bitwarden · Tyrrrz · Nov 9, 2023 · Nov 9, 2023 · Nov 9, 2023
@@ -22,7 +22,7 @@ public interface IPasswordlessClient
     /// <param name="registerOptions">The <see cref="RegisterOptions"/> that will be used to configure your token.</param>
     /// <param name="cancellationToken"></param>
     /// <returns>A task object representing the asynchronous operation containing the <see cref="RegisterTokenResponse" />.</returns>
-    /// <exception cref="PasswordlessApiException">An exception containing details abaout the reason for failure.</exception>
+    /// <exception cref="PasswordlessApiException">An exception containing details about the reason for failure.</exception>
     Task<RegisterTokenResponse> CreateRegisterTokenAsync(RegisterOptions registerOptions, CancellationToken cancellationToken = default);
 
     /// <summary>
@@ -31,7 +31,7 @@ public interface IPasswordlessClient
     /// <param name="id">The id of a credential representing as a Base64 URL encoded <see cref="string" />.</param>
     /// <param name="cancellationToken"></param>
     /// <returns>A task object representing the asynchronous operation.</returns>
-    /// <exception cref="PasswordlessApiException">An exception containing details abaout the reason for failure.</exception>
+    /// <exception cref="PasswordlessApiException">An exception containing details about the reason for failure.</exception>
     Task DeleteCredentialAsync(string id, CancellationToken cancellationToken = default);
 
     /// <summary>
@@ -40,7 +40,7 @@ public interface IPasswordlessClient
     /// <param name="id">The id of a credential representing as a Base64 URL encoded <see cref="T:byte[]" />.</param>
     /// <param name="cancellationToken"></param>
     /// <returns>A task object representing the asynchronous operation.</returns>
-    /// <exception cref="PasswordlessApiException">An exception containing details abaout the reason for failure.</exception>
+    /// <exception cref="PasswordlessApiException">An exception containing details about the reason for failure.</exception>
     Task DeleteCredentialAsync(byte[] id, CancellationToken cancellationToken = default);
 
     /// <summary>
@@ -54,7 +54,7 @@ public interface IPasswordlessClient
     /// <param name="userId">The userId of the user for which the aliases will be returned.</param>
     /// <param name="cancellationToken"></param>
     /// <returns>A task object representing the asynchronous operation containing the <see cref="IReadOnlyList{AliasPointer}" />.</returns>
-    /// <exception cref="PasswordlessApiException">An exception containing details abaout the reason for failure.</exception>
+    /// <exception cref="PasswordlessApiException">An exception containing details about the reason for failure.</exception>
     Task<IReadOnlyList<AliasPointer>> ListAliasesAsync(string userId, CancellationToken cancellationToken = default);
 
     /// <summary>
@@ -63,15 +63,15 @@ public interface IPasswordlessClient
     /// <param name="userId">The userId of the user for which the credentials will be returned.</param>
     /// <param name="cancellationToken"></param>
     /// <returns>A task object representing the asynchronous operation containing the <see cref="IReadOnlyList{Credential}" />.</returns>
-    /// <exception cref="PasswordlessApiException">An exception containing details abaout the reason for failure.</exception>
+    /// <exception cref="PasswordlessApiException">An exception containing details about the reason for failure.</exception>
     Task<IReadOnlyList<Credential>> ListCredentialsAsync(string userId, CancellationToken cancellationToken = default);
 
     /// <summary>
     /// List all the <see cref="PasswordlessUserSummary" /> for the account associated with your ApiSecret.
     /// </summary>
     /// <param name="cancellationToken"></param>
     /// <returns>A task object representing the asynchronous operation containing the <see cref="IReadOnlyList{PasswordlessUserSummary}" />.</returns>
-    /// <exception cref="PasswordlessApiException">An exception containing details abaout the reason for failure.</exception>
+    /// <exception cref="PasswordlessApiException">An exception containing details about the reason for failure.</exception>
     Task<IReadOnlyList<PasswordlessUserSummary>> ListUsersAsync(CancellationToken cancellationToken = default);
 
