public async Task CreateOAuth2Scope()
{
var testClient = TestClient.Create();
var testAuthorizationServerName = $"{SdkPrefix}:Test AuthZ Server ({TestClient.RandomString(4)})";
var testAuthorizationServer = new AuthorizationServer
{
Name = testAuthorizationServerName,
Description = "Test Authorization Server",
Audiences = new string[] { "api://default" },
};
var testOAuthScope = new OAuth2Scope
{
Name = $"{SdkPrefix}:{nameof(CreateOAuth2Scope)}:TestOAuth2Scope({TestClient.RandomString(4)})",
};
var createdAuthorizationServer = await testClient.AuthorizationServers.CreateAuthorizationServerAsync(testAuthorizationServer);
var createdOAuthScope = await createdAuthorizationServer.CreateOAuth2ScopeAsync(testOAuthScope);
try
{
createdOAuthScope.Should().NotBeNull();
createdOAuthScope.Name.Should().Be(testOAuthScope.Name);
}
finally
{
await createdAuthorizationServer.DeleteOAuth2ScopeAsync(createdOAuthScope.Id);
await createdAuthorizationServer.DeactivateAsync();
await testClient.AuthorizationServers.DeleteAuthorizationServerAsync(createdAuthorizationServer.Id);
}
}
public async Task DeleteOAuth2Scope()
{
var testClient = TestClient.Create();
var testAuthorizationServerName = $"{SdkPrefix}:Test AuthZ Server ({TestClient.RandomString(4)})";
var testAuthorizationServer = new AuthorizationServer
{
Name = testAuthorizationServerName,
Description = "Test Authorization Server",
Audiences = new string[] { "api://default" },
};
var testOAuthScope = new OAuth2Scope
{
Name = $"{SdkPrefix}:{nameof(DeleteOAuth2Scope)}:TestOAuth2Scope({TestClient.RandomString(4)})",
Consent = "REQUIRED",
MetadataPublish = "ALL_CLIENTS",
};
var createdAuthorizationServer = await testClient.AuthorizationServers.CreateAuthorizationServerAsync(testAuthorizationServer);
var createdOAuthScope = await createdAuthorizationServer.CreateOAuth2ScopeAsync(testOAuthScope);
try
{
createdAuthorizationServer.Should().NotBeNull();
createdOAuthScope.Should().NotBeNull();
var retrievedOAuthScope = await testClient.AuthorizationServers.GetOAuth2ScopeAsync(createdAuthorizationServer.Id, createdOAuthScope.Id);
retrievedOAuthScope.Should().NotBeNull();
await testClient.AuthorizationServers.DeleteOAuth2ScopeAsync(createdAuthorizationServer.Id, createdOAuthScope.Id);
var ex = await Assert.ThrowsAsync <OktaApiException>(() => testClient.AuthorizationServers.GetOAuth2ScopeAsync(createdAuthorizationServer.Id, createdOAuthScope.Id));
ex.StatusCode.Should().Be(404);
}
finally
{
await createdAuthorizationServer.DeactivateAsync();
await testClient.AuthorizationServers.DeleteAuthorizationServerAsync(createdAuthorizationServer.Id);
}
}
public OAuth2User GetUser(string identifier, string password)
{
OAuth2User entity = null;
using (IEntityContext context = DependencyInjection.Get<IEntityContext>())
{
using (IOAuth2UserRepository repository = DependencyInjection.Get<IOAuth2UserRepository>(InjectionParameter.Create("context", context)))
{
OAuth2Scope scope = null;
QueryOver<OAuth2UserScope, OAuth2UserScope> subQuery =
QueryOver.Of<OAuth2UserScope>()
.Where(x => x.ValidFrom <= DateTime.UtcNow)
.And(x => x.ValidUntil > DateTime.UtcNow)
// Join with OAUTH2SCOPE, search for valid data.
.JoinAlias(x => x.Scope, () => scope)
.And(() => scope.ValidFrom <= DateTime.UtcNow)
.And(() => scope.ValidUntil > DateTime.UtcNow)
// Just keep the USER.ID to use in the query.
.Select(t => t.User.ID);
IQueryOver<OAuth2User, OAuth2User> query =
repository.Query()
.Fetch(x => x.UserScopes).Eager
.Fetch(x => x.UserIdentities).Eager
.Where(x => x.Identifier == identifier)
.And(x => x.Password == password)
.WithSubquery.WhereProperty(x => x.ID).In(subQuery)
.TransformUsing(Transformers.DistinctRootEntity);
entity = query.List().SingleOrDefault();
}
context.Commit();
}
return entity;
}
public async Task ListOAuth2Scopes()
{
var testClient = TestClient.Create();
var testAuthorizationServerName = $"{SdkPrefix}:Test AuthZ Server ({TestClient.RandomString(4)})";
var testAuthorizationServer = new AuthorizationServer
{
Name = testAuthorizationServerName,
Description = "Test Authorization Server",
Audiences = new string[] { "api://default" },
};
var testOAuthScope = new OAuth2Scope
{
Name = $"{SdkPrefix}:{nameof(ListOAuth2Scopes)}:TestOAuth2Scope({TestClient.RandomString(4)})",
};
var createdAuthorizationServer = await testClient.AuthorizationServers.CreateAuthorizationServerAsync(testAuthorizationServer);
var createdOAuthScope = await createdAuthorizationServer.CreateOAuth2ScopeAsync(testOAuthScope);
try
{
var allAuthorizationServerScopes = await createdAuthorizationServer.ListOAuth2Scopes().ToListAsync();
allAuthorizationServerScopes.Should().NotBeNull();
allAuthorizationServerScopes.Count.Should().BeGreaterThan(0);
allAuthorizationServerScopes.Select(scope => scope.Id).ToHashSet().Should().Contain(createdOAuthScope.Id);
}
finally
{
await createdAuthorizationServer.DeleteOAuth2ScopeAsync(createdOAuthScope.Id);
await createdAuthorizationServer.DeactivateAsync();
await testClient.AuthorizationServers.DeleteAuthorizationServerAsync(createdAuthorizationServer.Id);
}
}
public OAuth2TokenResponse GetAccessTokenFromUserKey(string userKey, string state, OAuth2Scope scopes)
{
return GetAccessTokenFromUserKey(userKey, state, scopes.ToStringArray());
}
public string CreateAuthorizeRequest(string state,bool isAdmin, OAuth2Scope scopes)
{
return CreateAuthorizeRequest(state, isAdmin, scopes.ToStringArray());
}
string CreateAuthorizeRequest(string userKey, string state, OAuth2Scope scopes)
{
return $"{base.CreateAuthorizeRequest(state, scopes)}&key={userKey}";
}
public OAuth2TokenResponse GetAccessTokenForInvitee(string firstname, string lastname, string email, OAuth2Scope scopes)
{
return GetAccessTokenForInvitee(firstname, lastname, email, scopes.ToStringArray());
}
public string CreateAuthorizeRequest(string state, OAuth2Scope scopes)
{
return CreateAuthorizeRequest(state, scopes.ToString("F").Split(',').Select(t => t.Trim()).ToArray());
}
