public async void TestLoginReturnsValidToken()
        {
            // register and login a new unique user
            HttpResponseMessage response = await AccountHelper.RegisterAndLogInNewUser(fixture.httpClient);

            // Get the response as an object so we can get the token from it
            LoginOutput resultAsObject = await JsonSerializer.DeserializeAsync <LoginOutput>(response.Content.ReadAsStreamAsync().Result);

            JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler();

            // We want to use FluentAssertions to assert that validating the token does not throw, so we need to wrap it in a delegate
            Func <SecurityToken> validateToken = () =>
            {
                tokenHandler.ValidateToken(resultAsObject.token, new TokenValidationParameters
                {
                    ValidIssuer      = fixture.Configuration["Guests:JwtIssuer"],
                    IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(fixture.Configuration["Guests:JwtKey"])),
                    ValidateAudience = false
                }, out SecurityToken validatedToken);
                return(validatedToken);
            };

            // assert that validateToken did not throw, which means our token is valid
            validateToken.Should().NotThrow("because the token should be valid");
        }
        public async void TestLoginTokenContainsRolesAndUserIdAndEmail()
        {
            // register and login a new unique user
            HttpResponseMessage response = await AccountHelper.RegisterAndLogInNewUser(fixture.httpClient);

            // Get the response as an object so we can get the token from it
            LoginOutput resultAsObject = await JsonSerializer.DeserializeAsync <LoginOutput>(response.Content.ReadAsStreamAsync().Result);

            JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler();

            // JwtSecurityTokenHandler.ReadToken will throw an exception if the token is invalid
            // use built in delegate Func to Assert that reading the token does not throw
            Func <JwtSecurityToken> readToken = () => tokenHandler.ReadToken(resultAsObject.token) as JwtSecurityToken;

            using (new AssertionScope())
            {
                // Assert that read token does not throw an exception: if it throws an exception, that means our token was invalid
                readToken.Should().NotThrow("because the token should be valid in order to check its claims");

                // Get the actual token to check
                JwtSecurityToken securityToken = readToken();

                // user only has one id and email but can have many roles
                securityToken.Claims.Should().ContainSingle(claim => claim.Type == ClaimTypes.Email, "because we expect the token to have a name identifier claim");
                securityToken.Claims.Should().ContainSingle(claim => claim.Type == ClaimTypes.NameIdentifier, "because we expect the token to have an email claim");
                securityToken.Claims.Should().Contain(claim => claim.Type == ClaimTypes.Role, "because we expect the token to have at least one role claim");
            }
        }
        public async void TestLoginReturnsAToken()
        {
            HttpResponseMessage response = await AccountHelper.RegisterAndLogInNewUser(fixture.httpClient);

            LoginOutput resultAsObject = await JsonSerializer.DeserializeAsync <LoginOutput>(response.Content.ReadAsStreamAsync().Result);

            // assert the object we created from the response has a token field and its value is not null
            resultAsObject.token.Should().NotBeNull("because we expect the response object to contain a token field with a value");
        }