public void IsValidTest_ValidCallerIdCustomerIdSessionToken_ShouldValidateSuccessfully()
{
#region Arrange
AccessCredentials credential = new AccessCredentials();
credential.CallerId = "TestCallerId";
credential.UserID = 100;
credential.SessionToken = "TestSessionToken";
credential.UseCaseGroup = "SANC";
DateTime loginDate = DateTime.UtcNow;
GetProfileResponse response = new GetProfileResponse();
#endregion Arrange
#region Act
queryUtilsMock.Setup(x => x.GetHPPToken(It.IsAny <IIdeaDatabaseDataContext>(),
It.IsAny <int>(), It.IsAny <string>(), It.IsAny <string>()))
.Returns(new UserAuthentication()
{
Token = "ReturnedToken", CreatedDate = loginDate
});
bool result = credential.IsValid(response);
#endregion Act
#region Assert
Assert.IsTrue(result, "The validation should not have failed as the values provided were valid");
Assert.IsTrue(response.ErrorList.Count == 0);
#endregion Assert
}
public void IsValidTest_ShouldReturnFaultInvalidCredentials()
{
AccessCredentials credential = new AccessCredentials();
credential.CallerId = "TestCallerId";
credential.UserID = 100;
credential.SessionToken = "TestSessionToken";
UserAuthentication nullAuth = null;
queryUtilsMock.Setup(x => x.GetHPPToken(It.IsAny <IIdeaDatabaseDataContext>(),
It.IsAny <int>(), It.IsAny <string>(), It.IsAny <string>()))
.Returns(nullAuth);
GetProfileResponse response = new GetProfileResponse();
bool result = credential.IsValid(response);
Assert.IsFalse(result);
Assert.IsTrue(response.ErrorList.Count == 1);
Assert.IsTrue(response.ErrorList.ElementAt(0).ReturnCode.Equals(Faults.InvalidCredentials.ReturnCode));
}
public void IsValidTest_EmptyCallerIdZeroCustomerIdNullSessionToken_ShouldReturnFaultWithSpecificErrorDetails()
{
#region Arrange
AccessCredentials credential = new AccessCredentials();
credential.CallerId = string.Empty;
credential.UserID = 0;
credential.SessionToken = null;
GetProfileResponse response = new GetProfileResponse();
#endregion Arrange
#region Act
bool result = credential.IsValid(response);
#endregion Act
#region Assert
Assert.IsTrue(!result, "The validation should have failed due to invalid UserName, Password & CallerId");
Assert.IsTrue(response.ErrorList.Count == 3);
// Fault object type check
Fault fault1 = response.ErrorList.ElementAt(0);
Fault fault2 = response.ErrorList.ElementAt(1);
Fault fault3 = response.ErrorList.ElementAt(2);
Assert.IsInstanceOfType(fault1, typeof(ValidationFault), "Wrong fault object type returned");
Assert.IsInstanceOfType(fault2, typeof(ValidationFault), "Wrong fault object type returned");
Assert.IsInstanceOfType(fault3, typeof(ValidationFault), "Wrong fault object type returned");
#region Fault1-UserID
// Fault properties check
Assert.IsTrue(string.Equals(fault1.Origin, "InnovationPortal"), "Wrong fault origin returned");
Assert.IsTrue(string.Equals(fault1.ReturnCode, "FieldValidationError"), "Wrong fault return code returned");
Assert.IsTrue(string.Equals(fault1.DebugStatusText, "Numeric field value out of bounds"), "Wrong fault status text returned");
// ValidationFault properties check
Assert.IsTrue(string.Equals((fault1 as ValidationFault).ErrorType, "Numeric"), "Wrong validation error type returned");
Assert.IsTrue(string.Equals((fault1 as ValidationFault).FieldName, "UserID"), "Wrong validation field name returned");
#endregion Fault1-UserID
#region Fault2-SessionToken
// Fault properties check
Assert.IsTrue(string.Equals(fault2.Origin, "InnovationPortal"), "Wrong fault origin returned");
