public async Task <Contoso.Login> ClickLoginWithContosoLinkAsync() { var externalFormResponse = await Client.SendAsync(_externalLoginForm, _contosoButton); var goToContosoLogin = ResponseAssert.IsRedirect(externalFormResponse); var contosoLoginResponse = await Client.GetAsync(goToContosoLogin); var contosoLogin = await ResponseAssert.IsHtmlDocumentAsync(contosoLoginResponse); return(new Contoso.Login(Client, contosoLogin, Context)); }
public async Task <SetPassword> ClickChangePasswordLinkExternalLoginAsync() { var response = await Client.GetAsync(_changePasswordLink.Href); var goToSetPassword = ResponseAssert.IsRedirect(response); var setPasswordResponse = await Client.GetAsync(goToSetPassword); var setPasswordDocument = await ResponseAssert.IsHtmlDocumentAsync(setPasswordResponse); return(new SetPassword(Client, setPasswordDocument, Context)); }
internal async Task <Index> SendConfirmationEmailAsync() { Assert.False(Context.EmailConfirmed); var response = await Client.SendAsync(_updateProfileForm, _confirmEmailButton); var goToManage = ResponseAssert.IsRedirect(response); var manageResponse = await Client.GetAsync(goToManage); var manage = await ResponseAssert.IsHtmlDocumentAsync(manageResponse); return(new Index(Client, manage, Context)); }
public async Task <Index> LoginValidUserAsync(string userName, string password) { var loggedIn = await SendLoginForm(userName, password); var loggedInLocation = ResponseAssert.IsRedirect(loggedIn); Assert.Equal(Index.Path, loggedInLocation.ToString()); var indexResponse = await Client.GetAsync(loggedInLocation); var index = await ResponseAssert.IsHtmlDocumentAsync(indexResponse); return(new Index(Client, index, Context, authenticated: true)); }
public async Task <LoginWith2fa> PasswordLoginValidUserWith2FaAsync(string userName, string password) { var loggedIn = await SendLoginForm(userName, password); var loggedInLocation = ResponseAssert.IsRedirect(loggedIn); Assert.StartsWith(LoginWith2fa.Path, loggedInLocation.ToString()); var loginWithTwoFactorResponse = await Client.GetAsync(loggedInLocation); var loginWithTwoFactor = await ResponseAssert.IsHtmlDocumentAsync(loginWithTwoFactorResponse); return(new LoginWith2fa(Client, loginWithTwoFactor, Context)); }
public async Task <FunctionalTests.Index> Delete(string password) { var loggedIn = await SendDeleteForm(password); var deleteLocation = ResponseAssert.IsRedirect(loggedIn); Assert.Equal(Index.Path, deleteLocation.ToString()); var indexResponse = await Client.GetAsync(deleteLocation); var index = await ResponseAssert.IsHtmlDocumentAsync(indexResponse); return(new FunctionalTests.Index(Client, index, Context)); }
public async Task <ManageExternalLogin> LinkExternalLoginAsync(string loginEmail) { // Click on the button to link external login to current user account var linkExternalLogin = await Client.SendAsync(_linkLoginForm, _linkLoginButton); var goToLinkExternalLogin = ResponseAssert.IsRedirect(linkExternalLogin); var externalLoginResponse = await Client.GetAsync(goToLinkExternalLogin); var externalLoginDocument = await ResponseAssert.IsHtmlDocumentAsync(externalLoginResponse); // Redirected to manage page for external login with a remove button return(new ManageExternalLogin(Client, externalLoginDocument, Context)); }
internal async Task <Index> SendUpdateProfileAsync(string newEmail) { var response = await Client.SendAsync(_updateProfileForm, _updateProfileButton, new Dictionary <string, string> { ["Input_Email"] = newEmail }); var goToManage = ResponseAssert.IsRedirect(response); var manageResponse = await Client.GetAsync(goToManage); var manage = await ResponseAssert.IsHtmlDocumentAsync(manageResponse); return(new Index(Client, manage, Context)); }
