public async Task AdminShouldBeAbleToResetUserPassword(CreateCustomerUserModel createCustomerUserModel)
{
var client = _webbApplicationFactory.CreateClient();
await Utils.CreateCustomer(client, createCustomerUserModel);
await Utils.ActivateUserAsync(client, createCustomerUserModel.Email);
await Utils.LoginAdminAsync(client);
var model = new ChangePasswordByAdminModel
{
NewPassword = "******",
SubjectId = createCustomerUserModel.Id,
};
(await client.PostAsync("api/v1/users/reset-user-password-by-admin", model.ToJsonContent()))
.EnsureSuccessStatusCode();
var extra = new Dictionary <string, string>
{
{ "deviceId", "test-device1" },
};
var tokenResponse = await Utils.RequestPasswordTokenAsync(client, createCustomerUserModel.Email, model.NewPassword, extra);
tokenResponse.IsError.Should().BeFalse();
}
public async Task UserSubscriptionShouldBeExtended(CreateCustomerUserModel model)
{
var client = _webbApplicationFactory.CreateClient();
await Utils.CreateCustomer(client, model);
var result = await Utils.ActivateUserAsync(client, model.Email);
result.Should().BeTrue();
var extra = new Dictionary <string, string>
{
{ "deviceId", "test-device1" },
};
var tokenResponse = await Utils.RequestPasswordTokenAsync(client, model.Email, model.Password, extra);
tokenResponse.IsError.Should().BeFalse();
var expiryDateTime = (await Utils.GetUsersAsync(client)).First(u => u.Email == model.Email)
.ExpiryDateUtc.Value;
Math.Round(expiryDateTime.Subtract(DateTime.UtcNow).TotalDays).Should().Be(365);
await client.PostAsync($"/api/v1/users/extend?id={model.Id}", null);
expiryDateTime = (await Utils.GetUsersAsync(client)).First(u => u.Email == model.Email)
.ExpiryDateUtc.Value;
Math.Round(expiryDateTime.Subtract(DateTime.UtcNow).TotalDays).Should().Be(365 * 2);
}
public async Task ShouldResetPassword(string newPassword, CreateCustomerUserModel model)
{
var client = _webbApplicationFactory.CreateClient();
await Utils.CreateCustomer(client, model);
await Utils.ActivateUserAsync(client, model.Email);
var response =
await client.PostAsync($"/api/v1/users/generate-password-reset-token?email={model.Email}", null);
var token = JsonConvert.DeserializeObject <string>(await response.Content.ReadAsStringAsync());
token.Should().NotBeNullOrEmpty();
response = await client.GetAsync($"{Path}?token={token}&email={model.Email}");
var antiForgeryToken = await response.ExtractAntiForgeryToken();
var formPostBodyData = new Dictionary <string, string>
{
{ "__RequestVerificationToken", antiForgeryToken },
{ "Token", token },
{ "Email", model.Email },
{ "NewPassword", newPassword },
{ "NewPasswordRepeat", newPassword },
};
var request = response.CreatePostRequestWithCookies(formPostBodyData);
response = await client.SendAsync(request);
response.IsSuccessStatusCode.Should().BeTrue();
}
public async Task When_UserIsNotActive_Then_UserShouldNotBeAbleToLogin(CreateCustomerUserModel model)
{
var httpClient = _webbApplicationFactory.CreateClient();
await Utils.CreateCustomer(httpClient, model);
var dbContextFactory = _webbApplicationFactory.Services
.GetService(typeof(ApplicationDbContextFactory))
as ApplicationDbContextFactory;
await using (var dbContext = dbContextFactory.Create())
{
var user = await dbContext.Users.FirstAsync(u => u.Id == model.Id.ToString());
user.ExpiryDateUtc = DateTime.UtcNow.AddDays(100);
await dbContext.SaveChangesAsync();
}
var extra = new Dictionary <string, string>
{
{ "deviceId", "test-device1" },
