authentication tests finished

Backend/Diligent.WebAPI.Business/Interfaces/IAuthenticationService.cs

@@ -9,7 +9,7 @@ namespace Diligent.WebAPI.Business.Interfaces
 {
     public interface IAuthenticationService
     {
-        Task<bool> ValidateCustomer(string usernmae, string password);
-        Task<string> GenerateToken();
+        Task<bool> ValidateCustomer(string username, string password);
+        Task<string?> GenerateToken();
     }
 }

Backend/Diligent.WebAPI.Business/Services/AuthenticationService.cs

@@ -17,7 +17,7 @@ namespace Diligent.WebAPI.Business.Services
     {
         private readonly UserManager<Customer> _customerManager;
         private readonly IConfiguration _configuration;
-        private Customer customer;
+        private Customer _customer;
         public AuthenticationService(UserManager<Customer> customerManager,IConfiguration configuration)
         {
             _customerManager = customerManager;
@@ -26,13 +26,14 @@ namespace Diligent.WebAPI.Business.Services
 
         public async Task<bool> ValidateCustomer(string username,string password)
         {
-            customer = await _customerManager.FindByNameAsync(username);
-            return (customer != null && await _customerManager.CheckPasswordAsync
-            (customer, password));
+            _customer = await _customerManager.FindByNameAsync(username);
+            return (_customer != null && await _customerManager.CheckPasswordAsync
+            (_customer, password));
         }
 
-        public async Task<string> GenerateToken()
+        public async Task<string?> GenerateToken()
         {
+            if (_customer == null) return null;
             var signingCredentials = GetSigningCredentials();
             var claims = await GetClaims();
             var tokenOptions = GenerateTokenOptions(signingCredentials, claims);
@@ -43,14 +44,14 @@ namespace Diligent.WebAPI.Business.Services
         private async Task<List<Claim>> GetClaims()
         {
             //method creates a list of claims with the user name inside and all the roles the user belongs to.
-            Claim claim = new (ClaimTypes.Name, customer.UserName);
+            Claim claim = new (ClaimTypes.Name, _customer.UserName);
 
             var claims = new List<Claim>
             {
                 claim
             };
 
-            IList<string> roles = await _customerManager.GetRolesAsync(customer);
+            IList<string> roles = await _customerManager.GetRolesAsync(_customer);
 
             foreach (var role in roles)
             {

Backend/Diligent.WebAPI.Host/Mediator/Authentication/Handlers/AddRoleHandler.cs

@@ -2,7 +2,6 @@
 using Diligent.WebAPI.Host.Mediator.Authentication.Commands;
 using MediatR;
 using Microsoft.AspNetCore.Identity;
-using System.Web.Http.ModelBinding;
 
 namespace Diligent.WebAPI.Host.Mediator.Authentication.Handlers
 {

Backend/Diligent.WebAPI.Host/Mediator/Authentication/Handlers/RegisterUserHandler.cs

@@ -33,10 +33,14 @@ namespace Diligent.WebAPI.Host.Mediator.Authentication.Handlers
             };
 
             var result = await _customerManager.CreateAsync(customer, customerCreateDTO.Password);
+
+            if (!result.Succeeded)
+                throw new BadHttpRequestException("Something went wrong");
+
             await _customerManager.AddToRoleAsync(customer, "Support");
             await _authenticationService.ValidateCustomer(customer.UserName, customerCreateDTO.Password);
             var customerReadDTO = _mapper.Map<CustomerReadDTO>(customer);
-            customerReadDTO.Token = await _authenticationService.GenerateToken();
+            customerReadDTO.Token = await _authenticationService.GenerateToken() ?? "";
             customerReadDTO.Roles = (List<string>)await _customerManager.GetRolesAsync(customer);
 
             return customerReadDTO;

