public async Task <IResult <ILoginResponse> > Login(ILoginRequest login, CancellationToken cancel = default)
{
Result <ILoginResponse> result;
var user = await _userManager.FindByNameAsync(login.UserName);
if (user == null)
{
result = new ErrorInformation($"The user with the name {login.UserName} was not found");
return(result);
}
var loginResult = await _signInManager.CheckPasswordSignInAsync(user, login.Password, false);
if (loginResult.Succeeded)
{
_logger.LogInformation("The user {0} has been successfully logged in", login.UserName);
result = new LoginResponse()
{
Token = _jwtGenerator.CreateToken(user)
};
return(result);
}
_logger.LogInformation("User {0} authentication error", login.UserName);
result = new ErrorInformation("Authentication error");
return(result);
}
public void AttemptLogin_signs_user_in_when_authentication_succeeds([Frozen] CSF.Security.Authentication.IPasswordAuthenticationService authService,
[Frozen] ILogsUserInOrOut loginLogout,
LoginLogoutManager sut,
ILoginRequest request,
LoginCredentials credentials,
[HasIdentity] User user)
{
// Arrange
user.Username = credentials.Username;
Mock.Get(request)
.Setup(x => x.GetCredentials())
.Returns(credentials);
Mock.Get(authService)
.Setup(x => x.Authenticate(credentials))
.Returns(new AuthenticationResult(user.GetIdentity(), user.Username, true));
Mock.Get(loginLogout)
.Setup(x => x.LogUserIn(It.IsAny <IAuthenticationResult>()));
// Act
sut.AttemptLogin(request);
// Assert
Mock.Get(loginLogout)
.Verify(x => x.LogUserIn(It.IsAny <IAuthenticationResult>()), Times.Once());
}
public async Task <ILoginResponse> LoginAsync(ILoginRequest request)
{
if (request == null)
{
throw new ArgumentNullException(nameof(request));
}
if (WebBrowserNavigator.WebBrowser.Address != ChunithmNetUrl.Top)
{
await WebBrowserNavigator.LoadAsync(ChunithmNetUrl.Top);
}
await WebBrowserNavigator.EvaluatePageMoveScriptAsync($@"
var inputs = document.getElementsByTagName('input');
var inputName = inputs[0];
var inputPassword = inputs[1];
inputName.value = '{request.SegaId}';
inputPassword.value = '{request.Password}';
formSubmit('sega_login');
");
var responseAsync = LoginResponse.CreateResponseAsync(WebBrowserNavigator.WebBrowser);
await responseAsync;
var response = responseAsync.Result;
if (response.Success)
{
var aimeListParser = new AimeListParser();
response.AimeList = aimeListParser.Parse(response.DocumentText);
}
return(response);
}
public TestWebApiHandler(HttpClient client, LoginRequest loginRequest, IMapper mapper, ILogger <TestWebApiHandler> logger)
{
_client = client;
_loginRequest = loginRequest;
_mapper = mapper;
_logger = logger;
}
public async Task <ILoginResponse> LoginAsync(ILoginRequest request)
{
if (!IsLoggedIn())
{
await GetToken();
}
var loginContent = new FormUrlEncodedContent(new Dictionary <string, string>()
{
{ "segaId", request.SegaId },
{ "password", request.Password },
{ "token", token },
});
var postLogin = client.PostAsync(ChunithmNetUrl.CreateUrl("submit"), loginContent);
await postLogin;
var getAimeList = client.GetAsync(ChunithmNetUrl.CreateUrl("aimeList"));
await getAimeList;
var response = new LoginResponse(getAimeList.Result);
if (response.Success)
{
var aimeListParser = new AimeListParser();
response.AimeList = aimeListParser.Parse(response.DocumentText);
if (response.AimeList == null)
{
response.OnInvalidAimeList();
}
}
return(response);
}
