public async Task ActiveToken_With_SavedToken_And_Caching() { var expectedToken = "expected_token"; var client = PipelineFactory.CreateClient((o) => { _options(o); o.IntrospectionHttpHandler = new IntrospectionEndpointHandler(IntrospectionEndpointHandler.Behavior.Active, TimeSpan.FromHours(1)); o.SaveToken = true; o.EnableCaching = true; o.CacheDuration = TimeSpan.FromMinutes(10); }, true); client.SetBearerToken(expectedToken); var firstResponse = await client.GetAsync("http://test"); firstResponse.StatusCode.Should().Be(HttpStatusCode.OK); var secondResponse = await client.GetAsync("http://test"); secondResponse.StatusCode.Should().Be(HttpStatusCode.OK); var responseDataStr = await secondResponse.Content.ReadAsStringAsync(); var responseData = JsonConvert.DeserializeObject <Dictionary <string, string> >(responseDataStr); responseData.Should().Contain("token", expectedToken); }
public void Empty_Options() { Action act = () => PipelineFactory.CreateClient(_options); act.ShouldThrow <InvalidOperationException>() .WithMessage("You must either set Authority or IntrospectionEndpoint"); }
public async Task InActive_token_with_inline_event_events_should_be_called() { var handler = new IntrospectionEndpointHandler(IntrospectionEndpointHandler.Behavior.Inactive); bool?validatedCalled = null; bool?failureCalled = null; var client = PipelineFactory.CreateClient(o => { _options(o); o.Events.OnTokenValidated = e => { validatedCalled = true; return(Task.CompletedTask); }; o.Events.OnAuthenticationFailed = e => { failureCalled = true; return(Task.CompletedTask); }; }, handler); client.SetBearerToken("sometoken"); var result = await client.GetAsync("http://test"); result.StatusCode.Should().Be(HttpStatusCode.Unauthorized); validatedCalled.Should().BeNull(); failureCalled.Should().BeTrue(); }
public async Task Repeated_inactive_token_with_caching_enabled_should_hit_cache() { var expectedToken = "expected_token"; var handler = new IntrospectionEndpointHandler(IntrospectionEndpointHandler.Behavior.Inactive); var client = PipelineFactory.CreateClient((o) => { _options(o); o.SaveToken = true; o.EnableCaching = true; o.CacheDuration = TimeSpan.FromMinutes(10); }, handler, true); client.SetBearerToken(expectedToken); var firstResponse = await client.GetAsync("http://test"); firstResponse.StatusCode.Should().Be(HttpStatusCode.Unauthorized); handler.SentIntrospectionRequest.Should().BeTrue(); handler.SentIntrospectionRequest = false; var secondResponse = await client.GetAsync("http://test"); secondResponse.StatusCode.Should().Be(HttpStatusCode.Unauthorized); handler.SentIntrospectionRequest.Should().BeFalse(); }
public void Empty_Options() { Action act = () => PipelineFactory.CreateClient((options) => { }) .GetAsync("http://test").GetAwaiter().GetResult(); act.Should().Throw <InvalidOperationException>() .WithMessage("You must either set Authority or IntrospectionEndpoint"); }
public void Endpoint_But_No_Authority() { _options.IntrospectionEndpoint = "http://endpoint"; _options.ClientId = "scope"; Action act = () => PipelineFactory.CreateClient(_options); act.ShouldNotThrow(); }
public void Authority_No_Scope_Details() { _options.Authority = "http://foo"; Action act = () => PipelineFactory.CreateClient(_options); act.ShouldThrow <InvalidOperationException>() .WithMessage("You must either set a ClientId or set an introspection HTTP handler"); }
public void No_ClientName_But_Introspection_Handler() { _options.IntrospectionEndpoint = "http://endpoint"; _options.IntrospectionHttpHandler = new IntrospectionEndpointHandler(IntrospectionEndpointHandler.Behavior.Active); Action act = () => PipelineFactory.CreateClient(_options); act.ShouldNotThrow(); }
public void Authority_No_Network_Delay_Load() { _options.Authority = "http://localhost:6666"; _options.ClientId = "scope"; Action act = () => PipelineFactory.CreateClient(_options); act.ShouldNotThrow(); }
public void Caching_With_Caching_Service() { _options.IntrospectionEndpoint = "http://endpoint"; _options.ClientId = "scope"; _options.EnableCaching = true; Action act = () => PipelineFactory.CreateClient(_options, addCaching: true); act.ShouldNotThrow(); }
public void Authority_No_Network_Delay_Load() { Action act = () => PipelineFactory.CreateClient(options => { options.Authority = "http://localhost:6666"; options.ClientId = "scope"; }).GetAsync("http://test").GetAwaiter().GetResult(); act.Should().NotThrow(); }
