示例#1
0
            public async Task GivenAssociatedLocalAdminUser_ItChallengesWhenNotUsingRequiredExternalProvider(string providerUsedForLogin, bool shouldChallenge)
            {
                // Arrange
                var enforcedProvider = "AzureActiveDirectory";

                var configurationService = GetConfigurationService();

                configurationService.Current.ConfirmEmailAddresses        = false;
                configurationService.Current.EnforcedAuthProviderForAdmin = enforcedProvider;

                var fakes = Get <Fakes>();

                GetMock <AuthenticationService>(); // Force a mock to be created
                var controller = GetController <AuthenticationController>();
                var cred       = new CredentialBuilder().CreateExternalCredential(providerUsedForLogin, "blorg", "Bloog");
                var authUser   = new AuthenticatedUser(
                    fakes.CreateUser("test", cred),
                    cred);

                authUser.User.Roles.Add(new Role {
                    Name = Constants.AdminRoleName
                });

                GetMock <AuthenticationService>()
                .Setup(x => x.AuthenticateExternalLogin(controller.OwinContext))
                .CompletesWith(new AuthenticateExternalLoginResult()
                {
                    ExternalIdentity = new ClaimsIdentity(),
                    Authentication   = authUser
                });

                if (shouldChallenge)
                {
                    GetMock <AuthenticationService>()
                    .Setup(x => x.Challenge(enforcedProvider, It.IsAny <string>()))
                    .Returns(new ChallengeResult(enforcedProvider, null))
                    .Verifiable();
                }
                else
                {
                    GetMock <AuthenticationService>()
                    .Setup(x => x.CreateSessionAsync(controller.OwinContext, authUser))
                    .Returns(Task.FromResult(0))
                    .Verifiable();
                }

                // Act
                var result = await controller.LinkExternalAccount("theReturnUrl");

                // Assert
                if (shouldChallenge)
                {
                    ResultAssert.IsChallengeResult(result, enforcedProvider);
                }
                else
                {
                    ResultAssert.IsSafeRedirectTo(result, "theReturnUrl");
                    GetMock <AuthenticationService>().VerifyAll();
                }
            }
示例#2
0
            public void VerifyShouldChallenge(string providerUsedForLogin, bool shouldChallenge)
            {
                // Arrange
                var enforcedProvider = "AzureActiveDirectory";

                EnableAllAuthenticators(Get <AuthenticationService>());

                var controller = GetController <AuthenticationController>();
                var authUser   = new AuthenticatedUser(
                    new User("theUsername")
                {
                    EmailAddress = "*****@*****.**",
                    Roles        =
                    {
                        new Role {
                            Name = Constants.AdminRoleName
                        }
                    }
                },
                    new Credential {
                    Type = providerUsedForLogin
                });

                // Act
                ActionResult challengeResult;
                var          result = controller.ShouldChallengeEnforcedProvider(enforcedProvider, authUser, null, out challengeResult);

                // Assert
                Assert.Equal(shouldChallenge, result);
                if (shouldChallenge)
                {
                    ResultAssert.IsChallengeResult(challengeResult, enforcedProvider);
                }
            }
            public void WillChallengeTheUserUsingTheGivenProviderAndReturnUrl()
            {
                // Arrange
                EnableAllAuthenticators(Get <AuthenticationService>());
                var controller = GetController <AuthenticationController>();

                // Act
                var result = controller.ChallengeAuthentication("/theReturnUrl", "MicrosoftAccount");

                // Assert
                ResultAssert.IsChallengeResult(result, "MicrosoftAccount", "/users/account/authenticate/return?ReturnUrl=%2FtheReturnUrl");
            }
示例#4
0
            public async Task GivenAdminLogsInWithExternalIdentity_ItChallengesWhenNotUsingRequiredExternalProvider(string providerUsedForLogin, bool shouldChallenge)
            {
                // Arrange
                var enforcedProvider = "AzureActiveDirectory";

                var configurationService = GetConfigurationService();

                configurationService.Current.ConfirmEmailAddresses        = false;
                configurationService.Current.EnforcedAuthProviderForAdmin = enforcedProvider;

                var externalCred = new CredentialBuilder().CreateExternalCredential(providerUsedForLogin, "blorg", "Bloog");

                var authUser = new AuthenticatedUser(
                    new User("theUsername")
                {
                    UnconfirmedEmailAddress = "*****@*****.**",
                    EmailConfirmationToken  = "t0k3n",
                    Roles =
                    {
                        new Role {
                            Name = Constants.AdminRoleName
                        }
                    }
                },
                    externalCred);

