Пример #1
0
        public async Task CanTwoFactorSignIn(bool isPersistent, bool supportsLockout, bool externalLogin, bool rememberClient)
        {
            // Setup
            var user = new TestUser {
                UserName = "******"
            };
            var manager  = MockHelpers.MockUserManager <TestUser>();
            var provider = "twofactorprovider";
            var code     = "123456";

            manager.Setup(m => m.SupportsUserLockout).Returns(supportsLockout).Verifiable();
            if (supportsLockout)
            {
                manager.Setup(m => m.IsLockedOutAsync(user, CancellationToken.None)).ReturnsAsync(false).Verifiable();
                manager.Setup(m => m.ResetAccessFailedCountAsync(user, CancellationToken.None)).ReturnsAsync(IdentityResult.Success).Verifiable();
            }
            manager.Setup(m => m.FindByIdAsync(user.Id, CancellationToken.None)).ReturnsAsync(user).Verifiable();
            manager.Setup(m => m.VerifyTwoFactorTokenAsync(user, provider, code, CancellationToken.None)).ReturnsAsync(true).Verifiable();
            manager.Setup(m => m.GetUserIdAsync(user, CancellationToken.None)).ReturnsAsync(user.Id).Verifiable();
            manager.Setup(m => m.GetUserNameAsync(user, CancellationToken.None)).ReturnsAsync(user.UserName).Verifiable();
            var context         = new Mock <HttpContext>();
            var response        = new Mock <HttpResponse>();
            var contextAccessor = new Mock <IContextAccessor <HttpContext> >();
            var twoFactorInfo   = new SignInManager <TestUser> .TwoFactorAuthenticationInfo {
                UserId = user.Id
            };
            var loginProvider = "loginprovider";
            var id            = SignInManager <TestUser> .StoreTwoFactorInfo(user.Id, externalLogin?loginProvider : null);

            var authResult      = new AuthenticationResult(id, new AuthenticationProperties(), new AuthenticationDescription());
            var roleManager     = MockHelpers.MockRoleManager <TestRole>();
            var identityOptions = new IdentityOptions();
            var options         = new Mock <IOptions <IdentityOptions> >();

            options.Setup(a => a.Options).Returns(identityOptions);
            var claimsFactory = new ClaimsIdentityFactory <TestUser, TestRole>(manager.Object, roleManager.Object, options.Object);

            if (externalLogin)
            {
                response.Setup(r => r.SignIn(
                                   It.Is <AuthenticationProperties>(v => v.IsPersistent == isPersistent),
                                   It.Is <ClaimsIdentity>(i => i.FindFirstValue(ClaimTypes.NameIdentifier) == user.Id &&
                                                          i.FindFirstValue(ClaimTypes.AuthenticationMethod) == loginProvider))).Verifiable();
                response.Setup(r => r.SignOut(IdentityOptions.ExternalCookieAuthenticationType)).Verifiable();
            }
            else
            {
                response.Setup(r => r.SignIn(
                                   It.Is <AuthenticationProperties>(v => v.IsPersistent == isPersistent),
                                   It.Is <ClaimsIdentity>(i => i.FindFirstValue(ClaimTypes.NameIdentifier) == user.Id))).Verifiable();
            }
            if (rememberClient)
            {
                response.Setup(r => r.SignIn(
                                   It.Is <AuthenticationProperties>(v => v.IsPersistent == true),
                                   It.Is <ClaimsIdentity>(i => i.FindFirstValue(ClaimTypes.Name) == user.Id &&
                                                          i.AuthenticationType == IdentityOptions.TwoFactorRememberMeCookieAuthenticationType))).Verifiable();
            }
            context.Setup(c => c.Response).Returns(response.Object).Verifiable();
            context.Setup(c => c.AuthenticateAsync(IdentityOptions.TwoFactorUserIdCookieAuthenticationType)).ReturnsAsync(authResult).Verifiable();
            contextAccessor.Setup(a => a.Value).Returns(context.Object);
            var helper = new SignInManager <TestUser>(manager.Object, contextAccessor.Object, claimsFactory, options.Object);

            // Act
            var result = await helper.TwoFactorSignInAsync(provider, code, isPersistent, rememberClient);

