public void ValidateUserNameInvalidPassword()
{
var sawException = false;
var controller = new IdentityController();
// 1- Get a random password challenge string from the web service.
const string requestId = "ec609a4f";
var challengeString = controller.GetPasswordChallenge(requestId);
Assert.IsFalse(string.IsNullOrEmpty(challengeString));
try
{
// 2 - Hash the challenge string with an invalid password and ask the web service to validate the hash.
var result = controller.GetIsValid("JohnDoe", requestId, CreatePasswordHash("InvalidPassword", challengeString));
}
catch (HttpResponseException ex)
{
// 3- Verify that a 401 Status code was returned through the exception (handled by ASP.NET)
Assert.AreEqual(HttpStatusCode.Unauthorized, ex.Response.StatusCode);
sawException = true;
}
// Verify that authentication failed for invalid password
Assert.IsTrue(sawException);
}