public async Task Alias_IndexPatchMatchingOld_NoContentWithChangedPassword()
{
using (IdentityWsDbContext ef = CreateEf()) {
Being being = new Being
{
SaltedHashedPassword = Sha512Util.SaltAndHashNewPassword("password1")
};
ef.Aliases.Add(new Alias
{
EmailAddress = "*****@*****.**",
Being = being
});
await ef.SaveChangesAsync();
AliasesController patient = new AliasesController(ef, dummyLog, now, dummyRunner);
AliasesController.IndexPatchRequestBody body = new AliasesController.IndexPatchRequestBody
{
oldPassword = "******",
password = "******"
};
IActionResult result = await patient.IndexPatch("*****@*****.**", body);
result.Should().BeOfType <NoContentResult>($"'{nameof(body.oldPassword)}' matched");
Sha512Util.TestPassword("p@ssword1", being.SaltedHashedPassword).Should().BeTrue("the password should have been changed");
}
}
public async Task Alias_IndexPatchOldSameAsNew_Conflict()
{
using (IdentityWsDbContext ef = CreateEf()) {
ef.Aliases.Add(new Alias
{
EmailAddress = "*****@*****.**",
Being = new Being
{
SaltedHashedPassword = Sha512Util.SaltAndHashNewPassword("password1")
}
});
await ef.SaveChangesAsync();
AliasesController patient = new AliasesController(ef, dummyLog, now, dummyRunner);
AliasesController.IndexPatchRequestBody body = new AliasesController.IndexPatchRequestBody
{
oldPassword = "******",
password = "******"
};
IActionResult result = await patient.IndexPatch("*****@*****.**", body);
result.Should().BeOfType <StatusCodeResult>()
.Which.StatusCode.Should().Be(409, $"'{nameof(body.password)}' must differ from '{nameof(body.oldPassword)}'");
}
}
public async Task Alias_IndexPatchExpiredReset_NotAuthorized()
{
using (IdentityWsDbContext ef = CreateEf()) {
ef.Aliases.Add(new Alias
{
EmailAddress = "*****@*****.**",
Being = new Being
{
PasswordResetToken = "abracadabra",
PasswordResetTokenValidUntil = now.UtcNow,
SaltedHashedPassword = Sha512Util.SaltAndHashNewPassword("password1")
}
});
await ef.SaveChangesAsync();
AliasesController patient = new AliasesController(ef, dummyLog, now, dummyRunner);
AliasesController.IndexPatchRequestBody body = new AliasesController.IndexPatchRequestBody
{
resetToken = "abracadabra",
password = "******"
};
IActionResult result = await patient.IndexPatch("*****@*****.**", body);
result.Should().BeOfType <UnauthorizedResult>($"the reset token is expired");
}
}
public async Task Alias_IndexPatchMismatchingOld_NotAuthorized()
{
using (IdentityWsDbContext ef = CreateEf()) {
ef.Aliases.Add(new Alias
{
EmailAddress = "*****@*****.**",
Being = new Being
{
SaltedHashedPassword = Sha512Util.SaltAndHashNewPassword("password1")
}
});
await ef.SaveChangesAsync();
AliasesController patient = new AliasesController(ef, dummyLog, now, dummyRunner);
AliasesController.IndexPatchRequestBody body = new AliasesController.IndexPatchRequestBody
{
oldPassword = "******",
password = "******"
};
IActionResult result = await patient.IndexPatch("*****@*****.**", body);
result.Should().BeOfType <UnauthorizedResult>($"'{nameof(body.oldPassword)}' does not match");
}
}
public async Task NoAlias_IndexPatch_NotFound()
{
using (IdentityWsDbContext ef = CreateEf()) {
AliasesController patient = new AliasesController(ef, dummyLog, now, dummyRunner);
AliasesController.IndexPatchRequestBody body = new AliasesController.IndexPatchRequestBody
{
password = "******"
};
IActionResult result = await patient.IndexPatch("*****@*****.**", body);
result.Should().BeOfType <NotFoundResult>("the alias does not exist in the database");
}
}
public async Task Alias_IndexPatchNoOldPasswordOrResetToken_BadRequest()
{
using (IdentityWsDbContext ef = CreateEf()) {
ef.Aliases.Add(new Alias
{
EmailAddress = "*****@*****.**",
Being = new Being
{
SaltedHashedPassword = Sha512Util.SaltAndHashNewPassword("password1")
}
});
await ef.SaveChangesAsync();
AliasesController patient = new AliasesController(ef, dummyLog, now, dummyRunner);
AliasesController.IndexPatchRequestBody body = new AliasesController.IndexPatchRequestBody
{
password = "******"
};
IActionResult result = await patient.IndexPatch("*****@*****.**", body);
result.Should().BeOfType <BadRequestResult>($"neither {nameof(body.resetToken)} nor {nameof(body.oldPassword)} was provided");
}
}
