public JsonResult AcquireToken(LoginModel model)
{
if (!ModelState.IsValid)
{
var errorResult = ModelState.GetErrorModel();
return(Json(errorResult));
}
if (!checkUserExist.Invoke(model.Email, model.Password))
{
ModelState.AddModelError("Email", "Authentication failed");
var errorResult = ModelState.GetErrorModel();
return(Json(errorResult));
}
var parser = new JwtParser();
var userId = getUserId.Invoke(model.Email);
var listUserApps = getUserApps.Invoke(userId);
var appId = listUserApps.Any() ? listUserApps.FirstOrDefault().Id : 0;
var acquireResult = parser.AcquireToken(model.Email, appId);
var result = new ResultModel <string>(acquireResult.Token);
return(Json(result));
}
public void AcquireToken_ForInvalidInput_ReturnsNull()
{
var parser = new JwtParser();
AcquireTokenModel tokenModel = parser.AcquireToken(null, 0);
Assert.Null(tokenModel);
}
public void AcquireToken_ForValidInput_ReturnsCorrectToken()
{
var parser = new JwtParser();
AcquireTokenModel tokenModel = parser.AcquireToken("*****@*****.**", 1);
Assert.NotNull(tokenModel.Token);
}
public void Verify_ForFreshToken_ReturnsOk()
{
var parser = new JwtParser();
AcquireTokenModel tokenModel = parser.AcquireToken("*****@*****.**", 1);
VerifyResultModel result = parser.Verify(tokenModel.Token);
Assert.Equal(true, result.IsValid);
Assert.NotNull(result.ExpiryDate);
}
public void AcquireToken_VerifyForTokenParametersData()
{
var parser = new JwtParser();
AcquireTokenModel tokenModel = parser.AcquireToken("*****@*****.**", 1);
var handler = new JwtSecurityTokenHandler();
var param = parser.GetParameters();
JwtSecurityToken readToken = handler.ReadJwtToken(tokenModel.Token);
var iss = parser.GetClaim(readToken, "iss");
var email = parser.GetClaim(readToken, "email");
var appId = parser.GetClaim(readToken, "appId");
Assert.Equal(param.ValidIssuer, iss);
Assert.Equal("*****@*****.**", email);
Assert.Equal("1", appId);
}
public JsonResult SwitchApp(int appId)
{
var userId = getUserId.Invoke(LoggedUser.Email);
if (!checkUserPermissionToApp.Invoke(userId, appId))
{
ModelState.AddModelError("AppId", "Permission denied");
var errorResult = ModelState.GetErrorModel();
return(Json(errorResult));
}
var parser = new JwtParser();
var acquireResult = parser.AcquireToken(LoggedUser.Email, appId);
var result = new ResultModel <string>(acquireResult.Token);
return(Json(result));
}
public void Verify_ForFreshToken_ReturnsCorrectExpiryDate()
{
var mockedDateTimeProvider = new Mock <IDateTimeProvider>();
var dateFormat = "yyyy-MM-dd HH:mm";
var dateNow = DateTime.UtcNow;
// we are using mocked IDateTimeProvider to make sure we are refering to same "now"
mockedDateTimeProvider.Setup(p => p.GetNow()).Returns(dateNow);
var parser = new JwtParser(mockedDateTimeProvider.Object);
var dateNowFutureString = dateNow.AddDays(parser.GetExpiredDays()).ToString(dateFormat);
AcquireTokenModel tokenModel = parser.AcquireToken("*****@*****.**", 1);
VerifyResultModel result = parser.Verify(tokenModel.Token);
string expiryDateString = null;
if (result.ExpiryDate != null)
{
expiryDateString = result.ExpiryDate.Value.ToString(dateFormat);
}
Assert.Equal(dateNowFutureString, expiryDateString);
}
