public void SignIn(UserView user)
{
var userIdentity = ClaimsIdentityFactory.Create(user);
this.authenticationManager.SignOut();
this.authenticationManager.SignIn(userIdentity);
}
public async Task DeleteReturnsNoContentTest()
{
var account = Model.Create <Account>();
var profile = Model.Create <Profile>();
var user = ClaimsIdentityFactory.BuildPrincipal(account);
var profileQuery = Substitute.For <IProfileQuery>();
var profileCommand = Substitute.For <IProfileCommand>();
var accountCommand = Substitute.For <IAccountCommand>();
var httpContext = Substitute.For <HttpContext>();
httpContext.User = user;
var routerData = new RouteData();
var actionDescriptor = new ControllerActionDescriptor();
var actionContext = new ActionContext(httpContext, routerData, actionDescriptor);
var controllerContext = new ControllerContext(actionContext);
using (var tokenSource = new CancellationTokenSource())
{
using (var target = new AccountProfileController(profileQuery, profileCommand, accountCommand))
{
target.ControllerContext = controllerContext;
var actual = await target.Delete(tokenSource.Token).ConfigureAwait(false);
await accountCommand.Received().DeleteAccount(user.Identity.Name, account.Id, tokenSource.Token).ConfigureAwait(false);
actual.Should().BeOfType <NoContentResult>();
}
}
}
public TestingModuleUserManager(ITestingModuleUserStore store) : base(store)
{
ClaimsIdentityFactory = new ClaimsIdentityFactory <TestingModuleUser, int>();
/*DefaultAccountLockoutTimeSpan = TimeSpan.FromMinutes(10);
* MaxFailedAccessAttemptsBeforeLockout = 10;*/
}
public async Task GetReturnsNotFoundAfterAllRetryAttemptsFailTest()
{
var account = Model.Create <Account>();
var user = ClaimsIdentityFactory.BuildPrincipal(account);
var profileQuery = Substitute.For <IProfileQuery>();
var profileCommand = Substitute.For <IProfileCommand>();
var accountCommand = Substitute.For <IAccountCommand>();
var httpContext = Substitute.For <HttpContext>();
httpContext.User = user;
var routerData = new RouteData();
var actionDescriptor = new ControllerActionDescriptor();
var actionContext = new ActionContext(httpContext, routerData, actionDescriptor);
var controllerContext = new ControllerContext(actionContext);
using (var tokenSource = new CancellationTokenSource())
{
using (var target = new AccountProfileController(profileQuery, profileCommand, accountCommand))
{
target.ControllerContext = controllerContext;
var actual = await target.Get(tokenSource.Token).ConfigureAwait(false);
actual.Should().BeOfType <ErrorMessageResult>().Which.StatusCode.Should().Be((int)HttpStatusCode.NotFound);
await profileQuery.Received(4).GetProfile(account.Id, tokenSource.Token).ConfigureAwait(false);
}
}
}
public async Task GetReturnsNotFoundWhenQueryReturnsNullTest()
{
var account = Model.Create <Account>();
var user = ClaimsIdentityFactory.BuildPrincipal(account);
var query = Substitute.For <IExportQuery>();
var httpContext = Substitute.For <HttpContext>();
httpContext.User = user;
var routerData = new RouteData();
var actionDescriptor = new ControllerActionDescriptor();
var actionContext = new ActionContext(httpContext, routerData, actionDescriptor);
var controllerContext = new ControllerContext(actionContext);
using (var tokenSource = new CancellationTokenSource())
{
using (var target = new ExportController(query))
{
target.ControllerContext = controllerContext;
var actual = await target.Get(tokenSource.Token).ConfigureAwait(false);
actual.Should().BeOfType <ErrorMessageResult>().Which.StatusCode.Should().Be((int)HttpStatusCode.NotFound);
}
}
}
public async Task GetReturnsProfileForSpecifiedIdTest()
{
var account = Model.Create <Account>();
var profile = Model.Create <ExportProfile>();
var user = ClaimsIdentityFactory.BuildPrincipal(account);
var query = Substitute.For <IExportQuery>();
var httpContext = Substitute.For <HttpContext>();
httpContext.User = user;
var routerData = new RouteData();