public void No_ClientName_But_Introspection_Handler() { Action act = () => PipelineFactory.CreateClient(options => { options.IntrospectionEndpoint = "http://endpoint"; options.IntrospectionHttpHandler = new IntrospectionEndpointHandler(IntrospectionEndpointHandler.Behavior.Active); }).GetAsync("http://test").GetAwaiter().GetResult(); act.Should().NotThrow(); }
public void Authority_No_Scope_Details() { Action act = () => PipelineFactory.CreateClient((options) => { options.Authority = "http://foo"; }).GetAsync("http://test").GetAwaiter().GetResult(); act.Should().Throw <InvalidOperationException>() .WithMessage("You must either set a ClientId or set an introspection HTTP handler"); }
public void Endpoint_But_No_Authority() { Action act = () => PipelineFactory.CreateClient(options => { options.IntrospectionEndpoint = "http://endpoint"; options.ClientId = "scope"; }).GetAsync("http://test").GetAwaiter().GetResult(); act.Should().NotThrow(); }
public void No_Token_Retriever() { _options.Authority = "http://foo"; _options.ClientId = "scope"; _options.TokenRetriever = null; Action act = () => PipelineFactory.CreateClient(_options); act.ShouldThrow <ArgumentException>() .Where(e => e.Message.StartsWith("TokenRetriever must be set")); }
public void Caching_With_Caching_Service() { Action act = () => PipelineFactory.CreateClient(options => { options.IntrospectionEndpoint = "http://endpoint"; options.ClientId = "scope"; options.EnableCaching = true; }, addCaching: true).GetAsync("http://test").GetAwaiter().GetResult(); act.Should().NotThrow(); }
public void Caching_Without_Caching_Service() { _options.IntrospectionEndpoint = "http://endpoint"; _options.ClientId = "scope"; _options.EnableCaching = true; Action act = () => PipelineFactory.CreateClient(_options); act.ShouldThrow <ArgumentException>() .Where(e => e.Message.StartsWith("Caching is enabled, but no cache is found in the services collection")); }
public async Task ActiveToken() { _options.IntrospectionHttpHandler = new IntrospectionEndpointHandler(IntrospectionEndpointHandler.Behavior.Active); var client = PipelineFactory.CreateClient(_options); client.SetBearerToken("sometoken"); var result = await client.GetAsync("http://test"); result.StatusCode.Should().Be(HttpStatusCode.OK); }
public async Task no_token_should_return_401() { var client = PipelineFactory.CreateClient(options => { options.Authority = "https://authority"; options.ApiName = "api1"; }); var response = await client.GetAsync("http://api"); response.StatusCode.Should().Be(HttpStatusCode.Unauthorized); }
public async Task Unauthorized_Client() { var handler = new IntrospectionEndpointHandler(IntrospectionEndpointHandler.Behavior.Unauthorized); var client = PipelineFactory.CreateClient(o => _options(o), handler); client.SetBearerToken("sometoken"); var result = await client.GetAsync("http://test"); result.StatusCode.Should().Be(HttpStatusCode.Unauthorized); }
public void Caching_Without_Caching_Service() { Action act = () => PipelineFactory.CreateClient(options => { options.IntrospectionEndpoint = "http://endpoint"; options.ClientId = "scope"; options.EnableCaching = true; }).GetAsync("http://test").GetAwaiter().GetResult(); act.Should().Throw <ArgumentException>() .Where(e => e.Message.StartsWith("Caching is enabled, but no IDistributedCache is found in the services collection")); }
public void No_Token_Retriever() { Action act = () => PipelineFactory.CreateClient(options => { options.Authority = "http://foo"; options.ClientId = "scope"; options.TokenRetriever = null; }).GetAsync("http://test").GetAwaiter().GetResult(); act.Should().Throw <ArgumentException>() .Where(e => e.Message.StartsWith("TokenRetriever must be set")); }
public async Task invalid_jwt_token_should_return_401() { var client = PipelineFactory.CreateClient(options => { options.Authority = "https://demo.identityserver.io"; options.ApiName = "api1"; }); client.SetBearerToken("header.payload.signature"); var response = await client.GetAsync("http://api"); response.StatusCode.Should().Be(HttpStatusCode.Unauthorized); }
