test: update tests to use static helper

Author: ike-kottlowski

test/Identity.Test/IdentityServer/SendAccess/SendAccessGrantValidatorTests.cs

@@ -1,12 +1,8 @@
-using System.Collections.Specialized;
-using Bit.Core;
+using Bit.Core;
 using Bit.Core.Auth.Identity;
-using Bit.Core.Auth.IdentityServer;
-using Bit.Core.Enums;
 using Bit.Core.Services;
 using Bit.Core.Tools.Models.Data;
 using Bit.Core.Tools.SendFeatures.Queries.Interfaces;
-using Bit.Core.Utilities;
 using Bit.Identity.IdentityServer.Enums;
 using Bit.Identity.IdentityServer.RequestValidators.SendAccess;
 using Bit.Test.Common.AutoFixture;
@@ -81,7 +77,7 @@ public async Task ValidateAsync_InvalidSendId_ReturnsInvalidGrant(
         var context = new ExtensionGrantValidationContext();
 
         tokenRequest.GrantType = CustomGrantTypes.SendAccess;
-        tokenRequest.Raw = CreateTokenRequestBody(Guid.Empty);
+        tokenRequest.Raw = SendAccessTestUtilities.CreateValidatedTokenRequest(Guid.Empty);
 
         // To preserve the CreateTokenRequestBody method for more general usage we over write the sendId
         tokenRequest.Raw.Set(SendAccessConstants.TokenRequest.SendId, "invalid-guid-format");
@@ -118,7 +114,9 @@ public async Task ValidateAsync_EmptyGuidSendId_ReturnsInvalidGrant(
     public async Task ValidateAsync_NeverAuthenticateMethod_ReturnsInvalidGrant(
         [AutoFixture.ValidatedTokenRequest] ValidatedTokenRequest tokenRequest,
         SutProvider<SendAccessGrantValidator> sutProvider,
-        Guid sendId)
+        NeverAuthenticate neverAuthenticate,
+        Guid sendId,
+        GrantValidationResult expectedResult)
     {
         // Arrange
         var context = SetupTokenRequest(
@@ -128,14 +126,20 @@ public async Task ValidateAsync_NeverAuthenticateMethod_ReturnsInvalidGrant(
 
         sutProvider.GetDependency<ISendAuthenticationQuery>()
             .GetAuthenticationMethod(sendId)
-            .Returns(new NeverAuthenticate());
+            .Returns(neverAuthenticate);
+
+        sutProvider.GetDependency<ISendAuthenticationMethodValidator<NeverAuthenticate>>()
+            .ValidateRequestAsync(context, neverAuthenticate, sendId)
+            .Returns(expectedResult);
 
         // Act
         await sutProvider.Sut.ValidateAsync(context);
 
         // Assert
-        Assert.Equal(OidcConstants.TokenErrors.InvalidGrant, context.Result.Error);
-        Assert.Equal($"{SendAccessConstants.TokenRequest.SendId} is invalid.", context.Result.ErrorDescription);
+        Assert.Equal(expectedResult, context.Result);
+        await sutProvider.GetDependency<ISendAuthenticationMethodValidator<NeverAuthenticate>>()
+            .Received(1)
+            .ValidateRequestAsync(context, neverAuthenticate, sendId);
     }
 
     [Theory, BitAutoData]
@@ -264,7 +268,7 @@ public async Task ValidateAsync_UnknownAuthMethod_ThrowsInvalidOperationExceptio
     public void GrantType_ReturnsCorrectType()
     {
         // Arrange & Act
-        var validator = new SendAccessGrantValidator(null!, null!, null!, null!);
+        var validator = new SendAccessGrantValidator(null!, null!, null!, null!, null!);
 
         // Assert
         Assert.Equal(CustomGrantTypes.SendAccess, ((IExtensionGrantValidator)validator).GrantType);
@@ -289,44 +293,9 @@ private static ExtensionGrantValidationContext SetupTokenRequest(
         var context = new ExtensionGrantValidationContext();
 
         request.GrantType = CustomGrantTypes.SendAccess;
-        request.Raw = CreateTokenRequestBody(sendId);
+        request.Raw = SendAccessTestUtilities.CreateValidatedTokenRequest(sendId);
         context.Request = request;
 
