public void CreateAccessTokenSeesAuthorizingUserResourceOwnerGrant() { var authServerMock = CreateAuthorizationServerMock(); authServerMock .Setup(a => a.CheckAuthorizeResourceOwnerCredentialGrant(ResourceOwnerUsername, ResourceOwnerPassword, It.IsAny <IAccessTokenRequest>())) .Returns <string, string, IAccessTokenRequest>((un, pw, req) => { var response = new AutomatedUserAuthorizationCheckResponse(req, true, ResourceOwnerUsername); Assert.That(req.UserName, Is.EqualTo(ResourceOwnerUsername)); return(response); }); var coordinator = new OAuth2Coordinator <WebServerClient>( AuthorizationServerDescription, authServerMock.Object, new WebServerClient(AuthorizationServerDescription), client => { var authState = new AuthorizationState(TestScopes) { Callback = ClientCallback, }; var result = client.ExchangeUserCredentialForToken(ResourceOwnerUsername, ResourceOwnerPassword, TestScopes); Assert.That(result.AccessToken, Is.Not.Null); }, server => { server.HandleTokenRequest().Respond(); }); coordinator.Run(); }
public void ResourceOwnerScopeOverride() { var clientRequestedScopes = new[] { "scope1", "scope2" }; var serverOverriddenScopes = new[] { "scope1", "differentScope" }; var authServerMock = CreateAuthorizationServerMock(); authServerMock .Setup(a => a.CheckAuthorizeResourceOwnerCredentialGrant(ResourceOwnerUsername, ResourceOwnerPassword, It.IsAny <IAccessTokenRequest>())) .Returns <string, string, IAccessTokenRequest>((un, pw, req) => { var response = new AutomatedUserAuthorizationCheckResponse(req, true, ResourceOwnerUsername); response.ApprovedScope.Clear(); response.ApprovedScope.UnionWith(serverOverriddenScopes); return(response); }); var coordinator = new OAuth2Coordinator <WebServerClient>( AuthorizationServerDescription, authServerMock.Object, new WebServerClient(AuthorizationServerDescription), client => { var authState = new AuthorizationState(TestScopes) { Callback = ClientCallback, }; var result = client.ExchangeUserCredentialForToken(ResourceOwnerUsername, ResourceOwnerPassword, clientRequestedScopes); Assert.That(result.Scope, Is.EquivalentTo(serverOverriddenScopes)); }, server => { server.HandleTokenRequest().Respond(); }); coordinator.Run(); }
public async Task ResourceOwnerScopeOverride() { var clientRequestedScopes = new[] { "scope1", "scope2" }; var serverOverriddenScopes = new[] { "scope1", "differentScope" }; var authServerMock = CreateAuthorizationServerMock(); authServerMock .Setup(a => a.CheckAuthorizeResourceOwnerCredentialGrant(ResourceOwnerUsername, ResourceOwnerPassword, It.IsAny <IAccessTokenRequest>())) .Returns <string, string, IAccessTokenRequest>((un, pw, req) => { var response = new AutomatedUserAuthorizationCheckResponse(req, true, ResourceOwnerUsername); response.ApprovedScope.Clear(); response.ApprovedScope.UnionWith(serverOverriddenScopes); return(response); }); Handle(AuthorizationServerDescription.TokenEndpoint).By( async(req, ct) => { var server = new AuthorizationServer(authServerMock.Object); return(await server.HandleTokenRequestAsync(req, ct)); }); var client = new WebServerClient(AuthorizationServerDescription, hostFactories: this.HostFactories); var result = await client.ExchangeUserCredentialForTokenAsync(ResourceOwnerUsername, ResourceOwnerPassword, clientRequestedScopes); Assert.That(result.Scope, Is.EquivalentTo(serverOverriddenScopes)); }
public AutomatedAuthorizationCheckResponse CheckAuthorizeClientCredentialsGrant(IAccessTokenRequest accessRequest) { var userName = accessRequest.ClientIdentifier; var response = new AutomatedUserAuthorizationCheckResponse(accessRequest, true, userName); return(response); }
