File: UserStoreTest.cs
Web Access
Project: src\src\Identity\EntityFrameworkCore\test\EF.Test\Microsoft.AspNetCore.Identity.EntityFrameworkCore.Test.csproj (Microsoft.AspNetCore.Identity.EntityFrameworkCore.Test)
// Licensed to the .NET Foundation under one or more agreements.
// The .NET Foundation licenses this file to you under the MIT license.
 
using System.Globalization;
using System.Linq.Expressions;
using Microsoft.AspNetCore.Identity.Test;
using Microsoft.AspNetCore.InternalTesting;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.DependencyInjection;
 
namespace Microsoft.AspNetCore.Identity.EntityFrameworkCore.Test;
 
public class UserStoreTest : IdentitySpecificationTestBase<IdentityUser, IdentityRole>, IClassFixture<ScratchDatabaseFixture>
{
    private readonly ScratchDatabaseFixture _fixture;
 
    public UserStoreTest(ScratchDatabaseFixture fixture)
    {
        _fixture = fixture;
    }
 
    public class ApplicationDbContext : IdentityDbContext<ApplicationUser>
    {
        public ApplicationDbContext(DbContextOptions<ApplicationDbContext> options) : base(options)
        { }
    }
 
    [ConditionalFact]
    public void CanCreateUserUsingEF()
    {
        using (var db = CreateContext())
        {
            var guid = Guid.NewGuid().ToString();
            db.Users.Add(new IdentityUser { Id = guid, UserName = guid });
            db.SaveChanges();
            Assert.True(db.Users.Any(u => u.UserName == guid));
            Assert.NotNull(db.Users.FirstOrDefault(u => u.UserName == guid));
        }
    }
 
    private IdentityDbContext CreateContext()
    {
        var db = DbUtil.Create<IdentityDbContext>(_fixture.Connection);
        db.Database.EnsureCreated();
        return db;
    }
 
    protected override object CreateTestContext()
    {
        return CreateContext();
    }
 
    protected override void AddUserStore(IServiceCollection services, object context = null)
    {
        services.AddSingleton<IUserStore<IdentityUser>>(new UserStore<IdentityUser, IdentityRole, IdentityDbContext>((IdentityDbContext)context));
    }
 
    protected override void AddRoleStore(IServiceCollection services, object context = null)
    {
        services.AddSingleton<IRoleStore<IdentityRole>>(new RoleStore<IdentityRole, IdentityDbContext>((IdentityDbContext)context));
    }
 
    [Fact]
    public async Task SqlUserStoreMethodsThrowWhenDisposedTest()
    {
        var store = new UserStore(new IdentityDbContext(new DbContextOptionsBuilder<IdentityDbContext>().Options));
        store.Dispose();
        await Assert.ThrowsAsync<ObjectDisposedException>(async () => await store.AddClaimsAsync(null, null));
        await Assert.ThrowsAsync<ObjectDisposedException>(async () => await store.AddLoginAsync(null, null));
        await Assert.ThrowsAsync<ObjectDisposedException>(async () => await store.AddToRoleAsync(null, null));
        await Assert.ThrowsAsync<ObjectDisposedException>(async () => await store.GetClaimsAsync(null));
        await Assert.ThrowsAsync<ObjectDisposedException>(async () => await store.GetLoginsAsync(null));
        await Assert.ThrowsAsync<ObjectDisposedException>(async () => await store.GetRolesAsync(null));
        await Assert.ThrowsAsync<ObjectDisposedException>(async () => await store.IsInRoleAsync(null, null));
        await Assert.ThrowsAsync<ObjectDisposedException>(async () => await store.RemoveClaimsAsync(null, null));
        await Assert.ThrowsAsync<ObjectDisposedException>(async () => await store.RemoveLoginAsync(null, null, null));
        await Assert.ThrowsAsync<ObjectDisposedException>(
            async () => await store.RemoveFromRoleAsync(null, null));
        await Assert.ThrowsAsync<ObjectDisposedException>(async () => await store.RemoveClaimsAsync(null, null));
        await Assert.ThrowsAsync<ObjectDisposedException>(async () => await store.ReplaceClaimAsync(null, null, null));
        await Assert.ThrowsAsync<ObjectDisposedException>(async () => await store.FindByLoginAsync(null, null));
        await Assert.ThrowsAsync<ObjectDisposedException>(async () => await store.FindByIdAsync(null));
        await Assert.ThrowsAsync<ObjectDisposedException>(async () => await store.FindByNameAsync(null));
        await Assert.ThrowsAsync<ObjectDisposedException>(async () => await store.CreateAsync(null));
        await Assert.ThrowsAsync<ObjectDisposedException>(async () => await store.UpdateAsync(null));
        await Assert.ThrowsAsync<ObjectDisposedException>(async () => await store.DeleteAsync(null));
        await Assert.ThrowsAsync<ObjectDisposedException>(
            async () => await store.SetEmailConfirmedAsync(null, true));
        await Assert.ThrowsAsync<ObjectDisposedException>(async () => await store.GetEmailConfirmedAsync(null));
        await Assert.ThrowsAsync<ObjectDisposedException>(
            async () => await store.SetPhoneNumberConfirmedAsync(null, true));
        await Assert.ThrowsAsync<ObjectDisposedException>(
            async () => await store.GetPhoneNumberConfirmedAsync(null));
    }
 