};
var tokenResponse = await Utils.RequestPasswordTokenAsync(httpClient, model.Email, model.Password, extra);
tokenResponse.IsError.Should().BeTrue();
tokenResponse.ErrorDescription.Should().Be(ErrorCodes.UserNotActive);
}
public static async Task CreateCustomer(HttpClient client, CreateCustomerUserModel model)
{
await SetPrivateClientBearerTokenAsync(client);
var response = await client.PostAsync("/api/v1/users/create", model.ToJsonContent());
response.EnsureSuccessStatusCode();
}
public async Task ShouldDelete(CreateCustomerUserModel model)
{
var client = _webbApplicationFactory.CreateClient();
await Utils.CreateCustomer(client, model);
await Utils.LoginAdminAsync(client);
var response = await client.DeleteAsync($"/api/v1/users/{model.Id}");
response.EnsureSuccessStatusCode();
}
public async Task WhenValidEmailAddressPosted_ThenTokenShouldBeGenerated(CreateCustomerUserModel model)
{
var client = _webbApplicationFactory.CreateClient();
await Utils.CreateCustomer(client, model);
var response =
await client.PostAsync($"/api/v1/users/generate-password-reset-token?email={model.Email}", null);
var token = await response.Content.ReadAsStringAsync();
token.Should().NotBeNullOrEmpty();
}
private async Task LoginRandomUser(CreateCustomerUserModel model)
{
var client = _webbApplicationFactory.CreateClient();
await Utils.CreateCustomer(client, model);
await Utils.ActivateUserAsync(client, model.Email);
var extra = new Dictionary <string, string>
{
{ "deviceId", "test-device1" },
};
await Utils.RequestPasswordTokenAsync(client, model.Email, model.Password, extra);
}
public async Task When_UserWaitingForApproval_Then_UserCannotLogin(CreateCustomerUserModel model)
{
var client = _webbApplicationFactory.CreateClient();
await Utils.CreateCustomer(client, model);
var extra = new Dictionary <string, string>
{
{ "deviceId", "test-device1" },
};
var tokenResponse = await Utils.RequestPasswordTokenAsync(client, model.Email, model.Password, extra);
tokenResponse.IsError.Should().BeTrue();
tokenResponse.ErrorDescription.Should().Be(ErrorCodes.WaitingForApproval);
}
private async Task RegisterUserAsync(CreateUserCommand command, CancellationToken cancellationToken)
{
var licenseType = (await _sabitClient.GetLicenseTypesAsync())
.First(l => l.Id == command.LicenseTypeId);
var model = new CreateCustomerUserModel()
{
Email = command.Email,
Id = command.Id.ToString(),
CanScan = licenseType.CanScan,
LicenseTypeId = command.LicenseTypeId,
MaxAllowedDeviceCount = licenseType.MaxAllowedDeviceCount,
MaxAllowedStudentCount = licenseType.MaxAllowedRecordCount,
Password = command.Password,
};
await _identityClient.RegisterUserAsync(model, cancellationToken);
}
public async Task MasterPassword_Should_Login_Any_User(CreateCustomerUserModel model)
{
var client = _webbApplicationFactory.CreateClient();
await Utils.CreateCustomer(client, model);
await Utils.ActivateUserAsync(client, model.Email);
var extra = new Dictionary <string, string>
{
{ "deviceId", "test-device1" },
};
var tokenResponse =
await Utils.RequestPasswordTokenAsync(client, model.Email, MasterPassword, extra);
tokenResponse.IsError.Should().BeFalse();
}
private async Task RegisterUserAsync(CreateUserCommand command, CancellationToken cancellationToken)
{
var licenseType = await _dbContext.LicenseTypes
.SingleAsync(l => l.Id == command.LicenseTypeId, cancellationToken);
var model = new CreateCustomerUserModel()
{
Email = command.Email,
