public void NoParameters()
{
var validator = new TokenRequestValidator();
var app = _testConfig.FindApplication("test");
var result = validator.Validate(app, null, null);
}
public void EmptyParameters()
{
var validator = new TokenRequestValidator();
var app = _testConfig.FindApplication("test");
var result = validator.Validate(app, new TokenRequest(), _codeClient);
}
public void ExpiredRefreshToken()
{
TestTokenHandleManager handleManager =
new TestTokenHandleManager("abc", "codeclient", "https://validredirect", expired: true);
var validator = new TokenRequestValidator(handleManager);
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.RefreshToken,
Refresh_Token = "abc"
};
try
{
var result = validator.Validate(app, request, _client);
}
catch (TokenRequestValidationException ex)
{
Assert.AreEqual(OAuthConstants.Errors.InvalidGrant, ex.OAuthError);
return;
}
Assert.Fail("No exception thrown.");
}
public void MissingClientId()
{
var validator = new TokenRequestValidator();
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.Password,
UserName = "******",
Password = "******",
Scope = "read"
};
try
{
var client = Principal.Create("Test",
new Claim("password", "secret"));
var result = validator.Validate(app, request, client);
}
catch (TokenRequestValidationException ex)
{
Assert.AreEqual(OAuthConstants.Errors.InvalidClient, ex.OAuthError);
return;
}
Assert.Fail("No exception thrown.");
}
public void ValidRequest()
{
var validator = new TokenRequestValidator(_handleManager);
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.RefreshToken,
Refresh_Token = "abc"
};
var result = validator.Validate(app, request, _client);
}
public void ValidSingleScope()
{
var validator = new TokenRequestValidator();
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.ClientCredentials,
Scope = "read"
};
var result = validator.Validate(app, request, _client);
}
public void ValidCodeGrant()
{
var validator = new TokenRequestValidator(new TestTokenHandleManager("codeclient", "https://todo"));
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.AuthorizationCode,
Code = "abc",
Redirect_Uri = "https://todo"
};
var result = validator.Validate(app, request, _codeClient);
}
public void ValidSingleScope()
{
var validator = new TokenRequestValidator(_clientManager);
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = "assertion",
Assertion = "assertion",
Scope = "read"
};
var result = validator.Validate(app, request, _client);
}
public void ValidSingleScope()
{
var validator = new TokenRequestValidator(_handleManager);
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.AuthorizationCode,
Code = "abc",
Redirect_Uri = "https://validredirect"
};
var result = validator.Validate(app, request, _client);
}
public void ValidSingleScope()
{
var validator = new TokenRequestValidator();
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.Password,
UserName = "******",
Password = "******",
Scope = "read"
};
var result = validator.Validate(app, request, _client);
}
public void MissingScope()
{
var validator = new TokenRequestValidator();
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.ClientCredentials,
};
try
{
var result = validator.Validate(app, request, _client);
}
catch (TokenRequestValidationException ex)
{
Assert.AreEqual(OAuthConstants.Errors.InvalidScope, ex.OAuthError);
return;
}
Assert.Fail("No exception thrown.");
}
public void MissingCode()
{
var validator = new TokenRequestValidator(_handleManager);
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.RefreshToken,
};
try
{
var result = validator.Validate(app, request, _client);
}
catch (TokenRequestValidationException ex)
{
Assert.AreEqual(OAuthConstants.Errors.InvalidGrant, ex.OAuthError);
return;
}
Assert.Fail("No exception thrown.");
}
public void MissingScope()
{
var validator = new TokenRequestValidator(_clientManager);
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.Password,
UserName = "******",
Password = "******",
};
try
{
var result = validator.Validate(app, request, _client);
}
catch (TokenRequestValidationException ex)
{
Assert.AreEqual(OAuthConstants.Errors.InvalidScope, ex.OAuthError);
return;
}
Assert.Fail("No exception thrown.");
}
public void NonMatchingRedirectUri()
{
var validator = new TokenRequestValidator(_handleManager);
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.AuthorizationCode,
Code = "abc",
Redirect_Uri = "https://invalidredirect"
};
try
{
var result = validator.Validate(app, request, _client);
}
catch (TokenRequestValidationException ex)
{
Assert.AreEqual(OAuthConstants.Errors.InvalidRequest, ex.OAuthError);
return;
}
Assert.Fail("No exception thrown.");
}
public void UnknownScope()
{
var validator = new TokenRequestValidator(_clientManager);
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = "assertion",
Assertion = "assertion",
Scope = "unknown"
};
try
{
var result = validator.Validate(app, request, _client);
}
catch (TokenRequestValidationException ex)
{
Assert.AreEqual(OAuthConstants.Errors.InvalidScope, ex.OAuthError);
return;
}
Assert.Fail("No exception thrown.");
}
public void NoParameters()
{
var validator = new TokenRequestValidator();
var app = _testConfig.FindApplication("test");
try
{
var result = validator.Validate(app, null, null);
}
catch (TokenRequestValidationException ex)
{
Assert.AreEqual(OAuthConstants.Errors.InvalidRequest, ex.OAuthError);
return;
}
Assert.Fail("No exception thrown.");