    [Fact]
    public async Task UserStorePublicNullCheckTest()
    {
        Assert.Throws<ArgumentNullException>("context", () => new UserStore(null));
        var store = new UserStore(new IdentityDbContext(new DbContextOptionsBuilder<IdentityDbContext>().Options));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.GetUserIdAsync(null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.GetUserNameAsync(null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.SetUserNameAsync(null, null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.CreateAsync(null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.UpdateAsync(null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.DeleteAsync(null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.AddClaimsAsync(null, null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.ReplaceClaimAsync(null, null, null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.RemoveClaimsAsync(null, null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.GetClaimsAsync(null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.GetLoginsAsync(null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.GetRolesAsync(null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.AddLoginAsync(null, null));
        await
            Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.RemoveLoginAsync(null, null, null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.AddToRoleAsync(null, null));
        await
            Assert.ThrowsAsync<ArgumentNullException>("user",
                async () => await store.RemoveFromRoleAsync(null, null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.IsInRoleAsync(null, null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.GetPasswordHashAsync(null));
        await
            Assert.ThrowsAsync<ArgumentNullException>("user",
                async () => await store.SetPasswordHashAsync(null, null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.GetSecurityStampAsync(null));
        await Assert.ThrowsAsync<ArgumentNullException>("user",
            async () => await store.SetSecurityStampAsync(null, null));
        await Assert.ThrowsAsync<ArgumentNullException>("login", async () => await store.AddLoginAsync(new IdentityUser("fake"), null));
        await Assert.ThrowsAsync<ArgumentNullException>("claims",
            async () => await store.AddClaimsAsync(new IdentityUser("fake"), null));
        await Assert.ThrowsAsync<ArgumentNullException>("claims",
            async () => await store.RemoveClaimsAsync(new IdentityUser("fake"), null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.GetEmailConfirmedAsync(null));
        await Assert.ThrowsAsync<ArgumentNullException>("user",
            async () => await store.SetEmailConfirmedAsync(null, true));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.GetEmailAsync(null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.SetEmailAsync(null, null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.GetPhoneNumberAsync(null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.SetPhoneNumberAsync(null, null));
        await Assert.ThrowsAsync<ArgumentNullException>("user",
            async () => await store.GetPhoneNumberConfirmedAsync(null));
        await Assert.ThrowsAsync<ArgumentNullException>("user",
            async () => await store.SetPhoneNumberConfirmedAsync(null, true));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.GetTwoFactorEnabledAsync(null));
        await Assert.ThrowsAsync<ArgumentNullException>("user",
            async () => await store.SetTwoFactorEnabledAsync(null, true));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.GetAccessFailedCountAsync(null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.GetLockoutEnabledAsync(null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.SetLockoutEnabledAsync(null, false));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.GetLockoutEndDateAsync(null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.SetLockoutEndDateAsync(null, new DateTimeOffset()));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.ResetAccessFailedCountAsync(null));
        await Assert.ThrowsAsync<ArgumentNullException>("user", async () => await store.IncrementAccessFailedCountAsync(null));
        await Assert.ThrowsAsync<ArgumentNullException>("normalizedRoleName", async () => await store.AddToRoleAsync(new IdentityUser("fake"), null));
        await Assert.ThrowsAsync<ArgumentNullException>("normalizedRoleName", async () => await store.RemoveFromRoleAsync(new IdentityUser("fake"), null));
        await Assert.ThrowsAsync<ArgumentNullException>("normalizedRoleName", async () => await store.IsInRoleAsync(new IdentityUser("fake"), null));
        await Assert.ThrowsAsync<ArgumentException>("normalizedRoleName", async () => await store.AddToRoleAsync(new IdentityUser("fake"), ""));
        await Assert.ThrowsAsync<ArgumentException>("normalizedRoleName", async () => await store.RemoveFromRoleAsync(new IdentityUser("fake"), ""));
        await Assert.ThrowsAsync<ArgumentException>("normalizedRoleName", async () => await store.IsInRoleAsync(new IdentityUser("fake"), ""));
    }
 
