecutedContext) { base.OnActionExecuted(actionExecutedContext); if (actionExecutedContext.Exception != null) { return; } ApiSessionToken sessionToken = null; var identity = HttpContext.Current.User?.Identity; if (identity?.AuthenticationType != null && identity.AuthenticationType == Constants.ApiSessionKeySchemeName) { var apiSessionTokenService = ObjectFactory.Container.GetInstance <IApiSessionTokenService>(); sessionToken = apiSessionTokenService.Details(Guid.Parse(identity.Name)); } ApiResponse response; if (sessionToken != null) { response = actionExecutedContext.Response.Content == null ? new SessionResponse { Success = true, ExpirationDate = sessionToken.ExpirationDate } : new SessionDataResponse { Success = true, Data = ((ObjectContent)actionExecutedContext.Response.Content).Value, ExpirationDate = sessionToken.ExpirationDate }; } else { response = actionExecutedContext.Response.Content == null ? new NonSessionResponse { Success = true } : new NonSessionDataResponse { Success = true, Data = ((ObjectContent)actionExecutedContext.Response.Content).Value }; } actionExecutedContext.Response = actionExecutedContext.Request.CreateResponse(HttpStatusCode.OK, response); }
public new static void ClassInitialize() { TestsConfiguration.ClassInitialize(); var dbContext = Container.GetInstance <EFDbContext>(); User = TestsDataInitialize.CreateUser(dbContext); Customer = dbContext.Customers.First(c => c.Id == User.CustomerId); ApiSessionToken = TestsDataInitialize.CreateApiSessionToken(dbContext, User); var httpContextInitialize = new TestsHttpContextInitialize(new Uri("http://john-domain.saaspro.net/"), User, Container.GetInstance <ICustomerHost>()); HttpContext.Current = httpContextInitialize.GetTestApiHttpContext(ApiSessionToken); HttpContext.Current.Items[Constants.CurrentCustomerInstanceKey] = Customer; }
public HttpContext GetTestApiHttpContext(ApiSessionToken apiToken) { var httpRequest = new HttpRequest("", _siteUri.AbsoluteUri, ""); var stringWriter = new StringWriter(); var httpResponse = new HttpResponse(stringWriter); httpRequest.Browser = GetHttpBrowser(); var httpContext = new HttpContext(httpRequest, httpResponse); httpContext.User = new GenericPrincipal(new GenericIdentity(apiToken.Id.ToString(), Constants.ApiSessionKeySchemeName), null); httpContext.Items[Constants.CurrentCustomerInstanceKey] = GetCustomerInstance(); return(httpContext); }
public void T02_ValidateSecurityAnswer() { // empty model checking var answerModel = new ValidateSecurityAnswerModel(); ValidateApiModel(answerModel); try { Controller.ValidateSecurityAnswer(answerModel); Assert.Fail("Empty validate answer model passed test"); } catch (Exception ex) { Assert.IsInstanceOfType(ex, typeof(ModelException), "For empty validate answer model incorrect type exception is thrown"); } Controller.ModelState.Clear(); // incorrect answer checking ApiSessionToken.UpdateSecurityQuestion(User.SecurityQuestions.First()); answerModel.Answer = "wrong"; ValidateApiModel(answerModel); try { Controller.ValidateSecurityAnswer(answerModel); Assert.Fail("Validation with incorrect answer passed test"); } catch (Exception ex) { Assert.IsInstanceOfType(ex, typeof(ApiException), "For wrong answer incorrect type exception is thrown"); Assert.AreEqual(((ApiException)ex).Error, ApiException.Errors.Auth.IncorrectSecurityAnswer, "For wrong answer incorrect error is returned"); } Controller.ModelState.Clear(); // correct answer checking ApiSessionToken.UpdateSecurityQuestion(User.SecurityQuestions.First()); answerModel.Answer = "b"; ValidateApiModel(answerModel); try { Controller.ValidateSecurityAnswer(answerModel); } catch (Exception ex) { Assert.Fail("Validation with correct answer not passed test"); } Controller.ModelState.Clear(); }