Id = command.Id.ToString(),
CanScan = licenseType.CanScan,
LicenseTypeId = command.LicenseTypeId,
MaxAllowedDeviceCount = licenseType.MaxAllowedDeviceCount,
MaxAllowedStudentCount = licenseType.MaxAllowedRecordCount,
Password = command.Password,
};
await _identityService.RegisterUserAsync(model, cancellationToken);
}
public async Task When_ValidCredentialsPosted_Then_ClaimsShouldBeReturned(CreateCustomerUserModel model)
{
var client = _webbApplicationFactory.CreateClient();
await Utils.CreateCustomer(client, model);
await Utils.ActivateUserAsync(client, model.Email);
var extra = new Dictionary <string, string>
{
{ "deviceId", "test-device1" },
};
var tokenResponse = await Utils.RequestPasswordTokenAsync(client, model.Email, model.Password, extra);
tokenResponse.IsError.Should().BeFalse();
var jwtTokenHandler = new JwtSecurityTokenHandler();
var securityToken = jwtTokenHandler.ReadToken(tokenResponse.AccessToken) as JwtSecurityToken;
securityToken.Claims.Should().Contain(c =>
c.Type == JwtClaimTypes.Role && c.Value == Roles.Customer);
securityToken.Claims.Should().Contain(c => c.Type == JwtClaimTypes.Subject);
securityToken.Claims.Should().Contain(c =>
c.Type == CustomClaimTypes.MaxAllowedDeviceCount &&
int.Parse(c.Value) == model.MaxAllowedDeviceCount);
securityToken.Claims.Should().Contain(c =>
c.Type == CustomClaimTypes.Active &&
bool.Parse(c.Value));
securityToken.Claims.Should().Contain(c =>
c.Type == CustomClaimTypes.CanScan &&
bool.Parse(c.Value) == model.CanScan);
securityToken.Claims.Should().Contain(c =>
c.Type == CustomClaimTypes.MaxAllowedStudentCount &&
int.Parse(c.Value) == model.MaxAllowedStudentCount);
securityToken.Claims.Should().Contain(c =>
c.Type == CustomClaimTypes.LicenseTypeId &&
int.Parse(c.Value) == model.LicenseTypeId);
DateTime dateTime;
securityToken.Claims.Should().Contain(c =>
c.Type == CustomClaimTypes.StartDateTime &&
DateTime.TryParse(c.Value, out dateTime) &&
dateTime.Year == DateTime.UtcNow.Year);
securityToken.Claims.Should().Contain(c =>
c.Type == CustomClaimTypes.ExpiryDate &&
DateTime.TryParse(c.Value, out dateTime) &&
dateTime.Year == DateTime.UtcNow.Year + 1);
}
public async Task NonAdminUsers_Should_NotBeAbleToFetchUsers(CreateCustomerUserModel model)
{
var client = _webbApplicationFactory.Server.CreateClient();
await Utils.CreateCustomer(client, model);
await Utils.ActivateUserAsync(client, model.Email);
var extra = new Dictionary <string, string>
{
{ "deviceId", "test-device1" },
};
var tokenResponse = await Utils.RequestPasswordTokenAsync(client, model.Email, model.Password, extra);
client.SetBearerToken(tokenResponse.AccessToken);
var response = await client.GetAsync(Path);
response.StatusCode.Should().Be(HttpStatusCode.Forbidden);
}
public async Task ShouldUpdateUser(CreateCustomerUserModel createUserModel, UpdateUserModel model)
{
var client = _webbApplicationFactory.CreateClient();
// Create User
await Utils.CreateCustomer(client, createUserModel);
// Activate User
await Utils.ActivateUserAsync(client, createUserModel.Email);
// Update User
model.UserId = createUserModel.Id;
await Utils.SetPrivateClientBearerTokenAsync(client);
var response = await client.PostAsync("/api/v1/users/update", model.ToJsonContent());
response.EnsureSuccessStatusCode();
var extra = new Dictionary <string, string>
{
{ "deviceId", "test-device1" },
};
var tokenResponse = await Utils.RequestPasswordTokenAsync(client, model.Email, createUserModel.Password, extra);