    [ConditionalFact]
    public async Task CanCreateUsingManager()
    {
        var manager = CreateManager();
        var guid = Guid.NewGuid().ToString();
        var user = new IdentityUser { UserName = "New" + guid };
        IdentityResultAssert.IsSuccess(await manager.CreateAsync(user));
        IdentityResultAssert.IsSuccess(await manager.DeleteAsync(user));
    }
 
    [ConditionalFact]
    public async Task TwoUsersSamePasswordDifferentHash()
    {
        var manager = CreateManager();
        var userA = new IdentityUser(Guid.NewGuid().ToString());
        IdentityResultAssert.IsSuccess(await manager.CreateAsync(userA, "password"));
        var userB = new IdentityUser(Guid.NewGuid().ToString());
        IdentityResultAssert.IsSuccess(await manager.CreateAsync(userB, "password"));
 
        Assert.NotEqual(userA.PasswordHash, userB.PasswordHash);
    }
 
    [ConditionalFact]
    public async Task FindByEmailThrowsWithTwoUsersWithSameEmail()
    {
        var manager = CreateManager();
        var userA = new IdentityUser(Guid.NewGuid().ToString());
        userA.Email = "dupe@dupe.com";
        IdentityResultAssert.IsSuccess(await manager.CreateAsync(userA, "password"));
        var userB = new IdentityUser(Guid.NewGuid().ToString());
        userB.Email = "dupe@dupe.com";
        IdentityResultAssert.IsSuccess(await manager.CreateAsync(userB, "password"));
        await Assert.ThrowsAsync<InvalidOperationException>(async () => await manager.FindByEmailAsync("dupe@dupe.com"));
 
    }
 
    [ConditionalFact]
    public async Task AddUserToUnknownRoleFails()
    {
        var manager = CreateManager();
        var u = CreateTestUser();
        IdentityResultAssert.IsSuccess(await manager.CreateAsync(u));
        await Assert.ThrowsAsync<InvalidOperationException>(
            async () => await manager.AddToRoleAsync(u, "bogus"));
    }
 
    [ConditionalFact]
    public async Task ConcurrentUpdatesWillFail()
    {
        var options = new DbContextOptionsBuilder().UseSqlite($"Data Source=D{Guid.NewGuid()}.db").Options;
        var user = CreateTestUser();
        using (var db = new IdentityDbContext(options))
        {
            db.Database.EnsureCreated();
 
            var manager = CreateManager(db);
            IdentityResultAssert.IsSuccess(await manager.CreateAsync(user));
        }
        using (var db = new IdentityDbContext(options))
        using (var db2 = new IdentityDbContext(options))
        {
            var manager1 = CreateManager(db);
            var manager2 = CreateManager(db2);
            var user1 = await manager1.FindByIdAsync(user.Id);
            var user2 = await manager2.FindByIdAsync(user.Id);
            Assert.NotNull(user1);
            Assert.NotNull(user2);
            Assert.NotSame(user1, user2);
            user1.UserName = Guid.NewGuid().ToString();
            user2.UserName = Guid.NewGuid().ToString();
            IdentityResultAssert.IsSuccess(await manager1.UpdateAsync(user1));
            IdentityResultAssert.IsFailure(await manager2.UpdateAsync(user2), new IdentityErrorDescriber().ConcurrencyFailure());
 
