public void TearDown()
{
assembler = null;
validResponse = null;
validRegisterViewModel = null;
validLoginViewModel = null;
}
public void SetUp()
{
assembler = new UserAssembler();
validResponse = new ValidateUserResponse
{
LoginSuccess = true,
RequestReference = Guid.NewGuid(),
User =
new UserProxy
{
DateOfBirth = DateTime.MinValue,
EmailAddress = "TEST",
FirstName = "TEST",
Id = Guid.NewGuid(),
LastName = "TEST"
}
};
validRegisterViewModel = new RegisterViewModel
{
AcceptTermsAndConditions = true,
ConfirmPassword = "******",
DateOfBirth = DateTime.MinValue,
EmailAddress = "TEST",
FirstName = "TEST",
LastName = "TEST",
Password = "******"
};
validLoginViewModel = new LoginViewModel {
EmailAddress = "TEST", Password = "******", ReturnUrl = "TEST"
};
}
internal ValidateUserResponse ValidatUser(ValidateUserRequest validateUserRequest)
{
logger.Debug("Recived validate user request");
ValidateUserResponse ValidateUserResponse;
try
{
validateUserRequest.email = Decryptor.Decrypt(validateUserRequest.email).Split('|')[1];
validateUserRequest.username = Decryptor.Decrypt(validateUserRequest.username).Split('|')[1];
int usersWithEmail, UsersWithUserName = 0;
using (var ctx = new PetWhizzEntities())
{
usersWithEmail = ctx.users.Where(a => a.eMail.ToLower().Equals(validateUserRequest.email.ToLower())).Count();
UsersWithUserName = ctx.users.Where(a => a.userName.ToLower().Equals(validateUserRequest.username.ToLower())).Count();
}
if (usersWithEmail > 0 || UsersWithUserName > 0)
{
logger.Error("Email or Username Already Exist userName - " + validateUserRequest.username + " email - " + validateUserRequest.email);
throw new CustomException("Email or Username Already Exist", (int)ErrorCode.EMAILORUSERNAMEALREADYEXIST);
}
ValidateUserResponse = new ValidateUserResponse()
{
messege = "Success"
};
}
catch (CustomException) { throw; }
catch (Exception ex)
{
logger.Error(MethodBase.GetCurrentMethod().Name + ": exception: " + ex.Message + ", " + ex.InnerException);
throw new CustomException("SystemError", ex, (int)ErrorCode.PROCEESINGERROR); throw;
}
return(ValidateUserResponse);
}
public string ValidateUser(string username, string password)
{
ValidateUserRequest inValue = new ValidateUserRequest();
inValue.username = username;
inValue.password = password;
ValidateUserResponse retVal = ((IPDAOrder)(this)).ValidateUser(inValue);
return(retVal.ValidateUserResult);
}
public static ValidateUserResponse ValidateUser(string useremail, string password)
{
var response = new ValidateUserResponse {
Validated = false
};
//1 - Decode the username (which is user email)
//and the password
Encoding encoding = Encoding.GetEncoding("iso-8859-1");
var decodedUserEmail = encoding.GetString(Convert.FromBase64String(useremail));
var decodedPassword = encoding.GetString(Convert.FromBase64String(password));
//2 - get the user by username (email address) only
var emailQueryObject = new GetUserByEmailQuery(decodedUserEmail);
var emailQueryHandler = new GetUserByEmailQueryHandler();
var byEmailOnlyUser = emailQueryHandler.Handle(emailQueryObject).Result;
if (byEmailOnlyUser == null)
{
return(response);
}
//get salt associated with this user account
var saltBytes = Convert.FromBase64String(byEmailOnlyUser.Salt);
//append salt to password
var passwordAndSalt = decodedPassword + Convert.ToBase64String(saltBytes);
//hash the password using the salt
var pbkdf2 = new Rfc2898DeriveBytes(passwordAndSalt, saltBytes, 10000);
byte[] hashPassword = pbkdf2.GetBytes(32);
//we check the hashed user given password against the hashedPassword stored for the user
var hashedPasswordString = Convert.ToBase64String(hashPassword);
var dbPassword = byEmailOnlyUser.PasswordHash;
