private async Task CreateNewUser() { var userIdentity = new UserIdentityModel(); foreach (var claim in User.Claims) { if (claim.Type == "sub") { userIdentity.sub = claim.Value; } if (claim.Type == "given_name") { userIdentity.given_name = claim.Value; } if (claim.Type == "family_name") { userIdentity.given_name = claim.Value; } } var existUser = await _userManager.FindByIdAsync(userIdentity.sub); if (existUser == null) { } }
public void AuthenticateCommand_PresentWrongPassword_ThrowsException() { // ---- Arrange ---- const string email = "*****@*****.**"; const string name = "Test user"; const string wrongPassword = "******"; const string password = "******"; var passwordHash = AuthUtils.GetMd5Hash(password); var testUser = new UserIdentityModel( Guid.NewGuid(), email, "Test user", name, passwordHash, Instant.MinValue); _authRepositoryMock.Setup(r => r.GetUserIdentity(email)) .ReturnsAsync(() => testUser); var command = new AuthenticateUserCommand(email, wrongPassword); var handler = new AuthenticateUserCommandHandler(_repositoryProviderMock.Object, _configuration); // ---- Act & Assert ---- Assert.ThrowsAsync <WrongPasswordException>( async() => await handler.Handle(command, CancellationToken.None)); _authRepositoryMock.Verify(r => r.GetUserIdentity(email), Times.Once); }
public UserIdentityModel Register(UserIdentityModel model) { _userRepository.Save(model); _userRepository.Dispose(); return(model); }
public static List <UserIdentityModel> ToUserCredentialModel(DbDataReader readers) { if (readers == null) { return(null); } var models = new List <UserIdentityModel>(); while (readers.Read()) { var model = new UserIdentityModel { Id = Convert.IsDBNull(readers["Id"]) ? string.Empty : Convert.ToString(readers["Id"]), Email = Convert.IsDBNull(readers["Email"]) ? string.Empty : Convert.ToString(readers["Email"]), PhoneNumber = Convert.IsDBNull(readers["PhoneNumber"]) ? string.Empty : Convert.ToString(readers["PhoneNumber"]), FullName = Convert.IsDBNull(readers["FullName"]) ? string.Empty : Convert.ToString(readers["FullName"]), UserTypeId = Convert.ToInt32(readers["UserTypeId"]), IsActive = Convert.ToBoolean(readers["IsActive"]), LoginID = Convert.IsDBNull(readers["LoginID"]) ? string.Empty : Convert.ToString(readers["LoginID"]), }; models.Add(model); } return(models); }
public ResponseModel Save(UserIdentityModel model) { var err = string.Empty; const string sql = @"INSERT INTO UserCredentials(Id,LoginID,Password,UserName,Email,UserTypeId,IsActive,DesignationId,DepartmentId,RoomId,PhoneNumber) VALUES(@Id,@LoginID,@Password,@UserName,@Email,@UserTypeId,1,@DesignationId,@DepartmentId,@RoomId,@PhoneNumber)"; var queryParamList = new QueryParamList { new QueryParamObj { ParamName = "@Id", ParamValue = Guid.NewGuid().ToString() }, new QueryParamObj { ParamName = "@LoginID", ParamValue = model.LoginID }, new QueryParamObj { ParamName = "@Password", ParamValue = model.Password }, new QueryParamObj { ParamName = "@Email", ParamValue = model.Email }, new QueryParamObj { ParamName = "@UserTypeId", ParamValue = model.UserTypeId }, new QueryParamObj { ParamName = "@PhoneNumber", ParamValue = model.PhoneNumber } }; DBExecCommandEx(sql, queryParamList, ref err); return(new ResponseModel { Success = string.IsNullOrEmpty(err) }); }
private void UserIdentityModelTest() { var userIdentityString = @"!def!xyz%[email protected]"; UserIdentityModel userIdentityModel = new UserIdentityModel(userIdentityString); ValidateAndShowValidationResult(userIdentityModel, nameof(userIdentityModel)); }
public Member(DbContext context) { var user = context.Set <User>().FirstOrDefault(u => u.Login == "*****@*****.**" && u.Name == "Test User"); _user = new UserIdentityModel { Id = user.Id, Login = user.Login, Name = user.Name }; }
public UserLoginFailed(Guid operationId, UserIdentityModel user) { Assert.NotNull("user", user); OperationId = operationId; Code = "LOGIN_FAILED"; Description = string.Format("User [{0}] could not to log in.", user.UserName); Data = null; }
public async Task <UserModel> RegisterUser(UserIdentityModel user) { var userDbEntity = user.ToDbEntity(); _dbContext.Users.Add(userDbEntity); await _dbContext.SaveChangesAsync(); return(userDbEntity.ToDomainModel()); }
