-
Notifications
You must be signed in to change notification settings - Fork 4
Expand file tree
/
Copy pathLoginServiceTest.cs
More file actions
180 lines (143 loc) · 7.49 KB
/
LoginServiceTest.cs
File metadata and controls
180 lines (143 loc) · 7.49 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
using System;
using System.Net;
using System.Net.Http;
using System.Text;
using Contentstack.Management.Core.Http;
using Contentstack.Management.Core.Services.User;
using Contentstack.Management.Core.Unit.Tests.Mokes;
using Microsoft.VisualStudio.TestTools.UnitTesting;
using Newtonsoft.Json;
namespace Contentstack.Management.Core.Unit.Tests.Core.Services.User
{
[TestClass]
public class LoginServiceTest
{
ICredentials credentials = new NetworkCredential("name", "password");
JsonSerializer serializer = JsonSerializer.Create(new JsonSerializerSettings());
[TestMethod]
public void Should_Not_Allow_Null_serializer()
{
Assert.ThrowsException<ArgumentNullException>(() => new LoginService(null, credentials));
}
[TestMethod]
public void Should_Not_Allow_Null_Credentials()
{
Assert.ThrowsException<ArgumentNullException>(() => new LoginService(serializer, null));
}
[TestMethod]
public void Should_Allow_Credentials()
{
var loginService = new LoginService(serializer, credentials);
loginService.ContentBody();
Assert.IsNotNull(loginService);
Assert.AreEqual("POST", loginService.HttpMethod);
Assert.AreEqual("user-session", loginService.ResourcePath);
Assert.AreEqual("{\"user\":{\"email\":\"name\",\"password\":\"password\"}}", Encoding.Default.GetString(loginService.ByteContent));
}
[TestMethod]
public void Should_Allow_Credentials_With_Token()
{
var loginService = new LoginService(serializer, credentials, "token");
loginService.ContentBody();
Assert.IsNotNull(loginService);
Assert.AreEqual("{\"user\":{\"email\":\"name\",\"password\":\"password\",\"tfa_token\":\"token\"}}", Encoding.Default.GetString(loginService.ByteContent));
}
[TestMethod]
public void Should_Allow_Credentials_With_MfaSecret()
{
string testMfaSecret = "JBSWY3DPEHPK3PXP"; // Base32 encoded "Hello!"
var loginService = new LoginService(serializer, credentials, null, testMfaSecret);
loginService.ContentBody();
Assert.IsNotNull(loginService);
var contentString = Encoding.Default.GetString(loginService.ByteContent);
Assert.IsTrue(contentString.Contains("\"email\":\"name\""));
Assert.IsTrue(contentString.Contains("\"password\":\"password\""));
Assert.IsTrue(contentString.Contains("\"tfa_token\":"));
// Verify the tfa_token is not null or empty in the JSON
Assert.IsFalse(contentString.Contains("\"tfa_token\":null"));
Assert.IsFalse(contentString.Contains("\"tfa_token\":\"\""));
}
[TestMethod]
public void Should_Generate_TOTP_Token_When_MfaSecret_Provided()
{
string testMfaSecret = "JBSWY3DPEHPK3PXP"; // Base32 encoded "Hello!"
var loginService1 = new LoginService(serializer, credentials, null, testMfaSecret);
var loginService2 = new LoginService(serializer, credentials, null, testMfaSecret);
loginService1.ContentBody();
loginService2.ContentBody();
var content1 = Encoding.Default.GetString(loginService1.ByteContent);
var content2 = Encoding.Default.GetString(loginService2.ByteContent);
// Both should contain tfa_token
Assert.IsTrue(content1.Contains("\"tfa_token\":"));
Assert.IsTrue(content2.Contains("\"tfa_token\":"));
// Extract the tokens for comparison (tokens should be 6 digits)
var token1Match = System.Text.RegularExpressions.Regex.Match(content1, "\"tfa_token\":\"(\\d{6})\"");
var token2Match = System.Text.RegularExpressions.Regex.Match(content2, "\"tfa_token\":\"(\\d{6})\"");
Assert.IsTrue(token1Match.Success);
Assert.IsTrue(token2Match.Success);
// Tokens should be valid 6-digit numbers
Assert.AreEqual(6, token1Match.Groups[1].Value.Length);
Assert.AreEqual(6, token2Match.Groups[1].Value.Length);
}
[TestMethod]
public void Should_Prefer_Explicit_Token_Over_MfaSecret()
{
string testMfaSecret = "JBSWY3DPEHPK3PXP";
// file deepcode ignore NoHardcodedCredentials/test: random test token
string explicitToken = "123456";
var loginService = new LoginService(serializer, credentials, explicitToken, testMfaSecret);
loginService.ContentBody();
var contentString = Encoding.Default.GetString(loginService.ByteContent);
// Should use the explicit token, not generate one from MFA secret
Assert.IsTrue(contentString.Contains("\"tfa_token\":\"123456\""));
}
[TestMethod]
[ExpectedException(typeof(ArgumentException))]
public void Should_Throw_Exception_For_Invalid_Base32_MfaSecret()
{
// Invalid Base32 secret (contains invalid characters)
string invalidMfaSecret = "INVALID_BASE32_123!@#";
var loginService = new LoginService(serializer, credentials, null, invalidMfaSecret);
}
[TestMethod]
public void Should_Not_Generate_Token_When_MfaSecret_Is_Empty()
{
var loginService = new LoginService(serializer, credentials, null, "");
loginService.ContentBody();
var contentString = Encoding.Default.GetString(loginService.ByteContent);
// Should not contain tfa_token when MFA secret is empty
Assert.IsFalse(contentString.Contains("\"tfa_token\":"));
Assert.AreEqual("{\"user\":{\"email\":\"name\",\"password\":\"password\"}}", contentString);
}
[TestMethod]
public void Should_Not_Generate_Token_When_MfaSecret_Is_Null()
{
var loginService = new LoginService(serializer, credentials, null, null);
loginService.ContentBody();
var contentString = Encoding.Default.GetString(loginService.ByteContent);
// Should not contain tfa_token when MFA secret is null
Assert.IsFalse(contentString.Contains("\"tfa_token\":"));
Assert.AreEqual("{\"user\":{\"email\":\"name\",\"password\":\"password\"}}", contentString);
}
[TestMethod]
public void Should_Override_Authtoken_To_ContentstackOptions_On_Success()
{
var loginService = new LoginService(serializer, credentials);
var config = new ContentstackClientOptions();
ContentstackResponse httpResponse = MockResponse.CreateContentstackResponse("LoginResponse.txt");
Assert.IsNull(config.Authtoken);
loginService.OnResponse(httpResponse, config);
Assert.AreEqual("authtoken", config.Authtoken);
}
[TestMethod]
public void Should_Not_Override_Authtoken_To_ContentstackOptions_On_Failuer_response()
{
var loginService = new LoginService(serializer, credentials);
var config = new ContentstackClientOptions();
ContentstackResponse httpResponse = MockResponse.CreateContentstackResponse("422Response.txt");
Assert.IsNull(config.Authtoken);
loginService.OnResponse(httpResponse, config);
Assert.IsNull(config.Authtoken);
}
}
}