var actionDescriptor = new ControllerActionDescriptor();
var actionContext = new ActionContext(httpContext, routerData, actionDescriptor);
var controllerContext = new ControllerContext(actionContext);
using (var tokenSource = new CancellationTokenSource())
{
query.GetExportProfile(account.Id, tokenSource.Token).Returns(profile);
using (var target = new ExportController(query))
{
target.ControllerContext = controllerContext;
var actual = await target.Get(tokenSource.Token).ConfigureAwait(false);
actual.Should().BeOfType <OkObjectResult>();
var result = actual.As <OkObjectResult>();
result.Value.Should().BeEquivalentTo(profile);
}
}
}
public async Task PutProvidesProfileToManagerTest()
{
var account = Model.Create <Account>();
var expected = Model.Create <UpdatableProfile>();
var user = ClaimsIdentityFactory.BuildPrincipal(account);
var profileQuery = Substitute.For <IProfileQuery>();
var profileCommand = Substitute.For <IProfileCommand>();
var accountCommand = Substitute.For <IAccountCommand>();
var httpContext = Substitute.For <HttpContext>();
httpContext.User = user;
var routerData = new RouteData();
var actionDescriptor = new ControllerActionDescriptor();
var actionContext = new ActionContext(httpContext, routerData, actionDescriptor);
var controllerContext = new ControllerContext(actionContext);
using (var tokenSource = new CancellationTokenSource())
{
using (var target = new AccountProfileController(profileQuery, profileCommand, accountCommand))
{
target.ControllerContext = controllerContext;
var actual = await target.Put(expected, tokenSource.Token).ConfigureAwait(false);
actual.Should().BeOfType <NoContentResult>();
await profileCommand.Received().UpdateProfile(account.Id, expected, tokenSource.Token)
.ConfigureAwait(false);
}
}
}
internal Task <System.Security.Claims.ClaimsIdentity> GenerateUserIdentityAsync(ApplicationUserManager manager)
{
TraceUtility.WriteTrace(this.GetType(), "GenerateUserIdentityAsync(ApplicationUserManager)", TraceUtility.TraceType.Begin);
ClaimsIdentityFactory <ApplicationUser, string> factory = new ClaimsIdentityFactory <ApplicationUser, string>();
ApplicationUser user = new ApplicationUser("BOGUS", "bougus1234");
TraceUtility.WriteTrace(this.GetType(), "GenerateUserIdentityAsync(ApplicationUserManager)", TraceUtility.TraceType.End);
return(factory.CreateAsync(manager, user, "Custom"));
}
public Task <ClaimsIdentity> CreateIdentityAsync(ApplicationUser user, string authenticationType)
{
//ThrowIfDisposed();
if (user == null)
{
throw new ArgumentNullException("user");
}
return(ClaimsIdentityFactory.CreateAsync(this, user, authenticationType));
}
public async Task CreateIdentityNullChecks()
{
var userManager = MockHelpers.MockUserManager<TestUser>().Object;
var roleManager = MockHelpers.MockRoleManager<TestRole>().Object;
var factory = new ClaimsIdentityFactory<TestUser, TestRole>(userManager, roleManager);
await Assert.ThrowsAsync<ArgumentNullException>("user",
async () => await factory.CreateAsync(null, new ClaimsIdentityOptions()));
await Assert.ThrowsAsync<ArgumentNullException>("options",
async () => await factory.CreateAsync(new TestUser(), null));
}
public async Task CreateIdentityNullChecks()
{
var userManager = MockHelpers.MockUserManager <TestUser>().Object;
var roleManager = MockHelpers.MockRoleManager <TestRole>().Object;
var factory = new ClaimsIdentityFactory <TestUser, TestRole>(userManager, roleManager);
await Assert.ThrowsAsync <ArgumentNullException>("user",
async() => await factory.CreateAsync(null, new ClaimsIdentityOptions()));
await Assert.ThrowsAsync <ArgumentNullException>("options",
async() => await factory.CreateAsync(new TestUser(), null));
}
public override Task <ClaimsIdentity> CreateIdentityAsync(COHApplicationUser user, string authenticationType)
{
if (user == null)
{
throw new ArgumentNullException("user");
}
else
{