                GetMock <AuthenticationService>()
                .Setup(x => x.Register("theUsername", "theEmailAddress", externalCred))
                .CompletesWith(authUser);

                EnableAllAuthenticators(Get <AuthenticationService>());
                var controller = GetController <AuthenticationController>();

                if (shouldChallenge)
                {
                    GetMock <AuthenticationService>()
                    .Setup(x => x.Challenge(enforcedProvider, It.IsAny <string>()))
                    .Returns(new ChallengeResult(enforcedProvider, null))
                    .Verifiable();
                }
                else
                {
                    GetMock <AuthenticationService>()
                    .Setup(x => x.CreateSessionAsync(controller.OwinContext, authUser))
                    .Returns(Task.FromResult(0))
                    .Verifiable();
                }

                GetMock <AuthenticationService>()
                .Setup(x => x.ReadExternalLoginCredential(controller.OwinContext))
                .CompletesWith(new AuthenticateExternalLoginResult()
                {
                    ExternalIdentity = new ClaimsIdentity(),
                    Credential       = externalCred
                });

                // Act
                var result = await controller.Register(
                    new LogOnViewModel()
                {
                    Register = new RegisterViewModel
                    {
                        Username     = "******",
                        EmailAddress = "theEmailAddress",
                    }
                }, "/theReturnUrl", linkingAccount : true);

                // Assert
                if (shouldChallenge)
                {
                    ResultAssert.IsChallengeResult(result, enforcedProvider);
                }
                else
                {
                    ResultAssert.IsSafeRedirectTo(result, "/theReturnUrl");
                }
                GetMock <AuthenticationService>().VerifyAll();
            }
            public async Task GivenAdminLogsInWithValidExternalAuth_ItChallengesWhenNotUsingRequiredExternalProvider(string providerUsedForLogin, bool shouldChallenge)
            {
                var enforcedProvider = "AzureActiveDirectory";

                var mockConfig = GetMock <IGalleryConfigurationService>();

                mockConfig.Setup(x => x.Current).Returns(new AppConfiguration
                {
                    ConfirmEmailAddresses        = false,
                    EnforcedAuthProviderForAdmin = enforcedProvider
                });

                var externalCred = new CredentialBuilder().CreateExternalCredential(providerUsedForLogin, "blorg", "Bloog");

                var authUser = new AuthenticatedUser(
                    new User("theUsername")
                {
                    UnconfirmedEmailAddress = "*****@*****.**",
                    Roles =
                    {
                        new Role {
                            Name = Constants.AdminRoleName
                        }
                    }
                },
                    externalCred);

                var authResult =
                    new PasswordAuthenticationResult(PasswordAuthenticationResult.AuthenticationResult.Success, authUser);

                GetMock <AuthenticationService>()
                .Setup(x => x.Authenticate(authUser.User.Username, "thePassword"))
                .CompletesWith(authResult);

                GetMock <AuthenticationService>()
                .Setup(x => x.AddCredential(authUser.User, externalCred))
                .Completes()
                .Verifiable();

                GetMock <IMessageService>()
                .Setup(x => x.SendCredentialAddedNotice(authUser.User, externalCred))
                .Verifiable();

                EnableAllAuthenticators(Get <AuthenticationService>());
                var controller = GetController <AuthenticationController>();

                if (shouldChallenge)
                {
                    GetMock <AuthenticationService>()
                    .Setup(x => x.Challenge(enforcedProvider, It.IsAny <string>()))
                    .Returns(new ChallengeResult(enforcedProvider, null))
                    .Verifiable();
                }
                else
                {
                    GetMock <AuthenticationService>()
                    .Setup(x => x.CreateSessionAsync(controller.OwinContext, It.IsAny <AuthenticatedUser>()))
                    .Returns(Task.FromResult(0))
                    .Verifiable();
                }

                GetMock <AuthenticationService>()
                .Setup(x => x.ReadExternalLoginCredential(controller.OwinContext))
                .CompletesWith(new AuthenticateExternalLoginResult()
                {
                    ExternalIdentity = new ClaimsIdentity(),
                    Credential       = externalCred
                });

                // Act
                var result = await controller.SignIn(
                    new LogOnViewModel(
                        new SignInViewModel(
                            authUser.User.Username,
                            "thePassword")),
                    "theReturnUrl", linkingAccount : true);

                // Assert
                if (shouldChallenge)
                {
                    ResultAssert.IsChallengeResult(result, enforcedProvider);
                }
                else
                {
                    ResultAssert.IsSafeRedirectTo(result, "theReturnUrl");
                }
                GetMock <AuthenticationService>().VerifyAll();
                GetMock <IMessageService>().VerifyAll();
            }