public async Task ValidUser_SucceedsLogin()
{
// Arrange
AccountLoginModel model = new AccountLoginModel {
Email = SOME_EMAIL,
Password = SOME_PASSWORD
};
UserLoginResponse userRepoResult = new UserLoginResponse {
UserIsValid = true,
UserId = 42 // greater than zero
};
// Setup mock
Mock <IUserRepository> userRepositoryMock = SetupUserRepositoryMock(userRepoResult);
// Act
AuthenticateService service = new AuthenticateService(userRepositoryMock.Object);
AuthenticateResult results = await service.AuthenticateUser(model);
// Assert
results.Identity.Should().NotBe(null);
string nameClaim = results.Identity.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Name)?.Value;
nameClaim.Should().Be(model.Email);
}
public async Task ValidationFail_FailsLogin()
{
// Arrange
AccountLoginModel model = new AccountLoginModel {
Email = SOME_EMAIL,
Password = SOME_PASSWORD
};
UserLoginResponse userRepoResult = new UserLoginResponse {
Errors = new List <ValidationError> {
new ValidationError {
Message = "some error"
}
}
};
// Setup mock
Mock <IUserRepository> userRepositoryMock = SetupUserRepositoryMock(userRepoResult);
// Act
AuthenticateService service = new AuthenticateService(userRepositoryMock.Object);
AuthenticateResult results = await service.AuthenticateUser(model);
// Assert
results.Success.Should().Be(false);
}
//[RequireHttps]
public async Task <IActionResult> Authenticate([FromBody] LoginRequest loginRequest)
{
if (!ModelState.IsValid)
{
return(await Task.FromResult(BadRequest(ModelState)));
}
var token = _authenticateService.AuthenticateUser(loginRequest.Email, loginRequest.Password);
if (String.IsNullOrEmpty(token))
{
return(await Task.FromResult(BadRequest("Login ou senha inválidos")));
}
return(Ok(new
{
Token = token
}));
}
public async Task InvalidUser_FailsLogin()
{
// Arrange
AccountLoginModel model = new AccountLoginModel {
Email = SOME_EMAIL,
Password = SOME_PASSWORD
};
UserLoginResponse userRepoResult = new UserLoginResponse {
UserIsValid = false
};
// Setup mock
Mock <IUserRepository> userRepositoryMock = SetupUserRepositoryMock(userRepoResult);
// Act
AuthenticateService service = new AuthenticateService(userRepositoryMock.Object);
AuthenticateResult results = await service.AuthenticateUser(model);
// Assert
results.Identity.Should().Be(null);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var allowedOrigin = context.OwinContext.Get <string>("as:clientAllowedOrigin");
if (allowedOrigin == null)
{
allowedOrigin = "*";
}
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
UnitOfWork u = new UnitOfWork(ReadConfiguration.ConnectionString, ReadConfiguration.DataBaseName);
AuthenticateService authenticateService = new AuthenticateService(u);
// Validate your user and base on validation return claim identity or invalid_grant error
string email = context.UserName;
string password = context.Password;
var requestParameters = await context.Request.ReadFormAsync();
var OTP = requestParameters["OTP"];
var loginType = requestParameters["loginType"];
bool IsExpired = false;
if (loginType == "user")
{
var authenticateResponse = authenticateService.AuthenticateUser(email, password, ref IsExpired);
if (authenticateResponse.Success)
{
UserModel userModel = (UserModel)authenticateResponse.Data;
string userGroups = "";
if (userModel.UserGroups != null && userModel.UserGroups.Count > 0)
{
foreach (string group in userModel.UserGroups)
{
userGroups += group + ",";
}
userGroups = userGroups.Substring(0, userGroups.Length - 1);
}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
identity.AddClaim(new Claim(ClaimTypes.Role, "user"));
identity.AddClaim(new Claim("sub", context.UserName));
identity.AddClaim(new Claim("Email", context.UserName));
identity.AddClaim(new Claim("OrganizationID", userModel.OrganizationID.ToString()));
identity.AddClaim(new Claim("UserID", userModel.UserID));
identity.AddClaim(new Claim("RoleID", userModel.RoleID));
identity.AddClaim(new Claim("DatasourceIds", userModel.CommaSeperatedDatasourceIds));
identity.AddClaim(new Claim("fullName", userModel.FirstName + " " + userModel.LastName));
identity.AddClaim(new Claim("UserGroups", userGroups));
identity.AddClaim(new Claim("PlanPermissionIds", userModel.CommaSeperatedPlanPermissionIds));
var props = new AuthenticationProperties(new Dictionary <string, string> {
{ "userName", context.UserName },
{ "fullName", userModel.FirstName + " " + userModel.LastName },
{ "RoleID", userModel.RoleID },
{ "IsExpired", IsExpired.ToString() },
{ "PlanPermissionIds", userModel.CommaSeperatedPlanPermissionIds },
});
var ticket = new AuthenticationTicket(identity, props);
context.Validated(ticket);
}
else
{
context.SetError("invalid_grant", authenticateResponse.Message);
// context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
}
else
{
if (OTP != null)
{
var authenticateResponse = authenticateService.AuthenticateSuperAdmin(email, password, OTP);
// if (((email == "admin") && (password == "admin")) || ((email == "jignesh") && (password == "abc")))
if (authenticateResponse.Success)
{
UserModel userModel = (UserModel)authenticateResponse.Data;
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
identity.AddClaim(new Claim(ClaimTypes.Role, "user"));
identity.AddClaim(new Claim("sub", context.UserName));
identity.AddClaim(new Claim("Email", context.UserName));
identity.AddClaim(new Claim("OrganizationID", userModel.OrganizationID.ToString()));
identity.AddClaim(new Claim("UserID", userModel.UserID));
identity.AddClaim(new Claim("RoleID", userModel.RoleID));
//identity.AddClaim(new Claim("DatasourceIds", userModel.CommaSeperatedDatasourceIds));
identity.AddClaim(new Claim("fullName", userModel.FirstName + " " + userModel.LastName));
var props = new AuthenticationProperties(new Dictionary <string, string> {
{ "userName", context.UserName },
{ "fullName", userModel.FirstName + " " + userModel.LastName },
{ "RoleID", userModel.RoleID },
});
var ticket = new AuthenticationTicket(identity, props);
context.Validated(ticket);
authenticateService.EmptyOTP(email, password);
}
else
{
context.SetError("invalid_grant", "The user name or password or OTP is incorrect.");
return;
}
}
else
{
context.SetError("invalid_grant", "Please Enter OTP");
return;
}
}
}
