Exemplo n.º 1
0
        public virtual Task SetAuthenticatorParamsAsync(TUser user, AuthenticatorParams authenticatorParams, CancellationToken cancellationToken = default(CancellationToken))
        {
            if (user == null)
            {
                throw new ArgumentNullException(nameof(user));
            }

            if (authenticatorParams == null)
            {
                throw new ArgumentNullException(nameof(authenticatorParams));
            }

            cancellationToken.ThrowIfCancellationRequested();

            if (authenticatorParams.Secret != null)
            {
                user.AuthenticatorSecretEncrypted = Convert.ToBase64String(authenticatorParams.Secret);
            }
            else
            {
                user.AuthenticatorSecretEncrypted = null;
            }

            user.AuthenticatorHashAlgorithm   = authenticatorParams.HashAlgorithm;
            user.AuthenticatorNumberOfDigits  = authenticatorParams.NumberOfDigits;
            user.AuthenticatorPeriodInSeconds = authenticatorParams.PeriodInSeconds;

            return(Task.FromResult(0));
        }
Exemplo n.º 2
0
        public async Task BadCodeDisableAuthenticatorAsync()
        {
            var ran                 = new Random(DateTime.Today.Millisecond);
            var codeInput           = "Bad";
            var user                = Guid.NewGuid().ToString();
            var cancellationToken   = new System.Threading.CancellationToken();
            var authenticatorParams = new AuthenticatorParams();
            var unprotectedData     = Encoding.UTF8.GetBytes("CLEARTEXT");

            Mock <IUserAuthenticatorStore <string> > userStore;
            Mock <IDataProtector>        dataProtector;
            Mock <IAuthenticatorService> authenticatorService;

            var authenticatorUserManager = GetAuthenticatorUserManager(out userStore, out dataProtector, out authenticatorService, MockBehavior.Strict);

            userStore
            .Setup(a => a.GetAuthenticatorParamsAsync(user, cancellationToken))
            .Returns(Task.FromResult(authenticatorParams))
            .Verifiable();

            dataProtector
            .Setup(a => a.Unprotect(authenticatorParams.Secret))
            .Returns(unprotectedData)
            .Verifiable();

            Assert.False(await authenticatorUserManager.DisableAuthenticatorAsync(user, codeInput, cancellationToken));

            userStore.Verify();
            dataProtector.Verify();
            authenticatorService.Verify();
        }
Exemplo n.º 3
0
        public virtual Task <AuthenticatorParams> GetAuthenticatorParamsAsync(TUser user, CancellationToken cancellationToken = default(CancellationToken))
        {
            if (user == null)
            {
                throw new ArgumentNullException(nameof(user));
            }

            cancellationToken.ThrowIfCancellationRequested();

            var authenticatorParams = new AuthenticatorParams();

            if (!string.IsNullOrEmpty(user.AuthenticatorSecretEncrypted))
            {
                authenticatorParams.Secret = Convert.FromBase64String(user.AuthenticatorSecretEncrypted);
            }
            else
            {
                authenticatorParams.Secret = null;
            }

            authenticatorParams.HashAlgorithm   = user.AuthenticatorHashAlgorithm;
            authenticatorParams.NumberOfDigits  = user.AuthenticatorNumberOfDigits;
            authenticatorParams.PeriodInSeconds = user.AuthenticatorPeriodInSeconds;

            return(Task.FromResult(authenticatorParams));
        }
Exemplo n.º 4
0
        public async Task InvalidTokenValidateAsync()
        {
            var    rand  = new Random(DateTime.Now.Millisecond);
            var    user  = Guid.NewGuid().ToString();
            var    code  = rand.Next(999999);
            string token = "bad";

            var authenticationService = new Mock <IAuthenticatorService>(MockBehavior.Strict);
            var authenticatorParams   = new AuthenticatorParams();

            Mock <IUserAuthenticatorStore <string> > userStore;
            Mock <IDataProtector>        dataProtector;
            Mock <IAuthenticatorService> authenticatorService;

            var authenticatorUserManager = AuthenticatorUserManagerTest.GetAuthenticatorUserManagerMock <string>(out userStore, out dataProtector, out authenticatorService);

            var authenticatorTokenProvider = new AuthenticatorTokenProvider <string>(authenticationService.Object);

            var result = await authenticatorTokenProvider.ValidateAsync(Guid.NewGuid().ToString(), token, authenticatorUserManager.Object, user);

