public async Task UpdateSubscribesUsers()
{
// Arrange.
var users = TestUsers.ToList();
var policyService = new TestSecurityPolicyService();
var entitiesMock = policyService.MockEntitiesContext;
entitiesMock.Setup(c => c.Users).Returns(users.MockDbSet().Object);
var controller = new SecurityPolicyController(entitiesMock.Object, policyService);
var subscription = policyService.Mocks.Subscription.Object;
Assert.False(users.Any(u => policyService.IsSubscribed(u, subscription)));
// Act.
var viewModel = new SecurityPolicyViewModel()
{
UsersQuery = "A,B,C",
UserSubscriptions = new[]
{
$"{{\"u\":\"A\",\"g\":\"{subscription.SubscriptionName}\"}}",
$"{{\"u\":\"C\",\"g\":\"{subscription.SubscriptionName}\"}}"
}
};
var result = await controller.Update(viewModel);
// Assert.
Assert.True(policyService.IsSubscribed(users[0], subscription));
Assert.False(policyService.IsSubscribed(users[1], subscription));
Assert.True(policyService.IsSubscribed(users[2], subscription));
policyService.MockEntitiesContext.Verify(c => c.SaveChangesAsync(), Times.Exactly(2));
}
public void Setup()
{
server = new QuickCoursesTestServer();
server.UseCourses(TestCourses.CreateBasicSample());
server.UseUsers(TestUsers.CreateSuperUserSample(), TestUsers.CreateUserSample());
client = server.CreateClient();
}
public async Task <ActionResult <TestUsers> > PostTodoItem(TestUsers item)
{
_context.TestUsers.Add(item);
await _context.SaveChangesAsync();
return(CreatedAtAction(nameof(GetTodoItem), new { id = item.Id }, item));
}
public void WhenUserHasNoBlocklistReturnsAllUsers()
{
var result = Service.GetOnlineUsersForLobbyUser(TestUsers.First());
Assert.AreEqual(TestUsers.Count, result.Count);
CollectionAssert.AreEquivalent(TestUsers, result);
}
public async Task UpdateUnsubscribesUsers()
{
// Arrange.
var users = TestUsers.ToList();
var policyService = new TestSecurityPolicyService();
var entitiesMock = policyService.MockEntitiesContext;
entitiesMock.Setup(c => c.Users).Returns(users.MockDbSet().Object);
var controller = new SecurityPolicyController(entitiesMock.Object, policyService);
var subscription = policyService.Mocks.Subscription.Object;
users.ForEach(async u => await policyService.SubscribeAsync(u, subscription));
policyService.MockEntitiesContext.ResetCalls();
// Act.
var model = new List <string>
{
$"{{\"u\":\"A\",\"g\":\"{subscription.SubscriptionName}\",\"v\":\"false\"}}",
$"{{\"u\":\"B\",\"g\":\"{subscription.SubscriptionName}\",\"v\":\"true\"}}",
$"{{\"u\":\"C\",\"g\":\"{subscription.SubscriptionName}\",\"v\":\"false\"}}"
};
var result = await controller.Update(model);
// Assert.
Assert.False(policyService.IsSubscribed(users[0], subscription));
Assert.True(policyService.IsSubscribed(users[1], subscription));
Assert.False(policyService.IsSubscribed(users[2], subscription));
policyService.MockEntitiesContext.Verify(c => c.SaveChangesAsync(), Times.Exactly(2));
}
public void GetIdByLogin_Test()
{
var user = TestUsers.CreateUserSample();
var result = client.GetIdByLoginAsync(ticket, user.Login).Result;
Assert.True(!string.IsNullOrEmpty(result));
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddIdentityServer()
.AddTestUsers(TestUsers.GetUsers())
.AddInMemoryClients(Clients.GetClients())
.AddInMemoryApiResources()
.AddInMemoryPersistedGrants();
}
// This method gets called by the runtime. Use this method to add services to the container.
