public async Task AuthenticationHandlesDirectLink()
{
// TODO: Only get Authorization with property header
// TODO: Can't get twice
// TODO: IF authorized, LocationAuthentication should not be set
// var sessionFactory = new RestApplicationFactory();
var sessionFactory = await TestApplicationFactory.InitAsync();
var externalSystemUserId = Guid.NewGuid().ToString();
var internalSystemUserId = Guid.NewGuid();
var comms = sessionFactory.GetUnauthorizedSession();
(comms as Api.Azure.AzureApplication)
.AddOrUpdateInstantiation(typeof(ProvideLoginMock),
async(app) =>
{
await 1.AsTask();
var accountMock = new ProvideLoginAccountMock();
accountMock.MapAccount =
(externalKey, extraParameters, authenticationInner, authorization,
baseUri, webApiApplication,
onCreatedMapping,
onAllowSelfServeAccounts,
onInterceptProcess,
onNoChange) =>
{
Assert.AreEqual(externalSystemUserId, externalKey);
return(onCreatedMapping(internalSystemUserId).AsTask());
};
return(accountMock);
});
// TODO: comms.LoadToken(session.token);
var authentication = await comms.GetRequest <Method>()
.OnContentsAsync(HttpMethod.Get,
authentications =>
{
var matchingAuthentications = authentications
.Where(auth => auth.name == ProvideLoginMock.IntegrationName);
Assert.IsTrue(matchingAuthentications.Any());
return(matchingAuthentications.First());
});
var responseResource = ProvideLoginMock.GetResponse(externalSystemUserId);
var authorizationToAthenticateSession = await await comms.GetAsync(responseResource,
onRedirect :
async(urlRedirect) =>
{
var authIdStr = urlRedirect.GetQueryParam(EastFive.Api.Azure.AzureApplication.QueryRequestIdentfier);
var authId = Guid.Parse(authIdStr);
var authIdRef = authId.AsRef <Auth.Authorization>();
// TODO: New comms here?
return(await await comms.GetAsync(
(Auth.Authorization authorizationGet) => authorizationGet.authorizationRef.AssignQueryValue(authIdRef),
onContent:
(authenticatedAuthorization) =>
{
var session = new Session
{
sessionId = Guid.NewGuid().AsRef <Session>(),
authorization = new RefOptional <Auth.Authorization>(authenticatedAuthorization.authorizationRef),
};
return comms.PostAsync(session,
onCreatedBody:
(updated, contentType) =>
{
return updated;
});
}));
});
Assert.AreEqual(internalSystemUserId, authorizationToAthenticateSession.account.Value);
}
public async Task SelfServeAccountCreation()
{
#region Initialization
#region setup sessions
// var sessionFactory = new RestApplicationFactory();
var sessionFactory = await TestApplicationFactory.InitAsync();
var user = sessionFactory.GetUnauthorizedSession();
var token = await user.PostAsync(
new Session
{
sessionId = Guid.NewGuid().AsRef <Session>(),
},
onCreatedBody : (sessionWithToken, contentType) => sessionWithToken.token);
// TODO: comms.LoadToken(session.token);
#endregion
#region Get mock login method
(user as Api.Azure.AzureApplication)
.AddOrUpdateInstantiation(typeof(ProvideLoginMock),
async(app) =>
{
await 1.AsTask();
var loginMock = new ProvideLoginAccountMock();
loginMock.MapAccount =
(externalKey, extraParameters, authenticationInner, authorization,
baseUri, webApiApplication,
onCreatedMapping,
onAllowSelfServeAccounts,
onInterceptProcess,
onNoChange) =>
{
//Assert.AreEqual(externalSystemUserId, externalKey);
return(onAllowSelfServeAccounts().AsTask());
};
return(loginMock);
});
var mockAuthenticationMock = await user.GetAsync <Method, Method>(
onContents :
authentications =>
{
var matchingAuthentications = authentications
.Where(auth => auth.name == ProvideLoginMock.IntegrationName);
Assert.IsTrue(matchingAuthentications.Any());
return(matchingAuthentications.First());
});
#endregion
#endregion
// Create empty authorization
var authReturnUrl = new Uri("http://example.com/authtest");
var authorizationIdSecure = Security.SecureGuid.Generate();
var authorizationUnmapped = await user.PostAsync(
new Auth.Authorization
{
authorizationRef = authorizationIdSecure.AsRef <Auth.Authorization>(),
Method = mockAuthenticationMock.authenticationId,
LocationAuthenticationReturn = authReturnUrl,
},
onCreatedBody :
(authorizationResponse, contentType) =>
{
Assert.AreEqual(mockAuthenticationMock.id, authorizationResponse.Method.id);
Assert.AreEqual(authReturnUrl, authorizationResponse.LocationAuthenticationReturn);
return(authorizationResponse);
});
#region User performs login
var externalSystemUserId = Guid.NewGuid().ToString();// User performs login
var responseResource = ProvideLoginMock.GetResponse(externalSystemUserId, authorizationUnmapped.authorizationRef.id);
var userPostLogin = sessionFactory.GetUnauthorizedSession();
(userPostLogin as Api.Azure.AzureApplication)
.AddOrUpdateInstantiation(typeof(ProvideLoginMock),
async(app) =>
{
await 1.AsTask();
var loginMock = new ProvideLoginAccountMock();
loginMock.MapAccount =
(externalKey, extraParameters, authenticationInner, authorization,
baseUri, webApiApplication,
onCreatedMapping,
onAllowSelfServeAccounts,
onInterceptProcess,
onNoChange) =>
{
//Assert.AreEqual(externalSystemUserId, externalKey);
return(onAllowSelfServeAccounts().AsTask());
};
return(loginMock);
});
#endregion
var authorizationToAthenticateSession = await await userPostLogin.GetAsync(responseResource,
onRedirect :
async(redirectionLocation) =>
{
// Map session to redirect
var authorizationRef = authorizationUnmapped.authorizationRef;
return(await await userPostLogin.PostAsync(
new Session
{
sessionId = Guid.NewGuid().AsRef <Session>(),
authorization = authorizationRef.Optional(),
},
onCreatedBody:
async(returnedSession, contentType) =>
{
Assert.IsTrue(returnedSession.authorized);
Assert.IsFalse(returnedSession.account.HasValue);
userPostLogin.Headers.Add("Authorization", returnedSession.token);
// Simulated create account
var accountId = Guid.NewGuid(); // No verfication of account at EastFive.Azure (core) level
(userPostLogin as TestApplication).CanAdministerCredential =
(id, sec) => true.AsTask();
// Account mapping
Assert.IsTrue(await userPostLogin.PostAsync(
new Auth.AccountMapping
{
accountMappingId = Guid.NewGuid(),
accountId = accountId,
authorization = authorizationRef,
},
onCreated: () => true));
var redirectLocation = new Uri("http://example.com/home");
// TODO: Test GET w/o authorization header
return await userPostLogin.GetAsync(
(Session session) => session.sessionId.AssignQueryValue(returnedSession.sessionId),
onContent:
(accountAuthorizedSession) =>
{
Assert.AreEqual(accountId, accountAuthorizedSession.account.Value);
return accountAuthorizedSession;
});
}));
});
Assert.IsTrue(authorizationToAthenticateSession.token.HasBlackSpace());
}