public LoginResult AttemptLogin(ILoginRequest request)
{
if (request == null)
{
throw new ArgumentNullException(nameof(request));
}
LoginResult output = null;
AuthenticationResult authResult;
output = GetLoginThrottledResult(request);
if (output != null)
{
return(output);
}
output = GetAuthenticationFailedLoginResult(request, out authResult);
if (output != null)
{
return(output);
}
var currentUser = LogUserIn(request, authResult);
return(new LoginResult(currentUser.Username));
}
public async Task <ILoginResponse> LoginAsync(ILoginRequest request)
{
if (request == null)
{
throw new ArgumentNullException(nameof(request));
}
if (WebBrowserNavigator.WebBrowser.Url?.AbsoluteUri != ChunithmNetUrl.Top)
{
await WebBrowserNavigator.NavigateAsync(ChunithmNetUrl.Top);
}
{
var document = WebBrowserNavigator.WebBrowser.Document;
var inputs = document.GetElementsByTagName("input");
var segaIdInput = inputs.GetElementsByName("segaId").OfType <HtmlElement>().FirstOrDefault();
var passwordInput = inputs.GetElementsByName("password").OfType <HtmlElement>().FirstOrDefault();
segaIdInput.SetAttribute("value", request.SegaId);
passwordInput.SetAttribute("value", request.Password);
}
var login = WebBrowserNavigator.InvokeScriptAsync("formSubmit", new[] { "sega_login" });
await login;
var response = new LoginResponse(WebBrowserNavigator.WebBrowser);
if (response.Success)
{
var aimeListParser = new AimeListParser();
response.AimeList = aimeListParser.Parse(WebBrowserNavigator.WebBrowser.DocumentText);
}
return(response);
}
/// <summary>
/// Submits the login request.
/// </summary>
/// <returns>The login request.</returns>
/// <param name="request">Request.</param>
public async Task <LoginResponse> SubmitLoginRequest(ILoginRequest request)
{
var result = await PostAsync(GetEndPointUrl(request), new
{
email = request.Email,
password = request.Password
});
return(result != null ? new LoginResponse(result) : null);
}
public async Task <TUser> CheckLoginRequest(ILoginRequest login)
{
var user = await this.GetUserAsnc(login.Username) as TUser;
if (user == null)
{
return(null);
}
var isCorrectPassword = await this.SDHCMemberService.CheckPasswordAsync(user, login.Password);
return(user);
}
public async Task <IAuthResponse> LoginUserAsync(ILoginRequest model)
{
var user = await _userManager.FindByEmailAsync(model.Email).ConfigureAwait(false);
if (user == null)
{
throw new ValidationException(ExceptionMapping.None, "Combination of user/password does not exist");
}
if (!await _userManager.IsEmailConfirmedAsync(user))
{
throw new ValidationException(ExceptionMapping.None, "Email not confirmed");
}
var result = await _userManager.CheckPasswordAsync(user, model.Password);
if (!result)
{
throw new ValidationException(ExceptionMapping.None, "Combination of user/password does not exist");
}
var accessToken = await GenerateAccessTokenAsync(user).ConfigureAwait(false);
var refreshToken = await _userManager.GenerateConcurrencyStampAsync(user).ConfigureAwait(false);
var userRefreshToken = await _context.UserRefreshTokens.AsTracking().FirstOrDefaultAsync(x => x.UserID == user.Id);
if (userRefreshToken == null)
{
throw new ValidationException(ExceptionMapping.None, "User could not be created");
}
if (DateTimeOffset.UtcNow <= userRefreshToken.ExpiryDate)
{
refreshToken = userRefreshToken.RefreshToken;
}
else
{
userRefreshToken.ExpiryDate = DateTimeOffset.UtcNow.AddDays(1);
