public async Task Should_reset_user_password() { const string USERNAME = EmailData.NON_EXISTENT_USERNAME; const string NEW_PASSWORD = UserData.NEW_PASSWORD; var request = new ResetUserPasswordRequest() { Username = USERNAME }; var response = new UpdateUserResponse() { NewPassword = NEW_PASSWORD }; UserApiClient .Setup(x => x.ResetUserPasswordAsync(USERNAME)) .ReturnsAsync(response); var result = await Controller.ResetUserPassword(request); result.Should().NotBeNull(); var objectResult = (OkObjectResult)result; objectResult.StatusCode.Should().Be((int)HttpStatusCode.OK); var passwordResponse = (UpdateUserResponse)objectResult.Value; passwordResponse.NewPassword.Should().Be(response.NewPassword); }
public IActionResult ResetUserPassword([FromBody] ResetUserPasswordRequest request) { var client = GetUserClient(); client.ResetUserPassword(request.UserId); return(AjaxOkResponse()); }
public static void ProjectTo(this ResetUserPasswordRequest request, Users user) { var securitySalt = EncryptContractor.Instance.SetDefault(Settings.IV, Settings.Key).GenerateEncryptedSecuritySalt(); var scriptedPassword = PasswordContractor.Instance.GeneratePassword(request.NewPassword, securitySalt); user.SecuritySalt = securitySalt; user.Password = scriptedPassword; }
public ResetPasswordUserControllerTests() { _loggerMock = new Mock <ILogger <UserController> >(); _request = new ResetUserPasswordRequest { Username = UserData.USERNAME }; _configuration = new Mock <IConfiguration>(); SetMockConfig(); }
public async Task Should_pass_validation() { var request = new ResetUserPasswordRequest() { Username = VALID_TEXT }; var result = await _validator.ValidateAsync(request); result.IsValid.Should().BeTrue(); }
public async Task <bool> ResetPasswordAsync(ResetUserPasswordRequest resetUserPasswordRequest) { var userResponse = await _userService.GetUserByEmailAsync(resetUserPasswordRequest.Email); if (userResponse == null) { throw new ArgumentException(string.Format(ValidationMessages.NotFound, ValidationMessages.User)); } var changePasswordResponse = await _loginRepository.UpdatePasswordAsync(userResponse.Id, _passwordHashService.Hash(resetUserPasswordRequest.Password)); return(changePasswordResponse > 0); }
public async Task Should_return_bad_request_for_null_username() { var request = new ResetUserPasswordRequest() { Username = string.Empty }; var uri = ApiUriFactory.UserEndpoints.ResetUserPassword(); await SendPatchRequest(uri, RequestHelper.Serialise(request)); VerifyResponse(HttpStatusCode.BadRequest, false); }
/** * Set user phone number. */ private async Task <APIGatewayProxyResponse> ResetUserPassword(IDataStores dataStores, IDictionary <string, string> requestHeaders, JObject requestBody) { Debug.Untested(); Debug.AssertValid(dataStores); Debug.AssertValid(requestHeaders); Debug.AssertValidOrNull(requestBody); try { // Log call LoggingHelper.LogMessage($"UserIdentityService::ResetUserPassword()"); // Get the NoSQL DB client AmazonDynamoDBClient dbClient = (AmazonDynamoDBClient)dataStores.GetNoSQLDataStore().GetDBClient(); Debug.AssertValid(dbClient); // Check inputs ResetUserPasswordRequest resetUserPasswordRequest = UserIdentityService_ResetUserPassword_LogicLayer.CheckValidResetUserPasswordRequest(requestBody); Debug.AssertValid(resetUserPasswordRequest); // Check reCaptcha ReCaptchaHelper.CheckReCaptchaToken(resetUserPasswordRequest.reCaptcha); // Perform logic await UserIdentityService_ResetUserPassword_LogicLayer.ResetUserPassword(dbClient, resetUserPasswordRequest); // Respond return(new APIGatewayProxyResponse { StatusCode = APIHelper.STATUS_CODE_NO_CONTENT }); } catch (Exception exception) { Debug.Tested(); if ((exception.Message == SharedLogicLayer.ERROR_UNRECOGNIZED_EMAIL_ADDRESS) || (exception.Message == IdentityServiceLogicLayer.ERROR_EMAIL_NOT_VERIFIED) || (exception.Message == ReCaptchaHelper.ERROR_INVALID_RECAPTCHA_TOKEN)) { Debug.Tested(); // Note tht no error code is returned for security reasons. //??--return StatusCode(APIHelper.STATUS_CODE_FORBIDDEN); return(new APIGatewayProxyResponse { StatusCode = APIHelper.STATUS_CODE_FORBIDDEN }); } else { Debug.Untested(); return(APIHelper.ResponseFromException(exception)); } } }
