public void Login_WhenCalledAndPassedPasswordDoesNotMeetExistingOne_NotAuthorizedExceptionExpected()
{
// ARRANGE
var user = new User
{
Email = "*****@*****.**",
PasswordHash = Encoding.ASCII.GetBytes("current password hash"),
PasswordSalt = Encoding.ASCII.GetBytes("current password salt")
};
_userRepository.SingleOrDefaultAsync(Arg.Any <Expression <Func <User, bool> > >()).Returns(x =>
{
var store = new List <User> {
user
};
return(store.Single(x.ArgAt <Expression <Func <User, bool> > >(0).Compile()));
});
SetPasswordProvider(("the user password",
ComputedPassword.Create(user.PasswordHash, user.PasswordSalt)));
Func <Task> action = async() => await _sut.Login(user.Email, "the user wrong password");
// ACT & ASSERT
action.Should().Throw <NotAuthorizedException>()
.WithMessage($"The user: {user.Email} password verification has been failed");
}
public void ChangePassword_WhenCalledAndNewPasswordIsDifferentThanRetypedPassword_ArgumentExceptionExpected()
{
// ARRANGE
var user = new User
{
Email = "*****@*****.**",
PasswordHash = Encoding.ASCII.GetBytes("current password hash"),
PasswordSalt = Encoding.ASCII.GetBytes("current password salt")
};
_userRepository.SingleOrDefaultAsync(Arg.Any <Expression <Func <User, bool> > >()).Returns(x =>
{
var store = new List <User> {
user
};
return(store.Single(x.ArgAt <Expression <Func <User, bool> > >(0).Compile()));
});
SetPasswordProvider(("the old password",
ComputedPassword.Create(user.PasswordHash, user.PasswordSalt)));
// ACT
Func <Task> action = async() =>
await _sut.ChangePassword(user.Email, "the old password", "the new password",
"the different retyped new password");
// ASSERT
action.Should().Throw <ArgumentException>()
.WithMessage("The new password is different than retyped new password");
}
public void Salt_WhenInstanceCreated_ProperValueInCorrespondingPropertyExpected()
{
// ARRANGE
var salt = Encoding.UTF8.GetBytes("the password salt");
// ACT
var sut = ComputedPassword.Create(Arg.Any <byte[]>(), salt);
// ASSERT
sut.Salt.Should().BeEquivalentTo(salt);
}
public void Hash_WhenInstanceCreated_ProperValueInCorrespondingPropertyExpected()
{
// ARRANGE
var hash = Encoding.UTF8.GetBytes("the password hash");
// ACT
var sut = ComputedPassword.Create(hash, Arg.Any <byte[]>());
// ASSERT
sut.Hash.Should().BeEquivalentTo(hash);
}
public async Task ResetPassword_WhenCalled_AttemptToSaveUserWithTheNewPasswordExpected()
{
// ARRANGE
var newPassword = "******";
var token = new ResetPasswordToken
{
Token = "the token"
};
_tokenProvider.IsTokenExpired(Arg.Any <string>(), Arg.Any <int>()).Returns(false);
_resetPasswordTokenRepository.SingleOrDefaultAsync(Arg.Any <Expression <Func <ResetPasswordToken, bool> > >())
.Returns(x =>
{
var store = new List <ResetPasswordToken> {
token
};
return(store.Single(x.ArgAt <Expression <Func <ResetPasswordToken, bool> > >(0).Compile()));
});
var user = new User
{
PasswordHash = Encoding.ASCII.GetBytes("the old password hash"),
PasswordSalt = Encoding.ASCII.GetBytes("the old password salt"),
ResetPasswordToken = new ResetPasswordToken()
};
_userRepository.SingleOrDefaultAsync(Arg.Any <Expression <Func <User, bool> > >())
.Returns(x =>
{
var store = new List <User> {
user
};
return(store.Single(x.ArgAt <Expression <Func <User, bool> > >(0).Compile()));
});
User actualUserEntityToSave = null;
_userRepository.When(x => x.Update(Arg.Any <User>())).Do(x => actualUserEntityToSave = x.ArgAt <User>(0));
var computedNewPassword = ComputedPassword.Create(
Encoding.ASCII.GetBytes("the new password hash"), Encoding.ASCII.GetBytes("the new password salt"));
SetPasswordProvider((newPassword, computedNewPassword));
var expectedUserEntityToSave = new User
{
PasswordHash = computedNewPassword.Hash,
PasswordSalt = computedNewPassword.Salt
};
// ACT
await _sut.ResetPassword(token.Token, newPassword);
// ASSERT
actualUserEntityToSave.Should().BeEquivalentTo(expectedUserEntityToSave);
await _unitOfWork.Received().CompleteAsync();
}
public void CreatePasswordHash_WhenCalledWithSalt_ProperComputedPasswordExpected()
{
// ARRANGE
var sut = new PasswordProvider();
var salt = Encoding.UTF8.GetBytes("the salt");
var plainPassword = "******";
var hmac = new System.Security.Cryptography.HMACSHA512(salt);
var expected = ComputedPassword.Create(hmac.ComputeHash(Encoding.UTF8.GetBytes(plainPassword)), hmac.Key);
// ACT
var actual = sut.CreatePasswordHash(plainPassword, salt);
// ASSERT
actual.Should().BeEquivalentTo(expected);
}
public void EqualityOperator_WhenTwoInstancesAreNotEqual_FalseExpected()
{
// ARRANGE