}
public void UnauthorizedScopeMultiple()
{
var validator = new TokenRequestValidator();
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.Password,
UserName = "******",
Password = "******",
Scope = "read delete"
};
var result = validator.Validate(app, request, _resourceOwnerClient);
}
public void AnonymousCodeGrant()
{
var validator = new TokenRequestValidator();
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.AuthorizationCode,
Code = "abc",
Redirect_Uri = "https://validredirect"
};
try
{
var result = validator.Validate(app, request, Principal.Anonymous);
}
catch (TokenRequestValidationException ex)
{
Assert.AreEqual(OAuthConstants.Errors.InvalidClient, ex.OAuthError);
return;
}
Assert.Fail("No exception thrown.");
}
public void DisabledClient()
{
var validator = new TokenRequestValidator();
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.ClientCredentials
};
try
{
var client = Principal.Create("Test",
new Claim("client_id", "disabledclient"),
new Claim("secret", "secret"));
var result = validator.Validate(app, request, client);
}
catch (TokenRequestValidationException ex)
{
Assert.AreEqual(OAuthConstants.Errors.InvalidClient, ex.OAuthError);
return;
}
Assert.Fail("No exception thrown.");
}
public void UnauthorizedClientCredentialGrant()
{
var validator = new TokenRequestValidator(_handleManager, _clientManager);
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.ClientCredentials,
};
try
{
var result = validator.Validate(app, request, _client);
}
catch (TokenRequestValidationException ex)
{
Assert.AreEqual(OAuthConstants.Errors.UnauthorizedClient, ex.OAuthError);
return;
}
Assert.Fail("No exception thrown.");
}
public void UnauthorizedCodeGrant()
{
var validator = new TokenRequestValidator(new TestTokenHandleManager(null, null));
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.AuthorizationCode,
Code = "abc"
};
var result = validator.Validate(app, request, _resourceOwnerClient);
}
public void UnauthorizedScopeSingle()
{
var validator = new TokenRequestValidator();
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.Password,
UserName = "******",
Password = "******",
Scope = "delete"
};
try
{
var result = validator.Validate(app, request, _client);
}
catch (TokenRequestValidationException ex)
{
Assert.AreEqual(OAuthConstants.Errors.InvalidScope, ex.OAuthError);
return;
}
Assert.Fail("No exception thrown.");
}
public void MissingAssertionValue()
{
var validator = new TokenRequestValidator();
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = "assertion",
Scope = "read"
};
try
{
var result = validator.Validate(app, request, _client);
}
catch (TokenRequestValidationException ex)
{
Assert.AreEqual(OAuthConstants.Errors.UnsupportedGrantType, ex.OAuthError);
return;
}
Assert.Fail("No exception thrown.");
}
public void UnauthorizedCodeGrant()
{
TestTokenHandleManager handleManager =
new TestTokenHandleManager("abc", "codeclient", "https://validredirect");
var validator = new TokenRequestValidator(handleManager);
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.AuthorizationCode,
};
try
{
var result = validator.Validate(app, request, _client);
}
catch (TokenRequestValidationException ex)
{
Assert.AreEqual(OAuthConstants.Errors.UnauthorizedClient, ex.OAuthError);
return;
}
Assert.Fail("No exception thrown.");
}
public void MissingResourceOwnerPassword()
{
var validator = new TokenRequestValidator();
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.Password,
UserName = "******",
Scope = "read"
};
try
{
var result = validator.Validate(app, request, _client);
}
catch (TokenRequestValidationException ex)
{
Assert.AreEqual(OAuthConstants.Errors.InvalidGrant, ex.OAuthError);
return;
}
Assert.Fail("No exception thrown.");
}
public void MissingGrantTypeWithPassword()
{
var validator = new TokenRequestValidator();
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
UserName = "******",
Password = "******",
Scope = "read"
};
var result = validator.Validate(app, request, _resourceOwnerClient);
}
public void UnknownGrantType()
{
var validator = new TokenRequestValidator();
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = "unknown"
};
try
{
var result = validator.Validate(app, request, null);
}
catch (TokenRequestValidationException ex)
{
Assert.AreEqual(OAuthConstants.Errors.UnsupportedGrantType, ex.OAuthError);
return;
}
Assert.Fail("No exception thrown.");
}
public void InvalidCodeToClientBinding()
{
var handleManager =
new TestTokenHandleManager("abc", "someotherclient", "https://validredirect");
var validator = new TokenRequestValidator(handleManager, _clientManager);
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.AuthorizationCode,
Code = "abc",
Redirect_Uri = "https://validredirect"
};
try
{
var result = validator.Validate(app, request, _client);
}
catch (TokenRequestValidationException ex)
{
Assert.AreEqual(OAuthConstants.Errors.InvalidGrant, ex.OAuthError);
return;
}
Assert.Fail("No exception thrown.");
}
public void AnonymousCodeGrant()
{
var validator = new TokenRequestValidator();
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.AuthorizationCode,
Code = "abc"
};
var result = validator.Validate(app, request, Principal.Anonymous);
}
public void UnknownGrantType()
{
var validator = new TokenRequestValidator();
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = "unknown"
};
var result = validator.Validate(app, request, _resourceOwnerClient);
}