public void Should_throw_error_if_test_default_password_not_found() { var username = EjudUserData.USERNAME(EjudUserData.AUTOMATED_FIRST_NAME_PREFIX, EjudUserData.LAST_NAME(1), EjudUserData.FAKE_EJUD_DOMAIN); var request = new ResetUserPasswordRequest() { Username = username }; Configuration .Setup(x => x.GetSection("TestDefaultPassword").Value) .Returns(() => null); Assert.ThrowsAsync <ConfigurationErrorsException>(async() => await Controller.ResetUserPassword(request)); }
public async Task Should_fail_validation_if_username_empty() { var request = new ResetUserPasswordRequest() { Username = string.Empty }; var result = await _validator.ValidateAsync(request); result.IsValid.Should().BeFalse(); result.Errors.Count.Should().Be(1); result.Errors.Any(x => x.ErrorMessage == ResetPasswordRequestValidator.EMPTY_USERNAME_ERROR_MESSAGE) .Should().BeTrue(); }
public async Task Should_fail_validation_if_username_contains_automation() { var request = new ResetUserPasswordRequest() { Username = AUTOMATION_USER }; var result = await _validator.ValidateAsync(request); result.IsValid.Should().BeFalse(); result.Errors.Count.Should().Be(1); result.Errors.Any(x => x.ErrorMessage == ResetPasswordRequestValidator.CANNOT_RESET_AUTOMATION_USERS_ERROR_MESSAGE) .Should().BeTrue(); }
public ResetUserPasswordResponse ResetUserPassword(ResetUserPasswordRequest request) { Platform.CheckForNullReference(request, "request"); Platform.CheckMemberIsSet(request.UserName, "UserName"); var user = FindUserByName(request.UserName); var settings = new AuthenticationSettings(); user.ResetPassword(settings.DefaultTemporaryPassword); var assembler = new UserAssembler(); return(new ResetUserPasswordResponse(assembler.GetUserSummary(user))); }
public async Task Should_return_not_found_for_non_existent_username() { const string USERNAME = EmailData.NON_EXISTENT_USERNAME; var request = new ResetUserPasswordRequest() { Username = USERNAME }; var uri = ApiUriFactory.UserEndpoints.ResetUserPassword(); await SendPatchRequest(uri, RequestHelper.Serialise(request)); VerifyResponse(HttpStatusCode.NotFound, false); }
public async Task <IActionResult> ResetPassword(ResetUserPasswordRequest request) { _logger.LogDebug("ResetPassword {username}", request.Username); const int POLLY_RETRIES = 5; var policy = Policy .HandleResult(false) .WaitAndRetryAsync(POLLY_RETRIES, retryAttempt => TimeSpan.FromSeconds(Math.Pow(2, retryAttempt))); if (request.Username.EndsWith(GetEjudDomain(), StringComparison.InvariantCultureIgnoreCase)) { return(Ok(new UpdateUserResponse { NewPassword = GetDefaultPassword() })); } try { var response = await policy.ExecuteAsync(async() => await _testApiClient.GetUserExistsInAdAsync(request.Username)); if (response.Equals(false)) { return(NotFound()); } _logger.LogDebug("User '{username}' successfully found in AAD", request.Username); } catch (TestApiException e) { _logger.LogError(e, "Unable to find user {username} to reset user password with error '{message}'", request.Username, e.Message); return(StatusCode(e.StatusCode, e.Response)); } try { var response = await _testApiClient.ResetUserPasswordAsync(request); _logger.LogDebug("User '{username}' successfully reset", request.Username); return(Ok(response)); } catch (TestApiException e) { _logger.LogError(e, "Unable to reset user password: {username} with error '{message}'", request.Username, e.Message); return(StatusCode(e.StatusCode, e.Response)); } }
public async Task <Users> ResetUserPassword(ResetUserPasswordRequest request) { var claims = JwtTokenHelper.GetTokenClaims(request.Token, Settings.JwtSecretKey); var userId = claims.FirstOrDefault(x => x.Type == "UserId"); if (userId == null) { throw new Exception("Invalid token"); } Users u = await _repository.GetByIdAsync(Convert.ToInt64(userId.Value)); request.ProjectTo(u); await _repository.AddOrUpdateAsync(u); return(u); }
public async Task Should_return_test_password_for_ejud_users() { var username = EjudUserData.USERNAME(EjudUserData.AUTOMATED_FIRST_NAME_PREFIX, EjudUserData.LAST_NAME(1), EjudUserData.FAKE_EJUD_DOMAIN); var request = new ResetUserPasswordRequest() { Username = username }; var result = await Controller.ResetUserPassword(request); var objectResult = (OkObjectResult)result; objectResult.StatusCode.Should().Be((int)HttpStatusCode.OK); var passwordResponse = (UpdateUserResponse)objectResult.Value; passwordResponse.NewPassword.Should().Be(EjudUserData.FAKE_PASSWORD); }
