new tests

Author: brunobritodev

src/Backend/Jp.Domain/Validations/Client/ClientValidations.cs

@@ -20,7 +20,7 @@ protected void ValidateGrantType()
 
         private bool ValidateGrantCombination(ICollection<string> grantTypes, string message)
         {
-            
+
 
             // would allow response_type downgrade attack from code to token
             if (DisallowGrantTypeCombination(GrantType.Implicit, GrantType.AuthorizationCode, grantTypes))
@@ -64,5 +64,31 @@ protected void ValidateClientName()
             RuleFor(c => c.Client.ClientName).NotEmpty().WithMessage("Client Name must be set");
         }
 
+        protected void ValidateIdentityTokenLifetime()
+        {
+            RuleFor(c => c.Client.IdentityTokenLifetime).GreaterThan(0).WithMessage("Identity Token Lifetime must be greatter than 0");
+        }
+
+
+        protected void ValidateAccessTokenLifetime()
+        {
+            RuleFor(c => c.Client.AccessTokenLifetime).GreaterThan(0).WithMessage("Access Token Lifetime must be greatter than 0");
+        }
+        protected void ValidateAuthorizationCodeLifetime()
+        {
+            RuleFor(c => c.Client.AuthorizationCodeLifetime).GreaterThan(0).WithMessage("Authorization Code Lifetime must be greatter than 0");
+        }
+        protected void ValidateAbsoluteRefreshTokenLifetime()
+        {
+            RuleFor(c => c.Client.AbsoluteRefreshTokenLifetime).GreaterThan(0).WithMessage("Absolute Refresh Token Lifetime must be greatter than 0");
+        }
+        protected void ValidateSlidingRefreshTokenLifetime()
+        {
+            RuleFor(c => c.Client.SlidingRefreshTokenLifetime).GreaterThan(0).WithMessage("Sliding Refresh Token Lifetime must be greatter than 0");
+        }
+        protected void ValidateDeviceCodeLifetime()
+        {
+            RuleFor(c => c.Client.DeviceCodeLifetime).GreaterThan(0).WithMessage("Device Code Lifetime must be greatter than 0");
+        }
     }
 }

src/Backend/Jp.Domain/Validations/Client/UpdateClientCommandValidation.cs

@@ -8,6 +8,12 @@ public UpdateClientCommandValidation()
         {
             ValidateGrantType();
             ValidateOldClientId();
+            ValidateIdentityTokenLifetime();
+            ValidateAccessTokenLifetime();
+            ValidateAuthorizationCodeLifetime();
+            ValidateSlidingRefreshTokenLifetime();
+            ValidateDeviceCodeLifetime();
+            ValidateAbsoluteRefreshTokenLifetime();
         }
     }
 }

src/Frontend/Jp.AdminUI/src/app/shared/layout/header/header.component.ts

@@ -7,7 +7,7 @@ import { UserblockService } from "../sidebar/userblock/userblock.service";
 import { SettingsService } from "@core/settings/settings.service";
 import { MenuService } from "@core/menu/menu.service";
 import { Router } from "@angular/router";
-import { environment } from "@env/environment.prod";
+import { environment } from "@env/environment";
 
 
 @Component({

tests/JpProject.Domain.Tests/ClientTests/ClientCommandHandlerTests.cs

@@ -1,4 +1,6 @@
-using IdentityServer4.Models;
+using Bogus;
+using IdentityServer4.EntityFramework.Entities;
+using IdentityServer4.Models;
 using Jp.Domain.CommandHandlers;
 using Jp.Domain.Core.Bus;
 using Jp.Domain.Core.Notifications;
@@ -26,9 +28,11 @@ public class ClientCommandHandlerTests
         private Mock<IClientPropertyRepository> _clientPropertyRepository;
         private Mock<IClientSecretRepository> _clientSecretRepository;
         private CancellationTokenSource _tokenSource;
+        private Faker _faker;
 
         public ClientCommandHandlerTests()
         {
+            _faker = new Faker();
             _tokenSource = new CancellationTokenSource();
             _uow = new Mock<IUnitOfWork>();
             _mediator = new Mock<IMediatorHandler>();
@@ -108,6 +112,243 @@ public void ShouldNotAllowCombinationOfGrants(string a, string b)
             Assert.Throws<InvalidOperationException>(() => command.Client.AllowedGrantTypes = new List<string>() { a, b });
         }
 