         return context;
     }
-
-    private static NameValueCollection CreateTokenRequestBody(
-        Guid sendId,
-        string passwordHash = null,
-        string sendEmail = null,
-        string otpCode = null)
-    {
-        var sendIdBase64 = CoreHelpers.Base64UrlEncode(sendId.ToByteArray());
-
-        var rawRequestParameters = new NameValueCollection
-        {
-            { OidcConstants.TokenRequest.GrantType, CustomGrantTypes.SendAccess },
-            { OidcConstants.TokenRequest.ClientId, BitwardenClient.Send },
-            { OidcConstants.TokenRequest.Scope, ApiScopes.ApiSendAccess },
-            { "deviceType", ((int)DeviceType.FirefoxBrowser).ToString() },
-            { SendAccessConstants.TokenRequest.SendId, sendIdBase64 }
-        };
-
-        if (passwordHash != null)
-        {
-            rawRequestParameters.Add(SendAccessConstants.TokenRequest.ClientB64HashedPassword, passwordHash);
-        }
-
-        if (sendEmail != null)
-        {
-            rawRequestParameters.Add(SendAccessConstants.TokenRequest.Email, sendEmail);
-        }
-
-        if (otpCode != null && sendEmail != null)
-        {
-            rawRequestParameters.Add(SendAccessConstants.TokenRequest.Otp, otpCode);
-        }
-
-        return rawRequestParameters;
-    }
 }

test/Identity.Test/IdentityServer/SendAccess/SendAccessTestUtilities.cs

@@ -0,0 +1,50 @@
+using System.Collections.Specialized;
+using Bit.Core.Auth.IdentityServer;
+using Bit.Core.Enums;
+using Bit.Core.Utilities;
+using Bit.Identity.IdentityServer.Enums;
+using Bit.Identity.IdentityServer.RequestValidators.SendAccess;
+using Duende.IdentityModel;
+
+namespace Bit.Identity.Test.IdentityServer.SendAccess;
+
+public static class SendAccessTestUtilities
+{
+    public static NameValueCollection CreateValidatedTokenRequest(
+        Guid sendId,
+        string sendEmail = null,
+        string otpCode = null,
+        params string[] passwordHash)
+    {
+        var sendIdBase64 = CoreHelpers.Base64UrlEncode(sendId.ToByteArray());
+
+        var rawRequestParameters = new NameValueCollection
+        {
+            { OidcConstants.TokenRequest.GrantType, CustomGrantTypes.SendAccess },
+            { OidcConstants.TokenRequest.ClientId, BitwardenClient.Send },
+            { OidcConstants.TokenRequest.Scope, ApiScopes.ApiSendAccess },
+            { "device_type", ((int)DeviceType.FirefoxBrowser).ToString() },
+            { SendAccessConstants.TokenRequest.SendId, sendIdBase64 }
+        };
+
+        if (sendEmail != null)
+        {
+            rawRequestParameters.Add(SendAccessConstants.TokenRequest.Email, sendEmail);
+        }
+
+        if (otpCode != null && sendEmail != null)
+        {
+            rawRequestParameters.Add(SendAccessConstants.TokenRequest.Otp, otpCode);
+        }
+
+        if (passwordHash != null && passwordHash.Length > 0)
+        {
+            foreach (var hash in passwordHash)
+            {
+                rawRequestParameters.Add(SendAccessConstants.TokenRequest.ClientB64HashedPassword, hash);
+            }
+        }
+
+        return rawRequestParameters;
+    }
+}

test/Identity.Test/IdentityServer/SendAccess/SendEmailOtpRequestValidatorTests.cs

