public async Task LoginWithInvalidCredentials()
{
var encryptionManager = _serviceProvider.GetService <IEncryptionManager>();
var requestBody = new AuthenticationModel
{
Username = "******",
Password = encryptionManager.EncryptAESPassword("invalidPassword")
};
var response = await _client.PostAsync("/api/Account/login", ContentHelper.GetStringContent(requestBody));
Assert.AreEqual(HttpStatusCode.Unauthorized, response.StatusCode);
}
public async Task ValidateToken()
{
var encryptionManager = _serviceProvider.GetService <IEncryptionManager>();
var requestBody = new AuthenticationModel
{
Username = "******",
Password = encryptionManager.EncryptAESPassword("pu")
};
var response = await _client.PostAsync("/api/Account/login", ContentHelper.GetStringContent(requestBody));
Assert.AreEqual(HttpStatusCode.OK, response.StatusCode);
var loginResponseContent = await response.Content.ReadAsStringAsync();
var loginResult = JsonSerializer.Deserialize <UserDetailDTO>(loginResponseContent);
var jwtAuthManager = _serviceProvider.GetService <IJWTTokenManager>();
var(principal, jwtSecurityToken) = jwtAuthManager.DecodeJwtToken(loginResult.Token);
Assert.IsNotNull(jwtSecurityToken);
Assert.AreEqual(loginResult.Token, jwtSecurityToken.RawData);
Assert.AreEqual(requestBody.Username, principal.Identity.Name);
Assert.AreEqual("Privileged", principal.FindFirst(ClaimTypes.Role).Value);
}