// For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
public void ConfigureServices(IServiceCollection services)
{
services.AddIdentityServer()
.AddTemporarySigningCredential()
.AddInMemoryApiResources(ApiResources.GetApiResources())
.AddInMemoryClients(Clients.GetClients())
.AddTestUsers(TestUsers.GetUsers());
}
public async Task WhenUserFoundReturnsUser()
{
var user = TestUsers.First();
var result = await Service.GetUserFromUsernameAsync(user.UserName);
Assert.IsNotNull(result);
Assert.AreEqual(user, result);
}
public async Task WhenEmailAlreadyInUseReturnsFailure()
{
var account = TestUtils.GetRandomAccount();
account.Email = TestUsers.First().Email;
var result = await Service.RegisterUserAsync(account, "password");
Assert.IsFalse(result.Success);
}
public AuthenticateController(
IIdentityServerInteractionService interaction,
IHostingEnvironment env,
TestUserStore users = null)
{
_users = users ?? new TestUserStore(TestUsers.GetTestUsers());
_interaction = interaction;
_env = env;
}
public static void AddIdentityServerWithDefaults(this IServiceCollection services)
{
services.AddIdentityServer()
.AddInMemoryClients(TestClients.Get())
.AddInMemoryIdentityResources(TestResources.GetIdentityResources())
.AddInMemoryApiResources(TestResources.GetApiResources())
.AddTestUsers(TestUsers.Get())
.AddDeveloperSigningCredential();
}
public async Task ReturnsSuccessAndBroadcastsToAllUsers()
{
var firstUser = TestUsers.First();
var result = await Service.StartNewGameAsync(firstUser.ConnectionId, new StartNewGameRequest());
Assert.IsTrue(result.Success);
SubscriberMock.Verify(s => s.PublishAsync(It.Is <RedisChannel>(channel => channel == RedisChannels.NewGame), It.IsAny <RedisValue>(), It.IsAny <CommandFlags>()), Times.Once);
}
public async Task NotThrow2()
{
UserDto user = TestUsers.TestUser();
Response response = await Send(new SampleAction2 { Message = "foo" })
.To("/api/actions/sample-2")
.As(user)
.ExecuteAndRead();
response.Value.Should().Be("Hello World foo");
}
public async Task WhenIncorrectPasswordReturnsNull()
{
var user = TestUsers.First();
UserManagerMock.Setup(um => um.CheckPasswordAsync(It.IsAny <GametekiUser>(), It.IsAny <string>())).ReturnsAsync(false);
var result = await Service.LoginUserAsync(user.UserName, "password", "127.0.0.1");
Assert.IsNull(result);
}
public object PreConnect()
{
var num = new Random().Next(0, TestUsers.Count());
return(new
{
code = 0,
token = TestUsers[num]
});
}
public async Task WhenUserIsAlreadyInGameReturnsFailure()
{
var firstUser = TestUsers.First();
await Service.StartNewGameAsync(firstUser.ConnectionId, new StartNewGameRequest());
var result = await Service.StartNewGameAsync(firstUser.ConnectionId, new StartNewGameRequest());
Assert.IsFalse(result.Success);
}
public async Task WhenSuccessfulReturnsToken()
{
var user = TestUsers.First();
var result = await Service.CreateRefreshTokenAsync(user, "127.0.0.1");
Assert.IsNotNull(result);
Assert.AreEqual("127.0.0.1", result.IpAddress);
Assert.IsNotNull(result.Token);
Assert.AreEqual(user.Id, result.UserId);
}
public async Task WhenSucceedsReturnsTrue()
{
DbContext.RefreshToken.Add(new RefreshToken {
Token = "RefreshToken", User = TestUsers.First()
});
await DbContext.SaveChangesAsync();
var result = await Service.LogoutUserAsync(
GenerateTokenForUser(TestUsers.First().UserName, AuthTokenOptionsMock.Object.Value.Issuer, AuthTokenOptionsMock.Object.Value.Key), "RefreshToken");
Assert.IsTrue(result);
}
public async Task <IActionResult> PutTodoItem(long id, TestUsers item)