public static UserDbEntity ToDbEntity(this UserIdentityModel userIdentity) => new UserDbEntity() { Id = userIdentity.Id, Email = userIdentity.Email, Name = userIdentity.Name, Role = userIdentity.Role, RegistrationDate = userIdentity.RegistrationDate.ToUnixTimeMilliseconds(), PasswordHash = userIdentity.PasswordHash };
private ClaimsIdentity GetClaimsIdentity(UserIdentityModel userIdentity) { var claims = new[] { new Claim(ClaimTypes.PrimarySid, userIdentity.Id.ToString()), new Claim(ClaimTypes.NameIdentifier, userIdentity.Email) }; return(new ClaimsIdentity(claims, AuthUtils.Jwt.AuthType)); }
public UserLoggedIn(Guid operationId, UserIdentityModel user) { if (user == null) { throw new ArgumentNullException("user"); } OperationId = operationId; Code = "LOGIN"; Description = string.Format("User [{0}] successfully logged in.", user.UserName); Data = null; }
public IActionResult Register([FromBody] UserIdentityModel model) { var user = _authenticationBusiness.Register(model); if (user == null) { return(BadRequest(new { message = "Username or password is incorrect" })); } return(Ok(user)); }
private IEnumerable <Claim> GenerateIdentityClaims(UserIdentityModel userIdentity) { var claims = new List <Claim> { new Claim(ClaimTypes.NameIdentifier, userIdentity.Id.ToString()), new Claim(ClaimTypes.Name, userIdentity.UserName) }; claims.AddRange(userIdentity.Roles.Select(userRole => new Claim(ClaimTypes.Role, userRole))); return(claims); }
public void AuthenticateCommand_AuthUser_SuccessAuth() { // ---- Arrange ---- const string email = "*****@*****.**"; const string name = "Test user"; const string password = "******"; var passwordHash = AuthUtils.GetMd5Hash(password); var clock = new FakeClock(SystemClock.Instance.GetCurrentInstant()); var testUser = new UserIdentityModel( Guid.NewGuid(), email, name, "user", passwordHash, clock.GetCurrentInstant()); _authRepositoryMock.Setup(r => r.GetUserIdentity(email)) .ReturnsAsync(() => testUser); var command = new AuthenticateUserCommand(email, password); var handler = new AuthenticateUserCommandHandler(_repositoryProviderMock.Object, _configuration) { Clock = clock }; AuthAccessModel result = null; var lifetime = DurationUtils.FromString( _configuration[$"{AuthUtils.Jwt.ConfigKeys.Section}:{AuthUtils.Jwt.ConfigKeys.LifetimeKey}"]); // ---- Act ---- Assert.DoesNotThrowAsync(async() => { result = await handler.Handle(command, CancellationToken.None); }); clock.Advance(lifetime); // for check expires token instant // ---- Assert ---- Assert.IsNotNull(result); Assert.AreEqual(testUser.Id, result.Id); Assert.AreEqual(testUser.Email, result.Email); Assert.AreEqual(clock.GetCurrentInstant(), result.ExpiresAt); Assert.AreEqual(clock.GetCurrentInstant(), result.ExpiresAt); Assert.AreEqual("user", testUser.Role); Assert.IsNotEmpty(result.Token); _authRepositoryMock.Verify(r => r.GetUserIdentity(email), Times.Once); }
public async Task <UserIdentityModel> GetCurrentUserAsync() { var identityUser = await _userManager.GetUserAsync(User); var currentUser = new UserIdentityModel { Id = identityUser.Id, Name = identityUser.UserName, Email = identityUser.Email }; return(currentUser); }
public UserIdentityModel Handle(UserIdentityModel model) { if (string.IsNullOrWhiteSpace(model?.Login)) { throw new AuthenticationException(); } var userRepo = GetRepository <IUserRepository>(); var userDb = userRepo.Query().FirstOrDefault(u => u.Login == model.Login) ?? userRepo.Create(model.Login, null, null); Update(userDb, model); return(model); }
private async Task CreateUserSession(User user, UserIdentityModel result) { result.Token = await BuildToken(user.Id, user.UserRole.Name); result.User = new UserCookieModel { Username = user.Username, Email = user.Email, Firstname = user.FirstName, Lastname = user.LastName, Role = user.UserRole.Name, UserId = user.Id, CompanyId = user.CompanyId }; }