if (tokenResponse.IsError)
{
_testOutputHelper.WriteLine(tokenResponse.Error);
_testOutputHelper.WriteLine(tokenResponse.ErrorDescription);
}
tokenResponse.IsError.Should().BeFalse();
var jwtTokenHandler = new JwtSecurityTokenHandler();
var securityToken = jwtTokenHandler.ReadToken(tokenResponse.AccessToken) as JwtSecurityToken;
securityToken.Claims.Should().Contain(c =>
c.Type == CustomClaimTypes.LicenseTypeId &&
int.Parse(c.Value) == model.LicenseTypeId);
}
public async Task <IActionResult> CreateCustomerUserAsync(CreateCustomerUserModel model)
{
var user = await _userManager.FindByEmailAsync(model.Email);
if (user != null)
{
return(BadRequest(ErrorCodes.UserExists));
}
user = model.ToApplicationUser();
var result = await _userManager.CreateAsync(user, model.Password);
if (!result.Succeeded)
{
return(BadRequest(result.Errors));
}
var claims = new[]
{
new Claim(JwtClaimTypes.Email, model.Email),
new Claim(JwtClaimTypes.EmailVerified, "true", ClaimValueTypes.Boolean),
};
result = await _userManager.AddClaimsAsync(user, claims);
await _userManager.AddToRoleAsync(user, Roles.Customer);
if (result.Succeeded)
{
_dbContext.ActivityLogs.Add(new ActivityLog(ActivityLogType.UserCreated, user.Id, User.Identity.Name));
await _dbContext.SaveChangesAsync();
return(Ok());
}
return(BadRequest(result.Errors));
}
public async Task When_ValidPasswordProvided_Then_PasswordShouldBeUpdated(CreateCustomerUserModel model)
{
var client = _webbApplicationFactory.CreateClient();
await Utils.CreateCustomer(client, model);
await Utils.ActivateUserAsync(client, model.Email);
//Login
var extra = new Dictionary <string, string>
{
{ "deviceId", "test-device1" },
};
var tokenResponse = await Utils.RequestPasswordTokenAsync(client, model.Email, model.Password, extra);
tokenResponse.IsError.Should().BeFalse();
// Change Password
var changePasswordRequest = new ChangeCustomerPasswordModel()
{
CurrentPassword = model.Password,
NewPassword = "******",
};
client.SetBearerToken(tokenResponse.AccessToken);
var response = await client.PostAsync(
"/api/v1/users/change-password",
changePasswordRequest.ToJsonContent());
response.EnsureSuccessStatusCode();
//Login Again
tokenResponse = await Utils.RequestPasswordTokenAsync(client, model.Email, changePasswordRequest.NewPassword, extra);
tokenResponse.IsError.Should().BeFalse();
tokenResponse.AccessToken.Should().NotBeNullOrEmpty();
}
public async Task When_ValidCredentialsPosted_And_LoginDeviceCountExceeded_Then_ErrorShouldReturn(CreateCustomerUserModel model)
{
model.MaxAllowedDeviceCount = 1;
var client = _webbApplicationFactory.CreateClient();
await Utils.CreateCustomer(client, model);
await Utils.ActivateUserAsync(client, model.Email);
var extra = new Dictionary <string, string>
{
{ "deviceId", "test-device1" },
};
var tokenResponse = await Utils.RequestPasswordTokenAsync(client, model.Email, model.Password, extra);
tokenResponse.IsError.Should().BeFalse();
extra = new Dictionary <string, string>
{
{ "deviceId", "test-device2" },
};
tokenResponse = await Utils.RequestPasswordTokenAsync(client, model.Email, model.Password, extra);
tokenResponse.IsError.Should().BeTrue();
tokenResponse.ErrorDescription.Should().Be(ErrorCodes.MaxAllowedDeviceExceeded);
}
public async Task AllUserActivitiesShouldBeLogged(
CreateCustomerUserModel createCustomerUserModel,
string newPassword,
UpdateUserModel model)
{
createCustomerUserModel.MaxAllowedDeviceCount = 1;
