public async Task <bool> RequestChangePasswordAsync(string email, string password)
{
try
{
var createNewPasswordDto = new CreateNewPasswordRequestDto
{
Email = email,
NewPassword = password
};
var response = await httpService.PostAsync <CreateNewPasswordRequestDto, CreateNewPasswordResponseDto>(
AuthorizeEndpoint.ResetPassword, createNewPasswordDto);
return(response.Succeeded);
}
catch (System.Net.WebException ex)
{
throw new Exceptions.WebException("Server exception", ex);
}
catch (SocketException ex)
{
throw new Exceptions.WebException("Server exception", ex);
}
}
private PageRoutes.CreateNewPasswordPage CreateCreateNewPasswordPage(ServiceProvider provider, CreateNewPasswordRequestDto request, string secret)
{
var page = new PageRoutes.CreateNewPasswordPage();
provider.InjectDependencies(page);
page.Request = request;
page.Secret = secret;
return(page);
}
public async Task TestNegativeScenarios()
{
// --- Arrange ---
var provider = SetupDefaultDependencies();
// Arrange data for testing
var email1 = "*****@*****.**";
var password1 = "password123";
var newPassword1 = "dogs987";
var newNewPassword1 = "cats987";
var name1 = "petr";
var surename1 = "sindelar";
var email2 = "*****@*****.**";
var password2 = "porjjjjd123";
var newPassword2 = "dogskoko987";
var newNewPassword2 = "catkokos987";
var name2 = "marek";
var surename2 = "koko";
var email3 = "*****@*****.**";
var password3 = "obecnazirafa";
var newPassword3 = "slonak987";
var newNewPassword3 = "zirafafa987";
var name3 = "zirafa";
var surename3 = "obecna";
var someSecret = Guid.Parse("b6be6d12-4d7d-4cb0-a59c-fc5c0c2179e4");
// --- Act ---
// Try login without registration
await Assert.ThrowsExceptionAsync <RequestException>(() => CreateLoginPage(provider, new LoginRequestDto(email1, password1, new CourseDto[0])).Login());
// Try to validate email without registration
await Assert.ThrowsExceptionAsync <RequestException>(() => CreateEmailConfirmedPage(provider, someSecret.ToString(), email1).ConfirmEmail());
// Try to change password without login
await Assert.ThrowsExceptionAsync <RequestException>(() => CreateChangePasswordPage(provider, new ChangePasswordRequestDto(password1, "sss", "sss")).ChangePassword());
// Try to restore password of non registered user
await Assert.ThrowsExceptionAsync <RequestException>(() => CreateRestorePasswordPage(provider, new RestorePasswordRequestDto(email1)).RestorePassword());
// Create new password of non registered user
await Assert.ThrowsExceptionAsync <RequestException>(() => CreateCreateNewPasswordPage(provider, new CreateNewPasswordRequestDto("www", Guid.Empty, "wwww"), someSecret.ToString()).CreateNewPassword());
// Register user 1
await CreateRegisterPage(provider, new RegisterRequestDto(email1, name1 + " " + surename1, password1, password1, true, null, new CourseDto[0])).Register();
var registerSecret1 = _emailService.RegisterSecrets.Last();
// Try login without confirming the email
await Assert.ThrowsExceptionAsync <RequestException>(() => CreateLoginPage(provider, new LoginRequestDto(email1, password1, new CourseDto[0])).Login());
// Try login without registration
await Assert.ThrowsExceptionAsync <RequestException>(() => CreateLoginPage(provider, new LoginRequestDto(email2, password2, new CourseDto[0])).Login());
// Try to validate email with wrong secret
await Assert.ThrowsExceptionAsync <RequestException>(() => CreateEmailConfirmedPage(provider, someSecret.ToString(), email2).ConfirmEmail());
// Try to change password without login
await Assert.ThrowsExceptionAsync <RequestException>(() => CreateChangePasswordPage(provider, new ChangePasswordRequestDto(password1, "sss", "sss")).ChangePassword());
// Try to restore password of non registered user
await Assert.ThrowsExceptionAsync <RequestException>(() => CreateRestorePasswordPage(provider, new RestorePasswordRequestDto(email2)).RestorePassword());
// Create new password of non registered user
await Assert.ThrowsExceptionAsync <RequestException>(() => CreateCreateNewPasswordPage(provider, new CreateNewPasswordRequestDto("www", Guid.NewGuid(), "wwww"), someSecret.ToString()).CreateNewPassword());
// Register user 1 once more (before he confirms the email, before its time for resending the email)
await Assert.ThrowsExceptionAsync <RequestException>(() => CreateRegisterPage(provider, new RegisterRequestDto(email1, name1 + " " + surename1, password1, password1, true, null, new CourseDto[0])).Register());
// Move time
_timeService.SetNow(_timeService.Now.Add(Constants.ResendRegistrationEmailMinTime.Add(TimeSpan.FromSeconds(5))));
// Try to register again
await CreateRegisterPage(provider, new RegisterRequestDto(email1, name1 + " " + surename1, password1, password1, true, null, new CourseDto[0])).Register();
var registerSecret1b = _emailService.RegisterSecrets.Last();
// Try to confirm the email of user 1 with his old confirmation email
await Assert.ThrowsExceptionAsync <RequestException>(() => CreateEmailConfirmedPage(provider, registerSecret1.ToString(), email1).ConfirmEmail());
// Confirm the email of user 1 with the new confirmation email
await CreateEmailConfirmedPage(provider, registerSecret1b.ToString(), email1).ConfirmEmail();
// Try to register the user
await Assert.ThrowsExceptionAsync <RequestException>(() => CreateRegisterPage(provider, new RegisterRequestDto(email1, name1 + " " + surename1, password1, password1, true, null, new CourseDto[0])).Register());
// Login the user 1
await CreateLoginPage(provider, new LoginRequestDto(email1, password1, new CourseDto[0])).Login();
// Change the password of user 1
await CreateChangePasswordPage(provider, new ChangePasswordRequestDto(password1, newPassword1, newPassword1)).ChangePassword();
var loginService = provider.GetService <ILoginService>();
// Logout
await CreateProfilePage(provider, loginService.User.Url).Logout();
// Restore password
await CreateRestorePasswordPage(provider, new RestorePasswordRequestDto(email1)).RestorePassword();
var restorePasswordSecret = _emailService.RestorePasswordSecrets.Last();
// Create new password
var createNewPasswordPageForm = new CreateNewPasswordRequestDto(newNewPassword1, restorePasswordSecret, newNewPassword1);
var createNewPasswordPage = CreateCreateNewPasswordPage(provider, createNewPasswordPageForm, restorePasswordSecret.ToString());
await createNewPasswordPage.CreateNewPassword();
// Login using the new password
await CreateLoginPage(provider, new LoginRequestDto(email1, newNewPassword1, new CourseDto[0])).Login();
}