public async Task UserCartServicesClean() { // Arrange var user = new User(); user.balance = 10000; user.userId = 1; var userId = new UserIdentityModel(user.userId); var item1 = new Item(); item1.cost = 100; item1.id = 1; var item2 = new Item(); item2.cost = 200; item2.id = 2; var item3 = new Item(); item3.cost = 300; item3.id = 3; var userCart = new UserCart(); userCart.cartItems = new Dictionary <int, int>(); userCart.cartItems[1] = 1; userCart.cartItems[2] = 2; userCart.cartItems[3] = 3; var userDataAccess = new Mock <IUserDataAccess>(); var userCartDataAccess = new Mock <IUserCartDataAccess>(); var itemDataAccess = new Mock <IItemDataAccess>(); userDataAccess.Setup(x => x.GetAsync(userId)).ReturnsAsync(user); userCartDataAccess.Setup(x => x.GetAsync(userId)).ReturnsAsync(userCart); itemDataAccess.Setup(x => x.GetAsync(item1.id)).ReturnsAsync(item1); itemDataAccess.Setup(x => x.GetAsync(item2.id)).ReturnsAsync(item2); itemDataAccess.Setup(x => x.GetAsync(item3.id)).ReturnsAsync(item3); var userCartServices = new UserCartServices(userId, userDataAccess.Object, itemDataAccess.Object, userCartDataAccess.Object); userCartServices.User.userCart.cartItems.Count.Should().Be(3); userCartServices.Clear(); userCartServices.User.userCart.cartItems.Count.Should().Be(0); userCartServices.User.userCart.choosenBonus.Should().Be(null); }
/// <exception cref="InvalidEmailFormatException"></exception> /// <exception cref="UserAlreadyExistsException"></exception> /// <exception cref="InvalidNameFormatException"></exception> /// <exception cref="WeakPasswordException"></exception> public async Task <UserModel> Handle(RegisterUserCommand request, CancellationToken cancellationToken) { // Check is email valid if (!AuthUtils.ValidateEmail(request.Email)) { throw new InvalidEmailFormatException(request.Email); } // Check is user already exists var isExists = await _usersRepository.IsUserIdentityExists(request.Email); if (isExists) { throw new UserAlreadyExistsException(request.Email); } // Check name if (!AuthUtils.ValidateName(request.Name)) { throw new InvalidNameFormatException(request.Name); } // Check password stronger if (!AuthUtils.CheckPasswordComplexity(request.Password)) { throw new WeakPasswordException(); } // Generate password hash var passwordHash = AuthUtils.GetMd5Hash(request.Password); // User registration instant var registrationInstant = Clock.GetCurrentInstant(); var user = new UserIdentityModel( Guid.NewGuid(), request.Email, request.Name, "user", passwordHash, registrationInstant ); // Register user var registrationResult = await _usersRepository.RegisterUser(user); return(registrationResult); }
public IActionResult Get() { var userIdentitys = from c in User.Claims select new UserIdentity { Type = c.Type, Value = c.Value }; var result = new UserIdentityModel() { Description = "Access user order api successfully", UserIdentitys = userIdentitys.ToList() }; return(new JsonResult(result)); }
public async Task GetAsyncUser() { // Arrange var user = new User(); user.userId = 1; var userId = new UserIdentityModel(user.userId); var userDataAccess = new Mock <IUserDataAccess>(); userDataAccess.Setup(x => x.GetAsync(userId)).ReturnsAsync(user); var userGetService = new UserGetService(userDataAccess.Object); // Act var result = await userGetService.GetAsync(userId); // Assert result.Should().Be(user); }
private void Update(User userDb, UserIdentityModel model) { var isNew = userDb.Id == 0; if (isNew && string.IsNullOrWhiteSpace(model.Name)) { model.Name = model.Login; } if (!string.IsNullOrWhiteSpace(model.Name) && userDb.Name != model.Name) { userDb.Name = model.Name; } if (string.IsNullOrWhiteSpace(model.Email)) { model.Email = null; } if (userDb.Email != model.Email) { userDb.Email = model.Email; } using (Transaction()) { userDb.LastActivityDate = AC.Inst.Offset.Now; if (isNew) { GetRepository <IUserRepository>().Insert(userDb); } else { GetRepository <IUserRepository>().Update(userDb); } Commit(); } model.Id = userDb.Id; model.Lang = userDb.Lang; }
