public async Task CanRegisterAUserWithRequiredConfirmation()
{
// Arrange
void ConfigureTestServices(IServiceCollection services)
{
services.Configure <IdentityOptions>(o => o.SignIn.RequireConfirmedAccount = true);
};
var server = ServerFactory
.WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices));
var client = server.CreateClient();
var client2 = server.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
// Act & Assert
var register = await UserStories.RegisterNewUserAsyncWithConfirmation(client, userName, password);
// Since we aren't confirmed yet, login should fail until we confirm
await UserStories.LoginFailsWithWrongPasswordAsync(client, userName, password);
await register.ClickConfirmLinkAsync();
await UserStories.LoginExistingUserAsync(client, userName, password);
}
public async Task CanChangePassword()
{
// Arrange
var principals = new List <ClaimsPrincipal>();
void ConfigureTestServices(IServiceCollection services) =>
services.SetupGetUserClaimsPrincipal(user => principals.Add(user), IdentityConstants.ApplicationScheme);
var server = ServerFactory
.WithWebHostBuilder(whb => whb.ConfigureTestServices(ConfigureTestServices));
var client = server.CreateClient();
var newClient = server.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = "******";
var index = await UserStories.RegisterNewUserAsync(client, userName, password);
// Act 1
var changedPassword = await UserStories.ChangePasswordAsync(index, "!Test.Password1", "!Test.Password2");
// Assert 1
// RefreshSignIn generates a new security stamp claim
AssertClaimsNotEqual(principals[0], principals[1], "AspNet.Identity.SecurityStamp");
// Act 2
await UserStories.LoginExistingUserAsync(newClient, userName, "!Test.Password2");
// Assert 2
// Signing in again with a different client uses the same security stamp claim
AssertClaimsEqual(principals[1], principals[2], "AspNet.Identity.SecurityStamp");
}
public async Task CanResetPassword_WithGlobalAuthorizeFilter()
{
// Arrange
var emailSender = new ContosoEmailSender();
void ConfigureTestServices(IServiceCollection services) =>
services.SetupGlobalAuthorizeFilter().SetupTestEmailSender(emailSender);
var server = ServerFactory.WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices));
var client = server.CreateClient();
var resetPasswordClient = server.CreateClient();
var newClient = server.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"[PLACEHOLDER]-1a";
var newPassword = $"[PLACEHOLDER]-1a-updated";
await UserStories.RegisterNewUserAsync(client, userName, password);
var registrationEmail = Assert.Single(emailSender.SentEmails);
await UserStories.ConfirmEmailAsync(registrationEmail, client);
// Act & Assert
await UserStories.ForgotPasswordAsync(resetPasswordClient, userName);
Assert.Equal(2, emailSender.SentEmails.Count);
var email = emailSender.SentEmails[1];
await UserStories.ResetPasswordAsync(resetPasswordClient, email, userName, newPassword);
await UserStories.LoginExistingUserAsync(newClient, userName, newPassword);
}
public async Task CanLogInAfterConfirmingEmail_WithGlobalAuthorizeFilter()
{
// Arrange
var emailSender = new ContosoEmailSender();
void ConfigureTestServices(IServiceCollection services) => services
.SetupTestEmailSender(emailSender)
.SetupEmailRequired()
.SetupGlobalAuthorizeFilter();
var server = ServerFactory.WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices));
var client = server.CreateClient();
var newClient = server.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"[PLACEHOLDER]-1a";
var loggedIn = await UserStories.RegisterNewUserAsync(client, userName, password);
// Act & Assert
// Use a new client to simulate a new browser session.
var email = Assert.Single(emailSender.SentEmails);
await UserStories.ConfirmEmailAsync(email, newClient);
await UserStories.LoginExistingUserAsync(newClient, userName, password);
}
public async Task CanChangeEmail()
{
// Arrange
var emails = new ContosoEmailSender();
void ConfigureTestServices(IServiceCollection services) =>
services.SetupTestEmailSender(emails);
var server = ServerFactory
.WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices));
var client = server.CreateClient();
var newClient = server.CreateClient();
var failedClient = server.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"[PLACEHOLDER]-1a";
var newEmail = "*****@*****.**";
var index = await UserStories.RegisterNewUserAsync(client, userName, password);
var email = await UserStories.SendUpdateEmailAsync(index, newEmail);
// Act & Assert
Assert.Equal(2, emails.SentEmails.Count);
await UserStories.ConfirmEmailAsync(emails.SentEmails[1], client);
// Verify can login with new email, fails with old
await UserStories.LoginExistingUserAsync(newClient, newEmail, password);
await UserStories.LoginFailsWithWrongPasswordAsync(failedClient, userName, password);
}
public async Task CanLogInAfterConfirmingEmail()
{
// Arrange
TestEmailSender testEmailSender = new TestEmailSender();
var server = ServerFactory.CreateServer(builder =>
{
builder.ConfigureServices(services => services
.AddSingleton <IEmailSender>(testEmailSender)
.Configure <IdentityOptions>(opt => opt.SignIn.RequireConfirmedEmail = true));
});
var client = ServerFactory.CreateDefaultClient(server);
var newClient = ServerFactory.CreateDefaultClient(server);
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
var loggedIn = await UserStories.RegisterNewUserAsync(client, userName, password);
// Act & Assert
// Use a new client to simulate a new browser session.