return(ClaimsIdentityFactory.CreateAsync(this, user, authenticationType));
}
}
public void CreateIdentityNullCheckTest()
{
var factory = new ClaimsIdentityFactory<IdentityUser>();
var manager = new UserManager<IdentityUser>(new UserStore<IdentityUser>());
ExceptionHelper.ThrowsArgumentNull(
() => AsyncHelper.RunSync(() => factory.CreateAsync(null, null, "whatever")), "manager");
ExceptionHelper.ThrowsArgumentNull(
() => AsyncHelper.RunSync(() => factory.CreateAsync(manager, null, "whatever")), "user");
ExceptionHelper.ThrowsArgumentNull(
() => AsyncHelper.RunSync(() => factory.CreateAsync(manager, new IdentityUser(), null)), "value");
ExceptionHelper.ThrowsArgumentNull(() => factory.ConvertIdToString(null), "key");
}
public ApplicationUserManager(IUserStore <ApplicationUser> store)
: base(store)
{
AntiForgeryConfig.UniqueClaimTypeIdentifier = IdentityServer3.Core.Constants.ClaimTypes.Subject;
ClaimsIdentityFactory = new ClaimsIdentityFactory <ApplicationUser, string>()
{
UserIdClaimType = IdentityServer3.Core.Constants.ClaimTypes.Subject,
UserNameClaimType = IdentityServer3.Core.Constants.ClaimTypes.PreferredUserName,
RoleClaimType = IdentityServer3.Core.Constants.ClaimTypes.Role
};
}
public void CreateIdentityNullCheckTest()
{
var factory = new ClaimsIdentityFactory <IdentityUser>();
var manager = new UserManager <IdentityUser>(new UserStore <IdentityUser>());
ExceptionHelper.ThrowsArgumentNull(
() => AsyncHelper.RunSync(() => factory.CreateAsync(null, null, "whatever")), "manager");
ExceptionHelper.ThrowsArgumentNull(
() => AsyncHelper.RunSync(() => factory.CreateAsync(manager, null, "whatever")), "user");
ExceptionHelper.ThrowsArgumentNull(
() => AsyncHelper.RunSync(() => factory.CreateAsync(manager, new IdentityUser(), null)), "value");
ExceptionHelper.ThrowsArgumentNull(() => factory.ConvertIdToString(null), "key");
}
public async Task CanTwoFactorSignIn(bool isPersistent, bool supportsLockout)
{
// Setup
var user = new TestUser {
UserName = "******"
};
var manager = MockHelpers.MockUserManager <TestUser>();
var provider = "twofactorprovider";
var code = "123456";
manager.Setup(m => m.SupportsUserLockout).Returns(supportsLockout).Verifiable();
if (supportsLockout)
{
manager.Setup(m => m.IsLockedOutAsync(user, CancellationToken.None)).ReturnsAsync(false).Verifiable();
}
manager.Setup(m => m.FindByIdAsync(user.Id, CancellationToken.None)).ReturnsAsync(user).Verifiable();
manager.Setup(m => m.VerifyTwoFactorTokenAsync(user, provider, code, CancellationToken.None)).ReturnsAsync(true).Verifiable();
manager.Setup(m => m.GetUserIdAsync(user, CancellationToken.None)).ReturnsAsync(user.Id).Verifiable();
manager.Setup(m => m.GetUserNameAsync(user, CancellationToken.None)).ReturnsAsync(user.UserName).Verifiable();
var context = new Mock <HttpContext>();
var response = new Mock <HttpResponse>();
response.Setup(r => r.SignIn(It.Is <AuthenticationProperties>(v => v.IsPersistent == isPersistent), It.IsAny <ClaimsIdentity>())).Verifiable();
context.Setup(c => c.Response).Returns(response.Object).Verifiable();
var id = new ClaimsIdentity(HttpAuthenticationManager.TwoFactorUserIdAuthenticationType);
id.AddClaim(new Claim(ClaimTypes.Name, user.Id));
var authResult = new AuthenticationResult(id, new AuthenticationProperties(), new AuthenticationDescription());
context.Setup(c => c.AuthenticateAsync(HttpAuthenticationManager.TwoFactorUserIdAuthenticationType)).ReturnsAsync(authResult).Verifiable();
var contextAccessor = new Mock <IContextAccessor <HttpContext> >();
contextAccessor.Setup(a => a.Value).Returns(context.Object);
var roleManager = MockHelpers.MockRoleManager <TestRole>();
var claimsFactory = new ClaimsIdentityFactory <TestUser, TestRole>(manager.Object, roleManager.Object);
var identityOptions = new IdentityOptions();
var options = new Mock <IOptionsAccessor <IdentityOptions> >();
options.Setup(a => a.Options).Returns(identityOptions);