public async Task Should_return_bad_request_for_automation_user() { var individualUser = await Context.Data.SeedUser(UserType.Individual); await Context.Data.SeedAllocation(individualUser.Id); await Context.Data.AllocateUser(individualUser.Id); var request = new ResetUserPasswordRequest() { Username = individualUser.Username }; var uri = ApiUriFactory.UserEndpoints.ResetUserPassword(); await SendPatchRequest(uri, RequestHelper.Serialise(request)); VerifyResponse(HttpStatusCode.BadRequest, false); }
public async Task Should_return_default_password_for_ejud_user() { var username = await AllocateUser(true); var request = new ResetUserPasswordRequest() { Username = username }; var uri = ApiUriFactory.UserEndpoints.ResetUserPassword(); await SendPatchRequest(uri, RequestHelper.Serialise(request)); VerifyResponse(HttpStatusCode.OK, true); var response = RequestHelper.Deserialise <UpdateUserResponse>(Json); response.Should().NotBeNull(); response.NewPassword.Should().Be(Context.Config.TestDefaultPassword); }
public async Task Should_return_test_password_for_ejud_users() { var client = new Mock <ITestApiClient>(); const string username = EjudUserData.FAKE_EJUD_DOMAIN; var request = new ResetUserPasswordRequest() { Username = username }; var controller = new UserController(client.Object, _loggerMock.Object, _configuration.Object); var result = await controller.ResetPassword(request); var objectResult = (OkObjectResult)result; objectResult.StatusCode.Should().Be((int)HttpStatusCode.OK); var passwordResponse = (UpdateUserResponse)objectResult.Value; passwordResponse.NewPassword.Should().Be(EjudUserData.FAKE_PASSWORD); }
public void Should_throw_error_if_ejud_domain_not_found() { var client = new Mock <ITestApiClient>(); const string username = EjudUserData.FAKE_EJUD_DOMAIN; var request = new ResetUserPasswordRequest() { Username = username }; var configuration = new Mock <IConfiguration>(); configuration .Setup(x => x.GetSection("EjudUsernameStem").Value) .Returns(() => null); var controller = new UserController(client.Object, _loggerMock.Object, configuration.Object); Assert.ThrowsAsync <InvalidDataException>(async() => await controller.ResetPassword(request)); }
public async Task <IActionResult> ResetUserPassword(ResetUserPasswordRequest request) { _logger.LogDebug($"ResetUserPassword"); if (request.Username.EndsWith(GetEjudDomain(), StringComparison.InvariantCultureIgnoreCase)) { return(Ok(new UpdateUserResponse { NewPassword = GetDefaultPassword() })); } try { var response = await _userApiClient.ResetUserPasswordAsync(request.Username); return(Ok(response)); } catch (UserApiException e) { return(StatusCode(e.StatusCode, e.Response)); } }
public async Task Should_reset_users_password() { var username = await AllocateUser(); await PollForUserExistsInAad(username); var request = new ResetUserPasswordRequest() { Username = username }; var uri = ApiUriFactory.UserEndpoints.ResetUserPassword(); await SendPatchRequest(uri, RequestHelper.Serialise(request)); VerifyResponse(HttpStatusCode.OK, true); var response = RequestHelper.Deserialise <UpdateUserResponse>(Json); response.Should().NotBeNull(); response.NewPassword.Should().NotBeNullOrEmpty(); }
public ResetUserPasswordResponse ResetUserPassword(ResetUserPasswordRequest request) { Platform.CheckForNullReference(request, "request"); Platform.CheckMemberIsSet(request.UserName, "UserName"); var user = FindUserByName(request.UserName); EnsureCurrentUserAuthorizedToManage(user.AccountType); if (user.AccountType != UserAccountType.U) { throw new RequestValidationException(SR.MessageAccountTypeDoesNotSupportPasswordReset); } var settings = new AuthenticationSettings(); user.ResetPassword(settings.DefaultTemporaryPassword); var assembler = new UserAssembler(); return(new ResetUserPasswordResponse(assembler.GetUserSummary(user))); }
public async Task <IHttpActionResult> ResetPassword([FromBody] ResetUserPasswordRequest request) { try { if (ModelState.IsValid) { var user = await _userService.ResetUserPassword(request); if (user != null) { await _userService.CommitAsync(); var token = CreateToken(user); return(Ok(new { Token = token })); } } return(BadRequest(ModelState)); } catch (Exception ex) { HttpContext.Current.Response.StatusCode = 500; throw ex; } }