Backend/Tests/AuthenticationTests.cs

@@ -0,0 +1,177 @@
+using AutoMapper;
+using Diligent.WebAPI.Business.Interfaces;
+using Diligent.WebAPI.Business.Services;
+using Diligent.WebAPI.Data.Entities;
+using Diligent.WebAPI.Host.DTOs.Customer;
+using Diligent.WebAPI.Host.Mapper;
+using Diligent.WebAPI.Host.Mediator.Authentication.Commands;
+using Diligent.WebAPI.Host.Mediator.Authentication.Handlers;
+using Diligent.WebAPI.Host.Mediator.Authentication.Queries;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.Extensions.Configuration;
+using Moq;
+
+namespace Tests
+{
+    [TestFixture]
+    public class AuthenticationTests
+    {
+        private Mock<IAuthenticationService> _authenticationServiceMock;
+        private IAuthenticationService _authenticationService;
+        private IMapper _mapper;
+        private IConfiguration _configuration;
+        private Mock<ICustomerService> _customerServiceMock;
+        private Mock<UserManager<Customer>> _userManagerMock;
+        private readonly Customer _customer = new()
+        {
+            Id = Guid.NewGuid(),
+            Email = "user@gmail.com",
+            FirstName = "User",
+            LastName = "User",
+            Notifications = new List<Notification>(),
+            Roles = new List<Guid> { Guid.NewGuid() },
+            UserName = "user12"
+        };
+        private readonly CustomerCreateDTO _customerCreateDTO = new()
+        {
+            Email = "user@gmail.com",
+            FirstName = "User",
+            LastName = "User",
+            Username = "user12"
+        };
+
+        [SetUp]
+        public void Setup()
+        {
+            var inMemorySettings = new Dictionary<string, string> {
+                {"JwtSettings:jwtSecret", "Ovo je neka sifra koja treba biti tajna"},
+                {"JwtSettings:validIssuer", "http://localhost:5116"},
+                {"JwtSettings:validAudience", "http://localhost:3000"},
+            };
+            _configuration = new ConfigurationBuilder()
+                .AddInMemoryCollection(inMemorySettings)
+                .Build();
+            _authenticationServiceMock = new Mock<IAuthenticationService>();
+            _customerServiceMock = new Mock<ICustomerService>();
+            _userManagerMock = new Mock<UserManager<Customer>>(Mock.Of<IUserStore<Customer>>(), null, null, null, null, null, null, null, null);
+            _authenticationService = new AuthenticationService(_userManagerMock.Object, _configuration);
+            var configuration = new MapperConfiguration(cfg => cfg.AddProfile(new CustomerMappingProfile()));
+            _mapper = new Mapper(configuration);
+
+        }
+
+        //Tests for authentication handler
+
+        [Test]
+        public void LoginUser_UserIsNotAuthenticated_ThrowBadHttpRequestException()
+        {
+            _authenticationServiceMock.Setup(a => a.ValidateCustomer(It.IsAny<string>(), It.IsAny<string>())).Returns(Task.FromResult(false));
+            var query = new LoginUserQuery(new CustomerLoginDTO { Username = "user1", Password = "somePassword" });
+            var handler = new LoginUserHandler(_userManagerMock.Object, _authenticationServiceMock.Object, _mapper, _customerServiceMock.Object);
+
+            Assert.That(async () => await handler.Handle(query, new CancellationToken()), Throws.Exception.TypeOf<BadHttpRequestException>());
+        }
+        [Test]
+        public async Task LoginUser_UserIsAuthenticated_ReturnUserObject()
+        {
+            var list = new List<string> { "Customer" };
+            _authenticationServiceMock.Setup(a => a.ValidateCustomer(It.IsAny<string>(), It.IsAny<string>())).Returns(Task.FromResult(true));
+            _authenticationServiceMock.Setup(a => a.GenerateToken()).Returns(Task.FromResult("someToken"));
+            _customerServiceMock.Setup(c => c.GetCustomer(It.IsAny<string>())).Returns(Task.FromResult(_customer));
+            _userManagerMock.Setup(u => u.GetRolesAsync(It.IsAny<Customer>())).Returns(Task.FromResult((IList<string>)list));
+            var query = new LoginUserQuery(new CustomerLoginDTO { Username = "user1", Password = "somePassword" });
+            var handler = new LoginUserHandler(_userManagerMock.Object, _authenticationServiceMock.Object, _mapper, _customerServiceMock.Object);
+
+            var result = await handler.Handle(query, new CancellationToken());
+
+            Assert.That(result.Id, Is.EqualTo(_customer.Id.ToString()));
+        }
+
+        [Test]
+        public void RegisterUser_ErrorWhenCreatingUser_ThrowBadHttpRequestException()