+        [Fact]
+        public async Task ShouldNotAcceptNegativeAbsoluteRefreshTokenLifetime()
+        {
+            var command = ClientCommandFaker.GenerateUpdateClientCommand(absoluteRefreshTokenLifetime: _faker.Random.Int(max: 0)).Generate();
+
+            var result = await _commandHandler.Handle(command, _tokenSource.Token);
+
+            Assert.False(result);
+        }
+
+        [Fact]
+        public async Task ShouldNotAcceptNegativeIdentityTokenLifetime()
+        {
+            var command = ClientCommandFaker.GenerateUpdateClientCommand(identityTokenLifetime: _faker.Random.Int(max: 0)).Generate();
+
+            var result = await _commandHandler.Handle(command, _tokenSource.Token);
+
+            Assert.False(result);
+        }
+
+        [Fact]
+        public async Task ShouldNotAcceptNegativeAccessTokenLifetime()
+        {
+            var command = ClientCommandFaker.GenerateUpdateClientCommand(accessTokenLifetime: _faker.Random.Int(max: 0)).Generate();
+
+            var result = await _commandHandler.Handle(command, _tokenSource.Token);
+
+            Assert.False(result);
+        }
+
+        [Fact]
+        public async Task ShouldNotAcceptNegativeAuthorizationCodeLifetime()
+        {
+            var command = ClientCommandFaker.GenerateUpdateClientCommand(authorizationCodeLifetime: _faker.Random.Int(max: 0)).Generate();
+
+            var result = await _commandHandler.Handle(command, _tokenSource.Token);
+
+            Assert.False(result);
+        }
+
+        [Fact]
+        public async Task ShouldNotAcceptNegativeSlidingRefreshTokenLifetime()
+        {
+            var command = ClientCommandFaker.GenerateUpdateClientCommand(slidingRefreshTokenLifetime: _faker.Random.Int(max: 0)).Generate();
+            var result = await _commandHandler.Handle(command, _tokenSource.Token);
+
+            Assert.False(result);
+        }
+
+        [Fact]
+        public async Task ShouldNotAcceptNegativeDeviceCodeLifetime()
+        {
+            var command = ClientCommandFaker.GenerateUpdateClientCommand(deviceCodeLifetime: _faker.Random.Int(max: 0)).Generate();
+
+            var result = await _commandHandler.Handle(command, _tokenSource.Token);
+
+            Assert.False(result);
+        }
+
+        [Fact]
+        public async Task ShouldUpdateClient()
+        {
+            var command = ClientCommandFaker.GenerateUpdateClientCommand().Generate();
+            _clientRepository.Setup(s => s.UpdateWithChildrens(It.Is<Client>(a => a.ClientId == command.Client.ClientId))).Returns(Task.CompletedTask);
+            _clientRepository.Setup(s => s.GetClient(It.Is<string>(a => a == command.Client.ClientId))).ReturnsAsync(EntityClientFaker.GenerateClient().Generate());
+            _uow.Setup(s => s.Commit()).Returns(true);
+
+            var result = await _commandHandler.Handle(command, _tokenSource.Token);
+
+            Assert.True(result);
+        }
+
+        [Fact]
+        public async Task ShouldRemoveClient()
+        {
+            var command = ClientCommandFaker.GenerateRemoveClientCommand().Generate();
+            _clientRepository.Setup(s => s.Remove(It.Is<Client>(a => a.ClientId == command.Client.ClientId)));
+            _clientRepository.Setup(s => s.GetByClientId(It.Is<string>(a => a == command.Client.ClientId))).ReturnsAsync(EntityClientFaker.GenerateClient().Generate());
+            _uow.Setup(s => s.Commit()).Returns(true);
+
+            var result = await _commandHandler.Handle(command, _tokenSource.Token);
+
+            Assert.True(result);
+        }
+
+        [Fact]
+        public async Task ShouldNotRemoveSecretWhenClientDoesntExist()
+        {
+            var command = ClientCommandFaker.GenerateRemoveClientSecretCommand().Generate();
+            //_clientRepository.Setup(s => s.GetClient(It.Is<string>(a => a == command.ClientId))).ReturnsAsync(null);
+
+            var result = await _commandHandler.Handle(command, _tokenSource.Token);
+
+            Assert.False(result);
+        }
+
+        [Fact]
+        public async Task ShouldNotRemoveSecretWhenSecretIdIsDifferent()
+        {
+            var command = ClientCommandFaker.GenerateRemoveClientSecretCommand().Generate();
+            _clientRepository.Setup(s => s.GetClient(It.Is<string>(a => a == command.ClientId))).ReturnsAsync(EntityClientFaker.GenerateClient().Generate());
+
+            var result = await _commandHandler.Handle(command, _tokenSource.Token);
+
+            Assert.False(result);
+        }
 