public async Task UserCartServicesAdd() { // Arrange var user = new User(); user.balance = 10000; user.userId = 1; var userId = new UserIdentityModel(user.userId); var item1 = new Item(); item1.cost = 100; item1.id = 1; var item2 = new Item(); item2.cost = 200; item2.id = 2; var item3 = new Item(); item3.cost = 300; item3.id = 3; var userCart = new UserCart(); var userDataAccess = new Mock <IUserDataAccess>(); var userCartDataAccess = new Mock <IUserCartDataAccess>(); var itemDataAccess = new Mock <IItemDataAccess>(); userDataAccess.Setup(x => x.GetAsync(userId)).ReturnsAsync(user); userCartDataAccess.Setup(x => x.GetAsync(userId)).ReturnsAsync(userCart); itemDataAccess.Setup(x => x.GetAsync(item1.id)).ReturnsAsync(item1); itemDataAccess.Setup(x => x.GetAsync(item2.id)).ReturnsAsync(item2); itemDataAccess.Setup(x => x.GetAsync(item3.id)).ReturnsAsync(item3); var userCartServices = new UserCartServices(userId, userDataAccess.Object, itemDataAccess.Object, userCartDataAccess.Object); userCartServices.AddItem(item1); userCartServices.AddItem(item2); userCartServices.AddItem(item3); userCartServices.User.userCart.cartItems.Count.Should().Be(3); }
public bool InitializeContext() { try { var actualUser = _accountService.GetLoggedUser(); if (actualUser == null) { return(false); } var context = new ContextModel { User = actualUser, AllLanguages = _userManagerService.GetLanguages().OrderBy(o => o.IdLanguage).ToList() }; context.ActualLanguage = context.User.Language == null?context.AllLanguages.FirstOrDefault() : _userManagerService.GetLanguages().FirstOrDefault(lan => lan.ID == context.User.Language.ID); SetContext(context); var userIdentity = new UserIdentityModel(actualUser.Username, new List <string> { actualUser.Role.ToString().SHA256Encript() }); HttpContext.Current.User = userIdentity; var cookie = new HttpCookie(actualUser.Username, actualUser.Role.ToString().SHA256Encript()); HttpContext.Current.Response.Cookies.Add(cookie); } catch (Exception ex) { LogService.WriteLog(ex.GetStringLog(), LogService.TypeLevel.Error, ex); } return(true); }
private bool ValidatePassword(string providedPassword, UserIdentityModel identity) { var hash = AuthUtils.GetMd5Hash(providedPassword); return(StringComparer.OrdinalIgnoreCase.Compare(hash, identity.PasswordHash) == 0); }
// // GetUserInfo public SocialViewModel GetUserInfo(string token) { string space = " "; using (var client = new HttpClient()) { client.BaseAddress = new Uri("http://localhost:51639"); client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); client.DefaultRequestHeaders.Add("x-token", token); var res = client.GetAsync($"/api/identity/getUserProfile").Result; if (res.IsSuccessStatusCode == true) { UserIdentityModel userIdentityModel = new UserIdentityModel(); userIdentityModel = res.Content.ReadAsAsync <UserIdentityModel>().Result; SocialViewModel socialViewModel = new SocialViewModel(); socialViewModel.UserIdentityModel = userIdentityModel; //set MyName in cookie HttpCookie MyNameCookie = new HttpCookie("My_Name"); if (userIdentityModel.Name != null) { MyNameCookie.Value = userIdentityModel.Name.ToString(); } else { MyNameCookie.Value = space.ToString(); } Response.Cookies.Add(MyNameCookie); /// //set MyAge in cookie HttpCookie MyAgeCookie = new HttpCookie("My_Age"); if (userIdentityModel.Age != null) { MyAgeCookie.Value = userIdentityModel.Age.ToString(); } else { MyAgeCookie.Value = space.ToString(); } Response.Cookies.Add(MyAgeCookie);/// //set MyAddress in cookie HttpCookie MyAddressCookie = new HttpCookie("My_Address"); if (userIdentityModel.Address != null) { MyAddressCookie.Value = userIdentityModel.Address.ToString(); } else { MyAddressCookie.Value = space.ToString(); } Response.Cookies.Add(MyAddressCookie);/// //set MyWorkPlace in cookie HttpCookie MyWorkPlaceCookie = new HttpCookie("My_WorkPlace"); if (userIdentityModel.WorkPlace != null) { MyWorkPlaceCookie.Value = userIdentityModel.WorkPlace.ToString(); } else { MyWorkPlaceCookie.Value = space.ToString(); } Response.Cookies.Add(MyWorkPlaceCookie);/// return(socialViewModel); } else { return(null); } }; }