var emailBody = HtmlAssert.IsHtmlFragment(testEmailSender.HtmlMessage);
var linkElement = HtmlAssert.HasElement("a", emailBody);
var link = Assert.IsAssignableFrom <IHtmlAnchorElement>(linkElement);
var response = await newClient.GetAsync(link.Href);
await UserStories.LoginExistingUserAsync(newClient, userName, password);
}
public async Task CanLogInAfterResettingThePassword()
{
using (StartLog(out var loggerFactory))
{
// Arrange
var emailSender = new ContosoEmailSender();
var server = ServerFactory.CreateServer(loggerFactory, b => b.ConfigureServices(s =>
s.SetupTestEmailSender(emailSender)));
var client = ServerFactory.CreateDefaultClient(server);
var resetPasswordClient = ServerFactory.CreateDefaultClient(server);
var newClient = ServerFactory.CreateDefaultClient(server);
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
var newPassword = $"!New.Password1$";
await UserStories.RegisterNewUserAsync(client, userName, password);
var registrationEmail = Assert.Single(emailSender.SentEmails);
await UserStories.ConfirmEmailAsync(registrationEmail, client);
// Act & Assert
await UserStories.ForgotPasswordAsync(resetPasswordClient, userName);
Assert.Equal(2, emailSender.SentEmails.Count);
var email = emailSender.SentEmails[1];
await UserStories.ResetPasswordAsync(resetPasswordClient, email, userName, newPassword);
await UserStories.LoginExistingUserAsync(newClient, userName, newPassword);
}
}
public async Task CanLogInAfterConfirmingEmail()
{
using (StartLog(out var loggerFactory))
{
// Arrange
var emailSender = new ContosoEmailSender();
var server = ServerFactory.CreateServer(loggerFactory, builder =>
{
builder.ConfigureServices(services => services
.SetupTestEmailSender(emailSender)
.SetupEmailRequired());
});
var client = ServerFactory.CreateDefaultClient(server);
var newClient = ServerFactory.CreateDefaultClient(server);
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
var loggedIn = await UserStories.RegisterNewUserAsync(client, userName, password);
// Act & Assert
// Use a new client to simulate a new browser session.
var email = Assert.Single(emailSender.SentEmails);
await UserStories.ConfirmEmailAsync(email, newClient);
await UserStories.LoginExistingUserAsync(newClient, userName, password);
}
}
public async Task CannotLogInWithoutRequiredEmailConfirmation()
{
using (StartLog(out var loggerFactory))
{
// Arrange
var emailSender = new ContosoEmailSender();
var server = ServerFactory.CreateServer(loggerFactory, builder =>
{
builder.ConfigureServices(services => services
.SetupTestEmailSender(emailSender)
.SetupEmailRequired());
});
var client = ServerFactory.CreateDefaultClient(server);
var newClient = ServerFactory.CreateDefaultClient(server);
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
var loggedIn = await UserStories.RegisterNewUserAsync(client, userName, password);
// Act & Assert
// Use a new client to simulate a new browser session.
await Assert.ThrowsAnyAsync <XunitException>(() => UserStories.LoginExistingUserAsync(newClient, userName, password));
}
}
public async Task CanLogInAfterResettingThePassword()
{
// Arrange
var emailSender = new ContosoEmailSender();
void ConfigureTestServices(IServiceCollection services) => services
.SetupTestEmailSender(emailSender);
var server = ServerFactory.WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices));
ServerFactory.EnsureDatabaseCreated();
var client = server.CreateClient();
var resetPasswordClient = server.CreateClient();
var newClient = server.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
var newPassword = $"!New.Password1$";
await UserStories.RegisterNewUserAsync(client, userName, password);
var registrationEmail = Assert.Single(emailSender.SentEmails);
await UserStories.ConfirmEmailAsync(registrationEmail, client);
// Act & Assert
await UserStories.ForgotPasswordAsync(resetPasswordClient, userName);
Assert.Equal(2, emailSender.SentEmails.Count);
var email = emailSender.SentEmails[1];
await UserStories.ResetPasswordAsync(resetPasswordClient, email, userName, newPassword);
await UserStories.LoginExistingUserAsync(newClient, userName, newPassword);
}
public async Task CanLogInWithAPreviouslyRegisteredUser()
{
// Arrange
var client = ServerFactory.CreateClient();
var newClient = ServerFactory.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"[PLACEHOLDER]-1a";
// Act & Assert
await UserStories.RegisterNewUserAsync(client, userName, password);
// Use a new client to simulate a new browser session.