     /// <summary>
@@ -81,7 +81,7 @@ public interface IPasswordlessClient
     /// <param name="verifyToken">The token to verify.</param>
     /// <param name="cancellationToken"></param>
     /// <returns>A task object representing the asynchronous operation containing the <see cref="VerifiedUser" />.</returns>
-    /// <exception cref="PasswordlessApiException">An exception containing details abaout the reason for failure.</exception>
+    /// <exception cref="PasswordlessApiException">An exception containing details about the reason for failure.</exception>
     Task<VerifiedUser?> VerifyTokenAsync(string verifyToken, CancellationToken cancellationToken = default);
 
     /// <summary>
@@ -90,6 +90,6 @@ public interface IPasswordlessClient
     /// <param name="userId">The id of the user that should be deleted.</param>
     /// <param name="cancellationToken"></param>
     /// <returns>A task object representing the asynchronous operation.</returns>
-    /// <exception cref="PasswordlessApiException">An exception containing details abaout the reason for failure.</exception>
+    /// <exception cref="PasswordlessApiException">An exception containing details about the reason for failure.</exception>
     Task DeleteUserAsync(string userId, CancellationToken cancellationToken = default);
 }
@@ -20,6 +20,7 @@ public VerifiedUser(string userId, byte[] credentialId, bool success,
         TokenId = tokenId;
         Type = type;
     }
+
     public string UserId { get; }
     public byte[] CredentialId { get; }
     public bool Success { get; }

@@ -36,21 +36,47 @@ public async Task I_can_try_to_verify_a_poorly_formatted_signin_token_and_get_an
         var passwordless = await Api.CreateClientAsync();
 
         // Act & assert
-        await Assert.ThrowsAnyAsync<Exception>(async () =>
+        var ex = await Assert.ThrowsAnyAsync<PasswordlessApiException>(async () =>
             await passwordless.VerifyTokenAsync("invalid")
         );
+
+        ex.Details.Status.Should().Be(400);
+        ex.Details.Title.Should().NotBeNullOrWhiteSpace();
     }
 
-    [Fact(Skip = "Need to figure out a syntactically correct token that is invalid")]
-    public async Task I_can_try_to_verify_an_invalid_signin_token_and_get_a_null_response()
+    [Fact]
+    public async Task I_can_try_to_verify_a_tampered_signin_token_and_get_an_error()
     {
         // Arrange
         var passwordless = await Api.CreateClientAsync();
 
-        // Act
-        var response = await passwordless.VerifyTokenAsync("verify_foobar");
+        // Act & assert
+        var ex = await Assert.ThrowsAnyAsync<PasswordlessApiException>(async () =>
+            await passwordless.VerifyTokenAsync("verify_something_that_looks_like_a_token_but_is_not")
+        );
 
-        // Assert
-        response.Should().BeNull();
+        ex.Details.Status.Should().Be(400);
+        ex.Details.Title.Should().NotBeNullOrWhiteSpace();
+    }
+
+    [Fact]
+    public async Task I_can_try_to_verify_an_invalid_signin_token_and_get_an_error()
+    {
+        // Arrange
+        var passwordless = await Api.CreateClientAsync();
+
+        // Act & assert
+        var ex = await Assert.ThrowsAnyAsync<PasswordlessApiException>(async () =>
+            await passwordless.VerifyTokenAsync(
+                "verify_" +
+                "k8Qg4kXVl8D2aunn__jMT7td5endUueS9zEG8zIsu0lqQjfFAQXcABPX_wlDNbBlTNiB2SQ5MjQ0ZmUzYS0wOGExLTRlMTctOTMwZS1i" +
+                "YWZhNmM0OWJiOGWucGFzc2tleV9zaWduaW7AwMDAwMDA2SQ3NGUxMzFjOS0yNDZhLTRmNzYtYjIxMS1jNzBkZWQ1Mjg2YzLX_wlDJIBl" +
+                "TNgJv2FkbWluY29uc29sZTAxLmxlc3NwYXNzd29yZC5kZXbZJ2h0dHBzOi8vYWRtaW5jb25zb2xlMDEubGVzc3Bhc3N3b3JkLmRldsOy" +
+                "Q2hyb21lLCBXaW5kb3dzIDEwolVBqXRlc3Rlc3RzZcQghR4WgXh0HvbrT27GvP0Pkk4HmfL2b0ucVVSRlDElp_fOeb02NQ"
+            )
+        );
+
+        ex.Details.Status.Should().Be(400);
+        ex.Details.Title.Should().NotBeNullOrWhiteSpace();
     }
 }