@@ -1,12 +1,7 @@
-using System.Collections.Specialized;
-using Bit.Core.Auth.Identity;
+using Bit.Core.Auth.Identity;
 using Bit.Core.Auth.Identity.TokenProviders;
-using Bit.Core.Auth.IdentityServer;
-using Bit.Core.Enums;
 using Bit.Core.Services;
 using Bit.Core.Tools.Models.Data;
-using Bit.Core.Utilities;
-using Bit.Identity.IdentityServer.Enums;
 using Bit.Identity.IdentityServer.RequestValidators.SendAccess;
 using Bit.Test.Common.AutoFixture;
 using Bit.Test.Common.AutoFixture.Attributes;
@@ -28,7 +23,7 @@ public async Task ValidateRequestAsync_MissingEmail_ReturnsInvalidRequest(
         Guid sendId)
     {
         // Arrange
-        tokenRequest.Raw = CreateValidatedTokenRequest(sendId);
+        tokenRequest.Raw = SendAccessTestUtilities.CreateValidatedTokenRequest(sendId);
         var context = new ExtensionGrantValidationContext
         {
             Request = tokenRequest
@@ -61,8 +56,7 @@ public async Task ValidateRequestAsync_EmailNotInList_ReturnsInvalidRequest(
         Guid sendId)
     {
         // Arrange
-        tokenRequest.Raw = CreateValidatedTokenRequest(sendId, email);
-        var emailOTP = new EmailOtp(["[email protected]"]);
+        tokenRequest.Raw = SendAccessTestUtilities.CreateValidatedTokenRequest(sendId, email);
         var context = new ExtensionGrantValidationContext
         {
             Request = tokenRequest
@@ -96,7 +90,7 @@ public async Task ValidateRequestAsync_EmailWithoutOtp_GeneratesAndSendsOtp(
         string generatedToken)
     {
         // Arrange
-        tokenRequest.Raw = CreateValidatedTokenRequest(sendId, email);
+        tokenRequest.Raw = SendAccessTestUtilities.CreateValidatedTokenRequest(sendId, email);
         var context = new ExtensionGrantValidationContext
         {
             Request = tokenRequest
@@ -144,7 +138,7 @@ public async Task ValidateRequestAsync_OtpGenerationFails_ReturnsGenerationFaile
         string email)
     {
         // Arrange
-        tokenRequest.Raw = CreateValidatedTokenRequest(sendId, email);
+        tokenRequest.Raw = SendAccessTestUtilities.CreateValidatedTokenRequest(sendId, email);
         var context = new ExtensionGrantValidationContext
         {
             Request = tokenRequest
@@ -179,7 +173,7 @@ public async Task ValidateRequestAsync_ValidOtp_ReturnsSuccess(
         string otp)
     {
         // Arrange
-        tokenRequest.Raw = CreateValidatedTokenRequest(sendId, email, otp);
+        tokenRequest.Raw = SendAccessTestUtilities.CreateValidatedTokenRequest(sendId, email, otp);
         var context = new ExtensionGrantValidationContext
         {
             Request = tokenRequest
@@ -231,7 +225,7 @@ public async Task ValidateRequestAsync_InvalidOtp_ReturnsInvalidGrant(
         string invalidOtp)
     {
         // Arrange
-        tokenRequest.Raw = CreateValidatedTokenRequest(sendId, email, invalidOtp);
+        tokenRequest.Raw = SendAccessTestUtilities.CreateValidatedTokenRequest(sendId, email, invalidOtp);
         var context = new ExtensionGrantValidationContext
         {
             Request = tokenRequest
@@ -278,33 +272,4 @@ public void Constructor_WithValidParameters_CreatesInstance()
         // Assert
         Assert.NotNull(validator);
     }
-
-    private static NameValueCollection CreateValidatedTokenRequest(
-        Guid sendId,
-        string sendEmail = null,
-        string otpCode = null)
-    {
-        var sendIdBase64 = CoreHelpers.Base64UrlEncode(sendId.ToByteArray());
-
-        var rawRequestParameters = new NameValueCollection
-        {
-            { OidcConstants.TokenRequest.GrantType, CustomGrantTypes.SendAccess },
-            { OidcConstants.TokenRequest.ClientId, BitwardenClient.Send },
-            { OidcConstants.TokenRequest.Scope, ApiScopes.ApiSendAccess },
-            { "device_type", ((int)DeviceType.FirefoxBrowser).ToString() },
-            { SendAccessConstants.TokenRequest.SendId, sendIdBase64 }
-        };
-
-        if (sendEmail != null)
-        {
-            rawRequestParameters.Add(SendAccessConstants.TokenRequest.Email, sendEmail);
-        }
-
-        if (otpCode != null && sendEmail != null)
-        {
-            rawRequestParameters.Add(SendAccessConstants.TokenRequest.Otp, otpCode);
-        }
-
-        return rawRequestParameters;
-    }
 }

test/Identity.Test/IdentityServer/SendAccess/SendPasswordRequestValidatorTests.cs

@@ -1,12 +1,7 @@
-using System.Collections.Specialized;
-using Bit.Core.Auth.Identity;
-using Bit.Core.Auth.IdentityServer;
+using Bit.Core.Auth.Identity;
 using Bit.Core.Auth.UserFeatures.SendAccess;
-using Bit.Core.Enums;
 using Bit.Core.KeyManagement.Sends;
 using Bit.Core.Tools.Models.Data;
-using Bit.Core.Utilities;
-using Bit.Identity.IdentityServer.Enums;
 using Bit.Identity.IdentityServer.RequestValidators.SendAccess;
 using Bit.Test.Common.AutoFixture;
 using Bit.Test.Common.AutoFixture.Attributes;
@@ -28,7 +23,7 @@ public async Task ValidateSendPassword_MissingPasswordHash_ReturnsInvalidRequest
         Guid sendId)
     {
         // Arrange
-        tokenRequest.Raw = CreateValidatedTokenRequest(sendId);
+        tokenRequest.Raw = SendAccessTestUtilities.CreateValidatedTokenRequest(sendId);
 