            Assert.False(result);

            authenticationService.Verify();
            userStore.Verify();
            dataProtector.Verify();
            authenticatorService.Verify();
        }
Exemplo n.º 5
0
        public async Task SuccessGetAuthenticatorParamsAsync()
        {
            var user = Guid.NewGuid().ToString();
            var cancellationToken         = new System.Threading.CancellationToken();
            var authenticatorParamsActual = new AuthenticatorParams
            {
                Secret = Encoding.UTF8.GetBytes("ENCRYPTED")
            };

            var unprotectedData = Encoding.UTF8.GetBytes("CLEARTEXT");

            Mock <IUserAuthenticatorStore <string> > userStore;
            Mock <IDataProtector>        dataProtector;
            Mock <IAuthenticatorService> authenticatorService;

            var authenticatorUserManager = GetAuthenticatorUserManager(out userStore, out dataProtector, out authenticatorService, MockBehavior.Strict);

            userStore.Setup(a => a.GetAuthenticatorParamsAsync(user, cancellationToken))
            .Returns(Task.FromResult(authenticatorParamsActual))
            .Verifiable();

            dataProtector.Setup(a => a.Unprotect(authenticatorParamsActual.Secret))
            .Returns(unprotectedData)
            .Verifiable();

            var authenticatorParams = await authenticatorUserManager.GetAuthenticatorParamsAsync(user, cancellationToken);

            Assert.Equal(authenticatorParams, authenticatorParamsActual);
            Assert.Equal(unprotectedData, authenticatorParamsActual.Secret);

            userStore.Verify();
            dataProtector.Verify();
            authenticatorService.Verify();
        }
Exemplo n.º 6
0
        public async Task SuccessDisableGetAuthenticatorEnabledAsync()
        {
            var user = Guid.NewGuid().ToString();
            var cancellationToken   = new System.Threading.CancellationToken();
            var authenticatorParams = new AuthenticatorParams
            {
                Secret = null
            };

            Mock <IUserAuthenticatorStore <string> > userStore;
            Mock <IDataProtector>        dataProtector;
            Mock <IAuthenticatorService> authenticatorService;

            var authenticatorUserManager = GetAuthenticatorUserManager(out userStore, out dataProtector, out authenticatorService, MockBehavior.Strict);

            userStore.Setup(a => a.GetAuthenticatorParamsAsync(user, cancellationToken))
            .Returns(Task.FromResult(authenticatorParams))
            .Verifiable();

            Assert.False(await authenticatorUserManager.GetAuthenticatorEnabledAsync(user, cancellationToken));

            userStore.Verify();
            dataProtector.Verify();
            authenticatorService.Verify();
        }
Exemplo n.º 7
0
        public async Task SuccessDisableAuthenticatorAsync()
        {
            var ran                 = new Random(DateTime.Today.Millisecond);
            var user                = Guid.NewGuid().ToString();
            var code                = ran.Next(999999);
            var codeInput           = code.ToString();
            var cancellationToken   = new System.Threading.CancellationToken();
            var unprotectedData     = Encoding.UTF8.GetBytes("CLEARTEXT");
            var authenticatorParams = new AuthenticatorParams
            {
                Secret = unprotectedData
            };

            Mock <IUserAuthenticatorStore <string> > userStore;
            Mock <IDataProtector>        dataProtector;
            Mock <IAuthenticatorService> authenticatorService;

            var authenticatorUserManagerMock = GetAuthenticatorUserManagerMock(out userStore, out dataProtector, out authenticatorService, MockBehavior.Strict);

            authenticatorUserManagerMock.CallBase = true;
            var authenticatorUserManager = authenticatorUserManagerMock.Object;

            authenticatorUserManagerMock
            .Setup(a => a.GetAuthenticatorParamsAsync(user, cancellationToken))
            .Returns(Task.FromResult(authenticatorParams))
            .Verifiable();

