public async Task Refresh_token_should_be_retained_if_token_response_contains_only_access_token()
{
var document = File.ReadAllText(FileName.Create("success_access_token_response.json"));
var handler = new NetworkHandler(document, HttpStatusCode.OK);
var tokenClient = new TokenClient(
"http://server/token",
"client",
handler);
var indirectOutputOfHttpResponses = new StubHttpResponsesHandler();
var refreshHandler = new RefreshTokenHandler(
tokenClient,
"refresh_token",
"access_token",
indirectOutputOfHttpResponses);
var apiClient = new HttpClient(refreshHandler);
await apiClient.GetStringAsync("http://someapi/somecall");
refreshHandler.RefreshToken
.Should()
.Be("refresh_token", "Refresh token should be retained if token response contains only access token");
}
protected async Task <bool> RefreshAccessTokenAsync(CancellationToken ct)
{
if (RefreshTokenHandler == null)
{
return(false);
}
var refreshToken = await RefreshTokenHandler.RetrieveRefreshTokenAsync(ct).ConfigureAwait(false);
if (refreshToken?.RefreshToken == null)
{
return(false);
}
var parameters = new Dictionary <string, string>(StringComparer.Ordinal);
parameters["client_id"] = ApplicationId;
parameters["redirect_uri"] = ReturnUrl;
//parameters["client_secret"] = "";
parameters["refresh_token"] = refreshToken.RefreshToken;
parameters["grant_type"] = "refresh_token";
var result = await PostAsync <OneDriveToken>("https://login.live.com/oauth20_token.srf", new FormUrlEncodedContent(parameters), ct).ConfigureAwait(false);
await HandleTokenResponseAsync(result, ct).ConfigureAwait(false);
return(IsAuthenticated);
}
public async Task The_401_response_that_causes_token_refresh_and_retry_should_be_disposed_to_unblock_socket()
{
var document = File.ReadAllText(FileName.Create("success_token_response.json"));
var handler = new NetworkHandler(document, HttpStatusCode.OK);
var tokenClient = new TokenClient(
"http://server/token",
"client",
handler);
var tokenResponse = await tokenClient.RequestClientCredentialsAsync();
var indirectOutputOfHttpResponses = new StubHttpResponsesHandler();
var refreshHandler = new RefreshTokenHandler(
tokenClient,
tokenResponse.RefreshToken,
tokenResponse.AccessToken,
indirectOutputOfHttpResponses);
var apiClient = new HttpClient(refreshHandler);
await apiClient.GetStringAsync("http://someapi/somecall");
indirectOutputOfHttpResponses.FirstAttempt401Response
.Disposed
.Should()
.BeTrue("Unauthorized response should be disposed to avoid socket blocking");
}
public void AuthRefreshSetup(string newAccessToken, string newRefreshToken, bool returnError = false)
{
StartServer();
var handler = new RefreshTokenHandler(newAccessToken, newRefreshToken, returnError);
HttpMock.HttpMock
.WhenPost(handler.TokenPath, context => true)
.Do(context => { handler.Handle(context); });
}
private async Task HandleTokenResponseAsync(OneDriveToken result, CancellationToken ct)
{
if (result != null && RefreshTokenHandler != null)
{
var refreshTokenInfo = new RefreshTokenInfo(result.RefreshToken);
await RefreshTokenHandler.SaveRefreshTokenAsync(refreshTokenInfo, ct).ConfigureAwait(false);
}
_accessCode = result?.AccessToken;
UpdateCrendentials(_client);
}
public async Task LogOutAsync(bool removeRefreshToken, bool removeCookies, CancellationToken ct = default)
{
_accessCode = null;
if (removeRefreshToken && RefreshTokenHandler != null)
{
await RefreshTokenHandler.DeleteRefreshTokenAsync(ct).ConfigureAwait(false);
}
if (removeCookies)
{
string logoutUrl = $"https://login.live.com/oauth20_logout.srf?client_id={Uri.EscapeDataString(ApplicationId)}&redirect_uri={Uri.EscapeDataString(ReturnUrl)}";
await GetAsync(logoutUrl, ct).ConfigureAwait(false);
}
}
public async Task ExecuteAsync(CommandContext context)
{
context.Console.WriteLine($"Saving Server Url: {this.ServiceUrl}");
context.Console.WriteLine($"Logging in to {this.Authority} ({this.api.Title} v{this.api.Version} running on {this.api.OS})...");
var data = context.Repository.GetCommandData();
if (data != null && data.Authority == this.Authority)
{
// already logged in?