+        {
+            _userManagerMock.Setup(u => u.CreateAsync(It.IsAny<Customer>(), It.IsAny<string>())).ReturnsAsync(() => IdentityResult.Failed());
+            var command = new RegisterUserCommand(_customerCreateDTO);
+            var handler = new RegisterUserHandler(_userManagerMock.Object, _authenticationServiceMock.Object, _mapper);
+
+            Assert.That(() => handler.Handle(command, new CancellationToken()), Throws.Exception.TypeOf<BadHttpRequestException>());
+        }
+
+        [Test]
+        public async Task RegisterUser_ThereIsNoError_ReturnObject()
+        {
+            _userManagerMock.Setup(u => u.CreateAsync(It.IsAny<Customer>(), It.IsAny<string>())).ReturnsAsync(() => IdentityResult.Success);
+            _userManagerMock.Setup(u => u.AddToRoleAsync(It.IsAny<Customer>(), It.IsAny<string>())).ReturnsAsync(() => IdentityResult.Success);
+            _authenticationServiceMock.Setup(u => u.ValidateCustomer(It.IsAny<string>(), It.IsAny<string>())).Returns(Task.FromResult(true));
+            _authenticationServiceMock.Setup(u => u.GenerateToken()).Returns(Task.FromResult("dasdada"));
+            _userManagerMock.Setup(u => u.GetRolesAsync(It.IsAny<Customer>())).Returns(Task.FromResult((IList<string>)new List<string> { "role" }));
+            var command = new RegisterUserCommand(_customerCreateDTO);
+            var handler = new RegisterUserHandler(_userManagerMock.Object, _authenticationServiceMock.Object, _mapper);
+
+            var result = await handler.Handle(command, new CancellationToken());
+
+            Assert.That(result, Is.Not.Null);
+        }
+
+        //Tests for authentication service
+
+        [Test]
+        public async Task ValidateCustomer_CustomerIsNull_CustomerIsNotValid()
+        {
+            _userManagerMock.Setup(u => u.FindByNameAsync(It.IsAny<string>())).Returns(Task.FromResult<Customer>(null));
+            await _authenticationServiceMock.Object.ValidateCustomer("dasdas", "dasdasd");
+
+            var result = await _authenticationService.ValidateCustomer(It.IsAny<string>(), It.IsAny<string>());
+
+            Assert.That(result, Is.False);
+        }
+
+        [Test]
+        public async Task ValidateCustomer_CustomerIsNotNullAndUserCredentialsAreNotValid_CustomerIsNotValid()
+        {
+            _userManagerMock.Setup(u => u.FindByNameAsync(It.IsAny<string>())).Returns(Task.FromResult(_customer));
+            _userManagerMock.Setup(u => u.CheckPasswordAsync(It.IsAny<Customer>(), It.IsAny<string>())).Returns(Task.FromResult(false));
+            await _authenticationServiceMock.Object.ValidateCustomer("dasdas", "dasdasd");
+
+            var result = await _authenticationService.ValidateCustomer(It.IsAny<string>(), It.IsAny<string>());
+
+            Assert.That(result, Is.False);
+        }
+
+        [Test]
+        public async Task ValidateCustomer_CustomerIsNotNullAndUserCredentialsAreValid_CustomerIsValid()
+        {
+            _userManagerMock.Setup(u => u.FindByNameAsync(It.IsAny<string>())).Returns(Task.FromResult(_customer));
+            _userManagerMock.Setup(u => u.CheckPasswordAsync(It.IsAny<Customer>(), It.IsAny<string>())).Returns(Task.FromResult(true));
+
+            var result = await _authenticationService.ValidateCustomer("dasdasd", "dasdasd");
+
+            Assert.That(result, Is.True);
+        }
+
+        [Test]
+        public async Task GenerateToken_UserIsNotValid_ReturnNull()
+        {
+            _userManagerMock.Setup(u => u.GetRolesAsync(It.IsAny<Customer>())).ReturnsAsync((IList<string>)new List<string> { "roles" });
+
+            var result = await _authenticationService.GenerateToken();
+
+            Assert.That(result, Is.Null);
+        }
+
+        [Test]
+        public async Task GenerateToken_UserIsValid_ReturnToken()
+        {
+            _userManagerMock.Setup(u => u.GetRolesAsync(It.IsAny<Customer>())).ReturnsAsync((IList<string>)new List<string> { "roles" });
+            _userManagerMock.Setup(u => u.FindByNameAsync(It.IsAny<string>())).Returns(Task.FromResult(_customer));
+            _userManagerMock.Setup(u => u.CheckPasswordAsync(It.IsAny<Customer>(), It.IsAny<string>())).Returns(Task.FromResult(true));
+            await _authenticationService.ValidateCustomer("dasdas", "dasd"); //user must be first valid and then we generate token for him
+
+            var result = await _authenticationService.GenerateToken();
+
+            Assert.That(result, Is.Not.Null);
+        }
+
+    }
+}