public async Task ValidUser_SucceedsLogin() { // Arrange AccountLoginModel model = new AccountLoginModel { Email = SOME_EMAIL, Password = SOME_PASSWORD }; UserLoginResponse userRepoResult = new UserLoginResponse { UserIsValid = true, UserId = 42 // greater than zero }; // Setup mock Mock <IUserRepository> userRepositoryMock = SetupUserRepositoryMock(userRepoResult); // Act AuthenticateService service = new AuthenticateService(userRepositoryMock.Object); AuthenticateResult results = await service.AuthenticateUser(model); // Assert results.Identity.Should().NotBe(null); string nameClaim = results.Identity.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Name)?.Value; nameClaim.Should().Be(model.Email); }
public async Task ValidationFail_FailsLogin() { // Arrange AccountLoginModel model = new AccountLoginModel { Email = SOME_EMAIL, Password = SOME_PASSWORD }; UserLoginResponse userRepoResult = new UserLoginResponse { Errors = new List <ValidationError> { new ValidationError { Message = "some error" } } }; // Setup mock Mock <IUserRepository> userRepositoryMock = SetupUserRepositoryMock(userRepoResult); // Act AuthenticateService service = new AuthenticateService(userRepositoryMock.Object); AuthenticateResult results = await service.AuthenticateUser(model); // Assert results.Success.Should().Be(false); }
//[RequireHttps] public async Task <IActionResult> Authenticate([FromBody] LoginRequest loginRequest) { if (!ModelState.IsValid) { return(await Task.FromResult(BadRequest(ModelState))); } var token = _authenticateService.AuthenticateUser(loginRequest.Email, loginRequest.Password); if (String.IsNullOrEmpty(token)) { return(await Task.FromResult(BadRequest("Login ou senha inválidos"))); } return(Ok(new { Token = token })); }
public async Task InvalidUser_FailsLogin() { // Arrange AccountLoginModel model = new AccountLoginModel { Email = SOME_EMAIL, Password = SOME_PASSWORD }; UserLoginResponse userRepoResult = new UserLoginResponse { UserIsValid = false }; // Setup mock Mock <IUserRepository> userRepositoryMock = SetupUserRepositoryMock(userRepoResult); // Act AuthenticateService service = new AuthenticateService(userRepositoryMock.Object); AuthenticateResult results = await service.AuthenticateUser(model); // Assert results.Identity.Should().Be(null); }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { var allowedOrigin = context.OwinContext.Get <string>("as:clientAllowedOrigin"); if (allowedOrigin == null) { allowedOrigin = "*"; } context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin }); UnitOfWork u = new UnitOfWork(ReadConfiguration.ConnectionString, ReadConfiguration.DataBaseName); AuthenticateService authenticateService = new AuthenticateService(u); // Validate your user and base on validation return claim identity or invalid_grant error string email = context.UserName; string password = context.Password; var requestParameters = await context.Request.ReadFormAsync(); var OTP = requestParameters["OTP"]; var loginType = requestParameters["loginType"]; bool IsExpired = false; if (loginType == "user") { var authenticateResponse = authenticateService.AuthenticateUser(email, password, ref IsExpired); if (authenticateResponse.Success) { UserModel userModel = (UserModel)authenticateResponse.Data; string userGroups = ""; if (userModel.UserGroups != null && userModel.UserGroups.Count > 0) { foreach (string group in userModel.UserGroups) { userGroups += group + ","; } userGroups = userGroups.Substring(0, userGroups.Length - 1); } var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName)); identity.AddClaim(new Claim(ClaimTypes.Role, "user")); identity.AddClaim(new Claim("sub", context.UserName)); identity.AddClaim(new Claim("Email", context.UserName)); identity.AddClaim(new Claim("OrganizationID", userModel.OrganizationID.ToString())); identity.AddClaim(new Claim("UserID", userModel.UserID)); identity.AddClaim(new Claim("RoleID", userModel.RoleID)); identity.AddClaim(new Claim("DatasourceIds", userModel.CommaSeperatedDatasourceIds)); identity.AddClaim(new Claim("fullName", userModel.FirstName + " " + userModel.LastName)); identity.AddClaim(new Claim("UserGroups", userGroups)); identity.AddClaim(new Claim("PlanPermissionIds", userModel.CommaSeperatedPlanPermissionIds)); var props = new AuthenticationProperties(new Dictionary <string, string> { { "userName", context.UserName }, { "fullName", userModel.FirstName + " " + userModel.LastName }, { "RoleID", userModel.RoleID }, { "IsExpired", IsExpired.ToString() }, { "PlanPermissionIds", userModel.CommaSeperatedPlanPermissionIds }, }); var ticket = new AuthenticationTicket(identity, props); context.Validated(ticket); } else { context.SetError("invalid_grant", authenticateResponse.Message); // context.SetError("invalid_grant", "The user name or password is incorrect."); return; } } else { if (OTP != null) { var authenticateResponse = authenticateService.AuthenticateSuperAdmin(email, password, OTP); // if (((email == "admin") && (password == "admin")) || ((email == "jignesh") && (password == "abc"))) if (authenticateResponse.Success) { UserModel userModel = (UserModel)authenticateResponse.Data; var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName)); identity.AddClaim(new Claim(ClaimTypes.Role, "user")); identity.AddClaim(new Claim("sub", context.UserName)); identity.AddClaim(new Claim("Email", context.UserName)); identity.AddClaim(new Claim("OrganizationID", userModel.OrganizationID.ToString())); identity.AddClaim(new Claim("UserID", userModel.UserID)); identity.AddClaim(new Claim("RoleID", userModel.RoleID)); //identity.AddClaim(new Claim("DatasourceIds", userModel.CommaSeperatedDatasourceIds)); identity.AddClaim(new Claim("fullName", userModel.FirstName + " " + userModel.LastName)); var props = new AuthenticationProperties(new Dictionary <string, string> { { "userName", context.UserName }, { "fullName", userModel.FirstName + " " + userModel.LastName }, { "RoleID", userModel.RoleID }, }); var ticket = new AuthenticationTicket(identity, props); context.Validated(ticket); authenticateService.EmptyOTP(email, password); } else { context.SetError("invalid_grant", "The user name or password or OTP is incorrect."); return; } } else { context.SetError("invalid_grant", "Please Enter OTP"); return; } } }