var discoveryResponse = default(DiscoveryResponse);
using (var discoveryClient = new DiscoveryClient(this.Authority))
{
discoveryResponse = await discoveryClient.GetAsync().ConfigureAwait(false);
if (!discoveryResponse.IsError)
{
using (var tokenClient = new TokenClient(discoveryResponse.TokenEndpoint, "donut_console"))
using (var refreshTokenHandler = new RefreshTokenHandler(tokenClient, data.RefreshToken, data.AccessToken))
using (var userInfoClient = new UserInfoClient(discoveryResponse.UserInfoEndpoint, refreshTokenHandler))
{
var response = await userInfoClient.GetAsync(data.AccessToken).ConfigureAwait(false);
if (!response.IsError)
{
var claimsIdentity = new ClaimsIdentity(response.Claims, "idSvr", "name", "role");
context.Console.WriteLine($"Logged in as {claimsIdentity.Name}.");
return;
}
}
}
}
}
var browser = new SystemBrowser();
var options = new OidcClientOptions
{
Authority = this.Authority,
ClientId = "donut_console",
RedirectUri = $"http://127.0.0.1:{browser.Port}",
Scope = "openid profile users_api accounts_api offline_access",
FilterClaims = false,
Browser = browser
};
var oidcClient = new OidcClient(options);
var result = await oidcClient.LoginAsync(new LoginRequest()).ConfigureAwait(false);
if (result.IsError)
{
context.Console.Error.WriteLine($"Error attempting to log in:{Environment.NewLine}{result.Error}");
return;
}
context.Repository.SetCommandData(
new CommandData
{
Authority = this.Authority,
AccessToken = result.AccessToken,
RefreshToken = result.RefreshToken,
ServiceUrl = this.ServiceUrl,
});
context.Console.WriteLine($"Logged in as {result.User.Identity.Name}.");
}
public DeviceHttpClient(RefreshTokenHandler refreshTokenHandler)
: base(refreshTokenHandler)
{
BaseAddress = new Uri(baseAddress);
DefaultRequestHeaders.Add("ZUMO-API-VERSION", "2.0.0");
}
public async Task <int> TryRunAsync(string[] args)
{
CommandLineOptions options;
try
{
options = CommandLineOptions.Parse(args, this.console);
}
catch (CommandParsingException ex)
{
new ConsoleReporter(this.console).Warn(ex.Message);
return(1);
}
if (options == null)
{
return(1);
}
if (options.Help.HasValue())
{
return(2);
}
if (options.Command == null)
{
return(3);
}
var repository = new CommandDataRepository(this.provider);
if (options.Command is LoginCommand.Reset)
{
await options.Command.ExecuteAsync(new CommandContext(this.console, null, null, null, repository)).ConfigureAwait(false);
return(0);
}
var data = repository.GetCommandData() ??
new CommandData
{
Authority = LoginCommand.DefaultAuthority,
ServiceUrl = LoginCommand.DefaultService,
};
var authority = data.Authority;
var service = data.ServiceUrl;
if (options.Command is LoginCommand loginCommand)
{
authority = loginCommand.Authority;
service = loginCommand.ServiceUrl;
}
else
{
this.console.WriteLine("Executing command against ");
this.console.ForegroundColor = ConsoleColor.White;
this.console.WriteLine($"Authority: {authority}");
this.console.WriteLine($"Service Url: {service}");
this.console.ResetColor();
this.console.WriteLine("...");
}
var discoveryResponse = default(DiscoveryResponse);
using (var discoveryClient = new DiscoveryClient(authority))
{
discoveryResponse = await discoveryClient.GetAsync().ConfigureAwait(false);
if (discoveryResponse.IsError)
{
await this.console.Error.WriteLineAsync(discoveryResponse.Error).ConfigureAwait(false);
return(500);
}
}
var api = default(Api);
using (var client = new HttpClient())
{
try
{
using (var response = client.GetAsync(new Uri($"{service}/platform")).GetAwaiter().GetResult())
{
response.EnsureSuccessStatusCode();
api = JsonConvert.DeserializeObject <Api>(response.Content.ReadAsStringAsync().GetAwaiter().GetResult());
}
}
catch (HttpRequestException)
{
await this.console.Error.WriteLineAsync($"Unable to connect to service: {service}.").ConfigureAwait(false);
return(500);
}
if (api == null)
{
await this.console.Error.WriteLineAsync($"Invalid response from: {service}.").ConfigureAwait(false);
