DigitalData.StaffDBServer/XUnitDAL.Test/LdapTest.cs

using HRD.LDAPService;
using HRD.LDAPService.JWT;
using Microsoft.Extensions.DependencyInjection;
using Xunit;

namespace XUnitWebApi.Test
{
    public class LdapTest : TestBuilder
    {

        private static void InitJWTConfig(bool deaktivateLDAP = false)
        {
            var list = new List<JwtRole>();
            var ADGroupPrefix = "";
            //Admin Role
            list.Add(new JwtRole(JwtGlobals.ROLE_ADMIN, "GG_WebApp" + ADGroupPrefix + "_Visitors_Admin"));
            //Core RoleList
            list.Add(new JwtRole(JwtGlobals.ROLE_USER, "GG_WebApp" + ADGroupPrefix + "_Visitors_User")); //(RO) nur eigene
            list.Add(new JwtRole(JwtGlobals.ROLE_MASTER, "GG_WebApp" + ADGroupPrefix + "_Visitors_Master")); //RW ALLE Abteilungen
            list.Add(new JwtRole(JwtGlobals.ROLE_DEPARTMENTUSER, "GG_WebApp" + ADGroupPrefix + "_Visitors_DepartmentUser")); //(RW) auch andere aus eigener Abteilung
            list.Add(new JwtRole(JwtGlobals.ROLE_DEPARTMENTMASTER, "GG_WebApp" + ADGroupPrefix + "_Visitors_DepartmentMaster")); //(RW) auch andere aus eigener Abteilung

            //WebApp RoleList
            list.Add(new JwtRole("Ipad", "GG_WebApp" + ADGroupPrefix + "_Visitors_Ipad")); //RW ALLE Abteilungen
            list.Add(new JwtRole("Security", "GG_WebApp" + ADGroupPrefix + "_Visitors_Security")); //RW ALLE Abteilungen


            JwtTokenConfig.JwtRoleList = list;

            JwtTokenConfig.Secret = "12345678901234567809_WEBAPISERVER";
            JwtTokenConfig.ExpirationInMin = 60 * 1 * 100; //100 min
            JwtTokenConfig.DeaktivateLDAP = deaktivateLDAP;

        }


        [Fact]
        public void Renew_LDAP()
        {
            InitJWTConfig(false);
            var token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ2LmJvamFyc2tpIiwibmFtZWlkIjoiMCIsImVtYWlsIjoiVi5Cb2phcnNraUBoZW5zZWwtcmVjeWNsaW5nLmNvbSIsImRlcGFydG1lbnRpZCI6IjAiLCJleHRlbmRldGRlcGFydG1lbnRpZGxpc3QiOiIiLCJFeHRlbmRlZEF0dHJpYnV0ZXNfUmVnaW9uIjoiMTAsMjAiLCJFeHRlbmRlZEF0dHJpYnV0ZXNfQXR0cmlidXQjMSI6IkFCQ0BBQkMuREUsREVGQEFCQy5ERSxHRUhAQUJDLkRFIiwibmJmIjoxNjU4NzU4NDE0LCJleHAiOjE2NTkxMTg0MTQsImlhdCI6MTY1ODc1ODQxNH0.KUODwRBRn-xc3-0RaVKJ0uzwsXZ7RgORRAZUzTfxfNk";
            var loginName = "v.bojarski";

            var JwtManager = Provider.GetRequiredService<JwtManager>();
            LdapUser renewLdapUser = JwtManager.RenewLdapUserWithJwtToken(token);

            Assert.Same(renewLdapUser.LoginName, loginName);
            Assert.True(renewLdapUser.IsValid());
        }



        [Fact]
        public void Login_LDAP()
        {
            InitJWTConfig();
            //JwtTokenConfig.ExpirationInMin = 60 * 24 * 30 * 12; //12 Month

            var LoginName = "visitoripad2";
            var Password = "HenselVisitor2020!";

            LdapUser ldapUser = new LdapUser(LoginName);
            ldapUser.Password = Password;

            List<KeyValuePair<string, string>> extendedAttributesList = new List<KeyValuePair<string, string>>();
            //List<KeyValuePair<string, List<string>>> extendedAttributesList = new();
            //List<string> list = new() { "10,20" };

            extendedAttributesList.Add(new KeyValuePair<string, string>("VendorId", "100210"));
            extendedAttributesList.Add(new KeyValuePair<string, string>("Region", "10,20"));
            extendedAttributesList.Add(new KeyValuePair<string, string>("Attribut#1", "ABC@ABC.DE,DEF@ABC.DE,GEH@ABC.DE"));


            ldapUser.ExtendedAttributesList = extendedAttributesList;
            var JwtManager = Provider.GetRequiredService<JwtManager>();
            var isOk = JwtManager.GenerateLdapUserWithJwtToken(ldapUser);
            LdapUser ldapUserWithJWT = new LdapUser(ldapUser.LoginName);
            ldapUserWithJWT.Token = ldapUser.Token;

            extendedAttributesList = new List<KeyValuePair<string, string>>();
            extendedAttributesList.Add(new KeyValuePair<string, string>("Attribut#1", "ABC@ABC.DE,DEF@ABC.DE,GEH@ABC.DE"));
            ldapUser.ExtendedAttributesList = extendedAttributesList;
            var LdapAuthenticationService = Provider.GetRequiredService<LdapAuthenticationService>();
            var renewLdapUserWithJWT = LdapAuthenticationService.RenewIdentity(ldapUserWithJWT);

            Assert.True(renewLdapUserWithJWT.IsValid());
        }


        [Fact]
        public void JWT_GeneratePasswordHash()
        {
            InitJWTConfig(true);

            var LoginName = "visitoripad2";
            var Password = "HenselVisitor2020!";

            LdapUser ldapUser = new LdapUser(LoginName);
            ldapUser.Password = Password;

            //var passwordHash = JWTCrypt.GenerateHashPassword(ldapUser.Password);

            ldapUser.AddExtendedAttribute("Attribut#1", "ABC@ABC.DE,DEF@ABC.DE,GEH@ABC.DE");
            ldapUser.AddExtendedAttribute("VendorId", "100210");
            var JwtManager = Provider.GetRequiredService<JwtManager>();
            var isOk = JwtManager.GenerateLdapUserWithJwtToken(ldapUser);
            LdapUser ldapUserWithJWT = new LdapUser(ldapUser.LoginName);
            ldapUserWithJWT.Token = ldapUser.Token;
            ldapUserWithJWT.PasswordHash = ldapUser.PasswordHash;

            var LdapAuthenticationService = Provider.GetRequiredService<LdapAuthenticationService>();
            var renewLdapUserWithJWT = LdapAuthenticationService.RenewIdentity(ldapUserWithJWT);

            LdapUser ldapUser2 = new LdapUser(LoginName);
            ldapUser2.PasswordHash = ldapUser.PasswordHash;

            var returLdapUser = JwtManager.RenewLdapUserWithJwtToken(ldapUserWithJWT);

            Assert.Equal(ldapUser.PasswordHashShort, ldapUserWithJWT.PasswordHashShort);
            Assert.True(renewLdapUserWithJWT.IsValid());

        }


        [Fact]
        public void Add_User_To_Group()
        {
            var loginName = "v.bojarski";
            var groupName = "GG_WebApp__Test_Apps_User";

            var LdapManager = Provider.GetRequiredService<LdapManager>();
            Assert.True(LdapManager.AD_AddUserloginToGroup(loginName, groupName));
        }
    }
}