            db.Database.EnsureDeleted();
        }
    }
 
    [ConditionalFact]
    public async Task ConcurrentUpdatesWillFailWithDetachedUser()
    {
        var options = new DbContextOptionsBuilder().UseSqlite($"Data Source=D{Guid.NewGuid()}.db").Options;
        var user = CreateTestUser();
        using (var db = new IdentityDbContext(options))
        {
            db.Database.EnsureCreated();
 
            var manager = CreateManager(db);
            IdentityResultAssert.IsSuccess(await manager.CreateAsync(user));
        }
        using (var db = new IdentityDbContext(options))
        using (var db2 = new IdentityDbContext(options))
        {
            var manager1 = CreateManager(db);
            var manager2 = CreateManager(db2);
            var user2 = await manager2.FindByIdAsync(user.Id);
            Assert.NotNull(user2);
            Assert.NotSame(user, user2);
            user.UserName = Guid.NewGuid().ToString();
            user2.UserName = Guid.NewGuid().ToString();
            IdentityResultAssert.IsSuccess(await manager1.UpdateAsync(user));
            IdentityResultAssert.IsFailure(await manager2.UpdateAsync(user2), new IdentityErrorDescriber().ConcurrencyFailure());
 
            db.Database.EnsureDeleted();
        }
    }
 
    [ConditionalFact]
    public async Task DeleteAModifiedUserWillFail()
    {
        var options = new DbContextOptionsBuilder().UseSqlite($"Data Source=D{Guid.NewGuid()}.db").Options;
        var user = CreateTestUser();
        using (var db = new IdentityDbContext(options))
        {
            db.Database.EnsureCreated();
 
            var manager = CreateManager(db);
            IdentityResultAssert.IsSuccess(await manager.CreateAsync(user));
        }
        using (var db = new IdentityDbContext(options))
        using (var db2 = new IdentityDbContext(options))
        {
            var manager1 = CreateManager(db);
            var manager2 = CreateManager(db2);
            var user1 = await manager1.FindByIdAsync(user.Id);
            var user2 = await manager2.FindByIdAsync(user.Id);
            Assert.NotNull(user1);
            Assert.NotNull(user2);
            Assert.NotSame(user1, user2);
            user1.UserName = Guid.NewGuid().ToString();
            IdentityResultAssert.IsSuccess(await manager1.UpdateAsync(user1));
            IdentityResultAssert.IsFailure(await manager2.DeleteAsync(user2), new IdentityErrorDescriber().ConcurrencyFailure());
 
            db.Database.EnsureDeleted();
        }
    }
 
    [ConditionalFact]
    public async Task ConcurrentRoleUpdatesWillFail()
    {
        var options = new DbContextOptionsBuilder().UseSqlite($"Data Source=D{Guid.NewGuid()}.db").Options;
        var role = new IdentityRole(Guid.NewGuid().ToString());
        using (var db = new IdentityDbContext(options))
        {
            db.Database.EnsureCreated();
 
            var manager = CreateRoleManager(db);
            IdentityResultAssert.IsSuccess(await manager.CreateAsync(role));
        }
        using (var db = new IdentityDbContext(options))
        using (var db2 = new IdentityDbContext(options))
        {
            var manager1 = CreateRoleManager(db);
            var manager2 = CreateRoleManager(db2);
            var role1 = await manager1.FindByIdAsync(role.Id);
            var role2 = await manager2.FindByIdAsync(role.Id);
            Assert.NotNull(role1);
            Assert.NotNull(role2);
            Assert.NotSame(role1, role2);
            role1.Name = Guid.NewGuid().ToString();
            role2.Name = Guid.NewGuid().ToString();
            IdentityResultAssert.IsSuccess(await manager1.UpdateAsync(role1));
            IdentityResultAssert.IsFailure(await manager2.UpdateAsync(role2), new IdentityErrorDescriber().ConcurrencyFailure());
 
            db.Database.EnsureDeleted();
        }
    }
 
    [ConditionalFact]
    public async Task ConcurrentRoleUpdatesWillFailWithDetachedRole()
    {
        var options = new DbContextOptionsBuilder().UseSqlite($"Data Source=D{Guid.NewGuid()}.db").Options;
        var role = new IdentityRole(Guid.NewGuid().ToString());
        using (var db = new IdentityDbContext(options))
        {
            db.Database.EnsureCreated();
 
