Add integration test for GetTwoFactorAuthenticationUserAsync in shared mode

Exercises the full cookie round-trip: writes a TwoFactorUserId cookie carrying a tenant user id, then verifies that AbpSignInManager.GetTwoFactorAuthenticationUserAsync returns the tenant user when CurrentTenant is null.

modules/identity/test/Volo.Abp.Identity.AspNetCore.Tests/Volo/Abp/Identity/AspNetCore/GetTwoFactorAuthenticationUser_Tests.cs

@@ -0,0 +1,62 @@
+using System;
+using System.Linq;
+using System.Threading.Tasks;
+using Shouldly;
+using Volo.Abp.Domain.Repositories;
+using Volo.Abp.MultiTenancy;
+using Volo.Abp.Uow;
+using Xunit;
+
+namespace Volo.Abp.Identity.AspNetCore;
+
+public class GetTwoFactorAuthenticationUser_Tests : SharedAbpIdentityAspNetCoreTestBase
+{
+    [Fact]
+    public async Task Should_Resolve_Tenant_User_By_Id_When_Current_Tenant_Is_Host()
+    {
+        var userRepository = GetRequiredService<IIdentityUserRepository>();
+        var currentTenant = GetRequiredService<ICurrentTenant>();
+        var unitOfWorkManager = GetRequiredService<IUnitOfWorkManager>();
+
+        var tenantId = Guid.NewGuid();
+        Guid tenantUserId;
+
+        using (var uow = unitOfWorkManager.Begin())
+        {
+            using (currentTenant.Change(tenantId))
+            {
+                var user = new IdentityUser(Guid.NewGuid(), "shared-2fa-tenant-user", "shared-2fa-tenant-user@abp.io", tenantId);
+                await userRepository.InsertAsync(user);
+                tenantUserId = user.Id;
+            }
+            await uow.CompleteAsync();
+        }
+
+        var writeResponse = await Client.GetAsync($"/api/signin-test/write-two-factor-cookie?userId={tenantUserId}");
+        writeResponse.EnsureSuccessStatusCode();
+
+        if (writeResponse.Headers.TryGetValues("Set-Cookie", out var setCookies))
+        {
+            foreach (var cookie in setCookies)
+            {
+                Client.DefaultRequestHeaders.Add("Cookie", cookie.Split(';').First());
+            }
+        }
+
+        var getResponse = await Client.GetAsync("/api/signin-test/get-two-factor-user");
+        getResponse.EnsureSuccessStatusCode();
+        var content = await getResponse.Content.ReadAsStringAsync();
+
+        content.ShouldBe(tenantUserId.ToString());
+    }
+
+    [Fact]
+    public async Task Should_Return_Null_When_No_Two_Factor_Cookie()
+    {
+        var getResponse = await Client.GetAsync("/api/signin-test/get-two-factor-user");
+        getResponse.EnsureSuccessStatusCode();
+        var content = await getResponse.Content.ReadAsStringAsync();
+
+        content.ShouldBe("null");
+    }
+}

modules/identity/test/Volo.Abp.Identity.AspNetCore.Tests/Volo/Abp/Identity/AspNetCore/SharedAbpIdentityAspNetCoreTestBase.cs

@@ -0,0 +1,7 @@
+using Volo.Abp.AspNetCore.TestBase;
+
+namespace Volo.Abp.Identity.AspNetCore;
+
+public abstract class SharedAbpIdentityAspNetCoreTestBase : AbpAspNetCoreIntegratedTestBase<SharedAbpIdentityAspNetCoreTestStartup>
+{
+}

modules/identity/test/Volo.Abp.Identity.AspNetCore.Tests/Volo/Abp/Identity/AspNetCore/SharedAbpIdentityAspNetCoreTestModule.cs

@@ -0,0 +1,17 @@
+using Volo.Abp.Modularity;
+using Volo.Abp.MultiTenancy;
+
+namespace Volo.Abp.Identity.AspNetCore;
+
+[DependsOn(typeof(AbpIdentityAspNetCoreTestModule))]
+public class SharedAbpIdentityAspNetCoreTestModule : AbpModule
+{
+    public override void ConfigureServices(ServiceConfigurationContext context)
+    {
+        Configure<AbpMultiTenancyOptions>(options =>
+        {
+            options.IsEnabled = true;
+            options.UserSharingStrategy = TenantUserSharingStrategy.Shared;
+        });
+    }
+}

modules/identity/test/Volo.Abp.Identity.AspNetCore.Tests/Volo/Abp/Identity/AspNetCore/SharedAbpIdentityAspNetCoreTestStartup.cs

@@ -0,0 +1,18 @@
+using Microsoft.AspNetCore.Builder;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Logging;
+
+namespace Volo.Abp.Identity.AspNetCore;
+
+public class SharedAbpIdentityAspNetCoreTestStartup
+{
+    public void ConfigureServices(IServiceCollection services)
+    {
+        services.AddApplication<SharedAbpIdentityAspNetCoreTestModule>();
+    }
+
+    public void Configure(IApplicationBuilder app, ILoggerFactory loggerFactory)
+    {
+        app.InitializeApplication();
+    }
+}

modules/identity/test/Volo.Abp.Identity.AspNetCore.Tests/Volo/Abp/Identity/AspNetCore/SignInTestController.cs

@@ -1,4 +1,6 @@
-using System.Threading.Tasks;
+using System.Security.Claims;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
 using Volo.Abp.AspNetCore.Mvc;
@@ -27,4 +29,20 @@ public class SignInTestController : AbpController
 
         return Content(result.ToString());
     }
+
+    [Route("write-two-factor-cookie")]
+    public async Task<ActionResult> WriteTwoFactorCookie(string userId)
+    {
+        var identity = new ClaimsIdentity(IdentityConstants.TwoFactorUserIdScheme);
+        identity.AddClaim(new Claim(ClaimTypes.Name, userId));
+        await HttpContext.SignInAsync(IdentityConstants.TwoFactorUserIdScheme, new ClaimsPrincipal(identity));
+        return Content("OK");
+    }
+
+    [Route("get-two-factor-user")]
+    public async Task<ActionResult> GetTwoFactorUser()
+    {
+        var user = await _signInManager.GetTwoFactorAuthenticationUserAsync();
+        return Content(user?.Id.ToString() ?? "null");
+    }
 }