var helper = new SignInManager <TestUser>(manager.Object, new HttpAuthenticationManager(contextAccessor.Object), claimsFactory, options.Object);
// Act
var result = await helper.TwoFactorSignInAsync(provider, code, isPersistent);
// Assert
Assert.Equal(SignInStatus.Success, result);
manager.VerifyAll();
context.VerifyAll();
response.VerifyAll();
contextAccessor.VerifyAll();
}
public async Task CreateIdentityNullChecks()
{
var userManager = MockHelpers.MockUserManager <TestUser>().Object;
var roleManager = MockHelpers.MockRoleManager <TestRole>().Object;
var options = new Mock <IOptions <IdentityOptions> >();
Assert.Throws <ArgumentNullException>("optionsAccessor",
() => new ClaimsIdentityFactory <TestUser, TestRole>(userManager, roleManager, options.Object));
var identityOptions = new IdentityOptions();
options.Setup(a => a.Options).Returns(identityOptions);
var factory = new ClaimsIdentityFactory <TestUser, TestRole>(userManager, roleManager, options.Object);
await Assert.ThrowsAsync <ArgumentNullException>("user",
async() => await factory.CreateAsync(null));
}
public async Task PostCreatesNewPhotoTest()
{
var account = Model.Create <Account>();
var user = ClaimsIdentityFactory.BuildPrincipal(account);
var photoDetails = Model.Create <PhotoDetails>();
var command = Substitute.For <IPhotoCommand>();
var model = Substitute.For <IFormFile>();
var httpContext = Substitute.For <HttpContext>();
httpContext.User = user;
var routerData = new RouteData();
var actionDescriptor = new ControllerActionDescriptor();
var actionContext = new ActionContext(httpContext, routerData, actionDescriptor);
var controllerContext = new ControllerContext(actionContext);
using (var data = new MemoryStream())
{
using (var tokenSource = new CancellationTokenSource())
{
model.OpenReadStream().Returns(data);
using (var sut = new PhotosController(command))
{
sut.ControllerContext = controllerContext;
command.CreatePhoto(
Arg.Is <Photo>(x =>
x.ContentType == model.ContentType && x.ProfileId == account.Id && x.Data == data),
tokenSource.Token)
.Returns(photoDetails);
var actual = await sut.Post(model, tokenSource.Token).ConfigureAwait(false);
var result = actual.Should().BeOfType <CreatedAtRouteResult>().Which;
result.RouteName.Should().Be("ProfilePhoto");
result.RouteValues["profileId"].Should().Be(photoDetails.ProfileId);
result.RouteValues["photoId"].Should().Be(photoDetails.Id);
var value = result.Value.Should().BeOfType <PhotoDetails>().Which;
value.Should().BeEquivalentTo(photoDetails);
}
}
}
}
public UserManager(IUserStore <User, int> store, IDataProtectionProvider dataProtectionProvider)
: base(store)
{
//配置用户名的验证逻辑
UserValidator = new UserValidator(this)
{
AllowOnlyAlphanumericUserNames = false,
RequireUniqueEmail = true,
RequireUniqueNickName = true
};
//配置密码验证逻辑
PasswordValidator = new PasswordValidator()
{
RequiredLength = 6,
RequireNonLetterOrDigit = false,
RequireDigit = true,
RequireLowercase = true
};
//配置ClaimsIdentity创建工厂
ClaimsIdentityFactory = new ClaimsIdentityFactory();
//配置用户锁定默认值
UserLockoutEnabledByDefault = true;
DefaultAccountLockoutTimeSpan = TimeSpan.FromMinutes(5);
MaxFailedAccessAttemptsBeforeLockout = 5;
// 注册双重身份验证提供程序。此应用程序使用手机和电子邮件作为接收用于验证用户的代码的一个步骤
// 你可以编写自己的提供程序并将其插入到此处。
RegisterTwoFactorProvider("电话代码", new PhoneNumberTokenProvider <User, int>()
{
MessageFormat = "你的安全代码是 {0}"
});
RegisterTwoFactorProvider("电子邮件代码", new EmailTokenProvider <User, int>()
{
Subject = "安全代码", BodyFormat = "你的安全代码是 {0}"
});
SmsService = new EmailService();
EmailService = new EmailService();
IDataProtector dataProtector = dataProtectionProvider.Create("ASP.NET Identity");
UserTokenProvider = new DataProtectorTokenProvider <User, int>(dataProtector);
}
/// <summary>
/// 创建 <see cref="KeylolUserManager" />
/// </summary>
/// <param name="dbContext">
/// <see cref="KeylolDbContext" />
/// </param>
public KeylolUserManager(KeylolDbContext dbContext) : base(new UserStore <KeylolUser>(dbContext))