+        [Fact]
+        public async Task ShouldRemoveClientSecret()
+        {
+            var clientSecret = EntityClientFaker.GenerateClient(clientSecrets: _faker.Random.Int(1, 3)).Generate();
+            var command = ClientCommandFaker.GenerateRemoveClientSecretCommand(_faker.PickRandom(clientSecret.ClientSecrets).Id).Generate();
+
+            _uow.Setup(s => s.Commit()).Returns(true);
+            _clientRepository.Setup(s => s.GetClient(It.Is<string>(a => a == command.ClientId))).ReturnsAsync(clientSecret);
+
+            var result = await _commandHandler.Handle(command, _tokenSource.Token);
+
+            Assert.True(result);
+        }
+
+        [Fact]
+        public async Task ShouldNotSaveClientSecretWhenClientDoesntExist()
+        {
+            var command = ClientCommandFaker.GenerateSaveClientSecretCommand().Generate();
+            var result = await _commandHandler.Handle(command, _tokenSource.Token);
+
+            Assert.False(result);
+        }
+
+        [Fact]
+        public async Task ShouldEncryptedValueBeCorrect()
+        {
+            var command = ClientCommandFaker.GenerateSaveClientSecretCommand().Generate();
+            var valueEncryptedMustBe = command.GetValue();
+
+            _clientRepository.Setup(s => s.GetByClientId(It.Is<string>(a => a == command.ClientId))).ReturnsAsync(EntityClientFaker.GenerateClient().Generate());
+            _clientSecretRepository.Setup(s => s.Add(It.Is<ClientSecret>(cs => cs.Value == valueEncryptedMustBe)));
+            _uow.Setup(s => s.Commit()).Returns(true);
+
+
+            var result = await _commandHandler.Handle(command, _tokenSource.Token);
+
+            Assert.True(result);
+            _clientRepository.Verify(s => s.GetByClientId(It.Is<string>(a => a == command.ClientId)), Times.Once);
+            _clientSecretRepository.Verify(s => s.Add(It.Is<ClientSecret>(cs => cs.Value == valueEncryptedMustBe)), Times.Once);
+            _uow.Verify(s => s.Commit(), Times.Once);
+        }
+
+        [Fact]
+        public async Task ShouldNotEncryptedValueBeCorrect()
+        {
+            var command = ClientCommandFaker.GenerateSaveClientSecretCommand().Generate();
+            var valueEncryptedMustBe = command.GetValue();
+
+            _clientRepository.Setup(s => s.GetByClientId(It.Is<string>(a => a == command.ClientId))).ReturnsAsync(EntityClientFaker.GenerateClient().Generate());
+            _clientSecretRepository.Setup(s => s.Add(It.Is<ClientSecret>(cs => cs.Value == valueEncryptedMustBe)));
+            _uow.Setup(s => s.Commit()).Returns(true);
+
+
+            var result = await _commandHandler.Handle(command, _tokenSource.Token);
+
+            Assert.True(result);
+            _clientRepository.Verify(s => s.GetByClientId(It.Is<string>(a => a == command.ClientId)), Times.Once);
+            _clientSecretRepository.Verify(s => s.Add(It.Is<ClientSecret>(cs => cs.Value == valueEncryptedMustBe)), Times.Once);
+            _uow.Verify(s => s.Commit(), Times.Once);
+        }
+
+        [Fact]
+        public async Task ShouldNotRemovePropertyWhenClientDoesntExist()
+        {
+            var command = ClientCommandFaker.GenerateRemovePropertyCommand().Generate();
+
+
+            var result = await _commandHandler.Handle(command, _tokenSource.Token);
+
+            Assert.False(result);
+            _clientRepository.Verify(s => s.GetClient(It.Is<string>(a => a == command.ClientId)), Times.Once);
+        }
+
+
+        [Fact]
+        public async Task ShouldNotRemovePropertyWhenIdIsDifferent()
+        {
+            var command = ClientCommandFaker.GenerateRemovePropertyCommand().Generate();
+            _clientRepository.Setup(s => s.GetClient(It.Is<string>(a => a == command.ClientId))).ReturnsAsync(EntityClientFaker.GenerateClient().Generate());
+
+            var result = await _commandHandler.Handle(command, _tokenSource.Token);
+
+            Assert.False(result);
+            _clientRepository.Verify(s => s.GetClient(It.Is<string>(a => a == command.ClientId)), Times.Once);
+        }
+
+        [Fact]
+        public async Task ShouldRemoveProperty()
+        {
+            var properties = EntityClientFaker.GenerateClient(clientProperties: _faker.Random.Int(1, 3)).Generate();
+            var command = ClientCommandFaker.GenerateRemovePropertyCommand(_faker.PickRandom(properties.Properties).Id).Generate();
+
+            _uow.Setup(s => s.Commit()).Returns(true);
+            _clientRepository.Setup(s => s.GetClient(It.Is<string>(a => a == command.ClientId))).ReturnsAsync(properties);
+            _clientPropertyRepository.Setup(s => s.Remove(It.Is<int>(a => a == command.Id)));
+
+            var result = await _commandHandler.Handle(command, _tokenSource.Token);
+
+            Assert.True(result);
+            _clientRepository.Verify(s => s.GetClient(It.Is<string>(a => a == command.ClientId)), Times.Once);
+            _clientPropertyRepository.Verify(s => s.Remove(It.Is<int>(a => a == command.Id)), Times.Once);
+        }
+
+
+        [Fact]
+        public async Task ShouldNotSavePropertyWhenClientDoesntExist()
+        {
+            var command = ClientCommandFaker.GenerateSavePropertyCommand().Generate();
+            _clientRepository.Setup(s => s.GetByClientId(It.Is<string>(q => q == command.ClientId))).ReturnsAsync((Client)null);
+
+
+            var result = await _commandHandler.Handle(command, _tokenSource.Token);
+
+
+            Assert.False(result);
+            _clientRepository.Verify(s => s.GetByClientId(It.Is<string>(q => q == command.ClientId)), Times.Once);
+        }
+
+        [Fact]
+        public async Task ShouldSaveProperty()
+        {
+            var command = ClientCommandFaker.GenerateSavePropertyCommand().Generate();
+            _clientRepository.Setup(s => s.GetByClientId(It.Is<string>(q => q == command.ClientId))).ReturnsAsync(EntityClientFaker.GenerateClient().Generate()).Verifiable();
+            _clientPropertyRepository.Setup(s => s.Add(It.IsAny<ClientProperty>()));
+
+            var result = await _commandHandler.Handle(command, _tokenSource.Token);
+
+            _clientPropertyRepository.Verify(s => s.Add(It.IsAny<ClientProperty>()), Times.Once);
+            _clientRepository.Verify(s => s.GetByClientId(It.Is<string>(q => q == command.ClientId)), Times.Once);
+            Assert.False(result);
+        }
     }
 }

