public async Task Handle_GivenSavingSucceeds_ExpectSuccessfulResult() { var securityStamp = Guid.NewGuid(); var user = new Mock <IUser>(); user.Setup(x => x.SecurityStamp).Returns(securityStamp); user.Setup(x => x.Profile).Returns(new Profile(TestVariables.UserId, "first-name", "last-name")); var userRepository = new Mock <IUserRepository>(); var unitOfWork = new Mock <IUnitOfWork>(); unitOfWork.Setup(x => x.SaveEntitiesAsync(It.IsAny <CancellationToken>())).ReturnsAsync(() => true); userRepository.Setup(x => x.UnitOfWork).Returns(unitOfWork.Object); userRepository.Setup(x => x.Find(It.IsAny <Guid>(), It.IsAny <CancellationToken>())) .ReturnsAsync(() => Maybe.From <IUser>(user.Object)); var currentAuthenticatedUserProvider = new Mock <ICurrentAuthenticatedUserProvider>(); currentAuthenticatedUserProvider.Setup(x => x.CurrentAuthenticatedUser) .Returns(Maybe.From(new UnauthenticatedUser(TestVariables.UserId, MfaProvider.None) as ISystemUser)); var clock = new Mock <IClock>(); var handler = new ValidateEmailMfaCodeAgainstCurrentUserCommandHandler(userRepository.Object, currentAuthenticatedUserProvider.Object, clock.Object); var totp = new Totp(securityStamp.ToByteArray()); var code = totp.ComputeTotp(); var cmd = new ValidateEmailMfaCodeAgainstCurrentUserCommand(code); var result = await handler.Handle(cmd, CancellationToken.None); Assert.True(result.IsSuccess); }
public async Task Handle_GiveUserDoesExistButCodeIsNotValid_ExpectFailedResultAndPartialAttemptLogged() { var user = new Mock <IUser>(); var userRepository = new Mock <IUserRepository>(); var unitOfWork = new Mock <IUnitOfWork>(); unitOfWork.Setup(x => x.SaveEntitiesAsync(It.IsAny <CancellationToken>())).ReturnsAsync(() => true); userRepository.Setup(x => x.UnitOfWork).Returns(unitOfWork.Object); userRepository.Setup(x => x.Find(It.IsAny <Guid>(), It.IsAny <CancellationToken>())) .ReturnsAsync(() => Maybe.From <IUser>(user.Object)); var currentAuthenticatedUserProvider = new Mock <ICurrentAuthenticatedUserProvider>(); currentAuthenticatedUserProvider.Setup(x => x.CurrentAuthenticatedUser) .Returns(Maybe.From(new UnauthenticatedUser(TestVariables.UserId, MfaProvider.None) as ISystemUser)); var clock = new Mock <IClock>(); var handler = new ValidateEmailMfaCodeAgainstCurrentUserCommandHandler(userRepository.Object, currentAuthenticatedUserProvider.Object, clock.Object); var cmd = new ValidateEmailMfaCodeAgainstCurrentUserCommand("code"); var result = await handler.Handle(cmd, CancellationToken.None); user.Verify(x => x.ProcessPartialSuccessfulAuthenticationAttempt(It.IsAny <DateTime>(), AuthenticationHistoryType.EmailMfaFailed)); Assert.True(result.IsFailure); Assert.Equal(ErrorCodes.MfaCodeNotValid, result.Error.Code); }
public void Validate_GivenAllPropertiesAreValid_ExpectValidationSuccess() { var cmd = new ValidateEmailMfaCodeAgainstCurrentUserCommand("code"); var validator = new ValidateEmailMfaCodeAgainstCurrentUserCommandValidator(); var result = validator.Validate(cmd); Assert.True(result.IsValid); }
public void Validate_GivenCodeIsNull_ExpectValidationFailure() { var cmd = new ValidateEmailMfaCodeAgainstCurrentUserCommand(null); var validator = new ValidateEmailMfaCodeAgainstCurrentUserCommandValidator(); var result = validator.Validate(cmd); Assert.False(result.IsValid); Assert.Contains( result.Errors, failure => failure.ErrorCode.Equals(ValidationCodes.FieldIsRequired) && failure.PropertyName == "Code"); }