{
if (id != item.Id)
{
return(BadRequest());
}
_context.Entry(item).State = EntityState.Modified;
await _context.SaveChangesAsync();
return(NoContent());
}
public void WhenSuppliedUserHasUserOnTheirBlockListReturnsAllExceptThatUser()
{
var sixthUser = TestUsers.ElementAt(6);
var firstUser = TestUsers.First();
firstUser.BlockList.Add(sixthUser.Name);
var result = Service.GetOnlineUsersForLobbyUser(firstUser);
Assert.AreEqual(TestUsers.Count - 1, result.Count);
CollectionAssert.DoesNotContain(result, sixthUser);
}
public static void UseSampleIdentityData(this IApplicationBuilder app)
{
using (var scope = app.ApplicationServices.GetService <IServiceScopeFactory>().CreateScope())
{
scope.ServiceProvider.GetRequiredService <PersistedGrantDbContext>().Database.Migrate();
scope.ServiceProvider.GetRequiredService <ConfigurationDbContext>().Database.Migrate();
scope.ServiceProvider.GetRequiredService <ApplicationDbContext>().Database.Migrate();
var context = scope.ServiceProvider.GetRequiredService <ConfigurationDbContext>();
if (!context.Clients.Any())
{
foreach (var client in TestClients.Get())
{
context.Clients.Add(client.ToEntity());
}
context.SaveChanges();
}
if (!context.IdentityResources.Any())
{
foreach (var resource in TestResources.GetIdentityResources())
{
context.IdentityResources.Add(resource.ToEntity());
}
context.SaveChanges();
}
if (!context.ApiResources.Any())
{
foreach (var resource in TestResources.GetApiResources())
{
context.ApiResources.Add(resource.ToEntity());
}
context.SaveChanges();
}
var userManager = scope.ServiceProvider.GetRequiredService <UserManager <IdentityUser> >();
if (!userManager.Users.Any())
{
foreach (var testUser in TestUsers.Get())
{
var identityUser = new IdentityUser(testUser.Username)
{
Id = testUser.SubjectId
};
userManager.CreateAsync(identityUser, testUser.Password).Wait();
userManager.AddClaimsAsync(identityUser, testUser.Claims.ToList()).Wait();
}
}
}
}
public async Task WhenCorrectPasswordReturnsResult()
{
var user = TestUsers.First();
UserManagerMock.Setup(um => um.CheckPasswordAsync(It.IsAny <GametekiUser>(), It.IsAny <string>())).ReturnsAsync(true);
var result = await Service.LoginUserAsync(user.UserName, "password", "127.0.0.1");
Assert.IsNotNull(result);
Assert.AreEqual(user, result.User);
Assert.IsNotNull(result.Token);
Assert.IsNotNull(result.RefreshToken);
}
public IActionResult SaveUser(UserModel model)
{
if (model.CreateUser)
{
TestUsers.AddUser(model);
}
else
{
TestUsers.EditUser(model);
}
return(RedirectToAction("Index"));
}
public async Task WhenNoMatchingTokenReturnsNull()
{
var token = GenerateTokenForUser("TestUser", AuthTokenOptionsMock.Object.Value.Issuer, AuthTokenOptionsMock.Object.Value.Key);
DbContext.RefreshToken.Add(new RefreshToken {
Token = "SomeRandomString", User = TestUsers.ElementAt(8)
});
await DbContext.SaveChangesAsync();
var result = await Service.RefreshTokenAsync(token, "RefreshToken", "127.0.0.1");
Assert.IsNull(result);
}
public async Task <IActionResult> Callback()
{
// read external identity from the temporary cookie
var result = await HttpContext.AuthenticateAsync(IdentityServer4.IdentityServerConstants.ExternalCookieAuthenticationScheme);
if (result?.Succeeded != true)
{
throw new Exception("External authentication error");
}
if (_logger.IsEnabled(LogLevel.Debug))
{
var externalClaims = result.Principal.Claims.Select(c => $"{c.Type}: {c.Value}");
_logger.LogDebug("External claims: {@claims}", externalClaims);
}
// lookup our user and external provider info