userRefreshToken.RefreshToken = refreshToken;
userRefreshToken.UserID = user.Id;
_context.UserRefreshTokens.Update(userRefreshToken);
await _context.SaveChangesAsync();
}
return(new AuthResponse
{
AccessToken = accessToken,
ExpireDate = DateTimeOffset.UtcNow.AddDays(1).DateTime,
RefreshToken = refreshToken
});
}
IThrottleKey GetThrottleKey(ILoginRequest request)
{
if (request == null)
{
return(null);
}
if (request.SourceAddress == null)
{
return(null);
}
return(new SimpleThrottleKey(request.SourceAddress));
}
LoginResult GetAuthenticationFailedLoginResult(ILoginRequest request, out AuthenticationResult result)
{
result = (AuthenticationResult)AuthenticationService.Authenticate(request.GetCredentials());
if (result != null && result.Success)
{
return(null);
}
else
{
return(LoginResult.LoginFailed);
}
}
LoginResult GetLoginThrottledResult(ILoginRequest request)
{
var throttlingResult = throttlingService.GetThrottlingResponse(request);
if (throttlingResult == null || throttlingResult.ShouldAttemptBeHonoured)
{
return(null);
}
var time = throttlingResult.TimeUntilNextAttemptPermitted.GetValueOrDefault();
return(LoginResult.LoginFailedDueToThrottling(time));
}
public void SetUp()
{
_fakeCreateCustomerRequest = Substitute.For<ICreateCustomerRequest>();
_fakeLoginRequest = Substitute.For<ILoginRequest>();
_fakeSessionService = Substitute.For<ISessionService>();
_fakeHttpMessageHandler = new FakeHttpMessageHandler();
_fakeHttpClient = new HttpClient(_fakeHttpMessageHandler);
_uut = new AzureApiService(_fakeHttpClient, _fakeSessionService);
_fakeCalculatePriceRequest = Substitute.For<ICalculatePriceRequest>();
_fakeCreateRideRequest = Substitute.For<ICreateRideRequest>();
}
public void AttemptLogin_returns_failure_result_when_user_is_not_found([Frozen] CSF.Security.Authentication.IPasswordAuthenticationService authService,
LoginLogoutManager sut,
ILoginRequest request,
LoginCredentials credentials)
{
// Arrange
Mock.Get(request)
.Setup(x => x.GetCredentials())
.Returns(credentials);
Mock.Get(authService)
.Setup(x => x.Authenticate(credentials))
.Returns(AuthenticationResult.UserNotFound);
// Act
var result = sut.AttemptLogin(request);
// Assert
Assert.IsFalse(result.Success);
}
public void AttemptLogin_returns_failure_result_when_authentication_fails([Frozen] CSF.Security.Authentication.IPasswordAuthenticationService authService,
LoginLogoutManager sut,
ILoginRequest request,
LoginCredentials credentials,
[HasIdentity] User user)
{
// Arrange
Mock.Get(request)
.Setup(x => x.GetCredentials())
.Returns(credentials);
Mock.Get(authService)
.Setup(x => x.Authenticate(credentials))
.Returns(new AuthenticationResult(user.GetIdentity(), user.Username, false));
// Act
var result = sut.AttemptLogin(request);
// Assert
Assert.IsFalse(result.Success);
}
public void AttemptLogin_does_not_log_user_in_when_user_is_not_found([Frozen] CSF.Security.Authentication.IPasswordAuthenticationService authService,
[Frozen] ILogsUserInOrOut loginLogout,
LoginLogoutManager sut,
ILoginRequest request,
LoginCredentials credentials)
{
// Arrange
Mock.Get(request)
.Setup(x => x.GetCredentials())
.Returns(credentials);
Mock.Get(authService)
.Setup(x => x.Authenticate(credentials))
.Returns(AuthenticationResult.UserNotFound);
// Act
sut.AttemptLogin(request);
// Assert
Mock.Get(loginLogout)
.Verify(x => x.LogUserIn(It.IsAny <IAuthenticationResult>()), Times.Never());
}