{
ClaimsIdentityFactory = new ClaimsIdentityFactory <KeylolUser>
{
UserIdClaimType = KeylolClaimTypes.UserId,
UserNameClaimType = KeylolClaimTypes.UserName,
RoleClaimType = KeylolClaimTypes.Role,
SecurityStampClaimType = KeylolClaimTypes.SecurityStamp
};
UserValidator = new KeylolUserValidator(this);
PasswordValidator = new KeylolPasswordValidator();
UserLockoutEnabledByDefault = true;
DefaultAccountLockoutTimeSpan = TimeSpan.FromMinutes(30);
MaxFailedAccessAttemptsBeforeLockout = 10;
SteamChatMessageService = KeylolSteamChatMessageService.Default;
EmailService = KeylolEmailService.Default;
SmsService = KeylolSmsService.Default;
}
public async Task RememberClientStoresUserId()
{
// Setup
var user = new TestUser {
UserName = "******"
};
var manager = MockHelpers.MockUserManager <TestUser>();
var context = new Mock <HttpContext>();
var response = new Mock <HttpResponse>();
var contextAccessor = new Mock <IContextAccessor <HttpContext> >();
var roleManager = MockHelpers.MockRoleManager <TestRole>();
var identityOptions = new IdentityOptions();
var options = new Mock <IOptions <IdentityOptions> >();
options.Setup(a => a.Options).Returns(identityOptions);
var claimsFactory = new ClaimsIdentityFactory <TestUser, TestRole>(manager.Object, roleManager.Object, options.Object);
manager.Setup(m => m.GetUserIdAsync(user, CancellationToken.None)).ReturnsAsync(user.Id).Verifiable();
context.Setup(c => c.Response).Returns(response.Object).Verifiable();
response.Setup(r => r.SignIn(
It.Is <AuthenticationProperties>(v => v.IsPersistent == true),
It.Is <ClaimsIdentity>(i => i.FindFirstValue(ClaimTypes.Name) == user.Id &&
i.AuthenticationType == IdentityOptions.TwoFactorRememberMeCookieAuthenticationType))).Verifiable();
contextAccessor.Setup(a => a.Value).Returns(context.Object).Verifiable();
options.Setup(a => a.Options).Returns(identityOptions).Verifiable();
var helper = new SignInManager <TestUser>(manager.Object, contextAccessor.Object, claimsFactory, options.Object);
// Act
await helper.RememberTwoFactorClientAsync(user);
// Assert
manager.VerifyAll();
context.VerifyAll();
response.VerifyAll();
contextAccessor.VerifyAll();
options.VerifyAll();
}
public async Task GetAttemptsToGetProfileMultipleTimesTest()
{
var account = Model.Create <Account>();
var profile = Model.Create <Profile>();
var user = ClaimsIdentityFactory.BuildPrincipal(account);
var profileQuery = Substitute.For <IProfileQuery>();
var profileCommand = Substitute.For <IProfileCommand>();
var accountCommand = Substitute.For <IAccountCommand>();
var httpContext = Substitute.For <HttpContext>();
httpContext.User = user;
var routerData = new RouteData();
var actionDescriptor = new ControllerActionDescriptor();
var actionContext = new ActionContext(httpContext, routerData, actionDescriptor);
var controllerContext = new ControllerContext(actionContext);
using (var tokenSource = new CancellationTokenSource())
{
profileQuery.GetProfile(account.Id, tokenSource.Token).Returns(null, null, null, profile);
using (var target = new AccountProfileController(profileQuery, profileCommand, accountCommand))
{
target.ControllerContext = controllerContext;
var actual = await target.Get(tokenSource.Token).ConfigureAwait(false);
actual.Should().BeOfType <OkObjectResult>();
var result = actual.As <OkObjectResult>();
result.Value.Should().BeEquivalentTo(profile);
await profileQuery.Received(4).GetProfile(account.Id, tokenSource.Token).ConfigureAwait(false);
}
}
}
public async Task CanTwoFactorSignIn(bool isPersistent, bool supportsLockout, bool externalLogin, bool rememberClient)
{
// Setup
var user = new TestUser {
UserName = "******"
};
var manager = MockHelpers.MockUserManager <TestUser>();
var provider = "twofactorprovider";
var code = "123456";
manager.Setup(m => m.SupportsUserLockout).Returns(supportsLockout).Verifiable();
if (supportsLockout)
{
