public void VerifyIdentityVerificationCodeShouldCorrectlyIncrementFailedAttempts()
{
var referenceNumber = "TEST-REFERENCE-NUMBER";
var ipAddress = "TEST-IP-ADDRESS";
var validationAttempts = 10;
dataToCleanUp.Add(new string[] { referenceNumber, ipAddress });
using (var rockContext = new RockContext())
{
var service = new IdentityVerificationService(rockContext);
var verificationRecord = service.CreateIdentityVerificationRecord(ipAddress, 10, referenceNumber);
Assert.That.IsNotNull(verificationRecord);
service.VerifyIdentityVerificationCode(verificationRecord.Id, 1, "Fail1", validationAttempts);
service.VerifyIdentityVerificationCode(verificationRecord.Id, 1, "Fail2", validationAttempts);
service.VerifyIdentityVerificationCode(verificationRecord.Id, 1, "Fail3", validationAttempts);
service.VerifyIdentityVerificationCode(verificationRecord.Id, 1, "Fail4", validationAttempts);
service.VerifyIdentityVerificationCode(verificationRecord.Id, 1, "Fail5", validationAttempts);
var actualVerificationRecord = service.Get(verificationRecord.Id);
Assert.That.AreEqual(5, actualVerificationRecord.FailedMatchAttemptCount);
}
}
public void VerifyIdentityVerificationCodeShouldNotValidateIfWrongIdentityVerificationId()
{
var referenceNumber = "TEST-REFERENCE-NUMBER";
var ipAddress = "TEST-IP-ADDRESS";
var validationAttempts = 10;
dataToCleanUp.Add(new string[] { referenceNumber, ipAddress });
using (var rockContext = new RockContext())
{
var service = new IdentityVerificationService(rockContext);
var verificationRecord1 = service.CreateIdentityVerificationRecord(ipAddress, 10, referenceNumber);
var verificationRecord2 = service.CreateIdentityVerificationRecord(ipAddress, 10, referenceNumber);
Assert.That.IsNotNull(verificationRecord1);
Assert.That.IsNotNull(verificationRecord2);
Assert.That.IsFalse(service.VerifyIdentityVerificationCode(verificationRecord1.Id, 1, verificationRecord2.IdentityVerificationCode.Code, validationAttempts));
}
}
protected void btnLookup_Click(object sender, EventArgs e)
{
if (!Page.IsValid)
{
return;
}
var ipLimit = GetAttributeValue(AttributeKey.IpThrottleLimit).AsInteger();
var messageTemplate = GetAttributeValue(AttributeKey.TextMessageTemplate);
var fromNumber = GetAttributeValue(AttributeKey.SmsNumber);
var phoneNumber = pbPhoneNumberLookup.Number;
try
{
using (var rockContext = new RockContext())
{
var identityVerificationService = new IdentityVerificationService(rockContext);
var identityVerification = identityVerificationService.CreateIdentityVerificationRecord(Request.UserHostAddress, ipLimit, phoneNumber);
var smsMessage = new RockSMSMessage
{
FromNumber = DefinedValueCache.Get(fromNumber),
Message = messageTemplate,
};
var mergeObjects = LavaHelper.GetCommonMergeFields(this.RockPage);
mergeObjects.Add("ConfirmationCode", identityVerification.IdentityVerificationCode.Code);
smsMessage.SetRecipients(new List <RockSMSMessageRecipient> {
RockSMSMessageRecipient.CreateAnonymous(phoneNumber, mergeObjects)
});
var errorList = new List <string>();
if (smsMessage.Send(out errorList))
{
IdentityVerificationId = identityVerification.Id;
ShowVerificationPage();
}
else
{
ShowWarningMessage("Verification text message failed to send.");
}
}
}
catch (Exception ex)
{
ShowWarningMessage(ex.Message);
RockLogger.Log.Error(RockLogDomains.Core, ex);
ExceptionLogService.LogException(ex);
}
}
public void CreateIdentityVerificationRecordReturnsValue()
{
var referenceNumber = "TEST-REFERENCE-NUMBER";
var ipAddress = "TEST-IP-ADDRESS";
dataToCleanUp.Add(new string[] { referenceNumber, ipAddress });
using (var rockContext = new RockContext())
{
var service = new IdentityVerificationService(rockContext);
var verificationRecord = service.CreateIdentityVerificationRecord(ipAddress, 10, referenceNumber);
Assert.That.IsNotNull(verificationRecord);
}
}
public void CreateIdentityVerificationRecordShouldNotThrowExceptionIfAtIpLimit()
{