            // Assert
            Assert.Equal(SignInStatus.Success, result);
            manager.VerifyAll();
            context.VerifyAll();
            response.VerifyAll();
            contextAccessor.VerifyAll();
        }
        public async Task EnsureClaimsIdentityHasExpectedClaims(bool supportRoles, bool supportClaims, bool supportRoleClaims)
        {
            // Setup
            var userManager = MockHelpers.MockUserManager <TestUser>();
            var roleManager = MockHelpers.MockRoleManager <TestRole>();
            var user        = new TestUser {
                UserName = "******"
            };

            userManager.Setup(m => m.SupportsUserClaim).Returns(supportClaims);
            userManager.Setup(m => m.SupportsUserRole).Returns(supportRoles);
            userManager.Setup(m => m.GetUserIdAsync(user)).ReturnsAsync(user.Id);
            userManager.Setup(m => m.GetUserNameAsync(user)).ReturnsAsync(user.UserName);
            var roleClaims = new[] { "Admin", "Local" };

            if (supportRoles)
            {
                userManager.Setup(m => m.GetRolesAsync(user)).ReturnsAsync(roleClaims);
                roleManager.Setup(m => m.SupportsRoleClaims).Returns(supportRoleClaims);
            }
            var userClaims = new[] { new Claim("Whatever", "Value"), new Claim("Whatever2", "Value2") };

            if (supportClaims)
            {
                userManager.Setup(m => m.GetClaimsAsync(user)).ReturnsAsync(userClaims);
            }
            userManager.Object.Options = new IdentityOptions();

            var admin = new TestRole()
            {
                Name = "Admin"
            };
            var local = new TestRole()
            {
                Name = "Local"
            };
            var adminClaims = new[] { new Claim("AdminClaim1", "Value1"), new Claim("AdminClaim2", "Value2") };
            var localClaims = new[] { new Claim("LocalClaim1", "Value1"), new Claim("LocalClaim2", "Value2") };

            if (supportRoleClaims)
            {
                roleManager.Setup(m => m.FindByNameAsync("Admin")).ReturnsAsync(admin);
                roleManager.Setup(m => m.FindByNameAsync("Local")).ReturnsAsync(local);
                roleManager.Setup(m => m.GetClaimsAsync(admin)).ReturnsAsync(adminClaims);
                roleManager.Setup(m => m.GetClaimsAsync(local)).ReturnsAsync(localClaims);
            }

            var options         = new Mock <IOptions <IdentityOptions> >();
            var identityOptions = new IdentityOptions();

            options.Setup(a => a.Value).Returns(identityOptions);
            var factory = new UserClaimsPrincipalFactory <TestUser, TestRole>(userManager.Object, roleManager.Object, options.Object);

            // Act
            var principal = await factory.CreateAsync(user);

            var identity = principal.Identities.First();

            // Assert
            var manager = userManager.Object;

            Assert.NotNull(identity);
            Assert.Equal(1, principal.Identities.Count());
            Assert.Equal(identityOptions.Cookies.ApplicationCookieAuthenticationScheme, identity.AuthenticationType);
            var claims = identity.Claims.ToList();

            Assert.NotNull(claims);
            Assert.True(
                claims.Any(c => c.Type == manager.Options.ClaimsIdentity.UserNameClaimType && c.Value == user.UserName));
            Assert.True(claims.Any(c => c.Type == manager.Options.ClaimsIdentity.UserIdClaimType && c.Value == user.Id));
            Assert.Equal(supportRoles, claims.Any(c => c.Type == manager.Options.ClaimsIdentity.RoleClaimType && c.Value == "Admin"));
            Assert.Equal(supportRoles, claims.Any(c => c.Type == manager.Options.ClaimsIdentity.RoleClaimType && c.Value == "Local"));
            foreach (var cl in userClaims)
            {
                Assert.Equal(supportClaims, claims.Any(c => c.Type == cl.Type && c.Value == cl.Value));
            }
            foreach (var cl in adminClaims)
            {
                Assert.Equal(supportRoleClaims, claims.Any(c => c.Type == cl.Type && c.Value == cl.Value));
            }
            foreach (var cl in localClaims)
            {
                Assert.Equal(supportRoleClaims, claims.Any(c => c.Type == cl.Type && c.Value == cl.Value));
            }
            userManager.VerifyAll();
            roleManager.VerifyAll();
        }
Пример #3
0
 private static RoleManager <TestRole> CreateRoleManager(IRoleStore <TestRole> roleStore)
 {
     return(MockHelpers.TestRoleManager(roleStore));
 }