public async Task ForgotPassword_Cancel() { string cancelUrl = null; string confirmUrl = null; // Mock the email service to intercept the outgoing email messages var emailServiceMock = EmailServiceHelper.GetEmailServiceMock( EmailTemplates.UserAccountRecover, "alice@localhost", (templateName, emailTo, viewData, isHtml) => { // 2. Get confirm url and call it confirmUrl = viewData .ToDictionary()["ConfirmUrl"].ToString(); cancelUrl = viewData .ToDictionary()["CancelUrl"].ToString(); }); TestServer server = TestServerBuilderExtensions .CreateServer(emailServiceMock); HttpClient client = server.CreateClient(); // Call cancel url await client.RecoveryCancelGetValidAsync(cancelUrl); // Calling cancel url again shouldnt be possible await client.RecoveryCancelGetInvalidAsync(cancelUrl); // Calling confirm url shouldnt be possible after successfull // cancelation await client.RecoveryConfirmGetInvalidAsync(confirmUrl); }
public async Task ChangeEmail_FoceUpdate() { string confirmUrl = null; string cancelUrl = null; // Mock the email service to intercept the outgoing email messages var emailServiceMock = EmailServiceHelper.GetEmailServiceMock( IdentityBaseConstants.EmailTemplates.UserAccountEmailChanged, "nerd@localhost", (templateName, emailTo, viewData, isHtml) => { // 2. Get confirm url and call it confirmUrl = viewData .ToDictionary()["ConfirmUrl"].ToString(); cancelUrl = viewData .ToDictionary()["CancelUrl"].ToString(); }); TestServer server = this.CreateServer(emailServiceMock); HttpClient client = await server.CreateAuthenticatedClient(); string uri = $"/api/useraccounts/{aliceId}/change_email"; HttpResponseMessage response = await client.PostJsonAsync(uri, new { Email = "nerd@localhost", ClientId = "mvc.hybrid", Force = true }); response.EnsureSuccessStatusCode(); var json = response.Content.ReadAsStringAsync().Result; }
private async Task <HttpResponseMessage> GetAndPostRecoverForm( bool loginAfterAccountRecovery, Action <TestServer, HttpClient> gotServer, Action <string, string> gotMail) { // Mock the email service to intercept the outgoing email messages var emailServiceMock = EmailServiceHelper.GetEmailServiceMock( IdentityBaseConstants.EmailTemplates.UserAccountRecover, "alice@localhost", (templateName, emailTo, viewData, isHtml) => { // 3. Get confirm url var confirmUrl = viewData.ToDictionary()["ConfirmUrl"] as string; var cancelUrl = viewData.ToDictionary()["CancelUrl"] as string; gotMail(confirmUrl, cancelUrl); }); // Create a server with custom configuration var config = ConfigBuilder.Default // remove the default service since we mocking it .RemoveDefaultMailService() // dont login after recovery .Alter("App:LoginAfterAccountRecovery", loginAfterAccountRecovery ? "true" : "false") .Build(); var server = TestServerBuilder.BuildServer <Startup>(config, (services) => { services.AddSingleton(emailServiceMock.Object); }); var client = server.CreateClient(); gotServer(server, client); // Call the recovery page var response = await client.GetAsync( $"/recover?returnUrl={Constants.ReturnUrl}"); response.EnsureSuccessStatusCode(); // Fill out the form and submit var doc = await response.Content.ReadAsHtmlDocumentAsync(); var form = new Dictionary <string, string> { { "Email", "alice@localhost" }, { "__RequestVerificationToken", doc.GetAntiForgeryToken() } }; var response2 = await client.PostFormAsync(doc.GetFormAction(), form, response); response2.EnsureSuccessStatusCode(); return(response2); }
public async Task ForgotPassword_Confirm_AddNewPassword_Login() { string confirmUrl = null; string cancelUrl = null; // Mock the email service to intercept the outgoing email messages var emailServiceMock = EmailServiceHelper.GetEmailServiceMock( EmailTemplates.UserAccountRecover, "alice@localhost", (templateName, emailTo, viewData, isHtml) => { // 2. Get confirm url and call it confirmUrl = viewData .ToDictionary()["ConfirmUrl"].ToString(); cancelUrl = viewData .ToDictionary()["CancelUrl"].ToString(); }); TestServer server = TestServerBuilderExtensions .CreateServer(emailServiceMock); HttpClient client = server.CreateClient(); // 1. Call the recovery page and Fill out the form and submit HttpResponseMessage response = await client .RecoveryGetAndPostFormAsync("alice@localhost"); Assert.NotNull(confirmUrl); Assert.NotNull(cancelUrl); // Call the confirmation link and fill out the form HttpResponseMessage confirmResponse = await client .RecoveryConfirmGetAndPostFormAsync( confirmUrl, "new-password" ); HttpResponseMessage consentPostResponse = await client.ConstentPostFormAsync(false, confirmResponse); // Calling confirm url again shouldnt be possible await client.RecoveryConfirmGetInvalidAsync(cancelUrl); // Calling cancel url shouldnt be possible after successfull // confirmation await client.RecoveryCancelGetInvalidAsync(cancelUrl); HttpResponseMessage loginResponse = await client .LoginGetAndPostFormAsync("alice@localhost", "new-password"); loginResponse.ShouldBeRedirectedToAuthorizeEndpoint(); }
public async Task Invite_User() { string confirmUrl = null; string cancelUrl = null; // Mock the email service to intercept the outgoing email messages var emailServiceMock = EmailServiceHelper.GetEmailServiceMock( IdentityBaseConstants.EmailTemplates.UserAccountInvited, "invited@localhost", (templateName, emailTo, viewData, isHtml) => { // 3. Get confirm url confirmUrl = viewData.ToDictionary()["ConfirmUrl"] as string; cancelUrl = viewData.ToDictionary()["CancelUrl"] as string; }); // Create a server with custom configuration var config = ConfigBuilder.Default // remove the default service since we mocking it .RemoveDefaultMailService() .Alter("App:EnableInvitationCreateEndpoint", "true") .Build(); var server = TestServerBuilder.BuildServer <Startup>(config, (services) => { services.AddSingleton(emailServiceMock.Object); }); var client = server.CreateClient(); // Act var response = await client.PutJsonAsync("/invitations", new { Email = "invited@localhost", ClientId = "mvc.hybrid" }); response.EnsureSuccessStatusCode(); // Try to follow the confirmation link again it should return an error var response3 = await client.GetAsync(confirmUrl); response3.StatusCode.Should().Be(HttpStatusCode.OK); var doc2 = await response3.Content.ReadAsHtmlDocumentAsync(); }
public async Task Invite_Confirm_AddPassword_Login() { string confirmUrl = null; string cancelUrl = null; // Mock the email service to intercept the outgoing email messages var emailServiceMock = EmailServiceHelper.GetEmailServiceMock( IdentityBaseConstants.EmailTemplates.UserAccountInvited, "invited@localhost", (templateName, emailTo, viewData, isHtml) => { // 2. Get confirm url and call it confirmUrl = viewData .ToDictionary()["ConfirmUrl"].ToString(); cancelUrl = viewData .ToDictionary()["CancelUrl"].ToString(); }); TestServer server = this.CreateServer(emailServiceMock); HttpClient client = await server.CreateAuthenticatedClient(); HttpResponseMessage response = await client .PutJsonAsync("/api/invitations", new { Email = "invited@localhost", ClientId = "mvc.hybrid" }); response.EnsureSuccessStatusCode(); response.AssertSchema(Schemas.InvitationsPostResponse); Assert.NotNull(confirmUrl); Assert.NotNull(cancelUrl); // Call the confirmation link and fill out the form HttpResponseMessage confirmResponse = await client .RegisterConfirmGetAndPostFormAsync( confirmUrl, "supersecret" ); // confirmResponse.ShouldBeRedirectedToAuthorizeEndpoint(); }
public async Task ChangeEmail_Confirm_Login() { string confirmUrl = null; string cancelUrl = null; // Mock the email service to intercept the outgoing email messages var emailServiceMock = EmailServiceHelper.GetEmailServiceMock( IdentityBaseConstants.EmailTemplates.UserAccountEmailChanged, "nerd@localhost", (templateName, emailTo, viewData, isHtml) => { // 2. Get confirm url and call it confirmUrl = viewData .ToDictionary()["ConfirmUrl"].ToString(); cancelUrl = viewData .ToDictionary()["CancelUrl"].ToString(); }); TestServer server = this.CreateServer(emailServiceMock); HttpClient client = await server.CreateAuthenticatedClient(); string uri = $"/api/useraccounts/{aliceId}/change_email"; HttpResponseMessage response = await client.PostJsonAsync(uri, new { Email = "nerd@localhost", ClientId = "mvc.hybrid", Force = false }); response.EnsureSuccessStatusCode(); // response.AssertSchema(Schemas.InvitationsPostResponse); Assert.NotNull(confirmUrl); Assert.NotNull(cancelUrl); // Post password // Try authenticate }