public async Task <bool> RequestChangePasswordAsync(string email, string password) { try { var createNewPasswordDto = new CreateNewPasswordRequestDto { Email = email, NewPassword = password }; var response = await httpService.PostAsync <CreateNewPasswordRequestDto, CreateNewPasswordResponseDto>( AuthorizeEndpoint.ResetPassword, createNewPasswordDto); return(response.Succeeded); } catch (System.Net.WebException ex) { throw new Exceptions.WebException("Server exception", ex); } catch (SocketException ex) { throw new Exceptions.WebException("Server exception", ex); } }
private PageRoutes.CreateNewPasswordPage CreateCreateNewPasswordPage(ServiceProvider provider, CreateNewPasswordRequestDto request, string secret) { var page = new PageRoutes.CreateNewPasswordPage(); provider.InjectDependencies(page); page.Request = request; page.Secret = secret; return(page); }
public async Task TestNegativeScenarios() { // --- Arrange --- var provider = SetupDefaultDependencies(); // Arrange data for testing var email1 = "*****@*****.**"; var password1 = "password123"; var newPassword1 = "dogs987"; var newNewPassword1 = "cats987"; var name1 = "petr"; var surename1 = "sindelar"; var email2 = "*****@*****.**"; var password2 = "porjjjjd123"; var newPassword2 = "dogskoko987"; var newNewPassword2 = "catkokos987"; var name2 = "marek"; var surename2 = "koko"; var email3 = "*****@*****.**"; var password3 = "obecnazirafa"; var newPassword3 = "slonak987"; var newNewPassword3 = "zirafafa987"; var name3 = "zirafa"; var surename3 = "obecna"; var someSecret = Guid.Parse("b6be6d12-4d7d-4cb0-a59c-fc5c0c2179e4"); // --- Act --- // Try login without registration await Assert.ThrowsExceptionAsync <RequestException>(() => CreateLoginPage(provider, new LoginRequestDto(email1, password1, new CourseDto[0])).Login()); // Try to validate email without registration await Assert.ThrowsExceptionAsync <RequestException>(() => CreateEmailConfirmedPage(provider, someSecret.ToString(), email1).ConfirmEmail()); // Try to change password without login await Assert.ThrowsExceptionAsync <RequestException>(() => CreateChangePasswordPage(provider, new ChangePasswordRequestDto(password1, "sss", "sss")).ChangePassword()); // Try to restore password of non registered user await Assert.ThrowsExceptionAsync <RequestException>(() => CreateRestorePasswordPage(provider, new RestorePasswordRequestDto(email1)).RestorePassword()); // Create new password of non registered user await Assert.ThrowsExceptionAsync <RequestException>(() => CreateCreateNewPasswordPage(provider, new CreateNewPasswordRequestDto("www", Guid.Empty, "wwww"), someSecret.ToString()).CreateNewPassword()); // Register user 1 await CreateRegisterPage(provider, new RegisterRequestDto(email1, name1 + " " + surename1, password1, password1, true, null, new CourseDto[0])).Register(); var registerSecret1 = _emailService.RegisterSecrets.Last(); // Try login without confirming the email await Assert.ThrowsExceptionAsync <RequestException>(() => CreateLoginPage(provider, new LoginRequestDto(email1, password1, new CourseDto[0])).Login()); // Try login without registration await Assert.ThrowsExceptionAsync <RequestException>(() => CreateLoginPage(provider, new LoginRequestDto(email2, password2, new CourseDto[0])).Login()); // Try to validate email with wrong secret await Assert.ThrowsExceptionAsync <RequestException>(() => CreateEmailConfirmedPage(provider, someSecret.ToString(), email2).ConfirmEmail()); // Try to change password without login await Assert.ThrowsExceptionAsync <RequestException>(() => CreateChangePasswordPage(provider, new ChangePasswordRequestDto(password1, "sss", "sss")).ChangePassword()); // Try to restore password of non registered user await Assert.ThrowsExceptionAsync <RequestException>(() => CreateRestorePasswordPage(provider, new RestorePasswordRequestDto(email2)).RestorePassword()); // Create new password of non registered user await Assert.ThrowsExceptionAsync <RequestException>(() => CreateCreateNewPasswordPage(provider, new CreateNewPasswordRequestDto("www", Guid.NewGuid(), "wwww"), someSecret.ToString()).CreateNewPassword()); // Register user 1 once more (before he confirms the email, before its time for resending the email) await Assert.ThrowsExceptionAsync <RequestException>(() => CreateRegisterPage(provider, new RegisterRequestDto(email1, name1 + " " + surename1, password1, password1, true, null, new CourseDto[0])).Register()); // Move time _timeService.SetNow(_timeService.Now.Add(Constants.ResendRegistrationEmailMinTime.Add(TimeSpan.FromSeconds(5)))); // Try to register again await CreateRegisterPage(provider, new RegisterRequestDto(email1, name1 + " " + surename1, password1, password1, true, null, new CourseDto[0])).Register(); var registerSecret1b = _emailService.RegisterSecrets.Last(); // Try to confirm the email of user 1 with his old confirmation email await Assert.ThrowsExceptionAsync <RequestException>(() => CreateEmailConfirmedPage(provider, registerSecret1.ToString(), email1).ConfirmEmail()); // Confirm the email of user 1 with the new confirmation email await CreateEmailConfirmedPage(provider, registerSecret1b.ToString(), email1).ConfirmEmail(); // Try to register the user await Assert.ThrowsExceptionAsync <RequestException>(() => CreateRegisterPage(provider, new RegisterRequestDto(email1, name1 + " " + surename1, password1, password1, true, null, new CourseDto[0])).Register()); // Login the user 1 await CreateLoginPage(provider, new LoginRequestDto(email1, password1, new CourseDto[0])).Login(); // Change the password of user 1 await CreateChangePasswordPage(provider, new ChangePasswordRequestDto(password1, newPassword1, newPassword1)).ChangePassword(); var loginService = provider.GetService <ILoginService>(); // Logout await CreateProfilePage(provider, loginService.User.Url).Logout(); // Restore password await CreateRestorePasswordPage(provider, new RestorePasswordRequestDto(email1)).RestorePassword(); var restorePasswordSecret = _emailService.RestorePasswordSecrets.Last(); // Create new password var createNewPasswordPageForm = new CreateNewPasswordRequestDto(newNewPassword1, restorePasswordSecret, newNewPassword1); var createNewPasswordPage = CreateCreateNewPasswordPage(provider, createNewPasswordPageForm, restorePasswordSecret.ToString()); await createNewPasswordPage.CreateNewPassword(); // Login using the new password await CreateLoginPage(provider, new LoginRequestDto(email1, newNewPassword1, new CourseDto[0])).Login(); }