public async Task Handle_GivenNoUserAppearsToBeAuthenticate_ExpectFailedResult() { var userRepository = new Mock <IUserRepository>(); var unitOfWork = new Mock <IUnitOfWork>(); unitOfWork.Setup(x => x.SaveEntitiesAsync(It.IsAny <CancellationToken>())).ReturnsAsync(() => true); userRepository.Setup(x => x.UnitOfWork).Returns(unitOfWork.Object); var currentAuthenticatedUserProvider = new Mock <ICurrentAuthenticatedUserProvider>(); currentAuthenticatedUserProvider.Setup(x => x.CurrentAuthenticatedUser) .Returns(Maybe <ISystemUser> .Nothing); var clock = new Mock <IClock>(); var handler = new ValidateEmailMfaCodeAgainstCurrentUserCommandHandler(userRepository.Object, currentAuthenticatedUserProvider.Object, clock.Object); var cmd = new ValidateEmailMfaCodeAgainstCurrentUserCommand("code"); var result = await handler.Handle(cmd, CancellationToken.None); Assert.True(result.IsFailure); Assert.Equal(ErrorCodes.UserNotFound, result.Error.Code); }
private async Task <Result <ValidateEmailMfaCodeAgainstCurrentUserCommandResult, ErrorData> > Process(ValidateEmailMfaCodeAgainstCurrentUserCommand request, CancellationToken cancellationToken) { var currentUserMaybe = this._currentAuthenticatedUserProvider.CurrentAuthenticatedUser; if (!currentUserMaybe.HasValue || !(currentUserMaybe.Value is UnauthenticatedUser currentUser)) { return(Result.Fail <ValidateEmailMfaCodeAgainstCurrentUserCommandResult, ErrorData>( new ErrorData(ErrorCodes.UserNotFound))); } var userMaybe = await this._userRepository.Find(currentUser.UserId, cancellationToken); if (userMaybe.HasNoValue) { return(Result.Fail <ValidateEmailMfaCodeAgainstCurrentUserCommandResult, ErrorData>( new ErrorData(ErrorCodes.UserNotFound))); } var user = userMaybe.Value; var totp = new Totp(user.SecurityStamp.ToByteArray()); var result = totp.VerifyTotp(request.Code, out var _, new VerificationWindow(3, 3)); if (!result) { user.ProcessPartialSuccessfulAuthenticationAttempt( this._clock.GetCurrentInstant().ToDateTimeUtc(), AuthenticationHistoryType.EmailMfaFailed); return(Result.Fail <ValidateEmailMfaCodeAgainstCurrentUserCommandResult, ErrorData>( new ErrorData(ErrorCodes.MfaCodeNotValid))); } user.ProcessSuccessfulAuthenticationAttempt(this._clock.GetCurrentInstant().ToDateTimeUtc()); return(Result.Ok <ValidateEmailMfaCodeAgainstCurrentUserCommandResult, ErrorData>( new ValidateEmailMfaCodeAgainstCurrentUserCommandResult(user.Id))); }
public async Task <Result <ValidateEmailMfaCodeAgainstCurrentUserCommandResult, ErrorData> > Handle(ValidateEmailMfaCodeAgainstCurrentUserCommand request, CancellationToken cancellationToken) { var result = await this.Process(request, cancellationToken); var dbResult = await this._userRepository.UnitOfWork.SaveEntitiesAsync(cancellationToken); if (!dbResult) { return(Result.Fail <ValidateEmailMfaCodeAgainstCurrentUserCommandResult, ErrorData>(new ErrorData( ErrorCodes.SavingChanges, "Failed To Save Database"))); } return(result); }
public void Constructor_GiveValidArguments_PropertiesAreSet() { var validateEmailMfaCodeAgainstCurrentUserCommand = new ValidateEmailMfaCodeAgainstCurrentUserCommand("code"); Assert.Equal("code", validateEmailMfaCodeAgainstCurrentUserCommand.Code); }