public async Task GetTokenValidClientReturns200(
TestIdentityServer4TestServerFactory serverFactory,
TestIdentityServer4TestClientFactory clientFactory,
string clientId,
string clientSecret,
string apiResourceName,
string apiResourceDisplayName)
{
using (var server = await serverFactory
.WithClient(new Client
{
ClientId = clientId,
ClientSecrets = new List <Secret> {
new Secret(clientSecret.Sha256())
},
AllowedGrantTypes = GrantTypes.ClientCredentials,
AllowedScopes = new List <string> {
apiResourceName
},
})
.WithApiResource(new ApiResource(apiResourceName, apiResourceDisplayName))
.WithLogging(new XUnitLoggerFactory(this.output))
.Create())
{
using (var client = clientFactory
.WithClientId(clientId)
.WithClientSecret(clientSecret)
.Create(server))
{
var response = await client.GetToken();
Assert.Equal(HttpStatusCode.OK, response.HttpStatusCode);
}
}
}
public async Task InvalidClientSecretRaisesInvalidClientSecretEvent(
TestIdentityServer4TestServerFactory serverFactory,
TestIdentityServer4TestClientFactory clientFactory,
string clientId,
string clientSecret,
string invalidClientSecret,
string apiResourceName,
string apiResourceDisplayName,
IdentityServerEventCapture eventCapture)
{
using (var server = await serverFactory
.WithClient(new Client
{
ClientId = clientId,
ClientSecrets = new List <Secret> {
new Secret(clientSecret.Sha256())
},
AllowedGrantTypes = GrantTypes.ClientCredentials,
AllowedScopes = new List <string> {
apiResourceName
},
})
.WithApiResource(new ApiResource(apiResourceName, apiResourceDisplayName))
.WithEventCapture(eventCapture)
.Create())
{
using (var client = clientFactory
.WithClientId(clientId)
.WithClientSecret(invalidClientSecret)
.Create(server))
{
await client.GetToken();
Assert.True(eventCapture.ContainsMessage("Invalid client secret"));
}
}
}