public async Task CanChangePassword()
{
// Arrange
var principals = new List <ClaimsPrincipal>();
void ConfigureTestServices(IServiceCollection services) =>
services.SetupGetUserClaimsPrincipal(user => principals.Add(user), IdentityConstants.ApplicationScheme);
var server = ServerFactory
.WithWebHostBuilder(whb => whb.ConfigureTestServices(ConfigureTestServices));
var client = server.CreateClient();
var newClient = server.CreateClient();
var userName = $"{Guid.NewGuid()}@example.com";
var password = "******";
var index = await UserStories.RegisterNewUserAsync(client, userName, password);
// Act 1
var changedPassword = await UserStories.ChangePasswordAsync(index, "!Test.Password1", "!Test.Password2");
// Assert 1
// RefreshSignIn generates a new security stamp claim
AssertClaimsNotEqual(principals[0], principals[1], "AspNet.Identity.SecurityStamp");
// Act 2
await UserStories.LoginExistingUserAsync(newClient, userName, "!Test.Password2");
// Assert 2
// Signing in again with a different client uses the same security stamp claim
AssertClaimsEqual(principals[1], principals[2], "AspNet.Identity.SecurityStamp");
}