await UserStories.LoginExistingUserAsync(newClient, userName, password);
}
public async Task CanLogInWithAPreviouslyRegisteredUser()
{
using (StartLog(out var loggerFactory))
{
// Arrange
var server = ServerFactory.CreateDefaultServer(loggerFactory);
var client = ServerFactory.CreateDefaultClient(server);
var newClient = ServerFactory.CreateDefaultClient(server);
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
// Act & Assert
await UserStories.RegisterNewUserAsync(client, userName, password);
// Use a new client to simulate a new browser session.
await UserStories.LoginExistingUserAsync(newClient, userName, password);
}
}
public async Task CanLogInWithAPreviouslyRegisteredUser_WithGlobalAuthorizeFilter()
{
// Arrange
void ConfigureTestServices(IServiceCollection services) =>
services.SetupGlobalAuthorizeFilter();
var server = ServerFactory
.WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices));
var client = server.CreateClient();
var newClient = server.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"[PLACEHOLDER]-1a";
// Act & Assert
await UserStories.RegisterNewUserAsync(client, userName, password);
// Use a new client to simulate a new browser session.
await UserStories.LoginExistingUserAsync(newClient, userName, password);
}
public async Task CanSetPasswordWithExternalLogin()
{
// Arrange
var principals = new List <ClaimsPrincipal>();
void ConfigureTestServices(IServiceCollection services) =>
services
.SetupTestThirdPartyLogin()
.SetupGetUserClaimsPrincipal(user => principals.Add(user), IdentityConstants.ApplicationScheme);
var server = ServerFactory
.WithWebHostBuilder(whb => whb.ConfigureTestServices(ConfigureTestServices));
var client = server.CreateClient();
var newClient = server.CreateClient();
var loginAfterSetPasswordClient = server.CreateClient();
var guid = Guid.NewGuid();
var userName = $"{guid}";
var email = $"{guid}@example.com";
// Act 1
var index = await UserStories.RegisterNewUserWithSocialLoginAsync(client, userName, email);
index = await UserStories.LoginWithSocialLoginAsync(newClient, userName);
// Assert 1
Assert.NotNull(principals[1].Identities.Single().Claims.Single(c => c.Type == ClaimTypes.AuthenticationMethod).Value);
// Act 2
await UserStories.SetPasswordAsync(index, "!Test.Password2");
// Assert 2
// RefreshSignIn uses the same AuthenticationMethod claim value
AssertClaimsEqual(principals[1], principals[2], ClaimTypes.AuthenticationMethod);
// Act & Assert 3
// Can log in with the password set above
await UserStories.LoginExistingUserAsync(loginAfterSetPasswordClient, email, "!Test.Password2");
}
public async Task CannotLogInWithoutRequiredEmailConfirmation()
{
// Arrange
var emailSender = new ContosoEmailSender();
void ConfigureTestServices(IServiceCollection services) => services
.SetupTestEmailSender(emailSender)
.SetupEmailRequired();
var server = ServerFactory.WithWebHostBuilder(whb => whb.ConfigureServices(ConfigureTestServices));
var client = server.CreateClient();
var newClient = server.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"[PLACEHOLDER]-1a";
var loggedIn = await UserStories.RegisterNewUserAsync(client, userName, password);
// Act & Assert
// Use a new client to simulate a new browser session.
await Assert.ThrowsAnyAsync <XunitException>(() => UserStories.LoginExistingUserAsync(newClient, userName, password));
}
public async Task CannotLogInWithoutRequiredEmailConfirmation()
{
// Arrange
var testEmailSender = new TestEmailSender();
var server = ServerFactory.CreateServer(builder =>
{
builder.ConfigureServices(services => services
.AddSingleton <IEmailSender>(testEmailSender)
.Configure <IdentityOptions>(opt => opt.SignIn.RequireConfirmedEmail = true));
});
var client = ServerFactory.CreateDefaultClient(server);
var newClient = ServerFactory.CreateDefaultClient(server);
var userName = $"{Guid.NewGuid()}@example.com";
var password = $"!Test.Password1$";
var loggedIn = await UserStories.RegisterNewUserAsync(client, userName, password);
// Act & Assert
// Use a new client to simulate a new browser session.
await Assert.ThrowsAnyAsync <XunitException>(() => UserStories.LoginExistingUserAsync(newClient, userName, password));
}