if (string.Compare(dbPassword, hashedPasswordString) != 0)
{
return(response);
}
if (byEmailOnlyUser != null)
{
response.UserId = byEmailOnlyUser.UserId;
response.Validated = true;
}
return(response);
}
public PetWhizzResponse ValidateUser(ValidateUserRequest ValidateUserRequest)
{
PetWhizzResponse _oResponse;
try
{
ValidateUserResponse ValidateUserResponse = userServices.ValidatUser(ValidateUserRequest);
_oResponse = Utils.CreateSuccessResponse(ValidateUserResponse);
}
catch (Exception ex)
{
_oResponse = Utils.CreateErrorResponse(ex);
}
return(_oResponse);
}
public ValidateUserResponse validateUser(ValidateUserRequest request)
{
ValidateUserResponse response = new ValidateUserResponse();
try
{
LogicCommon com = new LogicCommon();
string result = "";
result = com.HttpPost("user/validate", request);
response = JsonConvert.DeserializeObject <ValidateUserResponse>(result);
}
catch (Exception ex) {
response.code = -1;
response.message = "Ocurrio un error inesperado, favor avisar al administrador.";
}
return(response);
}
public void TearDown()
{
orchestrator = null;
assembler = null;
dataAccess = null;
validRegisterViewModel = null;
validRegisterUserRequest = null;
invalidRegisterUserRequest = null;
validRegisterUserResponse = null;
invalidRegisterUserResponse = null;
invalidRegisterViewModel = null;
invalidLoginViewModel = null;
validLoginViewModel = null;
validValidateUserRequest = null;
invalidValidateUserRequest = null;
validValidateUserResponse = null;
invalidValidateUserResponse = null;
}
/// <summary>
/// Assembles an instance of the <see cref="ClaimsIdentity" /> class based on the given
/// <see cref="ValidateUserResponse" />.
/// </summary>
/// <param name="response">The response object.</param>
/// <returns>
/// The claims identity.
/// </returns>
public ClaimsIdentity NewClaimsIdentity(ValidateUserResponse response)
{
if (response == null)
{
throw new ArgumentNullException(nameof(response));
}
return
(new ClaimsIdentity(
new[]
{
new Claim(ClaimTypes.Email, response.User.EmailAddress),
new Claim(ClaimTypes.Surname, response.User.LastName),
new Claim(ClaimTypes.GivenName, response.User.FirstName),
new Claim(ClaimTypes.NameIdentifier, response.User.Id.ToString()),
new Claim(ClaimTypes.Name, response.User.FirstName)
},
"ApplicationCookie"));
}
public ActionResult Login(ValidateUserRequest valUser)
{
ValidateUserResponse response = new ValidateUserResponse();
if (ModelState.IsValid)
{
AdminUserConnection cnn = new AdminUserConnection();
response = cnn.validateUser(valUser);
if (response.code == 0)
{
Session.Add("user", valUser.user);
Session.Add("userName", response.userName);
return(RedirectToAction("Bienvenido", "Home"));
}
}
ViewBag.message = response.message;
// Si llego aquí es porque estaban mal las credenciales
return(View());
}
public ValidateUserResponse Validate(LoginRequest loginRequest)
{
var res = new ValidateUserResponse();
var unmetExceptions = new List <UnmetExpectation>();
if (loginRequest.Email == "")
{
unmetExceptions.Add(new UnmetExpectation("Email", "Email Required"));
}
else if (!_emailUtility.IsValidEmail(loginRequest.Email))
{
unmetExceptions.Add(new UnmetExpectation("Email", "Email is not in correct format"));
}
if (loginRequest.Password == "")
{
unmetExceptions.Add(new UnmetExpectation("Password", "Password Required"));
}
if (loginRequest.VerificationCode == "")
{
unmetExceptions.Add(new UnmetExpectation("VerificationCode", "VerificationCode Required"));
}
if (unmetExceptions.Count > 0)
{
res.Success = false;
res.UnmetExpectations = unmetExceptions.ToArray();
return(res);
}
var existingUser = _userRepo.GetSignedupUser(loginRequest.Email);
if (existingUser == null)
{
res.Success = false;
res.UnmetExpectations = new UnmetExpectation[]
{
