public async Task <HttpResponseMessage> LoginFromSSO([FromBody] LoginRequestPayload requestPayload)
{
using (var _db = new DatabaseContext())
{
try
{
// Throws ExceptionService.InvalidModelPayloadException
ControllerHelpers.ValidateModelAndPayload(ModelState, requestPayload);
// Throws ExceptionService.InvalidGuidException
Guid userSSOID = ControllerHelpers.ParseAndCheckId(requestPayload.SSOUserId);
var _ssoLoginManager = new KFC_SSO_Manager(_db);
// user will get logged in or registered
var loginSession = await _ssoLoginManager.LoginFromSSO(
requestPayload.Email,
userSSOID,
requestPayload.Timestamp,
requestPayload.Signature);
_db.SaveChanges();
var redirectURL = "https://pointmap.net/#/login/?token=" + loginSession.Token;
var response = SSOLoginResponse.ResponseRedirect(Request, redirectURL);
return(response);
}
catch (Exception e) when(e is InvalidGuidException ||
e is InvalidModelPayloadException ||
e is InvalidEmailException)
{
var response = new HttpResponseMessage(HttpStatusCode.BadRequest);
response.Content = new StringContent(e.Message);
return(response);
}
catch (Exception e) when(e is UserAlreadyExistsException)
{
var response = new HttpResponseMessage(HttpStatusCode.Conflict);
response.Content = new StringContent(e.Message);
return(response);
}
catch (Exception e) when(e is InvalidTokenSignatureException)
{
var response = new HttpResponseMessage(HttpStatusCode.Unauthorized);
response.Content = new StringContent(e.Message);
return(response);
}
catch (Exception e)
{
if (e is DbUpdateException ||
e is DbEntityValidationException)
{
_db.RevertDatabaseChanges(_db);
}
var response = new HttpResponseMessage(HttpStatusCode.InternalServerError);
return(response);
}
}
}
public async Task <IHttpActionResult> DeleteFromSSO()
{
using (var _db = new DatabaseContext())
{
try
{
// Throws ExceptionService.NoTokenProvidedException
// Throws ExceptionService.SessionNotFoundException
var session = ControllerHelpers.ValidateAndUpdateSession(Request);
var _userManager = new UserManagementManager(_db);
var user = _userManager.GetUser(session.UserId);
if (user == null)
{
return(Ok());
}
var _ssoAPIManager = new KFC_SSO_Manager(_db);
var requestSuccessful = await _ssoAPIManager.DeleteUserFromSSOviaPointmap(user);
if (requestSuccessful)
{
_userManager.DeleteUser(user.Id);
_db.SaveChanges();
return(Ok("User was deleted from Pointmap and SSO"));
}
var response = Content(HttpStatusCode.InternalServerError, "User was not able to be deleted from SSO.");
return(response);
}
catch (Exception e) when(e is InvalidGuidException)
{
return(Content(HttpStatusCode.BadRequest, e.Message));
}
catch (Exception e) when(e is NoTokenProvidedException ||
e is SessionNotFoundException)
{
return(Content(HttpStatusCode.Unauthorized, e.Message));
}
catch (Exception e) when(e is KFCSSOAPIRequestException)
{
return(Content(HttpStatusCode.ServiceUnavailable, e.Message));
}
catch (Exception e)
{
if (e is DbUpdateException ||
e is DbEntityValidationException)
{
_db.RevertDatabaseChanges(_db);
}
return(Content(HttpStatusCode.InternalServerError, e.Message));
}
}
}
public void Login_NewUser_ValidUserName_Success()
{
using (var _db = ut.CreateDataBaseContext())
{
_ssoLoginManager = new KFC_SSO_Manager(_db);
var user = ut.CreateSSOUserInDb();
var timestamp = 8283752242;
MockLoginPayload mock_payload = new MockLoginPayload
{
email = user.Username,
ssoUserId = user.Id,
timestamp = timestamp
};
var response = _ssoLoginManager.LoginFromSSO(mock_payload.email, mock_payload.ssoUserId, timestamp, mock_payload.Signature());
Assert.IsNotNull(response);
}
}
public void Login_ExistingUser_Success()
{
var existing_user = ut.CreateSSOUserInDb();
var existing_username = existing_user.Username;
var existing_ssoID = existing_user.Id;
var timestamp = 12312312;
var _ssoAuth = new SignatureService();
MockLoginPayload mock_payload = new MockLoginPayload
{
email = existing_username,
ssoUserId = existing_ssoID,
timestamp = timestamp
};
var signature = mock_payload.Signature();
using (var _db = ut.CreateDataBaseContext())
{
_ssoLoginManager = new KFC_SSO_Manager(_db);
var response = _ssoLoginManager.LoginFromSSO(existing_username, existing_ssoID, timestamp, signature);
Assert.IsNotNull(response);
}
}
public async void Login_NewUser_InvalidUserName_Failure_ExceptionThrown()
{
var invalid_username = Guid.NewGuid() + ".com";
var valid_ssoID = Guid.NewGuid();
var timestamp = 8283752242;
MockLoginPayload mock_payload = new MockLoginPayload
{
email = invalid_username,
ssoUserId = valid_ssoID,
timestamp = timestamp
};
var signature = mock_payload.Signature();
using (var _db = ut.CreateDataBaseContext())
{
_ssoLoginManager = new KFC_SSO_Manager(_db);
var result = await _ssoLoginManager.LoginFromSSO(invalid_username, valid_ssoID, timestamp, signature);
}
//Assert - catch exception
}