Assert.IsTrue(string.Equals(fault2.ReturnCode, "FieldValidationError"), "Wrong fault return code returned");
Assert.IsTrue(string.Equals(fault2.DebugStatusText, "Required field is missing"), "Wrong fault status text returned");
// ValidationFault properties check
Assert.IsTrue(string.Equals((fault2 as ValidationFault).ErrorType, "Required"), "Wrong validation error type returned");
Assert.IsTrue(string.Equals((fault2 as ValidationFault).FieldName, "SessionToken"), "Wrong validation field name returned");
#endregion Fault2-SessionToken
#region Fault3-CallerId
// Fault properties check
Assert.IsTrue(string.Equals(fault3.Origin, "InnovationPortal"), "Wrong fault origin returned");
Assert.IsTrue(string.Equals(fault3.ReturnCode, "FieldValidationError"), "Wrong fault return code returned");
Assert.IsTrue(string.Equals(fault3.DebugStatusText, "Field has wrong length"), "Wrong fault status text returned");
// ValidationFault properties check
Assert.IsTrue(string.Equals((fault3 as ValidationFault).ErrorType, "Length"), "Wrong validation error type returned");
Assert.IsTrue(string.Equals((fault3 as ValidationFault).FieldName, "CallerId"), "Wrong validation field name returned");
#endregion Fault3-CallerId
#endregion Assert
}
public override void OnAuthorization(HttpActionContext actionContext)
{
bool faultOccured = false;
ResponseBase r = new ResponseBase();
try
{
base.OnAuthorization(actionContext);
if (actionContext.ActionDescriptor.GetCustomAttributes <CredentialsHeaderAttribute>().Count == 0)
{
return;
}
string credentialsValue = actionContext.Request.Headers.GetValues("Authorization").ElementAt(0);
AccessCredentials credentials = new AccessCredentials();
ParseAuthorizationHeader(credentialsValue, credentials, r);
if (r.ErrorList.Count > 0)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.OK, r, GlobalConfiguration.Configuration);
faultOccured = true;
return;
}
validateUserIdWithToken(r, credentials);
if (!credentials.IsValid(r))
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.OK, r, GlobalConfiguration.Configuration);
faultOccured = true;
return;
}
var Controller = actionContext.ControllerContext.Controller as Controllers.RESTAPIControllerBase;
Controller.UserID = credentials.UserID;
Controller.SessionToken = credentials.SessionToken;
Controller.CallerId = credentials.CallerId;
Controller.LanguageCode = credentials.LanguageCode;
Controller.CountryCode = credentials.CountryCode;
Controller.Token = credentials.Token;
Controller.LoginDate = credentials.LoginDate;
if (credentials.Platform != null)
{
var isPlatformDefined = Enum.IsDefined(typeof(RESTAPIPlatform), credentials.Platform);
if (isPlatformDefined)
{
Controller.ClientPlatform = (RESTAPIPlatform)Enum.Parse(typeof(RESTAPIPlatform), credentials.Platform);
}
else
{
Controller.ClientPlatform = RESTAPIPlatform.notsupported;
}
}
if (r.ErrorList.Count == 0)
{
IsAuthorized(actionContext);
}
return;
}
catch (Exception)
{
r.ErrorList.Add(Faults.InvalidCredentials);
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.OK, r, GlobalConfiguration.Configuration);
faultOccured = true;
}
finally
{
APILogLevel apiLogLevel;
Enum.TryParse(SettingRepository.Get <string>("LogAPICalls", "None"), out apiLogLevel);
if (faultOccured)
{
filterUtils.Translation(actionContext);
filterUtils.LogIntoAdmLogsTable(actionContext.Request, actionContext.Response, actionContext, null, apiLogLevel, faultOccured, false);
}
}
}