            var manager = CreateRoleManager(db);
            IdentityResultAssert.IsSuccess(await manager.CreateAsync(role));
        }
        using (var db = new IdentityDbContext(options))
        using (var db2 = new IdentityDbContext(options))
        {
            var manager1 = CreateRoleManager(db);
            var manager2 = CreateRoleManager(db2);
            var role2 = await manager2.FindByIdAsync(role.Id);
            Assert.NotNull(role);
            Assert.NotNull(role2);
            Assert.NotSame(role, role2);
            role.Name = Guid.NewGuid().ToString();
            role2.Name = Guid.NewGuid().ToString();
            IdentityResultAssert.IsSuccess(await manager1.UpdateAsync(role));
            IdentityResultAssert.IsFailure(await manager2.UpdateAsync(role2), new IdentityErrorDescriber().ConcurrencyFailure());
 
            db.Database.EnsureDeleted();
        }
    }
 
    [ConditionalFact]
    public async Task DeleteAModifiedRoleWillFail()
    {
        var options = new DbContextOptionsBuilder().UseSqlite($"Data Source=D{Guid.NewGuid()}.db").Options;
        var role = new IdentityRole(Guid.NewGuid().ToString());
        using (var db = new IdentityDbContext(options))
        {
            db.Database.EnsureCreated();
 
            var manager = CreateRoleManager(db);
            IdentityResultAssert.IsSuccess(await manager.CreateAsync(role));
        }
        using (var db = new IdentityDbContext(options))
        using (var db2 = new IdentityDbContext(options))
        {
            var manager1 = CreateRoleManager(db);
            var manager2 = CreateRoleManager(db2);
            var role1 = await manager1.FindByIdAsync(role.Id);
            var role2 = await manager2.FindByIdAsync(role.Id);
            Assert.NotNull(role1);
            Assert.NotNull(role2);
            Assert.NotSame(role1, role2);
            role1.Name = Guid.NewGuid().ToString();
            IdentityResultAssert.IsSuccess(await manager1.UpdateAsync(role1));
            IdentityResultAssert.IsFailure(await manager2.DeleteAsync(role2), new IdentityErrorDescriber().ConcurrencyFailure());
 
            db.Database.EnsureDeleted();
        }
    }
 
    protected override IdentityUser CreateTestUser(string namePrefix = "", string email = "", string phoneNumber = "",
        bool lockoutEnabled = false, DateTimeOffset? lockoutEnd = default(DateTimeOffset?), bool useNamePrefixAsUserName = false)
    {
        return new IdentityUser
        {
            UserName = useNamePrefixAsUserName ? namePrefix : string.Format(CultureInfo.InvariantCulture, "{0}{1}", namePrefix, Guid.NewGuid()),
            Email = email,
            PhoneNumber = phoneNumber,
            LockoutEnabled = lockoutEnabled,
            LockoutEnd = lockoutEnd
        };
    }
 
    protected override IdentityRole CreateTestRole(string roleNamePrefix = "", bool useRoleNamePrefixAsRoleName = false)
    {
        var roleName = useRoleNamePrefixAsRoleName ? roleNamePrefix : string.Format(CultureInfo.InvariantCulture, "{0}{1}", roleNamePrefix, Guid.NewGuid());
        return new IdentityRole(roleName);
    }
 
    protected override void SetUserPasswordHash(IdentityUser user, string hashedPassword)
    {
        user.PasswordHash = hashedPassword;
    }
 
    protected override Expression<Func<IdentityUser, bool>> UserNameEqualsPredicate(string userName) => u => u.UserName == userName;
 
    protected override Expression<Func<IdentityRole, bool>> RoleNameEqualsPredicate(string roleName) => r => r.Name == roleName;
 
#pragma warning disable CA1310 // Specify StringComparison for correctness
    protected override Expression<Func<IdentityRole, bool>> RoleNameStartsWithPredicate(string roleName) => r => r.Name.StartsWith(roleName);
 
    protected override Expression<Func<IdentityUser, bool>> UserNameStartsWithPredicate(string userName) => u => u.UserName.StartsWith(userName);
#pragma warning restore CA1310 // Specify StringComparison for correctness
}
 
public class ApplicationUser : IdentityUser { }