public async Task CreateJwtTest()
{
AuthorizationTokensViewmodel result = await _jwtLogic.CreateJwt(new TestUserDto().User);
Assert.NotNull(result.RefreshToken);
Assert.NotNull(result.Jwt);
}
private async Task <LoginResultViewmodel> LoginWithSelectedAccount(Login login, UserDto user)
{
PendingLoginDto dbPendingLogin = await _pendingLoginDal.Find(new PendingLoginDto
{
UserUuid = user.Uuid,
AccessCode = login.LoginCode
});
if (dbPendingLogin == null || dbPendingLogin.ExpirationDate < DateTime.Now)
{
throw new UnauthorizedAccessException(nameof(login));
}
if (login.SelectedAccountRole > user.AccountRole)
{
throw new UnauthorizedAccessException();
}
user.AccountRole = login.SelectedAccountRole;
await _pendingLoginDal.Remove(dbPendingLogin);
await _pendingLoginDal.RemoveOutdated();
AuthorizationTokensViewmodel tokens = await _jwtLogic.CreateJwt(user);
return(new LoginResultViewmodel
{
Jwt = tokens.Jwt,
RefreshToken = tokens.RefreshToken,
});
}
public async Task RefreshJwtSecurityTokenExceptionTest()
{
var testUser = new TestUserDto().User;
AuthorizationTokensViewmodel result = await _jwtLogic.CreateJwt(new TestUserDto().User);
Assert.ThrowsAsync <SecurityTokenException>(async() => await _jwtLogic.RefreshJwt(result.Jwt, Guid.Empty, testUser));
}
public async Task ValidateJwtTest()
{
AuthorizationTokensViewmodel result = await _jwtLogic.CreateJwt(new TestUserDto().User);
TokenValidationResult validationResult = _jwtLogic.ValidateJwt(result.Jwt);
Assert.True(validationResult.IsValid);
}
public async Task GetClaimAccountRoleTest()
{
AuthorizationTokensViewmodel result = await _jwtLogic.CreateJwt(new TestUserDto().User);
AccountRole accountRole = _jwtLogic.GetClaim <AccountRole>(result.Jwt, JwtClaim.AccountRole);
Assert.IsTrue(accountRole == AccountRole.User);
}
public async Task GetClaimGuidTest()
{
AuthorizationTokensViewmodel result = await _jwtLogic.CreateJwt(new TestUserDto().User);
Guid userUuid = _jwtLogic.GetClaim <Guid>(result.Jwt, JwtClaim.Uuid);
Assert.AreNotEqual(userUuid, Guid.Empty);
}
/// <summary>
/// Checks if the credentials are correct and returns an jwt and refresh token if password is correct
/// </summary>
/// <param name="login">The username and password</param>
/// <returns>An jwt and refresh token if password is correct, if not correct null is returned</returns>
public async Task <LoginResultViewmodel> Login(Login login)
{
UserDto dbUser = await _userDal.Find(login.Username);
if (dbUser == null)
{
throw new UnauthorizedAccessException();
}
bool userIsDisabled = _rpcClient.Call <bool>(dbUser.Uuid, RabbitMqQueues.DisabledExistsUserQueue);
if (userIsDisabled)
{
throw new DisabledUserException();
}
bool passwordCorrect = _securityLogic.VerifyPassword(login.Password, dbUser.Password);
if (!passwordCorrect)
{
throw new UnauthorizedAccessException();
}
if (login.LoginCode > 99999 && login.LoginCode < 1000000 && login.SelectedAccountRole != AccountRole.Undefined)
{
return(await LoginWithSelectedAccount(login, dbUser));
}
if (dbUser.AccountRole > AccountRole.User)
{
return(await HandleMultipleAccountRolesLogin(dbUser));
}
AuthorizationTokensViewmodel tokens = await _jwtLogic.CreateJwt(dbUser);
return(new LoginResultViewmodel
{
Jwt = tokens.Jwt,
RefreshToken = tokens.RefreshToken
});
}
