Beispiel #1
0
        public async Task ValidateAsync_should_validate_token_using_validator()
        {
            var validatorMock = new Mock <ITokenValidator>();

            validatorMock.Setup(m => m.ValidateAccessTokenAsync(It.IsAny <string>(), It.IsAny <string>())).ReturnsAsync(new TokenValidationResult
            {
                IsError = true
            });

            var context = new ExtensionGrantValidationContext
            {
                Request = new ValidatedTokenRequest
                {
                    Raw = new NameValueCollection
                    {
                        [OidcConstants.TokenRequest.SubjectToken]     = "test",
                        [OidcConstants.TokenRequest.SubjectTokenType] = OidcConstants.TokenTypeIdentifiers.AccessToken,
                    }
                }
            };

            var sut = new TokenExchangeGrantValidator(validatorMock.Object);
            await sut.ValidateAsync(context).ConfigureAwait(false);

            Assert.Equal("invalid_request", context.Result.Error);
        }
Beispiel #2
0
        public async Task ValidateAsync_should_create_impersonation_result()
        {
            var validatorMock = new Mock <ITokenValidator>();

            validatorMock.Setup(m => m.ValidateAccessTokenAsync(It.IsAny <string>(), It.IsAny <string>())).ReturnsAsync(new TokenValidationResult
            {
                IsError = false,
                Claims  = new Claim[]
                {
                    new Claim(JwtClaimTypes.Subject, "test"),
                    new Claim(JwtClaimTypes.ClientId, "test")
                }
            });

            var context = new ExtensionGrantValidationContext
            {
                Request = new ValidatedTokenRequest
                {
                    Raw = new NameValueCollection
                    {
                        [OidcConstants.TokenRequest.SubjectToken]     = "test",
                        [OidcConstants.TokenRequest.SubjectTokenType] = OidcConstants.TokenTypeIdentifiers.AccessToken,
                        ["exchange_style"] = "impersonation"
                    }
                }
            };

            var sut = new TokenExchangeGrantValidator(validatorMock.Object);
            await sut.ValidateAsync(context).ConfigureAwait(false);

            Assert.False(context.Result.IsError);
            Assert.Equal("test", context.Request.ClientId);
            Assert.Contains(context.Result.Subject.Claims, c => c.Type == JwtClaimTypes.Subject && c.Value == "test");
            Assert.Contains(context.Result.Subject.Claims, c => c.Type == JwtClaimTypes.AuthenticationMethod && c.Value == OidcConstants.GrantTypes.TokenExchange);
        }
Beispiel #3
0
        public async Task ValidateAsync_should_verify_subject_token()
        {
            var sut     = new TokenExchangeGrantValidator(new Mock <ITokenValidator>().Object);
            var context = new ExtensionGrantValidationContext
            {
                Request = new ValidatedTokenRequest
                {
                    Raw = new NameValueCollection()
                }
            };
            await sut.ValidateAsync(context).ConfigureAwait(false);

            Assert.Equal("invalid_request", context.Result.Error);

            context.Request.Raw.Add(OidcConstants.TokenRequest.SubjectToken, "test");

            await sut.ValidateAsync(context).ConfigureAwait(false);

            Assert.Equal("invalid_request", context.Result.Error);
        }