public LoginThrottlingResponse GetThrottlingResponse(ILoginRequest request)
{
var key = GetThrottleKey(request);
if (key == null)
{
return(LoginThrottlingResponse.AttemptPermitted);
}
var result = throttlePolicy.Check(key);
if (result.IsLocked)
{
return(new LoginThrottlingResponse(result.Limiter.LockDuration.GetValueOrDefault()));
}
if (result.IsThrottled)
{
return(new LoginThrottlingResponse(result.Limiter.Period));
}
return(LoginThrottlingResponse.AttemptPermitted);
}
public void AttemptLogin_returns_success_result_when_authentication_succeeds([Frozen] CSF.Security.Authentication.IPasswordAuthenticationService authService,
[Frozen] ILogsUserInOrOut loginLogout,
LoginLogoutManager sut,
ILoginRequest request,
LoginCredentials credentials,
[HasIdentity] User user)
{
// Arrange
Mock.Get(request)
.Setup(x => x.GetCredentials())
.Returns(credentials);
Mock.Get(authService)
.Setup(x => x.Authenticate(credentials))
.Returns(new AuthenticationResult(user.GetIdentity(), user.Username, true));
user.Username = credentials.Username;
user.GenerateIdentity();
// Act
var result = sut.AttemptLogin(request);
// Assert
Assert.IsTrue(result.Success);
}
public void AttemptLogin_result_indicates_correct_time_to_next_attempt_when_throttling_prohibits_login([Frozen] CSF.Security.Authentication.IPasswordAuthenticationService authService,
[Frozen] ILoginThrottlingService throttling,
LoginLogoutManager sut,
ILoginRequest request,
LoginCredentials credentials,
[HasIdentity] User user,
TimeSpan time)
{
// Arrange
Mock.Get(request)
.Setup(x => x.GetCredentials())
.Returns(credentials);
Mock.Get(authService)
.Setup(x => x.Authenticate(credentials))
.Returns(new AuthenticationResult(user.GetIdentity(), user.Username, true));
Mock.Get(throttling)
.Setup(x => x.GetThrottlingResponse(request))
.Returns(new LoginThrottlingResponse(time));
user.Username = credentials.Username;
user.GenerateIdentity();
// Act
var result = sut.AttemptLogin(request);
// Assert
Assert.AreEqual(time, result.TimeBeforeNextAttempt.GetValueOrDefault());
}
async Task <IUserBase> ISDHCUserManager.CheckLoginRequest(ILoginRequest login)
{
return(await this.CheckLoginRequest(login));
}
private string GetEndPointUrl(ILoginRequest request)
{
return(_customerLoginEndPoint);
}
public ActionResult Login(ILoginRequest loginRequest)
{
_dashboard.LoginResponse = _accountProfileService.Login(loginRequest);
return(RedirectToAction("Index"));
}
public void AttemptLogin_returns_failure_result_when_throttling_prohibits_a_login([Frozen] CSF.Security.Authentication.IPasswordAuthenticationService authService,
[Frozen] ILoginThrottlingService throttling,
LoginLogoutManager sut,
ILoginRequest request,
LoginCredentials credentials,
[HasIdentity] User user,
TimeSpan time)
{
// Arrange
Mock.Get(request)
.Setup(x => x.GetCredentials())
.Returns(credentials);
Mock.Get(authService)
.Setup(x => x.Authenticate(credentials))
.Returns(new AuthenticationResult(user.GetIdentity(), user.Username, true));
Mock.Get(throttling)
.Setup(x => x.GetThrottlingResponse(request))
.Returns(new LoginThrottlingResponse(time));
user.Username = credentials.Username;
user.GenerateIdentity();
// Act
var result = sut.AttemptLogin(request);
// Assert
Assert.IsFalse(result.Success);
}
ICurrentUserInfo LogUserIn(ILoginRequest request, AuthenticationResult result)
{
loginLogoutService.LogUserIn(result);
return(new UserInformation(result.UserIdentity, result.Username));
}
