public Task <string> CreatePersonalAccessTokenAsync([FromBody] CreatePersonalAccessToken request)
=> _service.CreatePersonalAccessTokenAsync(HttpContext,
request.IsReferenceToken,
request.LifetimeDays,
request.Apis,
request.Scopes,
request.ClaimTypes);
public async Task CreatePersonalAccessTokenAsync_should_create_PAT()
{
using var sut = TestUtils.CreateTestServer();
var sub = Guid.NewGuid().ToString();
var role = Guid.NewGuid().ToString();
sut.Services.GetRequiredService <TestUserService>()
.SetTestUser(true, new Claim[]
{
new Claim(JwtClaimTypes.ClientId, "theidserver-swagger"),
new Claim(ClaimTypes.NameIdentifier, sub),
new Claim(ClaimTypes.Role, role),
new Claim(JwtClaimTypes.Scope, SharedConstants.TOKENSCOPES),
});
var client = sut.CreateClient();
var command = new CreatePersonalAccessToken
{
LifetimeDays = 1,
Apis = new[] { "theidserveradminapi" },
ClaimTypes = new[] { "name", "role" },
Scopes = new[] { "theidserveradminapi" }
};
using var request = new StringContent(JsonSerializer.Serialize(command), Encoding.UTF8, "application/json");
using var response = await client.PostAsync("api/token/pat", request).ConfigureAwait(false);
var content = await response.Content.ReadAsStringAsync().ConfigureAwait(false);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
var token = JsonSerializer.Deserialize <string>(content);
var handler = new JwtSecurityTokenHandler();
var jwtSecurityToken = handler.ReadJwtToken(token);
Assert.Contains(jwtSecurityToken.Audiences, a => a == "theidserveradminapi");
Assert.Contains(jwtSecurityToken.Claims, c => c.Type == JwtClaimTypes.ClientId && c.Value == "theidserver-swagger");
Assert.Contains(jwtSecurityToken.Claims, c => c.Type == JwtClaimTypes.Scope && c.Value == "theidserveradminapi");
Assert.Contains(jwtSecurityToken.Claims, c => c.Type == JwtClaimTypes.Subject && c.Value == sub);
Assert.Contains(jwtSecurityToken.Claims, c => c.Type == JwtClaimTypes.Name && c.Value == "test");
Assert.Contains(jwtSecurityToken.Claims, c => c.Type == JwtClaimTypes.Role && c.Value == role);
}
public async Task CreatePersonalAccessTokenAsync_should_return_bad_request_when_client_not_exist()
{
using var sut = TestUtils.CreateTestServer();
var sub = Guid.NewGuid().ToString();
var role = Guid.NewGuid().ToString();
var clientId = Guid.NewGuid().ToString();
sut.Services.GetRequiredService <TestUserService>()
.SetTestUser(true, new Claim[]
{
new Claim(JwtClaimTypes.ClientId, clientId),
new Claim(ClaimTypes.NameIdentifier, sub),
new Claim(ClaimTypes.Role, role),
new Claim(JwtClaimTypes.Scope, SharedConstants.TOKENSCOPES),
});
var client = sut.CreateClient();
var command = new CreatePersonalAccessToken
{
LifetimeDays = 1,
Apis = new[] { "theidserveradminapi" },
ClaimTypes = new[] { "name", "role" },
Scopes = new[] { "theidserveradminapi" }
};
using var request = new StringContent(JsonSerializer.Serialize(command), Encoding.UTF8, "application/json");
using var response = await client.PostAsync("api/token/pat", request).ConfigureAwait(false);
var content = await response.Content.ReadAsStringAsync().ConfigureAwait(false);
Assert.Equal(HttpStatusCode.BadRequest, response.StatusCode);
var error = JsonSerializer.Deserialize <ValidationProblemDetails>(content);
Assert.Equal($"Client not found for client id '{clientId}'.", error.Detail);
}
public async Task CreatePersonalAccessTokenAsync_should_return_bad_request_when_apis_is_null()
{
using var sut = TestUtils.CreateTestServer();
var sub = Guid.NewGuid().ToString();
var role = Guid.NewGuid().ToString();
var api = Guid.NewGuid().ToString();
sut.Services.GetRequiredService <TestUserService>()
.SetTestUser(true, new Claim[]
{
new Claim(JwtClaimTypes.ClientId, "theidserver-swagger"),
new Claim(ClaimTypes.NameIdentifier, sub),
new Claim(ClaimTypes.Role, role),
new Claim(JwtClaimTypes.Scope, SharedConstants.TOKENSCOPES),
});
var client = sut.CreateClient();
var command = new CreatePersonalAccessToken
{
LifetimeDays = 1,
ClaimTypes = new[] { "name", "role" },
Scopes = new[] { "theidserveradminapi" }
};
using var request = new StringContent(JsonSerializer.Serialize(command), Encoding.UTF8, "application/json");
using var response = await client.PostAsync("api/token/pat", request).ConfigureAwait(false);
var content = await response.Content.ReadAsStringAsync().ConfigureAwait(false);
Assert.Equal(HttpStatusCode.BadRequest, response.StatusCode);
var error = JsonSerializer.Deserialize <ValidationProblemDetails>(content);
Assert.Contains(error.Errors, e => e.Key == "Apis" && e.Value.Any(v => v == "The Apis field is required."));
}