new UnmetExpectation("Email", "User does not exists the given Email")
};
return(res);
}
res.UserId = existingUser.UserId;
var salt = Convert.FromBase64String(existingUser.PasswordSalt);
var encryptedPassWord = Convert.ToBase64String(CommonUtility.GenerateSaltedHash(Encoding.UTF8.GetBytes(loginRequest.Password), salt));
if (encryptedPassWord != existingUser.Password)
{
res.Success = false;
res.UnmetExpectations = new UnmetExpectation[]
{
new UnmetExpectation("Password", "Password doesn't match with the password set during the signup")
};
}
else if (loginRequest.VerificationCode != existingUser.VerificationCode)
{
res.Success = false;
res.UnmetExpectations = new UnmetExpectation[]
{
new UnmetExpectation("VerificationCode", "Access doesn't match")
};
}
return(res);
}
public void SetUp()
{
validRegisterUserRequest =
new RegisterUserRequest
{
DateOfBirth = DateTime.Today,
EmailAddress = "TEST",
FirstName = "TEST",
LastName = "TEST",
Password = "******",
Username = "******"
};
validDataModel = new UserDataModel
{
Id = Guid.NewGuid(),
CreationTime = DateTime.Now,
DateOfBirth = DateTime.Today,
EmailAddress = "TEST",
FirstName = "TEST",
Hash = new byte[] { },
Iterations = 1,
LastName = "TEST",
Salt = new byte[] { }
};
validRegisterUserResponse =
new RegisterUserResponse
{
RegisterSuccess = true,
RequestReference = validRegisterUserRequest.RequestReference
};
invalidDataModel = new UserDataModel();
invalidRegisterUserRequest = new RegisterUserRequest();
invalidRegisterUserResponse = new RegisterUserResponse {
Errors = { new ResponseErrorWrapper() }
};
exceptionRegisterUserRequest = new RegisterUserRequest {
DateOfBirth = DateTime.MinValue
};
validValidateUserRequest =
new ValidateUserRequest {
EmailAddress = "TEST", Password = "******", Username = "******"
};
invalidValidateUserRequest = new ValidateUserRequest();
exceptionValidateUserRequest = new ValidateUserRequest {
EmailAddress = "EXC", Password = "******", Username = "******"
};
invalidValidateUserResponse = new ValidateUserResponse {
Errors = { new ResponseErrorWrapper() }
};
validValidateUserResponse = new ValidateUserResponse {
LoginSuccess = true
};
assembler = Substitute.For <IUserAssembler>();
repository = Substitute.For <IUserRepository>();
assembler.NewUserDataModel(validRegisterUserRequest).Returns(validDataModel);
assembler.NewUserDataModel(invalidRegisterUserRequest).Returns(invalidDataModel);
assembler.NewRegisterUserResponse(validDataModel, validRegisterUserRequest.RequestReference)
.Returns(validRegisterUserResponse);
assembler.NewUserDataModel(exceptionRegisterUserRequest).Throws(new Exception("TEST"));
assembler.NewRegisterUserResponse(invalidDataModel, invalidRegisterUserRequest.RequestReference)
.Returns(invalidRegisterUserResponse);
assembler.NewValidateUserResponse(validDataModel, validValidateUserRequest.RequestReference)
.Returns(validValidateUserResponse);
assembler.NewValidateUserResponse(invalidDataModel, invalidValidateUserRequest.RequestReference)
.Returns(invalidValidateUserResponse);
repository.RegisterUser(validDataModel).Returns(validDataModel);
repository.RegisterUser(invalidDataModel).Returns(invalidDataModel);
repository.GetUser(validValidateUserRequest.EmailAddress, validValidateUserRequest.Password)
.Returns(validDataModel);
repository.GetUser(invalidValidateUserRequest.EmailAddress, invalidRegisterUserRequest.Password)
.Returns(invalidDataModel);
repository.GetUser(exceptionValidateUserRequest.EmailAddress, exceptionValidateUserRequest.Password)
.Throws(new Exception("TEST"));
errorHelper = Substitute.For <IErrorHelper>();
errorHelper.Create(Arg.Any <Exception>(), Arg.Any <string>(), Arg.Any <Type>(), Arg.Any <string>())
.Returns(new ResponseErrorWrapper());
