using AutoMapper; using Diligent.WebAPI.Business.MappingProfiles; using Diligent.WebAPI.Contracts.DTOs; using Diligent.WebAPI.Contracts.DTOs.Auth; using Diligent.WebAPI.Contracts.DTOs.User; using Diligent.WebAPI.Contracts.Models; using Diligent.WebAPI.Data.Entities; namespace Diligent.WebAPI.Tests.Controllers { public class AuthControllerTest { private IAuthenticationService _service = Substitute.For(); public AuthControllerTest() { } [Fact] public async Task ForgotPassword_ShouldReturn200OK_IfUserExistsAndMailIsSent() { _service.GetForgotPasswordUrlAsync("somemail@dilig.net").Returns(new ServiceResponseDTO { Data = new { code = "token", email = "somemail@dilig.net" } }); AuthenticationsController controller = new(_service); var result = await controller.ForgotPassword("somemail@dilig.net"); (result as OkObjectResult).StatusCode.Should().Be(200); } [Fact] public async Task ForgotPassword_ShouldReturn400BadRequest_IfUserNotFound() { _service.GetForgotPasswordUrlAsync("somemail@dilig.net").Returns(new ServiceResponseDTO { IsError = true, ErrorMessage = "Email did not find." }); AuthenticationsController controller = new(_service); var result = await controller.ForgotPassword("somemail@dilig.net"); (result as BadRequestObjectResult).StatusCode.Should().Be(400); } [Fact] public async Task ResetPassword_ShouldReturn200OK_IfUserExistsAndMailIsSent() { _service.PasswordResetAsync("somemail@dilig.net", "code", "NewPass123@").Returns(new ServiceResponseDTO { Data = true }); AuthenticationsController controller = new(_service); var result = await controller.ResetPassword(new Contracts.Models.ResetPasswordModel { Email = "somemail@dilig.net", Code = "code", Password = "NewPass123@" }); (result as OkObjectResult).StatusCode.Should().Be(200); } [Fact] public async Task ResetPassword_ShouldReturn400BadRequest_IfUserNotFoundOrDbError() { _service.PasswordResetAsync("somemail@dilig.net", "code", "NewPass123@").Returns(new ServiceResponseDTO { IsError = true, ErrorMessage = "Email did not find." }); AuthenticationsController controller = new(_service); var result = await controller.ResetPassword(new Contracts.Models.ResetPasswordModel { Email = "somemail@dilig.net", Code = "code", Password = "NewPass123@" }); (result as BadRequestObjectResult).StatusCode.Should().Be(400); } [Fact] public async Task Authenticate_ShouldReturn400BadRequest_IfUserCredentialsInValid() { _service.Authenticate(Arg.Any()).Returns(new ServiceResponseDTO { IsError = true, ErrorMessage = "Username is not valid" }); AuthenticationsController controller = new(_service); var result = await controller.Authenticate(new AuthenticateRequestDto { Username = "user", Password = "NewPass123@" }); (result as BadRequestObjectResult).StatusCode.Should().Be(400); } [Fact] public async Task Authenticate_ShouldReturn200OK_IfUserCredentialsValid() { _service.Authenticate(Arg.Any()).Returns(new ServiceResponseDTO { Data = new AuthenticateResponseDto { Token = "token", RefreshToken = "refreshToken", Id = 1, FirstName = "First", LastName = "Last", Username = "user" } }); AuthenticationsController controller = new(_service); var result = await controller.Authenticate(new AuthenticateRequestDto { Username = "user", Password = "NewPass123@" }); (result as OkObjectResult).StatusCode.Should().Be(200); } [Fact] public async Task RefreshToken_ShouldReturn400BadRequest_IfErrorOccured() { _service.RefreshTokenAsync(Arg.Any()).Returns(new RefreshTokenResultDto { Error = "Token is not associated with any user." }); AuthenticationsController controller = new(_service); var result = await