            authenticatorService
            .Setup(a => a.GetCode(authenticatorParams.HashAlgorithm, unprotectedData, authenticatorParams.NumberOfDigits, authenticatorParams.PeriodInSeconds))
            .Returns(code)
            .Verifiable();

            userStore
            .Setup(a => a.SetAuthenticatorParamsAsync(user, It.Is <AuthenticatorParams>((auth) =>
                                                                                        auth.HashAlgorithm == HashAlgorithmType.SHA1 &&
                                                                                        auth.NumberOfDigits == 0 &&
                                                                                        auth.PeriodInSeconds == 0 &&
                                                                                        auth.Secret == null
                                                                                        ), cancellationToken))
            .Returns(Task.FromResult(0))
            .Verifiable();

            authenticatorUserManagerMock
            .Setup(a => a.UpdateAsync(user))
            .Returns(Task.FromResult(new IdentityResult()))
            .Verifiable();

            var result = await authenticatorUserManager.DisableAuthenticatorAsync(user, codeInput, cancellationToken);

            userStore.Verify();
            dataProtector.Verify();
            authenticatorService.Verify();
            authenticatorUserManagerMock.Verify();

            Assert.True(result);
        }
Exemplo n.º 8
0
        public async Task SuccessValidateAsync(bool valid)
        {
            var    rand  = new Random(DateTime.Now.Millisecond);
            var    user  = Guid.NewGuid().ToString();
            var    code  = rand.Next(999999);
            string token = null;

            if (valid)
            {
                token = code.ToString();
            }
            else
            {
                token = rand.Next(999999).ToString();
            }

            var authenticationService = new Mock <IAuthenticatorService>(MockBehavior.Strict);
            var authenticatorParams   = new AuthenticatorParams();

            Mock <IUserAuthenticatorStore <string> > userStore;
            Mock <IDataProtector>        dataProtector;
            Mock <IAuthenticatorService> authenticatorService;

            var authenticatorUserManager = AuthenticatorUserManagerTest.GetAuthenticatorUserManagerMock <string>(out userStore, out dataProtector, out authenticatorService);

            authenticatorUserManager
            .Setup(a => a.GetAuthenticatorParamsAsync(user, default(CancellationToken)))
            .Returns(Task.FromResult(authenticatorParams))
            .Verifiable();

            authenticationService
            .Setup(a => a.GetCode(
                       authenticatorParams.HashAlgorithm,
                       authenticatorParams.Secret,
                       authenticatorParams.NumberOfDigits,
                       authenticatorParams.PeriodInSeconds))
            .Returns(code)
            .Verifiable();

            var authenticatorTokenProvider = new AuthenticatorTokenProvider <string>(authenticationService.Object);

            var result = await authenticatorTokenProvider.ValidateAsync(Guid.NewGuid().ToString(), token, authenticatorUserManager.Object, user);

            Assert.Equal(valid, result);

            authenticationService.Verify();
            userStore.Verify();
            dataProtector.Verify();
            authenticatorService.Verify();
        }
Exemplo n.º 9
0
        public async Task NullSecretSetAuthenticatorParamsAsync(HashAlgorithmType hashAlgorithm, byte numberOfDigits, byte periodInSeconds)
        {
            var user = new AuthenticatorUser <string>();
            var authenticatorParams = new AuthenticatorParams();

            authenticatorParams.HashAlgorithm   = hashAlgorithm;
            authenticatorParams.NumberOfDigits  = numberOfDigits;
            authenticatorParams.PeriodInSeconds = periodInSeconds;
            var dbContrext             = new Mock <DbContext>(MockBehavior.Strict);
            var authenticatorUserStore = new AuthenticatorUserStore(dbContrext.Object);

            await authenticatorUserStore.SetAuthenticatorParamsAsync(user, authenticatorParams);