errorHelper.Create(Arg.Any <string>(), Arg.Any <string>(), Arg.Any <Type>(), Arg.Any <string>())
.Returns(new ResponseErrorWrapper());
orchestrator = new UserOrchestrator(assembler, repository, errorHelper);
}
public void SetUp()
{
assembler = Substitute.For <IUserAssembler>();
dataAccess = Substitute.For <IUserDataAccess>();
errorHelper = Substitute.For <IErrorHelper>();
errorHelper.Create(Arg.Any <Exception>(), Arg.Any <string>(), Arg.Any <Type>(), Arg.Any <string>())
.Returns(new ResponseErrorWrapper());
errorHelper.Create(Arg.Any <string>(), Arg.Any <string>(), Arg.Any <Type>(), Arg.Any <string>())
.Returns(new ResponseErrorWrapper());
validRegisterUserRequest = new RegisterUserRequest
{
DateOfBirth = DateTime.Now,
EmailAddress = "TEST",
FirstName = "TEST",
LastName = "TEST",
Password = "******",
Username = "******"
};
validValidateUserResponse = new ValidateUserResponse
{
LoginSuccess = true,
RequestReference = Guid.NewGuid(),
User =
new UserProxy
{
EmailAddress = "TEST",
DateOfBirth = DateTime.Now,
FirstName = "TEST",
Id = Guid.NewGuid(),
LastName = "TEST"
}
};
invalidValidateUserResponse = new ValidateUserResponse {
Errors = { new ResponseErrorWrapper() }
};
validValidateUserRequest = new ValidateUserRequest
{
EmailAddress = "TEST",
Password = "******",
Username = "******"
};
invalidValidateUserRequest = new ValidateUserRequest
{
EmailAddress = string.Empty,
Password = string.Empty,
Username = string.Empty
};
validLoginViewModel = new LoginViewModel {
EmailAddress = "TEST", Password = "******", ReturnUrl = "TEST"
};
invalidLoginViewModel = new LoginViewModel
{
EmailAddress = string.Empty,
Password = string.Empty,
ReturnUrl = string.Empty
};
invalidRegisterViewModel = new RegisterViewModel
{
AcceptTermsAndConditions = false,
ConfirmPassword = string.Empty,
DateOfBirth = DateTime.MinValue,
EmailAddress = string.Empty,
FirstName = string.Empty,
LastName = string.Empty,
Password = string.Empty
};
validRegisterUserResponse = new RegisterUserResponse
{
RequestReference = Guid.NewGuid(),
RegisterSuccess = true
};
invalidRegisterUserResponse = new RegisterUserResponse
{
RequestReference = Guid.NewGuid(),
Errors =
{
new ResponseErrorWrapper()
},
RegisterSuccess = false
};
validRegisterViewModel = new RegisterViewModel
{
AcceptTermsAndConditions = true,
ConfirmPassword = "******",
DateOfBirth = DateTime.Now,
EmailAddress = "TEST",
FirstName = "TEST",
LastName = "TEST",
Password = "******"
};
invalidRegisterUserRequest = new RegisterUserRequest
{
DateOfBirth = DateTime.MinValue,
EmailAddress = string.Empty,
FirstName = string.Empty,
LastName = string.Empty,
Password = string.Empty,
Username = string.Empty
};
assembler.NewRegisterUserRequest(invalidRegisterViewModel).Returns(invalidRegisterUserRequest);
assembler.NewRegisterUserRequest(validRegisterViewModel).Returns(validRegisterUserRequest);
assembler.NewRegisterUserRequest(null).Throws(new Exception("TEST EXCEPTION"));
assembler.NewValidateUserRequest(invalidLoginViewModel).Returns(invalidValidateUserRequest);
assembler.NewValidateUserRequest(validLoginViewModel).Returns(validValidateUserRequest);
assembler.NewValidateUserRequest(null).Throws(new Exception("TEST EXCEPTION"));
assembler.NewClaimsIdentity(validValidateUserResponse).Returns(new ClaimsIdentity());
dataAccess.RegisterUser(invalidRegisterUserRequest).Returns(invalidRegisterUserResponse);
dataAccess.RegisterUser(validRegisterUserRequest).Returns(validRegisterUserResponse);
dataAccess.ValidateUser(invalidValidateUserRequest).Returns(invalidValidateUserResponse);
dataAccess.ValidateUser(validValidateUserRequest).Returns(validValidateUserResponse);
orchestrator = new UserOrchestrator(assembler, dataAccess, errorHelper);
}
