public async Task WhenPostToGenerateUserJwt_AndUsernameIsInvalid_Return401() { var generateJwtRequest = new GenerateJwtRequest { Password = SomePassword }; _userService.CheckPasswordAsync(SomeUsername, SomePassword) .Returns(Task.FromException <User>(new UserNotFoundException())); var response = await _usersController.PostGenerateJwtAsync(SomeUsername, generateJwtRequest); response.Result.Should().BeOfType <StatusCodeResult>().Subject.StatusCode.Should().Be(StatusCodes.Status401Unauthorized); }
public async Task WhenPostToGenerateUserJwt_CheckPassword_AndGenerateAJwtUsingUserId() { var generateJwtRequest = new GenerateJwtRequest { Password = SomePassword }; var user = new User(); _userService.CheckPasswordAsync(SomeUsername, SomePassword) .Returns(user); _jwtService.GenerateJwtToken(user.Id) .Returns("some-jwt"); var response = await _usersController.PostGenerateJwtAsync(SomeUsername, generateJwtRequest); response.Value.Token.Should().Be("some-jwt"); }
public async Task WhenPostToGenerateUserJwt_SaveCurrentUserIdToSession() { var generateJwtRequest = new GenerateJwtRequest { Password = SomePassword }; var user = new User { Id = 1 }; _userService.CheckPasswordAsync(SomeUsername, SomePassword) .Returns(user); _jwtService.GenerateJwtToken(user.Id) .Returns("some-jwt"); await _usersController.PostGenerateJwtAsync(SomeUsername, generateJwtRequest); _session.Received(1).Set("userId", Arg.Is <byte[]>(x => x.SequenceEqual(new byte[] { 0, 0, 0, 1 }))); }
public async Task <HttpFragileOperationResult <GenerateJwtResult> > GenerateJwtAsync(int expireTimeInMinutes = 60, IEnumerable <KeyValuePair <string, string> > additionalData = null) { var generateJwtRequest = new GenerateJwtRequest() { AppKey = _configurationService.ConfigurationSettings.FncConnectKey, AppSecret = _configurationService.ConfigurationSettings.FncConnectSecret, ExpireTimeInMinutes = expireTimeInMinutes, AdditionalData = additionalData }; var result = await _httpUtility .HttpPostJsonAsync <string>(_configurationService.ConfigurationSettings.FncConnectUrl + "externalapi/jwt", generateJwtRequest).ConfigureAwait(false); if (result.Status != Status.Success) { return(result.ToHttpFragileOperationResult <GenerateJwtResult>($"{result.Status} while generating Jwt.")); } return(HttpFragileOperationResult <GenerateJwtResult> .CreateSuccessfulResult(new GenerateJwtResult(result.Result), result.StatusCode, result.ResponseStringContent)); }
public string GenerateJwtToken(GenerateJwtRequest jwtRequestObject) { var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(Environment.GetEnvironmentVariable("jwtSecret")); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim("id", jwtRequestObject.Id.ToString(CultureInfo.InvariantCulture)), new Claim("consumerName", jwtRequestObject.ConsumerName), new Claim("consumerType", jwtRequestObject.ConsumerType.ToString(CultureInfo.InvariantCulture)), }), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature), Expires = jwtRequestObject.ExpiresAt != null ? jwtRequestObject.ExpiresAt : DateTime.Now.AddYears(10) }; var token = tokenHandler.CreateToken(tokenDescriptor); return(tokenHandler.WriteToken(token)); }
public async Task <ActionResult <UserJwtResponse> > PostGenerateJwtAsync(string username, GenerateJwtRequest request) { try { var user = await _userService.CheckPasswordAsync(username, request.Password); HttpContext.Session.SetCurrentUserId(user.Id); var token = _jwtService.GenerateJwtToken(user.Id); return(new UserJwtResponse { Token = token }); } catch (UserNotFoundException) { return(StatusCode(StatusCodes.Status401Unauthorized)); } catch (InvalidPasswordException) { return(StatusCode(StatusCodes.Status401Unauthorized)); } }