            Assert.Equal(authenticatorParams.HashAlgorithm, user.AuthenticatorHashAlgorithm);
            Assert.Equal(authenticatorParams.NumberOfDigits, user.AuthenticatorNumberOfDigits);
            Assert.Equal(authenticatorParams.PeriodInSeconds, user.AuthenticatorPeriodInSeconds);
            Assert.Null(user.AuthenticatorSecretEncrypted);
        }
Exemplo n.º 10
0
        public async Task SetAuthenticatorParamsAsync(HashAlgorithmType hashAlgorithm, byte numberOfDigits, byte periodInSeconds)
        {
            var secret = Guid.NewGuid().ToString();
            var user   = new AuthenticatorUser <string>();
            var authenticatorParams = new AuthenticatorParams();

            authenticatorParams.HashAlgorithm   = hashAlgorithm;
            authenticatorParams.NumberOfDigits  = numberOfDigits;
            authenticatorParams.PeriodInSeconds = periodInSeconds;
            authenticatorParams.Secret          = Encoding.UTF8.GetBytes(secret);
            var dbContrext             = new Mock <DbContext>(MockBehavior.Strict);
            var authenticatorUserStore = new AuthenticatorUserStore(dbContrext.Object);

            await authenticatorUserStore.SetAuthenticatorParamsAsync(user, authenticatorParams);

            Assert.Equal(authenticatorParams.HashAlgorithm, user.AuthenticatorHashAlgorithm);
            Assert.Equal(authenticatorParams.NumberOfDigits, user.AuthenticatorNumberOfDigits);
            Assert.Equal(authenticatorParams.PeriodInSeconds, user.AuthenticatorPeriodInSeconds);
            Assert.Equal(Convert.ToBase64String(authenticatorParams.Secret), user.AuthenticatorSecretEncrypted);
        }
Exemplo n.º 11
0
        public async Task FailWrongCodeEnableAuthenticatorAsync()
        {
            var ran                 = new Random(DateTime.Today.Millisecond);
            var user                = Guid.NewGuid().ToString();
            var code                = ran.Next(999999);
            var codeInput           = ran.Next(999999).ToString();
            var cancellationToken   = new System.Threading.CancellationToken();
            var authenticator       = new Authenticator();
            var authenticatorParams = new AuthenticatorParams();
            var protectedData       = Encoding.UTF8.GetBytes("ENCRYPTED");

            Mock <IUserAuthenticatorStore <string> > userStore;
            Mock <IDataProtector>        dataProtector;
            Mock <IAuthenticatorService> authenticatorService;

            var authenticatorUserManagerMock = GetAuthenticatorUserManagerMock(out userStore, out dataProtector, out authenticatorService, MockBehavior.Strict);

            authenticatorUserManagerMock.CallBase = true;
            var authenticatorUserManager = authenticatorUserManagerMock.Object;

            authenticatorUserManagerMock
            .Setup(a => a.GetAuthenticatorEnabledAsync(user, cancellationToken))
            .Returns(Task.FromResult(false))
            .Verifiable();

            authenticatorService
            .Setup(a => a.GetCode(authenticator.HashAlgorithm, authenticator.Secret, authenticator.NumberOfDigits, authenticator.PeriodInSeconds))
            .Returns(code)
            .Verifiable();

            var result = await authenticatorUserManager.EnableAuthenticatorAsync(user, authenticator, codeInput, cancellationToken);

            Assert.False(result);

            userStore.Verify();
            dataProtector.Verify();
            authenticatorService.Verify();
            authenticatorUserManagerMock.Verify();
        }
Exemplo n.º 12
0
        public async Task NullUserGetAuthenticatorParamsAsync()
        {
            var user = Guid.NewGuid().ToString();
            var cancellationToken         = new System.Threading.CancellationToken();
            var authenticatorParamsActual = new AuthenticatorParams
            {
                Secret = Encoding.UTF8.GetBytes("ENCRYPTED")
            };

            var unprotectedData = Encoding.UTF8.GetBytes("CLEARTEXT");

            Mock <IUserAuthenticatorStore <string> > userStore;
            Mock <IDataProtector>        dataProtector;
            Mock <IAuthenticatorService> authenticatorService;

            var authenticatorUserManager = GetAuthenticatorUserManager(out userStore, out dataProtector, out authenticatorService, MockBehavior.Strict);

            await Assert.ThrowsAsync <ArgumentNullException>(() => authenticatorUserManager.GetAuthenticatorParamsAsync(null, cancellationToken));

            userStore.Verify();
            dataProtector.Verify();
            authenticatorService.Verify();
        }