manager.Setup(m => m.IsLockedOutAsync(user, CancellationToken.None)).ReturnsAsync(false).Verifiable();
manager.Setup(m => m.ResetAccessFailedCountAsync(user, CancellationToken.None)).ReturnsAsync(IdentityResult.Success).Verifiable();
}
manager.Setup(m => m.FindByIdAsync(user.Id, CancellationToken.None)).ReturnsAsync(user).Verifiable();
manager.Setup(m => m.VerifyTwoFactorTokenAsync(user, provider, code, CancellationToken.None)).ReturnsAsync(true).Verifiable();
manager.Setup(m => m.GetUserIdAsync(user, CancellationToken.None)).ReturnsAsync(user.Id).Verifiable();
manager.Setup(m => m.GetUserNameAsync(user, CancellationToken.None)).ReturnsAsync(user.UserName).Verifiable();
var context = new Mock <HttpContext>();
var response = new Mock <HttpResponse>();
var contextAccessor = new Mock <IContextAccessor <HttpContext> >();
var twoFactorInfo = new SignInManager <TestUser> .TwoFactorAuthenticationInfo {
UserId = user.Id
};
var loginProvider = "loginprovider";
var id = SignInManager <TestUser> .StoreTwoFactorInfo(user.Id, externalLogin?loginProvider : null);
var authResult = new AuthenticationResult(id, new AuthenticationProperties(), new AuthenticationDescription());
var roleManager = MockHelpers.MockRoleManager <TestRole>();
var identityOptions = new IdentityOptions();
var options = new Mock <IOptions <IdentityOptions> >();
options.Setup(a => a.Options).Returns(identityOptions);
var claimsFactory = new ClaimsIdentityFactory <TestUser, TestRole>(manager.Object, roleManager.Object, options.Object);
if (externalLogin)
{
response.Setup(r => r.SignIn(
It.Is <AuthenticationProperties>(v => v.IsPersistent == isPersistent),
It.Is <ClaimsIdentity>(i => i.FindFirstValue(ClaimTypes.NameIdentifier) == user.Id &&
i.FindFirstValue(ClaimTypes.AuthenticationMethod) == loginProvider))).Verifiable();
response.Setup(r => r.SignOut(IdentityOptions.ExternalCookieAuthenticationType)).Verifiable();
}
else
{
response.Setup(r => r.SignIn(
It.Is <AuthenticationProperties>(v => v.IsPersistent == isPersistent),
It.Is <ClaimsIdentity>(i => i.FindFirstValue(ClaimTypes.NameIdentifier) == user.Id))).Verifiable();
}
if (rememberClient)
{
response.Setup(r => r.SignIn(
It.Is <AuthenticationProperties>(v => v.IsPersistent == true),
It.Is <ClaimsIdentity>(i => i.FindFirstValue(ClaimTypes.Name) == user.Id &&
i.AuthenticationType == IdentityOptions.TwoFactorRememberMeCookieAuthenticationType))).Verifiable();
}
context.Setup(c => c.Response).Returns(response.Object).Verifiable();
context.Setup(c => c.AuthenticateAsync(IdentityOptions.TwoFactorUserIdCookieAuthenticationType)).ReturnsAsync(authResult).Verifiable();
contextAccessor.Setup(a => a.Value).Returns(context.Object);
var helper = new SignInManager <TestUser>(manager.Object, contextAccessor.Object, claimsFactory, options.Object);
// Act
var result = await helper.TwoFactorSignInAsync(provider, code, isPersistent, rememberClient);
// Assert
Assert.Equal(SignInStatus.Success, result);
manager.VerifyAll();
context.VerifyAll();
response.VerifyAll();
contextAccessor.VerifyAll();
}
public UserManager(IUserStore <Employee, int> store) : base(store)
{
ClaimsIdentityFactory = new ClaimsIdentityFactory();
}
public UserManager(UserStore store)
: base(store)
{
ClaimsIdentityFactory = new ClaimsIdentityFactory();
}
public async Task EnsureClaimsIdentityHasExpectedClaims(bool supportRoles, bool supportClaims, bool supportRoleClaims)
{
// Setup
var userManager = MockHelpers.MockUserManager <TestUser>();
var roleManager = MockHelpers.MockRoleManager <TestRole>();
var user = new TestUser {
UserName = "******"
};
userManager.Setup(m => m.SupportsUserClaim).Returns(supportClaims);
userManager.Setup(m => m.SupportsUserRole).Returns(supportRoles);
userManager.Setup(m => m.GetUserIdAsync(user, CancellationToken.None)).ReturnsAsync(user.Id);
userManager.Setup(m => m.GetUserNameAsync(user, CancellationToken.None)).ReturnsAsync(user.UserName);
