public async Task LoginWithInvalidCredentials() { var encryptionManager = _serviceProvider.GetService <IEncryptionManager>(); var requestBody = new AuthenticationModel { Username = "******", Password = encryptionManager.EncryptAESPassword("invalidPassword") }; var response = await _client.PostAsync("/api/Account/login", ContentHelper.GetStringContent(requestBody)); Assert.AreEqual(HttpStatusCode.Unauthorized, response.StatusCode); }
public async Task ValidateToken() { var encryptionManager = _serviceProvider.GetService <IEncryptionManager>(); var requestBody = new AuthenticationModel { Username = "******", Password = encryptionManager.EncryptAESPassword("pu") }; var response = await _client.PostAsync("/api/Account/login", ContentHelper.GetStringContent(requestBody)); Assert.AreEqual(HttpStatusCode.OK, response.StatusCode); var loginResponseContent = await response.Content.ReadAsStringAsync(); var loginResult = JsonSerializer.Deserialize <UserDetailDTO>(loginResponseContent); var jwtAuthManager = _serviceProvider.GetService <IJWTTokenManager>(); var(principal, jwtSecurityToken) = jwtAuthManager.DecodeJwtToken(loginResult.Token); Assert.IsNotNull(jwtSecurityToken); Assert.AreEqual(loginResult.Token, jwtSecurityToken.RawData); Assert.AreEqual(requestBody.Username, principal.Identity.Name); Assert.AreEqual("Privileged", principal.FindFirst(ClaimTypes.Role).Value); }