var ipLimit = 9;
var referenceNumber = "TEST-REFERENCE-NUMBER";
var ipAddress = "TEST-IP-ADDRESS";
CreateIdentityVerificationRecords(ipLimit - 1, referenceNumber, ipAddress);
using (var rockContext = new RockContext())
{
var service = new IdentityVerificationService(rockContext);
var verificationRecord = service.CreateIdentityVerificationRecord(ipAddress, ipLimit, referenceNumber);
Assert.That.IsNotNull(verificationRecord);
}
}
public void CreateIdentityVerificationRecordShouldThrowExceptionIfOverIpLimit()
{
var ipLimit = 10;
var referenceNumber = "TEST-REFERENCE-NUMBER";
var ipAddress = "TEST-IP-ADDRESS";
CreateIdentityVerificationRecords(ipLimit, referenceNumber, ipAddress);
using (var rockContext = new RockContext())
{
var service = new IdentityVerificationService(rockContext);
Assert.That.ThrowsException <IdentityVerificationIpLimitReachedException>(
() => service.CreateIdentityVerificationRecord(ipAddress, ipLimit, referenceNumber)
);
}
}
public void VerifyIdentityVerificationCodeShouldValidateCorrectly()
{
var referenceNumber = "TEST-REFERENCE-NUMBER";
var ipAddress = "TEST-IP-ADDRESS";
dataToCleanUp.Add(new string[] { referenceNumber, ipAddress });
using (var rockContext = new RockContext())
{
var service = new IdentityVerificationService(rockContext);
var verificationRecord = service.CreateIdentityVerificationRecord(ipAddress, 10, referenceNumber);
Assert.That.IsNotNull(verificationRecord);
Assert.That.IsTrue(service.VerifyIdentityVerificationCode(referenceNumber, 1, verificationRecord.IdentityVerificationCode.Code));
}
}
public void CreateIdentityVerificationRecordShouldNotThrowExceptionWithRequestFromYesterday()
{
var ipLimit = 9;
var referenceNumber = "TEST-REFERENCE-NUMBER";
var ipAddress = "TEST-IP-ADDRESS";
CreateIdentityVerificationRecords(ipLimit - 1, referenceNumber, ipAddress);
CreateIdentityVerificationRecords(ipLimit, referenceNumber, ipAddress, RockDateTime.Today.AddSeconds(-10));
CreateIdentityVerificationRecords(20, referenceNumber, $"{ipAddress}-2");
CreateIdentityVerificationRecords(20, $"{referenceNumber}-3", $"{ipAddress}-3");
CreateIdentityVerificationRecords(20, $"{referenceNumber}-4", $"{ipAddress}-4");
using (var rockContext = new RockContext())
{
var service = new IdentityVerificationService(rockContext);
var verificationRecord = service.CreateIdentityVerificationRecord(ipAddress, ipLimit, referenceNumber);
Assert.That.IsNotNull(verificationRecord);
}
}
public void VerifyIdentityVerificationCodeShouldNotValidateIfTimeLimitExpired()
{
var referenceNumber = "TEST-REFERENCE-NUMBER";
var ipAddress = "TEST-IP-ADDRESS";
dataToCleanUp.Add(new string[] { referenceNumber, ipAddress });
using (var rockContext = new RockContext())
{
var service = new IdentityVerificationService(rockContext);
var verificationRecord = service.CreateIdentityVerificationRecord(ipAddress, 10, referenceNumber);
Assert.That.IsNotNull(verificationRecord);
verificationRecord.IssueDateTime = verificationRecord.IssueDateTime.AddSeconds(-61);
rockContext.SaveChanges();
Assert.That.IsFalse(service.VerifyIdentityVerificationCode(referenceNumber, 1, verificationRecord.IdentityVerificationCode.Code));
}
}
public void VerifyIdentityVerificationCodeShouldNotValidateIfTooManyAttempts()
{
var referenceNumber = "TEST-REFERENCE-NUMBER";
var ipAddress = "TEST-IP-ADDRESS";
var validationAttempts = 10;
dataToCleanUp.Add(new string[] { referenceNumber, ipAddress });
using (var rockContext = new RockContext())
{
var service = new IdentityVerificationService(rockContext);
var verificationRecord = service.CreateIdentityVerificationRecord(ipAddress, 10, referenceNumber);
Assert.That.IsNotNull(verificationRecord);
verificationRecord.FailedMatchAttemptCount = 10;
rockContext.SaveChanges();
Assert.That.IsFalse(service.VerifyIdentityVerificationCode(verificationRecord.Id, 1, verificationRecord.IdentityVerificationCode.Code, validationAttempts));
}
}