public async Task <ForgotPasswordConfirmation> SendForgotPasswordAsync(string email) { var response = await Client.SendAsync(_forgotPasswordForm, new Dictionary <string, string> { ["Input_Email"] = email }); var goToForgotPasswordConfirmation = ResponseAssert.IsRedirect(response); var forgotPasswordConfirmationResponse = await Client.GetAsync(goToForgotPasswordConfirmation); var forgotPasswordConfirmation = await ResponseAssert.IsHtmlDocumentAsync(forgotPasswordConfirmationResponse); return(new ForgotPasswordConfirmation(Client, forgotPasswordConfirmation, Context)); }
internal async Task <Email> SendUpdateEmailAsync(string newEmail) { var response = await Client.SendAsync(_changeEmailForm, _changeEmailButton, new Dictionary <string, string> { ["Input_NewEmail"] = newEmail }); var goToManage = ResponseAssert.IsRedirect(response); var manageResponse = await Client.GetAsync(goToManage); var manage = await ResponseAssert.IsHtmlDocumentAsync(manageResponse); return(new Email(Client, manage, Context)); }
public async Task <DefaultUIPage> LockoutUserAsync(string userName, string password) { var loginAttempt = await SendLoginForm(userName, password); var lockedOut = ResponseAssert.IsRedirect(loginAttempt); Assert.Equal("/Identity/Account/Lockout", lockedOut.ToString()); var lockedOutResponse = await Client.GetAsync(lockedOut); var lockout = await ResponseAssert.IsHtmlDocumentAsync(lockedOutResponse); return(new DefaultUIPage(Client, lockout, Context)); }
public async Task <Index> SendRecoveryCodeAsync(string recoveryCode) { var response = await Client.SendAsync(_loginWithRecoveryCodeForm, new Dictionary <string, string> { ["Input_RecoveryCode"] = recoveryCode }); var goToIndex = ResponseAssert.IsRedirect(response); var indexPage = await Client.GetAsync(goToIndex); var index = await ResponseAssert.IsHtmlDocumentAsync(indexPage); return(new Index(Client, index, Context.WithAuthenticatedUser())); }
public async Task <Index> SendEmailAsync(string email) { var response = await Client.SendAsync(_emailForm, new Dictionary <string, string> { ["Input_Email"] = email }); var redirect = ResponseAssert.IsRedirect(response); var indexResponse = await Client.GetAsync(redirect); var index = await ResponseAssert.IsHtmlDocumentAsync(indexResponse); return(new Index(Client, index, Context.WithAuthenticatedUser())); }
public async Task AnonymousUserCantAccessAuthorizedPages(string url) { // Arrange var client = ServerFactory .CreateClient(); // Act var response = await client.GetAsync(url); // Assert var location = ResponseAssert.IsRedirect(response); Assert.StartsWith("/Identity/Account/Login?", location.PathAndQuery); }
public async Task <RegisterConfirmation> SendEmailWithConfirmationAsync(string email, bool hasRealEmail) { var response = await Client.SendAsync(_emailForm, new Dictionary <string, string> { ["Input_Email"] = email }); var redirect = ResponseAssert.IsRedirect(response); Assert.True(String.Equals(RegisterConfirmation.Path + "?email=" + email, redirect.ToString(), StringComparison.OrdinalIgnoreCase)); var registerResponse = await Client.GetAsync(redirect); var register = await ResponseAssert.IsHtmlDocumentAsync(registerResponse); return(new RegisterConfirmation(Client, register, hasRealEmail ? Context.WithRealEmailSender() : Context)); }
public async Task <ResetPasswordConfirmation> SendNewPasswordAsync(string email, string newPassword) { var resetPasswordResponse = await Client.SendAsync(_resetPasswordForm, new Dictionary <string, string> { ["Input_Email"] = email, ["Input_Password"] = newPassword, ["Input_ConfirmPassword"] = newPassword }); var goToResetPasswordConfirmation = ResponseAssert.IsRedirect(resetPasswordResponse); var resetPasswordConfirmationResponse = await Client.GetAsync(goToResetPasswordConfirmation); var resetPasswordConfirmation = await ResponseAssert.IsHtmlDocumentAsync(resetPasswordConfirmationResponse); return(new ResetPasswordConfirmation(Client, resetPasswordConfirmation, Context)); }