//TODO: common parts of grant refresh token and grant resource owner credentials to separate method public override Task GrantRefreshToken(OAuthGrantRefreshTokenContext context) { var options = new JsonSerializerSettings() { ContractResolver = new CamelCasePropertyNamesContractResolver() }; options.Converters.Insert(0, new HttpServiceErrorConverter()); var identity = context.Ticket.Identity; if (identity == null) { context.SetError("Couldn't deserialize identity from refresh token."); return(Task.FromResult <object>(null)); } var userIdClaim = identity.FindFirst(ClaimTypes.Sid); if (userIdClaim == null) { context.SetError("Refresh token doesn't contain user id. Can't grant access."); return(Task.FromResult <object>(null)); } var container = context.OwinContext.GetAutofacLifetimeScope(); var transactionFactory = container.Resolve <ITransactionFactory>(); var membershipService = container.Resolve <IAuthorizationService>(); var userId = Guid.Parse(userIdClaim.Value); UserIdentityModel user = null; var transaction = transactionFactory.BeginTransaction(IsolationLevel.ReadCommitted); try { user = membershipService.RefreshLogin(new IdentityQuery <Guid>(userId)); transaction.Commit(); } catch (SecurityException ex) { transaction.Commit(); var errorJson = JsonConvert.SerializeObject(ex.UserMessage, options); context.SetError("LoginFailure", errorJson); return(Task.FromResult <object>(null)); } finally { transaction.Dispose(); } if (user == null) { throw new InvalidOperationException("Refresh login returned null"); } var newIdentity = new ClaimsIdentity(context.Options.AuthenticationType); foreach (var claimModel in user.Claims) { newIdentity.AddClaim(new Claim(claimModel.Type, claimModel.Value)); } var client = context.OwinContext.Get <ApplicationClientModel>("vabank:client"); newIdentity.AddClaim(new Claim(ClaimModel.Types.ClientId, client.Id)); context.OwinContext.Set("vabank:user", user); // Set CORS header context.Response.Headers.Set("Access-Control-Allow-Origin", client.AllowedOrigin); // Set state as validated context.Validated(newIdentity); var cookieIdentity = new ClaimsIdentity(identity.Claims, CookieAuthenticationDefaults.AuthenticationType); context.Request.Context.Authentication.SignIn(cookieIdentity); return(base.GrantRefreshToken(context)); }
public override Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { //Validate user name and password here var container = context.OwinContext.GetAutofacLifetimeScope(); var transactionFactory = container.Resolve <ITransactionFactory>(); var membershipService = container.Resolve <IAuthorizationService>(); var options = new JsonSerializerSettings() { ContractResolver = new CamelCasePropertyNamesContractResolver() }; options.Converters.Insert(0, new HttpServiceErrorConverter()); var client = context.OwinContext.Get <ApplicationClientModel>("vabank:client"); if (client != null) { var appClientIdentity = new ClaimsIdentity(context.Options.AuthenticationType); appClientIdentity.AddClaim(new Claim(ClaimModel.Types.ClientId, client.Id)); Thread.CurrentPrincipal = new ClaimsPrincipal(appClientIdentity); } var loginCommand = new LoginCommand { Login = context.UserName, Password = context.Password }; UserIdentityModel user = null; var transaction = transactionFactory.BeginTransaction(IsolationLevel.ReadCommitted); try { user = membershipService.Login(loginCommand); transaction.Commit(); } catch (ValidationException ex) { var error = new HttpServiceError(ex); context.SetError("LoginValidationError", JsonConvert.SerializeObject(error, options)); transaction.Rollback(); return(Task.FromResult <object>(null)); } catch (SecurityException ex) { transaction.Commit(); var errorJson = JsonConvert.SerializeObject(new HttpServiceError(ex), options); context.SetError("LoginFailure", errorJson); return(Task.FromResult <object>(null)); } finally { transaction.Dispose(); } if (user == null) { throw new InvalidOperationException("Service returned null for login command"); } var identity = new ClaimsIdentity(context.Options.AuthenticationType); foreach (var claimModel in user.Claims) { identity.AddClaim(new Claim(claimModel.Type, claimModel.Value)); } identity.AddClaim(new Claim(ClaimModel.Types.ClientId, client.Id)); context.OwinContext.Set("vabank:user", user); // Set CORS header context.Response.Headers.Set("Access-Control-Allow-Origin", client.AllowedOrigin); // Set state as validated and set cookie context.Validated(identity); var cookieIdentity = new ClaimsIdentity(identity.Claims, CookieAuthenticationDefaults.AuthenticationType); context.Request.Context.Authentication.SignIn(cookieIdentity); return(base.GrantResourceOwnerCredentials(context)); }