         var context = new ExtensionGrantValidationContext
         {
@@ -58,7 +53,7 @@ public async Task ValidateSendPassword_PasswordHashMismatch_ReturnsInvalidGrant(
         string clientPasswordHash)
     {
         // Arrange
-        tokenRequest.Raw = CreateValidatedTokenRequest(sendId, clientPasswordHash);
+        tokenRequest.Raw = SendAccessTestUtilities.CreateValidatedTokenRequest(sendId, passwordHash: clientPasswordHash);
 
         var context = new ExtensionGrantValidationContext
         {
@@ -92,7 +87,7 @@ public async Task ValidateSendPassword_PasswordHashMatches_ReturnsSuccess(
         string clientPasswordHash)
     {
         // Arrange
-        tokenRequest.Raw = CreateValidatedTokenRequest(sendId, clientPasswordHash);
+        tokenRequest.Raw = SendAccessTestUtilities.CreateValidatedTokenRequest(sendId, passwordHash: clientPasswordHash);
 
         var context = new ExtensionGrantValidationContext
         {
@@ -130,7 +125,7 @@ public async Task ValidateSendPassword_EmptyPasswordHash_CallsPasswordHasher(
         Guid sendId)
     {
         // Arrange
-        tokenRequest.Raw = CreateValidatedTokenRequest(sendId, string.Empty);
+        tokenRequest.Raw = SendAccessTestUtilities.CreateValidatedTokenRequest(sendId, passwordHash: string.Empty);
 
         var context = new ExtensionGrantValidationContext
         {
@@ -163,7 +158,7 @@ public async Task ValidateSendPassword_WhitespacePasswordHash_CallsPasswordHashe
     {
         // Arrange
         var whitespacePassword = "   ";
-        tokenRequest.Raw = CreateValidatedTokenRequest(sendId, whitespacePassword);
+        tokenRequest.Raw = SendAccessTestUtilities.CreateValidatedTokenRequest(sendId, passwordHash: whitespacePassword);
 
         var context = new ExtensionGrantValidationContext
         {
@@ -196,7 +191,7 @@ public async Task ValidateSendPassword_MultiplePasswordHashParameters_ReturnsInv
         // Arrange
         var firstPassword = "first-password";
         var secondPassword = "second-password";
-        tokenRequest.Raw = CreateValidatedTokenRequest(sendId, firstPassword, secondPassword);
+        tokenRequest.Raw = SendAccessTestUtilities.CreateValidatedTokenRequest(sendId, passwordHash: [firstPassword, secondPassword]);
 
         var context = new ExtensionGrantValidationContext
         {
@@ -229,7 +224,7 @@ public async Task ValidateSendPassword_SuccessResult_ContainsCorrectClaims(
         string clientPasswordHash)
     {
         // Arrange
-        tokenRequest.Raw = CreateValidatedTokenRequest(sendId, clientPasswordHash);
+        tokenRequest.Raw = SendAccessTestUtilities.CreateValidatedTokenRequest(sendId, passwordHash: clientPasswordHash);
 
         var context = new ExtensionGrantValidationContext
         {
@@ -268,30 +263,4 @@ public void Constructor_WithValidParameters_CreatesInstance()
         // Assert
         Assert.NotNull(validator);
     }
-
-    private static NameValueCollection CreateValidatedTokenRequest(
-        Guid sendId,
-        params string[] passwordHash)
-    {
-        var sendIdBase64 = CoreHelpers.Base64UrlEncode(sendId.ToByteArray());
-
-        var rawRequestParameters = new NameValueCollection
-        {
-            { OidcConstants.TokenRequest.GrantType, CustomGrantTypes.SendAccess },
-            { OidcConstants.TokenRequest.ClientId, BitwardenClient.Send },
-            { OidcConstants.TokenRequest.Scope, ApiScopes.ApiSendAccess },
-            { "device_type", ((int)DeviceType.FirefoxBrowser).ToString() },
-            { SendAccessConstants.TokenRequest.SendId, sendIdBase64 }
-        };
-
-        if (passwordHash != null && passwordHash.Length > 0)
-        {
-            foreach (var hash in passwordHash)
-            {
-                rawRequestParameters.Add(SendAccessConstants.TokenRequest.ClientB64HashedPassword, hash);
-            }
-        }
-
-        return rawRequestParameters;
-    }
 }