var roleClaims = new[] { "Admin", "Local" };
if (supportRoles)
{
userManager.Setup(m => m.GetRolesAsync(user, CancellationToken.None)).ReturnsAsync(roleClaims);
roleManager.Setup(m => m.SupportsRoleClaims).Returns(supportRoleClaims);
}
var userClaims = new[] { new Claim("Whatever", "Value"), new Claim("Whatever2", "Value2") };
if (supportClaims)
{
userManager.Setup(m => m.GetClaimsAsync(user, CancellationToken.None)).ReturnsAsync(userClaims);
}
userManager.Object.Options = new IdentityOptions();
var admin = new TestRole()
{
Name = "Admin"
};
var local = new TestRole()
{
Name = "Local"
};
var adminClaims = new[] { new Claim("AdminClaim1", "Value1"), new Claim("AdminClaim2", "Value2") };
var localClaims = new[] { new Claim("LocalClaim1", "Value1"), new Claim("LocalClaim2", "Value2") };
if (supportRoleClaims)
{
roleManager.Setup(m => m.FindByNameAsync("Admin", CancellationToken.None)).ReturnsAsync(admin);
roleManager.Setup(m => m.FindByNameAsync("Local", CancellationToken.None)).ReturnsAsync(local);
roleManager.Setup(m => m.GetClaimsAsync(admin, CancellationToken.None)).ReturnsAsync(adminClaims);
roleManager.Setup(m => m.GetClaimsAsync(local, CancellationToken.None)).ReturnsAsync(localClaims);
}
var factory = new ClaimsIdentityFactory <TestUser, TestRole>(userManager.Object, roleManager.Object);
// Act
var identity = await factory.CreateAsync(user, new ClaimsIdentityOptions());
// Assert
var manager = userManager.Object;
Assert.NotNull(identity);
Assert.Equal(ClaimsIdentityOptions.DefaultAuthenticationType, identity.AuthenticationType);
var claims = identity.Claims.ToList();
Assert.NotNull(claims);
Assert.True(
claims.Any(c => c.Type == manager.Options.ClaimsIdentity.UserNameClaimType && c.Value == user.UserName));
Assert.True(claims.Any(c => c.Type == manager.Options.ClaimsIdentity.UserIdClaimType && c.Value == user.Id));
Assert.Equal(supportRoles, claims.Any(c => c.Type == manager.Options.ClaimsIdentity.RoleClaimType && c.Value == "Admin"));
Assert.Equal(supportRoles, claims.Any(c => c.Type == manager.Options.ClaimsIdentity.RoleClaimType && c.Value == "Local"));
foreach (var cl in userClaims)
{
Assert.Equal(supportClaims, claims.Any(c => c.Type == cl.Type && c.Value == cl.Value));
}
foreach (var cl in adminClaims)
{
Assert.Equal(supportRoleClaims, claims.Any(c => c.Type == cl.Type && c.Value == cl.Value));
}
foreach (var cl in localClaims)
{
Assert.Equal(supportRoleClaims, claims.Any(c => c.Type == cl.Type && c.Value == cl.Value));
}
userManager.VerifyAll();
roleManager.VerifyAll();
}
public async Task CanTwoFactorSignIn(bool isPersistent)
{
// Setup
var user = new TestUser { UserName = "******" };
var manager = MockHelpers.MockUserManager<TestUser>();
var provider = "twofactorprovider";
var code = "123456";
manager.Setup(m => m.IsLockedOutAsync(user, CancellationToken.None)).ReturnsAsync(false).Verifiable();
manager.Setup(m => m.FindByIdAsync(user.Id, CancellationToken.None)).ReturnsAsync(user).Verifiable();
manager.Setup(m => m.VerifyTwoFactorTokenAsync(user, provider, code, CancellationToken.None)).ReturnsAsync(true).Verifiable();
manager.Setup(m => m.GetUserIdAsync(user, CancellationToken.None)).ReturnsAsync(user.Id).Verifiable();
manager.Setup(m => m.GetUserNameAsync(user, CancellationToken.None)).ReturnsAsync(user.UserName).Verifiable();
var context = new Mock<HttpContext>();
var response = new Mock<HttpResponse>();
response.Setup(r => r.SignIn(It.IsAny<ClaimsIdentity>(), It.Is<AuthenticationProperties>(v => v.IsPersistent == isPersistent))).Verifiable();
context.Setup(c => c.Response).Returns(response.Object).Verifiable();
var id = new ClaimsIdentity(HttpAuthenticationManager.TwoFactorUserIdAuthenticationType);
id.AddClaim(new Claim(ClaimTypes.Name, user.Id));
var authResult = new AuthenticationResult(id, new AuthenticationProperties(), new AuthenticationDescription());
