public void CreateValidTeamPass(TeamRegisterPost request)
{
// Arrange DI of objects
var _context = new ApiGatewayContext();
var teamRegistrationService = new TeamRegistrationService(_context);
var urlValidationService = new UrlValidationService(_context);
var teamRegistrationManager = new TeamRegistrationManager(teamRegistrationService, urlValidationService);
// Act create a valid team
var creatTeamStatus = teamRegistrationManager.CreateTeamAccount(request);
// Assert that team creation is successfull
Assert.IsTrue(creatTeamStatus.TeamCreate);
// Cleanup the team
var createdTeam = _context.Team.
Where(t => request.Username == t.Username).
FirstOrDefault();
if (createdTeam == null)
{
// Failed to delete
Assert.IsTrue(false);
}
_context.Team.Remove(createdTeam);
_context.SaveChanges();
}
public IActionResult RegisterTeam(TeamRegisterPost postInfo)
{
try
{
return(Ok(_teamRegistrationManager.CreateTeamAccount(postInfo)));
}
catch
{
return(StatusCode(StatusCodes.Status500InternalServerError));
}
}
public void CreateInvalidTeamInvalidUrlFail(TeamRegisterPost request)
{
// Arrange DI of objects
var _context = new ApiGatewayContext();
var teamRegistrationService = new TeamRegistrationService(_context);
var urlValidationService = new UrlValidationService(_context);
var teamRegistrationManager = new TeamRegistrationManager(teamRegistrationService, urlValidationService);
// Act create a valid team
var creatTeamStatus = teamRegistrationManager.CreateTeamAccount(request);
// Assert that team creation is successfull
Assert.IsFalse(creatTeamStatus.TeamCreate);
}
/// <summary>
/// Create a team in the data store
/// </summary>
/// <param name="postInfo">Json request object for creating team</param>
/// <param name="clientId">Client id for team to create</param>
/// <param name="digest">Digest to store for the team</param>
/// <param name="clientDigest">Client digest used for Oauth flow</param>
/// <returns></returns>
public bool CreateTeam(TeamRegisterPost postInfo, string clientId, byte[] digest, byte[] clientDigest)
{
try
{
// Create team model.
var newTeam = new Team()
{
ClientId = clientId, Secret = Convert.ToBase64String(clientDigest), WebsiteUrl = postInfo.WebsiteUrl, Digest = Convert.ToBase64String(digest), CallbackUrl = postInfo.CallbackUrl, Username = postInfo.Username
};
// Save team.
_context.Team.Add(newTeam);
_context.SaveChanges();
return(true);
}
catch
{
return(false);
}
}
public void InvalidTeamLoginWrongUsernameFail(TeamRegisterPost teamRegisterPost, TeamLoginPost teamLoginPost)
{
// Arrange DI of objects
var _context = new ApiGatewayContext();
var teamRegistrationService = new TeamRegistrationService(_context);
var urlValidationService = new UrlValidationService(_context);
var teamRegistrationManager = new TeamRegistrationManager(teamRegistrationService, urlValidationService);
var creatTeamStatus = teamRegistrationManager.CreateTeamAccount(teamRegisterPost);
// Assert that team creation is successfull
Assert.IsTrue(creatTeamStatus.TeamCreate);
// DI of team login
var teamLoginService = new TeamLoginService(_context);
var jwtService = new JWTService();
var teamLoginManager = new TeamLoginManager(teamLoginService, jwtService);
// Act login for the registered user.
var loginresp = teamLoginManager.TeamLogin(teamLoginPost);
// Assert that login fail
Assert.IsFalse(loginresp.Status);
// Cleanup the team
var createdTeam = _context.Team.
Where(t => teamRegisterPost.Username == t.Username).
FirstOrDefault();
if (createdTeam == null)
{
// Failed to delete
Assert.IsTrue(false);
}
_context.Team.Remove(createdTeam);
_context.SaveChanges();
}
/// <summary>
/// Create team accounts for the web api.
/// </summary>
/// <param name="postInfo">Json object to represent post request</param>
/// <returns>Json response object</returns>
public TeamRegisterResp CreateTeamAccount(TeamRegisterPost postInfo)
{
// Check If Username is Taken.
var nameResult = _teamRegistrationService.IsUsernameValid(postInfo.Username);
// Check password strength.
var passwordResult = _teamRegistrationService.IsPasswordValid(postInfo.Password);
// Check that passwords and repeat passwords are equal.
passwordResult &= postInfo.Password == postInfo.RepeatPassword;
// Check If Website url is taken. Then Check if valid, if its alive and its https.
var websiteUrl = _urlValidationService.IsWebsiteURLUnique(postInfo.WebsiteUrl);
var websiteValid = _urlValidationService.IsUrlValid(postInfo.WebsiteUrl);
websiteValid &= _urlValidationService.IsUrlHttps(postInfo.WebsiteUrl);
var websiteAlive = false;
if (websiteValid)
{
websiteAlive = _urlValidationService.IsUrlAlive(postInfo.WebsiteUrl);
}
// Check if callback url is taken. Then Check if valid, if its alive and its https.
var callBackurl = _urlValidationService.IsCallBackURLUnique(postInfo.CallbackUrl);
var callbackValid = _urlValidationService.IsUrlValid(postInfo.CallbackUrl);
callbackValid &= _urlValidationService.IsUrlHttps(postInfo.CallbackUrl);
var callbackAlive = false;
if (callbackValid)
{
callbackAlive = _urlValidationService.IsUrlAlive(postInfo.CallbackUrl);
}
// If any of the above flags are false return json Object containing error info.
if (!(nameResult && passwordResult && websiteUrl && websiteValid && websiteAlive && callBackurl && callbackValid && callbackAlive))
{
return(new TeamRegisterResp(nameResult, passwordResult, websiteUrl, websiteValid, websiteAlive, callBackurl, callbackValid, callbackAlive, false));
}
else
{
// Create team if we pass all requirements.
// generate salt for teams password.
var salt = _teamRegistrationService.GenerateSalt(Constants.saltLength);
// Create digest with salt.
var digest = _teamRegistrationService.HashPassword(postInfo.Password, Constants.HashIteration, salt, KeyDerivationPrf.HMACSHA256);
// Create Guid ClientId.
var id = _teamRegistrationService.GenerateClientId();
// Create Client Secret, client salt, and hash it.
var clientSalt = _teamRegistrationService.GenerateSalt(Constants.SaltLength);
var clientSecret = _teamRegistrationService.GenerateClientSecret();
var clientDigest = _teamRegistrationService.HashPassword(clientSecret, Constants.HashIteration, clientSalt, KeyDerivationPrf.HMACSHA256);
// Save the team in storage.
var teamCreateResult = _teamRegistrationService.CreateTeam(postInfo, id, digest, clientDigest);
// Return response with all flags corresponding flags.
return(new TeamRegisterResp(nameResult, passwordResult, websiteUrl, websiteValid, websiteAlive, callBackurl, callbackValid, callbackAlive, teamCreateResult, id, clientSecret));
}
}