public async Task ActiveToken_With_Discovery_Unavailable_On_First_Request() { var handler = new IntrospectionEndpointHandler(IntrospectionEndpointHandler.Behavior.Active); var client = PipelineFactory.CreateClient(o => _options(o), handler); client.SetBearerToken("sometoken"); handler.IsDiscoveryFailureTest = true; await Assert.ThrowsAsync <InvalidOperationException>(async() => await client.GetAsync("http://test")); handler.IsDiscoveryFailureTest = false; var result = await client.GetAsync("http://test"); result.StatusCode.Should().Be(HttpStatusCode.OK); }
public async Task Authority_Trailing_Slash() { _options.Authority = "http://authority.com/"; _options.ClientId = "scope"; var handler = new DiscoveryEndpointHandler(); _options.DiscoveryHttpHandler = handler; var client = PipelineFactory.CreateClient(_options); client.SetBearerToken("token"); var response = await client.GetAsync("http://server/api"); handler.Endpoint.Should().Be("http://authority.com/.well-known/openid-configuration"); }
public async Task Authority_Get_Introspection_Endpoint() { _options.Authority = "http://authority.com/"; _options.ClientId = "scope"; var handler = new DiscoveryEndpointHandler(); _options.DiscoveryHttpHandler = handler; var client = PipelineFactory.CreateClient(_options); client.SetBearerToken("token"); var response = await client.GetAsync("http://server/api"); _options.IntrospectionEndpoint.Should().Be("http://introspection_endpoint"); }
public async Task ActiveToken() { var handler = new IntrospectionEndpointHandler(IntrospectionEndpointHandler.Behavior.Active); var client = PipelineFactory.CreateClient(_options, handler); client.SetBearerToken("sometoken"); var result = await client.GetAsync("http://test"); result.StatusCode.Should().Be(HttpStatusCode.OK); var request = handler.LastRequest; request.Should().ContainKey("client_id").WhichValue.Should().Be(clientId); request.Should().ContainKey("client_secret").WhichValue.Should().Be(clientSecret); }
public async Task ActiveToken_With_ClientAssertion(int ttl, string assertion1, string assertion2) { var handler = new IntrospectionEndpointHandler(IntrospectionEndpointHandler.Behavior.Active); var count = 0; var client = PipelineFactory.CreateClient(o => { _options(o); o.ClientSecret = null; o.Events.OnUpdateClientAssertion = e => { count++; e.ClientAssertion = new ClientAssertion { Type = "testType", Value = "testAssertion" + count }; e.ClientAssertionExpirationTime = DateTime.UtcNow.AddMilliseconds(ttl); return(Task.CompletedTask); }; }, handler); client.SetBearerToken("sometoken"); var result = await client.GetAsync("http://test"); result.StatusCode.Should().Be(HttpStatusCode.OK); var request = handler.LastRequest; request.Should().ContainKey("client_id").WhichValue.Should().Be(clientId); request.Should().ContainKey("client_assertion_type").WhichValue.Should().Be("testType"); request.Should().ContainKey("client_assertion").WhichValue.Should().Be(assertion1); result = await client.GetAsync("http://test"); result.StatusCode.Should().Be(HttpStatusCode.OK); request = handler.LastRequest; request.Should().ContainKey("client_id").WhichValue.Should().Be(clientId); request.Should().ContainKey("client_assertion_type").WhichValue.Should().Be("testType"); request.Should().ContainKey("client_assertion").WhichValue.Should().Be(assertion2); }
public async Task ActiveToken_With_Caching_Ttl_Shorter_Than_Duration() { _options.IntrospectionHttpHandler = new IntrospectionEndpointHandler(IntrospectionEndpointHandler.Behavior.Active, TimeSpan.FromMinutes(5)); _options.EnableCaching = true; _options.CacheDuration = TimeSpan.FromMinutes(10); var client = PipelineFactory.CreateClient(_options, addCaching: true); client.SetBearerToken("sometoken"); var result = await client.GetAsync("http://test"); result.StatusCode.Should().Be(HttpStatusCode.OK); result = await client.GetAsync("http://test"); result.StatusCode.Should().Be(HttpStatusCode.OK); }
public async Task Authority_Get_Introspection_Endpoint() { OAuth2IntrospectionOptions ops = null; var handler = new IntrospectionEndpointHandler(IntrospectionEndpointHandler.Behavior.Active); var client = PipelineFactory.CreateClient(options => { options.Authority = "https://authority.com/"; options.ClientId = "scope"; options.DiscoveryPolicy.RequireKeySet = false; ops = options; }, handler); client.SetBearerToken("token"); await client.GetAsync("http://server/api"); ops.IntrospectionEndpoint.Should().Be("https://authority.com/introspection_endpoint"); }