context.Setup(c => c.AuthenticateAsync(HttpAuthenticationManager.TwoFactorUserIdAuthenticationType)).ReturnsAsync(authResult).Verifiable();
var contextAccessor = new Mock<IContextAccessor<HttpContext>>();
contextAccessor.Setup(a => a.Value).Returns(context.Object);
var roleManager = MockHelpers.MockRoleManager<TestRole>();
var claimsFactory = new ClaimsIdentityFactory<TestUser, TestRole>(manager.Object, roleManager.Object);
var helper = new SignInManager<TestUser>(manager.Object, new HttpAuthenticationManager(contextAccessor.Object), claimsFactory);
// Act
var result = await helper.TwoFactorSignInAsync(provider, code, isPersistent);
// Assert
Assert.Equal(SignInStatus.Success, result);
manager.VerifyAll();
context.VerifyAll();
response.VerifyAll();
contextAccessor.VerifyAll();
}
public async Task EnsureClaimsIdentityHasExpectedClaims(bool supportRoles, bool supportClaims, bool supportRoleClaims)
{
// Setup
var userManager = MockHelpers.MockUserManager<TestUser>();
var roleManager = MockHelpers.MockRoleManager<TestRole>();
var user = new TestUser { UserName = "******" };
userManager.Setup(m => m.SupportsUserClaim).Returns(supportClaims);
userManager.Setup(m => m.SupportsUserRole).Returns(supportRoles);
userManager.Setup(m => m.GetUserIdAsync(user, CancellationToken.None)).ReturnsAsync(user.Id);
userManager.Setup(m => m.GetUserNameAsync(user, CancellationToken.None)).ReturnsAsync(user.UserName);
var roleClaims = new[] { "Admin", "Local" };
if (supportRoles)
{
userManager.Setup(m => m.GetRolesAsync(user, CancellationToken.None)).ReturnsAsync(roleClaims);
roleManager.Setup(m => m.SupportsRoleClaims).Returns(supportRoleClaims);
}
var userClaims = new[] { new Claim("Whatever", "Value"), new Claim("Whatever2", "Value2") };
if (supportClaims)
{
userManager.Setup(m => m.GetClaimsAsync(user, CancellationToken.None)).ReturnsAsync(userClaims);
}
userManager.Object.Options = new IdentityOptions();
var admin = new TestRole() { Name = "Admin" };
var local = new TestRole() { Name = "Local" };
var adminClaims = new[] { new Claim("AdminClaim1", "Value1"), new Claim("AdminClaim2", "Value2") };
var localClaims = new[] { new Claim("LocalClaim1", "Value1"), new Claim("LocalClaim2", "Value2") };
if (supportRoleClaims)
{
roleManager.Setup(m => m.FindByNameAsync("Admin", CancellationToken.None)).ReturnsAsync(admin);
roleManager.Setup(m => m.FindByNameAsync("Local", CancellationToken.None)).ReturnsAsync(local);
roleManager.Setup(m => m.GetClaimsAsync(admin, CancellationToken.None)).ReturnsAsync(adminClaims);
roleManager.Setup(m => m.GetClaimsAsync(local, CancellationToken.None)).ReturnsAsync(localClaims);
}
var factory = new ClaimsIdentityFactory<TestUser, TestRole>(userManager.Object, roleManager.Object);
// Act
var identity = await factory.CreateAsync(user, new ClaimsIdentityOptions());
// Assert
var manager = userManager.Object;
Assert.NotNull(identity);
Assert.Equal(ClaimsIdentityOptions.DefaultAuthenticationType, identity.AuthenticationType);
var claims = identity.Claims.ToList();
Assert.NotNull(claims);
Assert.True(
claims.Any(c => c.Type == manager.Options.ClaimsIdentity.UserNameClaimType && c.Value == user.UserName));
Assert.True(claims.Any(c => c.Type == manager.Options.ClaimsIdentity.UserIdClaimType && c.Value == user.Id));
Assert.Equal(supportRoles, claims.Any(c => c.Type == manager.Options.ClaimsIdentity.RoleClaimType && c.Value == "Admin"));
Assert.Equal(supportRoles, claims.Any(c => c.Type == manager.Options.ClaimsIdentity.RoleClaimType && c.Value == "Local"));
foreach (var cl in userClaims)
{
Assert.Equal(supportClaims, claims.Any(c => c.Type == cl.Type && c.Value == cl.Value));
}
foreach (var cl in adminClaims)
{
Assert.Equal(supportRoleClaims, claims.Any(c => c.Type == cl.Type && c.Value == cl.Value));
}
foreach (var cl in localClaims)
{
Assert.Equal(supportRoleClaims, claims.Any(c => c.Type == cl.Type && c.Value == cl.Value));
}
userManager.VerifyAll();
roleManager.VerifyAll();
}