controller.RefreshToken(new RefreshTokenRequestDto { RefreshToken = "refresh token", Token = "token", }); (result as BadRequestObjectResult).StatusCode.Should().Be(400); } [Fact] public async Task RefreshToken_ShouldReturn200OK_IfValidTokens() { _service.RefreshTokenAsync(Arg.Any()).Returns(new RefreshTokenResultDto { Data = new AuthenticateResponseDto { Id = 1, FirstName = "FirstName", LastName = "LastName", Username = "UserName", Token = "token", RefreshToken = "token" } }); AuthenticationsController controller = new(_service); var result = await controller.RefreshToken(new RefreshTokenRequestDto { RefreshToken = "refresh token", Token = "token", }); (result as OkObjectResult).StatusCode.Should().Be(200); } [Fact] public async Task Logout_ShouldReturn400BadRequest_IfErrorOccured() { _service.DeleteRefreshToken(Arg.Any()).Returns(new ServiceResponseDTO { IsError = true, ErrorMessage = "There is no refresh token for user" }); AuthenticationsController controller = new(_service); var result = await controller.Logout(1); (result as BadRequestObjectResult).StatusCode.Should().Be(400); } [Fact] public async Task Logout_ShouldReturn200OK_IfValidTokenExists() { _service.DeleteRefreshToken(Arg.Any()).Returns(new ServiceResponseDTO { Data = "sdsd", IsError = false, }); AuthenticationsController controller = new(_service); var result = await controller.Logout(1); var res = result as StatusCodeResult; Assert.NotNull(res); res.StatusCode.Should().Be(200); } [Fact] public async Task AuthenticateGoogle_ShouldReturn400BadRequest_IfUserCredentialsInValid() { _service.Authenticate(Arg.Any()).Returns(new ServiceResponseDTO { IsError = true, ErrorMessage = "Invalid Google Api Token" }); AuthenticationsController controller = new(_service); var result = await controller.GoogleLogin(new GoogleApiModel { Token = "Token", User = new GoogleApiTokenInfo { email = "mail@dilig.net" }, }); (result as BadRequestObjectResult).StatusCode.Should().Be(400); } [Fact] public async Task AuthenticateGoogle_ShouldReturn200OK_IfUserCredentialsValid() { _service.Authenticate(Arg.Any()).Returns(new ServiceResponseDTO { Data = new AuthenticateResponseDto { Token = "token", RefreshToken = "refreshToken", Id = 1, FirstName = "First", LastName = "Last", Username = "user" } }); AuthenticationsController controller = new(_service); var result = await controller.GoogleLogin(new GoogleApiModel { Token = "Token", User = new GoogleApiTokenInfo { email = "mail@dilig.net" }, }); (result as OkObjectResult).StatusCode.Should().Be(200); } [Fact] public async Task Register_ShouldReturn400BadRequest_IfUserModelIsNotValid() { _service.Register(Arg.Any()).Returns(new ServiceResponseDTO { IsError = true, ErrorMessage = "User not invited." }); AuthenticationsController controller = new(_service); var result = await controller.Register(new RegisterDTO { Confirm = "Password123@", Password = "Password123@", Token = "token", LinkedIn = "link", Email = "some.some@dilig.net", Phone = "0628264606", Position = "Senior Dev" }); (result as BadRequestObjectResult).StatusCode.Should().Be(400); } [Fact] public async Task Register_ShouldReturn200OK_IfUserModelIsValid() { _service.Register(Arg.Any()).Returns(new ServiceResponseDTO { Data = true }); AuthenticationsController controller = new(_service); var result = await controller.Register(new RegisterDTO { Confirm = "Password123@", Password = "Password123@", Token = "token", LinkedIn = "link", Email = "some.some@dilig.net", Phone = "0628264606", Position = "Senior Dev" }); (result as OkObjectResult).StatusCode.Should().Be(200); } } }