private async Task When_refreshing_reused_absolute_token_then_raise_event_with_two_similar_handlers()
{
// Given
var oldHandle = "old_handle";
var client = new Client()
{
RefreshTokenUsage = TokenUsage.ReUse,
RefreshTokenExpiration = TokenExpiration.Absolute
};
var refreshToken = new RefreshToken()
{
AccessToken = new Token("token_type")
{
Client = new Client()
}
};
// When
await _defaultRefreshTokenService.UpdateRefreshTokenAsync(oldHandle, refreshToken, client);
// Then
_eventServiceMock.Verify(x => x.RaiseAsync <RefreshTokenRefreshDetails>(
It.Is <Event <RefreshTokenRefreshDetails> >(p => p.Details.OldHandle == oldHandle && p.Details.NewHandle == oldHandle)), Times.Once);
}
public async Task UpdateRefreshToken_one_time_use_should_create_new_token()
{
var client = new Client
{
ClientId = "client1",
RefreshTokenUsage = TokenUsage.OneTimeOnly
};
var refreshToken = new RefreshToken
{
CreationTime = DateTime.UtcNow,
Lifetime = 10,
AccessToken = new Token
{
ClientId = client.ClientId,
Audiences = { "aud" },
CreationTime = DateTime.UtcNow,
Claims = new List <Claim>()
{
new Claim("sub", "123")
}
}
};
var handle = await _store.StoreRefreshTokenAsync(refreshToken);
(await _subject.UpdateRefreshTokenAsync(handle, refreshToken, client))
.Should().NotBeNull()
.And
.NotBe(handle);
}
public async Task Sliding_Expiration_does_not_exceed_absolute_Expiration()
{
var store = new InMemoryRefreshTokenStore();
var service = new DefaultRefreshTokenService(store);
var client = await _clients.FindClientByIdAsync("roclient_sliding_refresh_expiration_one_time_only");
var token = TokenFactory.CreateAccessToken(client.ClientId, "valid", 60, "read", "write");
var handle = await service.CreateRefreshTokenAsync(token, client);
var refreshToken = await store.GetAsync(handle);
var lifetime = refreshToken.LifeTime;
await Task.Delay(8000);
var newHandle = await service.UpdateRefreshTokenAsync(handle, refreshToken, client);
var newRefreshToken = await store.GetAsync(newHandle);
var newLifetime = newRefreshToken.LifeTime;
newLifetime.Should().Be(client.AbsoluteRefreshTokenLifetime);
}
public async Task Sliding_Expiration_within_absolute_Expiration()
{
var store = new InMemoryRefreshTokenStore();
var service = new DefaultRefreshTokenService(store);
var client = await _clients.FindClientByIdAsync("roclient_sliding_refresh_expiration_one_time_only");
var token = TokenFactory.CreateAccessToken(client.ClientId, "valid", 60, "read", "write");
var handle = await service.CreateRefreshTokenAsync(token, client);
var refreshToken = await store.GetAsync(handle);
var lifetime = refreshToken.LifeTime;
await Task.Delay(1000);
var newHandle = await service.UpdateRefreshTokenAsync(refreshToken, client);
var newRefreshToken = await store.GetAsync(newHandle);
var newLifetime = newRefreshToken.LifeTime;
Assert.AreEqual(newLifetime, client.SlidingRefreshTokenLifetime + 1);
}
public async Task Sliding_Expiration_does_not_exceed_absolute_Expiration()
{
now = DateTimeOffset.UtcNow;
var client = roclient_sliding_refresh_expiration_one_time_only;
var token = CreateAccessToken(client, "valid", 60, "read", "write");
var handle = await service.CreateRefreshTokenAsync(user, token, client);
var refreshToken = await refreshTokenStore.GetAsync(handle);
var lifetime = refreshToken.LifeTime;
now = now.AddSeconds(8);
var newHandle = await service.UpdateRefreshTokenAsync(handle, refreshToken, client);
var newRefreshToken = await refreshTokenStore.GetAsync(newHandle);
var newLifetime = newRefreshToken.LifeTime;
newLifetime.Should().Be(client.AbsoluteRefreshTokenLifetime);
}
public async Task OneTime_Handle_creates_new_Handle()
{
var store = new InMemoryRefreshTokenStore();
var service = new DefaultRefreshTokenService(store);
var client = await _clients.FindClientByIdAsync("roclient_absolute_refresh_expiration_one_time_only");
var token = TokenFactory.CreateAccessToken(client.ClientId, "valid", 60, "read", "write");
var handle = await service.CreateRefreshTokenAsync(token, client);
var newHandle = await service.UpdateRefreshTokenAsync(handle, await store.GetAsync(handle), client);
newHandle.Should().NotBe(handle);
}
public async Task ReUse_Handle_reuses_Handle()
{
var store = new InMemoryRefreshTokenStore();
var service = new DefaultRefreshTokenService(store);
var client = await _clients.FindClientByIdAsync("roclient_absolute_refresh_expiration_reuse");
var token = TokenFactory.CreateAccessToken(client.ClientId, "valid", 60, "read", "write");
var handle = await service.CreateRefreshTokenAsync(token, client);
var newHandle = await service.UpdateRefreshTokenAsync(await store.GetAsync(handle), client);
Assert.AreEqual(handle, newHandle);
}
public async Task UpdateRefreshToken_one_time_use_should_create_new_token()
{
var client = new Client
{
ClientId = "client1",
RefreshTokenUsage = TokenUsage.OneTimeOnly
};
var refreshToken = new RefreshToken
{
CreationTime = DateTime.UtcNow,
Lifetime = 10,
};
var handle = await _store.StoreRefreshTokenAsync(refreshToken);
(await _subject.UpdateRefreshTokenAsync(new RefreshTokenUpdateRequest {
Handle = handle, RefreshToken = refreshToken, Client = client
}))
.Should().NotBeNull()
.And
.NotBe(handle);
}
public async Task Sliding_Expiration_does_not_exceed_absolute_Expiration()
{
var store = new InMemoryRefreshTokenStore();
var service = new DefaultRefreshTokenService(store);
var client = await _clients.FindClientByIdAsync("roclient_sliding_refresh_expiration_one_time_only");
var token = TokenFactory.CreateAccessToken(client.ClientId, "valid", 60, "read", "write");
var handle = await service.CreateRefreshTokenAsync(token, client);
var refreshToken = await store.GetAsync(handle);
var lifetime = refreshToken.LifeTime;
await Task.Delay(8000);
var newHandle = await service.UpdateRefreshTokenAsync(handle, refreshToken, client);
var newRefreshToken = await store.GetAsync(newHandle);
var newLifetime = newRefreshToken.LifeTime;
newLifetime.Should().Be(client.AbsoluteRefreshTokenLifetime);
}
public async Task OneTime_Handle_creates_new_Handle()
{
var store = new InMemoryRefreshTokenStore();
var service = new DefaultRefreshTokenService(store);
var client = await _clients.FindClientByIdAsync("roclient_absolute_refresh_expiration_one_time_only");
var token = TokenFactory.CreateAccessToken(client.ClientId, "valid", 60, "read", "write");
var handle = await service.CreateRefreshTokenAsync(token, client);
var newHandle = await service.UpdateRefreshTokenAsync(handle, await store.GetAsync(handle), client);
newHandle.Should().NotBe(handle);
}
