Fix for Nullreference exception when public api authenticate endpoint called with invalid username. (#482)

src/PublicApi/AuthEndpoints/Authenticate.cs

@@ -42,7 +42,11 @@ namespace Microsoft.eShopWeb.PublicApi.AuthEndpoints
             response.IsNotAllowed = result.IsNotAllowed;
             response.RequiresTwoFactor = result.RequiresTwoFactor;
             response.Username = request.Username;
-            response.Token = await _tokenClaimsService.GetTokenAsync(request.Username);
+
+            if (result.Succeeded)
+            {
+                response.Token = await _tokenClaimsService.GetTokenAsync(request.Username);
+            }
 
             return response;
         }

tests/FunctionalTests/PublicApi/AuthEndpoints/AuthenticateEndpoint.cs

@@ -24,6 +24,7 @@ namespace Microsoft.eShopWeb.FunctionalTests.Web.Controllers
         [Theory]
         [InlineData("demouser@microsoft.com", AuthorizationConstants.DEFAULT_PASSWORD, true)]
         [InlineData("demouser@microsoft.com", "badpassword", false)]
+        [InlineData("baduser@microsoft.com", "badpassword", false)]
         public async Task ReturnsExpectedResultGivenCredentials(string testUsername, string testPassword, bool expectedResult)
         {
             var request = new AuthenticateRequest() 
@@ -38,6 +39,6 @@ namespace Microsoft.eShopWeb.FunctionalTests.Web.Controllers
             var model = stringResponse.FromJson<AuthenticateResponse>();
 
             Assert.Equal(expectedResult, model.Result);
-        }
+        }        
     }
 }