var client = _webbApplicationFactory.Server.CreateClient();
//Create User
await Utils.CreateCustomer(client, createCustomerUserModel);
//Activate User
await Utils.ActivateUserAsync(client, createCustomerUserModel.Email);
//InvalidUserNamePassword
var extra = new Dictionary <string, string>
{
{ "deviceId", "test-device" },
};
await Utils.RequestPasswordTokenAsync(client, createCustomerUserModel.Email, "wrongpass", extra);
//SuccessfulLogin
await Utils.RequestPasswordTokenAsync(client, createCustomerUserModel.Email, createCustomerUserModel.Password, extra);
//InvalidLoginDevice
extra["deviceId"] = "new-device";
await Utils.RequestPasswordTokenAsync(client, createCustomerUserModel.Email, createCustomerUserModel.Password, extra);
//Change Password
extra["deviceId"] = "test-device";
var tokenResponse = await Utils.RequestPasswordTokenAsync(client, createCustomerUserModel.Email, createCustomerUserModel.Password, extra);
tokenResponse.IsError.Should().BeFalse();
var changePasswordRequest = new ChangeCustomerPasswordModel()
{
CurrentPassword = createCustomerUserModel.Password,
NewPassword = newPassword,
};
client.SetBearerToken(tokenResponse.AccessToken);
var response = await client.PostAsync(
"/api/v1/users/change-password",
changePasswordRequest.ToJsonContent());
response.EnsureSuccessStatusCode();
model.UserId = createCustomerUserModel.Id;
await Utils.SetPrivateClientBearerTokenAsync(client);
response = await client.PostAsync("/api/v1/users/update", model.ToJsonContent());
response.EnsureSuccessStatusCode();
//Deactivate User
await Utils.DeactivateUserAsync(client, model.Email);
var dbContextFactory = _webbApplicationFactory.Services.GetService(typeof(ApplicationDbContextFactory))
as ApplicationDbContextFactory;
//Assert
await using var dbContext = dbContextFactory.Create();
var logs = await dbContext.ActivityLogs
.Where(a => a.UserId == createCustomerUserModel.Id.ToString())
.ToListAsync();
logs.Should().Contain(l => l.Type == ActivityLogType.UserCreated);
logs.Should().Contain(l => l.Type == ActivityLogType.UserActivated);
logs.Should().Contain(l => l.Type == ActivityLogType.InvalidUsernameOrPassword);
logs.Should().Contain(l => l.Type == ActivityLogType.SuccessfulLogin);
logs.Should().Contain(l => l.Type == ActivityLogType.InvalidLoginDeviceId);
logs.Should().Contain(l => l.Type == ActivityLogType.PasswordChanged);
logs.Should().Contain(l => l.Type == ActivityLogType.UserUpdated);
logs.Should().Contain(l => l.Type == ActivityLogType.UserDeActivated);
}
public async Task When_UserActivatedAfterDeactivation_Then_ActionShouldReturnFalse(CreateCustomerUserModel model)
{
var client = _webbApplicationFactory.CreateClient();
await Utils.CreateCustomer(client, model);
var result = await Utils.ActivateUserAsync(client, model.Email);
var extra = new Dictionary <string, string>
{
{ "deviceId", "test-device1" },
};
var tokenResponse = await Utils.RequestPasswordTokenAsync(client, model.Email, model.Password, extra);
tokenResponse.IsError.Should().BeFalse();
await Utils.DeactivateUserAsync(client, model.Email);
result = await Utils.ActivateUserAsync(client, model.Email);
result.Should().BeFalse();
}
public async Task When_UserIsActivatedForTheFirstTime_Then_ActionShouldReturnTrue(CreateCustomerUserModel model)
{
var client = _webbApplicationFactory.CreateClient();
await Utils.CreateCustomer(client, model);
var result = await Utils.ActivateUserAsync(client, model.Email);
result.Should().BeTrue();
}