WhenCheckAuthorizeResourceOwnerCredentialGrantForUserAccountWithValidCredentialsAndScope_ThenReturnsTrue () { var userAccount = new UserAuthInfo { Roles = new[] { AuthorizationRoles.NormalUser }, PasswordHash = @"sha1:1000:eVtc5YWo+HlEziLNmLoMDrdY8tNr71CG:iZN6EMU5uX1aF70dfFgTGA+wNToqUsnG", }; userStore.Setup(us => us.GetUserAuthInfo(It.IsAny <string>())) .Returns(userAccount); var request = new Mock <IAccessTokenRequest>(); request.Setup(r => r.Scope).Returns(new HashSet <string>(new[] { AccessScope.Profile })); request.Setup(r => r.ClientIdentifier).Returns("foo"); clientStore.Setup(cs => cs.GetClient(It.IsAny <string>())) .Returns(new Mock <IClientDescription>().Object); AutomatedUserAuthorizationCheckResponse result = server.CheckAuthorizeResourceOwnerCredentialGrant("username", "password", request.Object); Assert.True(result.IsApproved); }
public void WhenCheckAuthorizeResourceOwnerCredentialGrantWithUnknownUserName_ThenReturnsFalse() { userStore.Setup(us => us.GetUserAuthInfo(It.IsAny <string>())) .Returns((UserAuthInfo)null); var request = new Mock <IAccessTokenRequest>(); request.Setup(r => r.Scope).Returns(new HashSet <string>(new[] { "ascope" })); AutomatedUserAuthorizationCheckResponse result = server.CheckAuthorizeResourceOwnerCredentialGrant("username", "password", request.Object); Assert.False(result.IsApproved); }
public void WhenCheckAuthorizeResourceOwnerCredentialGrantWithNullClientIdentifier_ThenReturnsFalse() { var userAccount = new UserAuthInfo { PasswordHash = @"sha1:1000:eVtc5YWo+HlEziLNmLoMDrdY8tNr71CG:iZN6EMU5uX1aF70dfFgTGA+wNToqUsnG", }; userStore.Setup(us => us.GetUserAuthInfo(It.IsAny <string>())) .Returns(userAccount); var request = new Mock <IAccessTokenRequest>(); request.Setup(r => r.Scope).Returns(new HashSet <string>(new[] { "ascope" })); AutomatedUserAuthorizationCheckResponse result = server.CheckAuthorizeResourceOwnerCredentialGrant("username", "password", request.Object); Assert.False(result.IsApproved); }
WhenCheckAuthorizeResourceOwnerCredentialGrantWithForUserAccountWithInvalidPassword_ThenReturnsFalse() { var userAccount = new UserAuthInfo { PasswordHash = "", }; userStore.Setup(us => us.GetUserAuthInfo(It.IsAny <string>())) .Returns(userAccount); var request = new Mock <IAccessTokenRequest>(); request.Setup(r => r.Scope).Returns(new HashSet <string>(new[] { "ascope" })); AutomatedUserAuthorizationCheckResponse result = server.CheckAuthorizeResourceOwnerCredentialGrant("username", "password", request.Object); Assert.False(result.IsApproved); }
public async Task CreateAccessTokenSeesAuthorizingUserResourceOwnerGrant() { var authServerMock = CreateAuthorizationServerMock(); authServerMock .Setup(a => a.CheckAuthorizeResourceOwnerCredentialGrant(ResourceOwnerUsername, ResourceOwnerPassword, It.IsAny <IAccessTokenRequest>())) .Returns <string, string, IAccessTokenRequest>((un, pw, req) => { var response = new AutomatedUserAuthorizationCheckResponse(req, true, ResourceOwnerUsername); Assert.That(req.UserName, Is.EqualTo(ResourceOwnerUsername)); return(response); }); Handle(AuthorizationServerDescription.TokenEndpoint).By( async(req, ct) => { var server = new AuthorizationServer(authServerMock.Object); return(await server.HandleTokenRequestAsync(req, ct)); }); var client = new WebServerClient(AuthorizationServerDescription, hostFactories: this.HostFactories); var result = await client.ExchangeUserCredentialForTokenAsync(ResourceOwnerUsername, ResourceOwnerPassword, TestScopes); Assert.That(result.AccessToken, Is.Not.Null); }
public AutomatedAuthorizationCheckResponse CheckAuthorizeClientCredentialsGrant(IAccessTokenRequest accessRequest) { AutomatedUserAuthorizationCheckResponse response = new AutomatedUserAuthorizationCheckResponse(accessRequest, true, "test"); return(response); }