public void Constructor_AcceptsEmptyStringUserNameOrEmail()
{
var record = new FailedAuthenticatedOperationAuditRecord(
usernameOrEmail: "",
action: AuditedAuthenticatedOperationAction.FailedLoginInvalidPassword,
attemptedPackage: null,
attemptedCredential: null);
Assert.Equal("", record.UsernameOrEmail);
}
public void GetPath()
{
var record = new FailedAuthenticatedOperationAuditRecord(
usernameOrEmail: null,
action: AuditedAuthenticatedOperationAction.FailedLoginNoSuchUser,
attemptedPackage: null,
attemptedCredential: null);
var actualResult = record.GetPath();
Assert.Equal("all", actualResult);
}
public void Constructor_AcceptsNulls()
{
var record = new FailedAuthenticatedOperationAuditRecord(
usernameOrEmail: null,
action: AuditedAuthenticatedOperationAction.FailedLoginNoSuchUser,
attemptedPackage: null,
attemptedCredential: null);
Assert.Null(record.UsernameOrEmail);
Assert.Equal(AuditedAuthenticatedOperationAction.FailedLoginNoSuchUser, record.Action);
Assert.Null(record.AttemptedPackage);
Assert.Null(record.AttemptedCredential);
}
public async Task SaveAuditRecordAsync_FailedAuthenticatedOperationAuditRecord()
{
var expiresIn = new TimeSpan(days: 1, hours: 2, minutes: 3, seconds: 4);
var auditRecord = new FailedAuthenticatedOperationAuditRecord(
usernameOrEmail: "a",
action: AuditedAuthenticatedOperationAction.PackagePushAttemptByNonOwner,
attemptedPackage: new AuditedPackageIdentifier("b", "c"),
attemptedCredential: new Credential(CredentialTypes.ApiKey.V2, value: "d", expiration: expiresIn));
var service = new TestAuditingService(async(string auditData, string resourceType, string filePath, string action, DateTime timestamp) =>
{
Assert.Equal("FailedAuthenticatedOperation", resourceType);
Assert.Equal("all", filePath);
Assert.Equal("packagepushattemptbynonowner", action);
Assert.InRange(timestamp, DateTime.UtcNow.AddMinutes(-1), DateTime.UtcNow.AddMinutes(1));
var jObject = JObject.Parse(auditData);
var record = jObject["Record"];
Assert.Equal("a", record["UsernameOrEmail"].Value <string>());
var attemptedPackage = record["AttemptedPackage"];
Assert.Equal("b", attemptedPackage["Id"].Value <string>());
Assert.Equal("c", attemptedPackage["Version"].Value <string>());
var attemptedCredential = record["AttemptedCredential"];
Assert.Equal(0, attemptedCredential["Key"].Value <int>());
Assert.Equal(CredentialTypes.ApiKey.V2, attemptedCredential["Type"].Value <string>());
Assert.Equal(JTokenType.Null, attemptedCredential["Value"].Type);
Assert.Equal(JTokenType.Null, attemptedCredential["Description"].Type);
Assert.False(attemptedCredential["Scopes"].ToObject <IList <object> >().Any());
Assert.Equal(JTokenType.Null, attemptedCredential["Identity"].Type);
Assert.Equal(DateTime.MinValue, attemptedCredential["Created"].Value <DateTime>());
var expiresUtc = DateTime.UtcNow.Add(expiresIn);
Assert.InRange(attemptedCredential["Expires"].Value <DateTime>(), expiresUtc.AddMinutes(-1), expiresUtc.AddMinutes(1));
Assert.Equal(JTokenType.Null, attemptedCredential["LastUsed"].Type);
await VerifyActor(jObject);
return(null);
});
await service.SaveAuditRecordAsync(auditRecord);
}
public void Constructor_SetsProperties()
{
var identifier = new AuditedPackageIdentifier(id: "a", version: "1.0.0");
var credential = new Credential(type: CredentialTypes.Password.V3, value: "b");
var record = new FailedAuthenticatedOperationAuditRecord(
usernameOrEmail: "c",
action: AuditedAuthenticatedOperationAction.PackagePushAttemptByNonOwner,
attemptedPackage: identifier,
attemptedCredential: credential);
Assert.Equal("c", record.UsernameOrEmail);
Assert.Same(identifier, record.AttemptedPackage);
Assert.NotNull(record.AttemptedCredential);
Assert.Equal(credential.Type, record.AttemptedCredential.Type);
Assert.Null(record.AttemptedCredential.Value);
Assert.Equal(AuditedAuthenticatedOperationAction.PackagePushAttemptByNonOwner, record.Action);
}