public async Task <RemoveExternalLogin> ManageExternalLoginAsync(string loginEmail) { var linkedExternalLogin = await Client.SendAsync(_externalLoginForm, new Dictionary <string, string> { ["Input_Login"] = loginEmail }); var goToLinkedExternalLogin = ResponseAssert.IsRedirect(linkedExternalLogin); var externalLoginResponse = await Client.GetAsync(goToLinkedExternalLogin); var goToManageExternalLogin = ResponseAssert.IsRedirect(externalLoginResponse); var manageExternalLoginResponse = await Client.GetAsync(goToManageExternalLogin); var manageExternalLoginDocument = await ResponseAssert.IsHtmlDocumentAsync(manageExternalLoginResponse); return(new RemoveExternalLogin(Client, manageExternalLoginDocument, Context)); }
internal async Task <Index> Send2FACodeAsync(string twoFactorKey) { var code = EnableAuthenticator.ComputeCode(twoFactorKey); var response = await Client.SendAsync(_twoFactorForm, new Dictionary <string, string> { ["Input_TwoFactorCode"] = code }); var goToIndex = ResponseAssert.IsRedirect(response); Assert.Equal(Index.Path, goToIndex.ToString()); var indexResponse = await Client.GetAsync(goToIndex); var index = await ResponseAssert.IsHtmlDocumentAsync(indexResponse); return(new Index(Client, index, Context.WithAuthenticatedUser())); }
public async Task <Index> SubmitRegisterFormForValidUserAsync(string userName, string password) { var registered = await Client.SendAsync(_registerForm, new Dictionary <string, string>() { ["Input_Email"] = userName, ["Input_Password"] = password, ["Input_ConfirmPassword"] = password }); var registeredLocation = ResponseAssert.IsRedirect(registered); Assert.Equal(Index.Path, registeredLocation.ToString()); var indexResponse = await Client.GetAsync(registeredLocation); var index = await ResponseAssert.IsHtmlDocumentAsync(indexResponse); return(new Index(Client, index, Context.WithAuthenticatedUser())); }
public async Task <RegisterConfirmation> SubmitRegisterFormWithConfirmation(string userName, string password, bool hasRealEmail = false) { var registered = await Client.SendAsync(_registerForm, new Dictionary <string, string>() { ["Input_Email"] = userName, ["Input_Password"] = password, ["Input_ConfirmPassword"] = password }); var registeredLocation = ResponseAssert.IsRedirect(registered); Assert.Equal(RegisterConfirmation.Path + "?email=" + userName + "&returnUrl=%2F", registeredLocation.ToString()); var registerResponse = await Client.GetAsync(registeredLocation); var register = await ResponseAssert.IsHtmlDocumentAsync(registerResponse); return(new RegisterConfirmation(Client, register, hasRealEmail ? Context.WithRealEmailSender() : Context)); }
internal async Task <ShowRecoveryCodes> SendValidCodeAsync() { var authenticatorKey = _codeElement.TextContent.Replace(" ", ""); Context.AuthenticatorKey = authenticatorKey; var verificationCode = ComputeCode(authenticatorKey); var sendCodeResponse = await Client.SendAsync(_sendCodeForm, new Dictionary <string, string> { ["Input_Code"] = verificationCode }); var goToShowRecoveryCodes = ResponseAssert.IsRedirect(sendCodeResponse); var showRecoveryCodesResponse = await Client.GetAsync(goToShowRecoveryCodes); var showRecoveryCodes = await ResponseAssert.IsHtmlDocumentAsync(showRecoveryCodesResponse); return(new ShowRecoveryCodes(Client, showRecoveryCodes, Context)); }
private async Task <IHtmlDocument> SendLoginForm(string userName) { var contosoResponse = await Client.SendAsync(_loginForm, new Dictionary <string, string> { ["Input_Login"] = userName }); var goToExternalLogin = ResponseAssert.IsRedirect(contosoResponse); var externalLogInResponse = await Client.GetAsync(goToExternalLogin); if (Context.ExistingUser) { var goToIndex = ResponseAssert.IsRedirect(externalLogInResponse); var indexResponse = await Client.GetAsync(goToIndex); return(await ResponseAssert.IsHtmlDocumentAsync(indexResponse)); } else { return(await ResponseAssert.IsHtmlDocumentAsync(externalLogInResponse)); } }