var(user, provider, providerUserId, claims) = await FindUserFromExternalProviderAsync(result);
if (user == null)
{
user = _users.AutoProvisionUser(provider, providerUserId, claims.ToList());
}
var model = new UserModel(user);
model.ProviderSubjectId = providerUserId;
TestUsers.EditUser(model);
await _events.RaiseAsync(new UserLoginSuccessEvent(provider, providerUserId, user.SubjectId, user.Username));
var isuser = new IdentityServerUser(user.SubjectId)
{
DisplayName = user.Username
};
await HttpContext.SignInAsync(isuser, null);
// delete temporary cookie used during external authentication
await HttpContext.SignOutAsync(IdentityServer4.IdentityServerConstants.ExternalCookieAuthenticationScheme);
// validate return URL and redirect back to authorization endpoint or a local page
var returnUrl = result.Properties.Items["returnUrl"];
if (_interaction.IsValidReturnUrl(returnUrl) || Url.IsLocalUrl(returnUrl))
{
return(Redirect(returnUrl));
}
return(Redirect("~/"));
}
public ExternalController(
IIdentityServerInteractionService interaction,
IClientStore clientStore,
IEventService events,
TestUserStore users = null)
{
// if the TestUserStore is not in DI, then we'll just use the global users collection
// this is where you would plug in your own custom identity management library (e.g. ASP.NET Identity)
_users = users ?? new TestUserStore(TestUsers.GetUsers());
_interaction = interaction;
_clientStore = clientStore;
_events = events;
}
public QuickCoursesClientTests()
{
server = new QuickCoursesTestServer();
client = new QuickCoursesClient(ApiVersion.V1, "http://api", server.CreateClient());
server.UseUsers(TestUsers.CreateSuperUserSample(), TestUsers.CreateUserSample());
server.UseCourses(TestCourses.CreateBasicSample());
ticket = client.GetTicketAsync(new AuthData {
Login = "******", Password = "******"
}).Result;
courses = client.GetCoursesAsync(ticket).Result;
firstCourse = courses.First();
}
public async Task WhenPermissionsAddedCallsAdd()
{
var user = TestUsers.First();
var newPermissions = new Permissions
{
CanEditNews = true,
CanManageUsers = true,
CanManageGames = true
};
var result = await Service.UpdatePermissionsAsync(user, newPermissions);
Assert.IsTrue(result);
Assert.AreEqual(3, user.UserRoles.Count);
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env,
RoleManager <UserRoleEntity> roleManager, UserManager <UserEntity> userManager)
{
if (env.IsDevelopment())
{
//IServiceScopeFactory scopeFactory = app.ApplicationServices
// .GetRequiredService<IServiceScopeFactory>();
//using (IServiceScope scope = scopeFactory.CreateScope())
//{
// RoleManager<UserRoleEntity> roleManager = scope.ServiceProvider.GetRequiredService<RoleManager<UserRoleEntity>>();
// // Add test role
// AddTestRole(roleManager).Wait();
//}
//var roleManager = app.ApplicationServices
// .GetRequiredService<RoleManager<UserRoleEntity>>();
app.UseDeveloperExceptionPage();
// Lynda Video Tutorial: Part 4 (seed the database with test data)
// InvalidOperationException is thrown
// Athletes are currently added in the constructor of the AthleteController
//var context = app.ApplicationServices.GetRequiredService<FieldScribeAPIContext>();
//AddTestData(context);
}
app.UseHsts(opt =>
{
opt.MaxAge(days: 180);
opt.IncludeSubdomains();
opt.Preload();
});
app.UseAuthentication();
// Add roles to database
RolesData.CreateRoles(roleManager).Wait();
// Add admins and test users to database
Admins.CreateAdmins(userManager).Wait();
TestUsers.CreateTestUsers(userManager).Wait();
app.UseMvc();
}
