public async Task Given_BogusSecurityQuestion_When_CreateUser_Then_UserCreatedFailure()
{
var userName = "******";
_userStore.Expect(a => a.FindByNameAsync(userName)).Return(Task.FromResult <User>(null));
// Act
var result = await _sut.CreateAsync(userName, "bob", "the bod", "Secure1HJ", "Secure1HJ", 143,
"Jo was my mother");
// Assert
Assert.IsFalse(result.Succeeded);
Assert.IsTrue(result.Errors.Contains("Illegal security question"));
_userStore.AssertWasNotCalled(u => u.CreateAsync(Arg <User> .Is.Anything));
}
public async Task Given_PersonalInformationUsed_When_ChangePassword_Then_PasswordNotChanged()
{
// Arrange
var userId = 1;
var oldPassword = "******";
var newPassword = "******";
_userStore.Expect(a => a.FindByIdAsync(userId)).Return(Task.FromResult(new User()
{
FirstName = "Bob", LastName = "Joseph", SecurityAnswer = "blah"
}));
// Act
var result = await _sut.ChangePasswordAsync(userId, oldPassword, newPassword);
// Assert
Assert.IsFalse(result.Succeeded);
_userStore.AssertWasNotCalled(a => a.ChangePasswordAsync(userId, oldPassword, newPassword));
}
public async Task Given_PersonalInformationUsedInPassword_When_ChangePassword_Then_PasswordChangeRejected(string wordReused)
{
// Arrange
var userId = 1;
var oldPassword = "******";
var newPassword = $"{wordReused}345";
string decryptedSecurityAnswer = "blah";
_encryption.Expect(a => a.Decrypt(Arg <string> .Is.Anything, Arg <string> .Is.Anything, Arg <int> .Is.Anything, Arg <string> .Is.Anything, out Arg <string> .Out(decryptedSecurityAnswer).Dummy)).Return(true);
_userStore.Expect(a => a.FindByIdAsync(userId)).Return(Task.FromResult(new User {
FirstName = "Bob", LastName = "Joseph", SecurityAnswer = "encryptedblah"
}));
// Act
var result = await _sut.ChangePasswordAsync(userId, oldPassword, newPassword);
// Assert
Assert.IsFalse(result.Succeeded);
_userStore.AssertWasNotCalled(a => a.ChangePasswordAsync(userId, oldPassword, newPassword));
}