public async Task CanPerform_AuthorizationCode_Flow() { using (StartLog(out var loggerFactory, minLogLevel: LogLevel.Debug)) { // Arrange var clientId = Guid.NewGuid().ToString(); var resourceId = Guid.NewGuid().ToString(); var appBuilder = new CredentialsServerBuilder(loggerFactory) .EnsureDeveloperCertificate() .ConfigureReferenceData(data => data .CreateIntegratedWebClientApplication(clientId) .CreateResourceApplication(resourceId, "ResourceApplication", "read") .CreateUser("testUser", "Pa$$w0rd")) .ConfigureInMemoryEntityFrameworkStorage() .ConfigureMvcAutomaticSignIn() .ConfigureOpenIdConnectClient(options => { options.ClientId = clientId; options.ResponseType = OpenIdConnectResponseType.Code; options.ResponseMode = OpenIdConnectResponseMode.Query; options.Scope.Add("https://localhost/DFC7191F-FF74-42B9-A292-08FEA80F5B20/v2.0/ResourceApplication/read"); }) .ConfigureIntegratedClient(clientId); var client = appBuilder.Build(); // Act & Assert // Navigate to protected resource. var goToAuthorizeResponse = await client.GetAsync("https://localhost/Home/About"); // Redirected to authorize var location = ResponseAssert.IsRedirect(goToAuthorizeResponse); var oidcCookiesComparisonCriteria = CookieComparison.Strict & ~CookieComparison.NameEquals | CookieComparison.NameStartsWith; ResponseAssert.HasCookie(CreateExpectedSetNonceCookie(), goToAuthorizeResponse, oidcCookiesComparisonCriteria); ResponseAssert.HasCookie(CreateExpectedSetCorrelationIdCookie(), goToAuthorizeResponse, oidcCookiesComparisonCriteria); var authorizeParameters = ResponseAssert.LocationHasQueryParameters <OpenIdConnectMessage>( goToAuthorizeResponse, "state"); // Navigate to authorize var goToLoginResponse = await client.GetAsync(location); // Redirected to login location = ResponseAssert.IsRedirect(goToLoginResponse); // Navigate to login var goToAuthorizeWithCookie = await client.GetAsync(location); // Stamp a login cookie and redirect back to authorize. location = ResponseAssert.IsRedirect(goToAuthorizeWithCookie); ResponseAssert.HasCookie(".AspNetCore.Identity.Application", goToAuthorizeWithCookie, CookieComparison.NameEquals); // Navigate to authorize with a login cookie. var goToSignInOidcCallback = await client.GetAsync(location); // Stamp an application session cookie and redirect to relying party callback with an authorization code on the query string. location = ResponseAssert.IsRedirect(goToSignInOidcCallback); ResponseAssert.HasCookie("Microsoft.AspNetCore.Identity.Service", goToSignInOidcCallback, CookieComparison.NameEquals); var callBackQueryParameters = ResponseAssert.LocationHasQueryParameters <OpenIdConnectMessage>(goToSignInOidcCallback, "code", ("state", authorizeParameters.State)); // Navigate to relying party callback. var goToProtectedResource = await client.GetAsync(location); // Stamp a session cookie and redirect to the protected resource. location = ResponseAssert.IsRedirect(goToProtectedResource); ResponseAssert.HasCookie(".AspNetCore.Cookies", goToProtectedResource, CookieComparison.NameEquals); ResponseAssert.HasCookie(CreateExpectedSetCorrelationIdCookie(DateTime.Parse("1/1/1970 12:00:00 AM +00:00")), goToProtectedResource, CookieComparison.Delete); ResponseAssert.HasCookie(CreateExpectedSetNonceCookie(DateTime.Parse("1/1/1970 12:00:00 AM +00:00")), goToProtectedResource, CookieComparison.Delete); var protectedResourceResponse = await client.GetAsync(location); ResponseAssert.IsOK(protectedResourceResponse); ResponseAssert.IsHtmlDocument(protectedResourceResponse); } }