var computedPasswordHash1 = Encoding.UTF8.GetBytes("the password hash 1");
var computedPasswordSalt1 = Encoding.UTF8.GetBytes("the password salt 1");
var computedPassword1 = ComputedPassword.Create(computedPasswordHash1, computedPasswordSalt1);
var computedPasswordHash2 = Encoding.UTF8.GetBytes("the password hash 2");
var computedPasswordSalt2 = Encoding.UTF8.GetBytes("the password salt 2");
var computedPassword2 = ComputedPassword.Create(computedPasswordHash2, computedPasswordSalt2);
// ACT
var result = computedPassword1 == computedPassword2;
// ASSERT
result.Should().BeFalse();
}
public async Task <UserLoggedInDto> Login(string email, string password)
{
var user = await GetUser(email);
if (user == null)
{
throw new EntityNotFoundException($"The user with email: {email} does not exist in data store");
}
if (_passwordProvider.CreatePasswordHash(password, user.PasswordSalt) != ComputedPassword.Create(user.PasswordHash, user.PasswordSalt))
{
throw new NotAuthorizedException($"The user: {email} password verification has been failed");
}
return(_mapper.Map <UserLoggedInDto>(user));
}
public async Task Register_WhenCalled_ProperUserToAddExpected()
{
// ARRANGE
var userForRegister = new UserForRegisterDto
{
Username = "******", Email = "*****@*****.**", Password = "******"
};
(string password, ComputedPassword computedPassword)password = (userForRegister.Password,
ComputedPassword.Create(Encoding.ASCII.GetBytes("password hash"), Encoding.ASCII.GetBytes("password salt")));
SetPasswordProvider(password);
var newActivationToken = new AccountActivationToken {
Token = "The token"
};
User userToAdd = null;
_userRepository.When(x => x.AddAsync(Arg.Any <User>())).Do(x => { userToAdd = x.ArgAt <User>(0); });
_tokenProvider.CreateToken().Returns(newActivationToken.Token);
_accountActivationTokenRepository.SingleOrDefaultAsync(Arg.Any <Expression <Func <AccountActivationToken, bool> > >())
.Returns((AccountActivationToken)null);
var pendingUploadPhotosFolderName = Guid.NewGuid();
SystemGuid.Set(() => pendingUploadPhotosFolderName);
var expected = new User
{
Username = userForRegister.Username,
Email = userForRegister.Email,
ActivationToken = new AccountActivationToken {
Token = newActivationToken.Token
},
IsAccountActivated = false,
PendingUploadPhotosFolderName = pendingUploadPhotosFolderName.ToString("N"),
PasswordHash = password.computedPassword.Hash,
PasswordSalt = password.computedPassword.Salt
};
// ACT
await _sut.Register(userForRegister);
// ASSERT
userToAdd.Should().BeEquivalentTo(expected);
await _unitOfWork.Received().CompleteAsync();
}
public async Task ChangePassword_WhenCalledAndAllPassingDataAreAppropriate_AttemptToSaveNewPasswordForGivenUserExpected()
{
// ARRANGE
var user = new User
{
Email = "*****@*****.**",
PasswordHash = Encoding.ASCII.GetBytes("current password hash"),
PasswordSalt = Encoding.ASCII.GetBytes("current password salt")
};
_userRepository.SingleOrDefaultAsync(Arg.Any <Expression <Func <User, bool> > >()).Returns(x =>
{
var store = new List <User> {
user
};
return(store.Single(x.ArgAt <Expression <Func <User, bool> > >(0).Compile()));
});
User userToUpdate = null;
_userRepository.When(x => x.Update(Arg.Any <User>())).Do(x => userToUpdate = x.ArgAt <User>(0));
SetPasswordProvider(("the old password", ComputedPassword.Create(user.PasswordHash, user.PasswordSalt)),
("the new password",
ComputedPassword.Create(Encoding.ASCII.GetBytes("the new password hash"),
Encoding.ASCII.GetBytes("the new password salt"))));
var expectedUserToUpdate = new User
{
Email = user.Email,
PasswordHash = Encoding.ASCII.GetBytes("the new password hash"),
PasswordSalt = Encoding.ASCII.GetBytes("the new password salt")
};
// ACT
await _sut.ChangePassword(user.Email, "the old password", "the new password",
"the new password");
// ASSERT
await _unitOfWork.Received().CompleteAsync();
userToUpdate.Should().BeEquivalentTo(expectedUserToUpdate);
}
public async Task ChangePassword(string email, string oldPassword, string newPassword, string retypedNewPassword)
{
var user = await UserValidation(email);
var computedPassword = _passwordProvider.CreatePasswordHash(oldPassword, user.PasswordSalt);
var userPassword = ComputedPassword.Create(user.PasswordHash, user.PasswordSalt);
if (userPassword != computedPassword)
{
throw new ArgumentException("The given old password does not fit to the current user password");
}
if (newPassword != retypedNewPassword)
{
throw new ArgumentException("The new password is different than retyped new password");
}
SetPasswordForUser(user, newPassword);
UserRepository.Update(user);
await _unitOfWork.CompleteAsync();
}