public async Task Handle_UserNotFound_ShouldReturnFalse() { // Arrange var user = await _wolkDbContext.CreateAndSaveUser(); var request = new UserValidQuery { SecurityStamp = user.SecurityStamp, UserId = user.Id + 1 }; // Act var result = await _handler.Handle(request, CancellationToken.None); // Assert Assert.IsFalse(result); }
public async Task Authenticate_CredentialsCorrect_RehashPassword() { // Arrange var pass = "******"; var hash = PasswordUtilities.CreateDeprecatedPasswordHash(pass); var url = "/api/user/authenticate"; var user = await WolkDbContext.CreateAndSaveUser(u => u.PasswordHash = hash); var model = new SignInModel { Email = user.Email, Password = pass }; var request = new HttpRequestMessage(HttpMethod.Post, url) { Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json) }; // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.OK, response.StatusCode); // Check that the password hash has changed Assert.AreNotEqual(hash, user.PasswordHash); var passwordHasher = new PasswordHasher <Domain.Entities.User>(); Assert.AreEqual( PasswordVerificationResult.Success, passwordHasher.VerifyHashedPassword(user, user.PasswordHash, pass)); }
public async Task Handle_CredentialsCorrect_ShouldReturnLoggedInData() { // Arrange var user = await _wolkDbContext.CreateAndSaveUser(); var request = new SignInQuery { Email = user.Email, Password = "******" }; _mockSignInManager .Setup(m => m.CheckCredentialsAsync(request.Email, request.Password)) .ReturnsAsync(true); var jwt = "dsfad.jwt.rwsdf"; _mockJwtManager .Setup(m => m.CreateJwt(user)) .Returns(jwt); // Act var result = await _handler.Handle(request, CancellationToken.None); // Assert Assert.AreEqual(user.Email, result.Email); Assert.AreEqual(user.Id, result.Id); Assert.AreEqual(jwt, result.Token); }
protected async Task <string> GetJwt(User user = null) { if (user == null) { user = await WolkDbContext.CreateAndSaveUser(); } var jwtManager = ServiceProvider.GetService <IJwtManager>(); return(jwtManager.CreateJwt(user)); }
public async Task Authenticate_CredentialsCorrect() { // Arrange var url = "/api/user/authenticate"; var user = await WolkDbContext.CreateAndSaveUser(); var model = new SignInModel { Email = user.Email, Password = "******" }; var request = new HttpRequestMessage(HttpMethod.Post, url) { Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json) }; // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.OK, response.StatusCode); var content = await response.Content.ReadAsStringAsync(); var viewModel = JsonConvert.DeserializeObject <SignedInViewModel>(content); Assert.AreEqual(user.Id, viewModel.Id); Assert.AreEqual(user.Email, viewModel.Email); JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear(); var result = new JwtSecurityTokenHandler().ValidateToken(viewModel.Token, new TokenValidationParameters { IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(IdentityConfiguration.JwtSecret)), ValidateAudience = false, ValidateIssuer = false }, out var validatedToken); Assert.AreEqual(user.Id.ToString(), result.Claims.Single(c => c.Type == "sub").Value); // Act: do a call to get all notebooks with correct user token url = "/api/notebook"; request = new HttpRequestMessage(HttpMethod.Get, url); request.AddJwtBearer(viewModel.Token); using var notebookResponse = await HttpClient.SendAsync(request); // Assert Assert.IsTrue(notebookResponse.IsSuccessStatusCode); }
public async Task Authenticate_CredentialsIncorrect_ShouldReturn401() { // Arrange var url = "/api/user/authenticate"; var user = await WolkDbContext.CreateAndSaveUser(); var model = new SignInModel { Email = user.Email, Password = "******" }; var request = new HttpRequestMessage(HttpMethod.Post, url) { Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json) }; // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.Unauthorized, response.StatusCode); }
public async Task Register_EmailAlreadyExists_ShouldReturn409() { // Arrange var user = await WolkDbContext.CreateAndSaveUser(); var url = "/api/user"; var command = new CreateUserCommand { Email = user.Email, Password = "******" }; var request = new HttpRequestMessage(HttpMethod.Post, url) { Content = new StringContent(JsonConvert.SerializeObject(command), Encoding.UTF8, MimeTypes.Json) }; // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.Conflict, response.StatusCode); }
public async Task Authenticate_CredentialsCorrect_UserIsDeleted_ShouldReturn401() { // Arrange var url = "/api/user/authenticate"; var user = await WolkDbContext.CreateAndSaveUser(); var model = new SignInModel { Email = user.Email, Password = "******" }; var request = new HttpRequestMessage(HttpMethod.Post, url) { Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json) }; // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.OK, response.StatusCode); var content = await response.Content.ReadAsStringAsync(); var viewModel = JsonConvert.DeserializeObject <SignedInViewModel>(content); // Act: delete user WolkDbContext.Users.Remove(user); await WolkDbContext.SaveChangesAsync(); // Act: do a call to get all notebooks with "deleted" user token url = "/api/notebook"; request = new HttpRequestMessage(HttpMethod.Get, url); request.AddJwtBearer(viewModel.Token); using var notebookResponse = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.Unauthorized, notebookResponse.StatusCode); }
public async Task Register_RegistrationTurnedOff_ShouldReturn400() { // Arrange var existingUser = await WolkDbContext.CreateAndSaveUser(); var url = "/api/user"; var command = new CreateUserCommand { Email = "*****@*****.**", Password = "******" }; var request = new HttpRequestMessage(HttpMethod.Post, url) { Content = new StringContent(JsonConvert.SerializeObject(command), Encoding.UTF8, MimeTypes.Json) }; // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.BadRequest, response.StatusCode); var content = await response.Content.ReadAsStringAsync(); Assert.IsTrue(content.Contains("User registration not allowed according to condiguration.")); }
public async Task Register_HappyFlow() { // Arrange var existingUser = await WolkDbContext.CreateAndSaveUser(); var url = "/api/user"; var command = new CreateUserCommand { Email = "*****@*****.**", Password = "******" }; var request = new HttpRequestMessage(HttpMethod.Post, url) { Content = new StringContent(JsonConvert.SerializeObject(command), Encoding.UTF8, MimeTypes.Json) }; // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.NoContent, response.StatusCode); var user = await WolkDbContext.Users.SingleAsync(u => u.Email == command.Email); AssertCorrectPassword(user, command.Password); }