return(500);
}
}
using (var tokenClient = new TokenClient(discoveryResponse.TokenEndpoint, "donut_console"))
using (var refreshTokenHandler = new RefreshTokenHandler(tokenClient, data.RefreshToken, data.AccessToken))
using (var usersClient = new UsersHttpClient(service, refreshTokenHandler))
using (var assetAccountsClient = new AssetAccountsHttpClient(service, refreshTokenHandler))
{
refreshTokenHandler.TokenRefreshed += (sender, e) =>
{
repository.SetCommandData(
new CommandData
{
Authority = authority,
AccessToken = e.AccessToken,
RefreshToken = e.RefreshToken,
ServiceUrl = service,
});
};
var reporter = new ConsoleReporter(this.console, options.Verbose.HasValue(), false);
var context = new CommandContext(this.console, reporter, usersClient, assetAccountsClient, repository);
try
{
await options.Command.ExecuteAsync(context).ConfigureAwait(false);
}
catch (Exception ex)
{
reporter.Error(ex.Message);
return(500);
}
finally
{
this.console.ResetColor();
}
return(0);
}
}
public RefreshTokenHandlerTests()
{
_mocker = new AutoMocker();
_handler = _mocker.CreateInstance <RefreshTokenHandler>();
}
public async Task <int> TryRunAsync(string[] args)
{
CommandLineOptions options;
try
{
options = CommandLineOptions.Parse(args, this.console);
}
catch (CommandParsingException ex)
{
new ConsoleReporter(this.console).Warn(ex.Message);
return(1);
}
if (options == null)
{
return(1);
}
if (options.Help.HasValue())
{
return(2);
}
if (options.Command == null)
{
return(3);
}
var repository = new CommandDataRepository(this.provider);
if (options.Command is LoginCommand.Reset)
{
await options.Command.ExecuteAsync(new CommandContext(this.console, null, null, null, null, null, null, repository)).ConfigureAwait(false);
return(0);
}
var data = repository.GetCommandData() ??
new CommandData
{
Authority = LoginCommand.ProductionAuthority,
};
var authority = data.Authority;
if (options.Command is LoginCommand loginCommand)
{
authority = loginCommand.Authority;
}
else
{
this.console.Write("Executing command against ");
this.console.ForegroundColor = ConsoleColor.White;
this.console.Write(authority);
this.console.ResetColor();
this.console.WriteLine("...");
}
var discoveryResponse = default(DiscoveryResponse);
using (var discoveryClient = new DiscoveryClient(authority))
{
discoveryResponse = await discoveryClient.GetAsync().ConfigureAwait(false);
if (discoveryResponse.IsError)
{
await this.console.Error.WriteLineAsync(discoveryResponse.Error).ConfigureAwait(false);
return(500);
}
}
using (var tokenClient = new TokenClient(discoveryResponse.TokenEndpoint, "auth_console"))
using (var refreshTokenHandler = new RefreshTokenHandler(tokenClient, data.RefreshToken, data.AccessToken))
using (var clientsClient = new ClientsHttpClient(authority, refreshTokenHandler))
using (var apiResourcesClient = new ApiResourcesHttpClient(authority, refreshTokenHandler))
using (var identityResourcesClient = new IdentityResourcesHttpClient(authority, refreshTokenHandler))
using (var rolesClient = new RolesHttpClient(authority, refreshTokenHandler))
using (var usersClient = new UsersHttpClient(authority, refreshTokenHandler))
{
refreshTokenHandler.TokenRefreshed += (sender, e) =>
{
repository.SetCommandData(
new CommandData
{
Authority = authority,
AccessToken = e.AccessToken,
RefreshToken = e.RefreshToken,
});
};
var reporter = new ConsoleReporter(this.console, options.Verbose.HasValue(), false);
var context = new CommandContext(this.console, reporter, clientsClient, apiResourcesClient, identityResourcesClient, rolesClient, usersClient, repository);
try
{
await options.Command.ExecuteAsync(context).ConfigureAwait(false);
}
catch (Exception ex)
{
reporter.Error(ex.Message);
return(500);
}
finally
{
this.console.ResetColor();
}
return(0);
}
}
public RefreshTokenHandlerTests()
{
_tokenRepositoryMock = new Mock <ITokenRepository>();
_refreshTokenHandler = new RefreshTokenHandler(_tokenRepositoryMock.Object);
}