tests/JpProject.Domain.Tests/ClientTests/Fakers/ClientCommandFaker.cs

@@ -26,14 +26,65 @@ public static Faker<CopyClientCommand> GenerateCopyClientCommand()
 
         }
 
-        public static Faker<UpdateClientCommand> GenerateUpdateClientCommand()
+        public static Faker<UpdateClientCommand> GenerateUpdateClientCommand(
+            int? absoluteRefreshTokenLifetime = null,
+            int? identityTokenLifetime = null,
+            int? accessTokenLifetime = null,
+            int? authorizationCodeLifetime = null,
+            int? slidingRefreshTokenLifetime = null,
+            int? deviceCodeLifetime = null)
         {
             return new Faker<UpdateClientCommand>().CustomInstantiator(f =>
                 new UpdateClientCommand(
-                    ClientFaker.GenerateClient().Generate(),
+                    ClientFaker.GenerateClient(absoluteRefreshTokenLifetime,
+                                               identityTokenLifetime,
+                                               accessTokenLifetime,
+                                                authorizationCodeLifetime,
+                        slidingRefreshTokenLifetime,
+                        deviceCodeLifetime).Generate(),
                     f.Company.CompanyName()
                 ));
 
         }
+
+        public static Faker<RemoveClientCommand> GenerateRemoveClientCommand()
+        {
+            return new Faker<RemoveClientCommand>().CustomInstantiator(f => new RemoveClientCommand(f.Lorem.Word()));
+        }
+
+        public static Faker<RemoveClientSecretCommand> GenerateRemoveClientSecretCommand(int? id = null)
+        {
+            return new Faker<RemoveClientSecretCommand>().CustomInstantiator(f => new RemoveClientSecretCommand(id ?? f.Random.Int(0), f.Lorem.Word()));
+        }
+
+        public static Faker<SaveClientSecretCommand> GenerateSaveClientSecretCommand()
+        {
+            return new Faker<SaveClientSecretCommand>().CustomInstantiator(f => new SaveClientSecretCommand(
+                f.Lorem.Word(),
+                f.Lorem.Sentence(),
+                f.Lorem.Word(),
+                f.Lorem.Word(),
+                f.Date.Future(),
+                f.Random.Int(0, 1)
+                ));
+        }
+
+
+        public static Faker<RemovePropertyCommand> GenerateRemovePropertyCommand(int? id = null)
+        {
+            return new Faker<RemovePropertyCommand>().CustomInstantiator(f => new RemovePropertyCommand(
+                id ?? f.Random.Int(0),
+                f.Random.Word()
+            ));
+        }
+
+        public static Faker<SaveClientPropertyCommand> GenerateSavePropertyCommand()
+        {
+            return new Faker<SaveClientPropertyCommand>().CustomInstantiator(f => new SaveClientPropertyCommand(
+                f.Random.Word(),
+                f.Random.Word(),
+                f.Random.Word()
+            ));
+        }
     }
 }