public async Task ValidateAsync_Successful(string audience,
TokenModel tokenModel,
TokenValidationRequest validationRequest,
TokenValidationResult tokenValidationResult,
TokenValidationResponse tokenValidationResponse)
{
// Arrange
_tokenValidationService
.Setup(x => x.ValidateAsync(audience, tokenModel, CancellationToken.None))
.ReturnsAsync(tokenValidationResult);
_mapper.Setup(x => x.Map <TokenValidationResponse>(tokenValidationResult)).Returns(tokenValidationResponse);
_mapper.Setup(x => x.Map <TokenModel>(It.Is <TokenValidationRequest>(p => p.Token == validationRequest.Token))).Returns(tokenModel);
// Act
var result = await _controller.ValidateAsync(audience, validationRequest, CancellationToken.None);
// Assert
var okObjectResult = result.Should().BeOfType <OkObjectResult>();
okObjectResult.Subject.Value.Should().Be(tokenValidationResponse);
_mapper.VerifyAll();
_tokenValidationService.VerifyAll();
}
public async Task ValidateAsync_Successful(string audience,
TokenModel tokenModel,
TokenValidationResult tokenValidationResult,
TokenValidationRequest validationRequest,
TokenValidationResponse tokenValidationResponse)
{
// Arrange
_tokenValidationService
.Setup(x => x.ValidateAsync(audience, tokenModel, It.IsAny <CancellationToken>()))
.ReturnsAsync(tokenValidationResult);
_mapper.Setup(x => x.Map <TokenModel>(It.Is <TokenValidationRequest>(p => p.Token == validationRequest.Token))).Returns(tokenModel);
_mapper.Setup(x => x.Map <TokenValidationResponse>(tokenValidationResult)).Returns(tokenValidationResponse);
// Act
var result = await _client.PostAsync(string.Format(ValidationRequestPath, audience), new JsonContent(validationRequest));
// Assert
result.StatusCode.Should().Be(StatusCodes.Status200OK);
var resultValue = await result.Content.ReadAsAsync <TokenValidationResponse>();
resultValue.Should().BeEquivalentTo(tokenValidationResponse);
_mapper.VerifyAll();
_tokenValidationService.VerifyAll();
}
public async Task <IActionResult> ValidateAsync([FromRoute] string audience,
[FromBody] TokenValidationRequest validationRequest,
CancellationToken cancellationToken = default)
{
var tokenModel = _mapper.Map <TokenModel>(validationRequest);
_logger.LogInformation("Validation request");
var result = await _tokenValidationService.ValidateAsync(audience, tokenModel, cancellationToken);
return(Ok(_mapper.Map <TokenValidationResponse>(result)));
}
public override async Task <TokenValidationResponse> ValidateToken(
TokenValidationRequest request,
ServerCallContext context)
{
var validationResult = this.jwtValidation.Validate(
request.Jwt.AccessToken,
request.Jwt.Schema);
return(await Task.FromResult(new TokenValidationResponse
{
IsValid = validationResult.IsValid
}));
}
public TokenValidationResponse HandleValidationRequest(TokenValidationRequest request)
{
if (request == null || request.UserId == null || string.IsNullOrEmpty(request.AccessToken) || (request.RefreshIfExpired && string.IsNullOrEmpty(request.RefreshToken)))
{
throw new ArgumentException("invalid token validation request");
}
if (_accessTokenFactory.Validate(request.UserId, request.AccessToken))
{
return(new TokenValidationResponse()
{
IsValid = true,
IsRefreshed = false,
NewAccessToken = null,
NewAccessTokenExpiresIn = null
});
}
else if (_refreshTokenFactory.Validate(request.UserId, request.RefreshToken))
{
Token token = _accessTokenFactory.Generate(request.UserId);
return(new TokenValidationResponse()
{
IsValid = true,
IsRefreshed = true,
NewAccessToken = token.AsString,
NewAccessTokenExpiresIn = token.ExpiresIn
});
}
else
{
return(new TokenValidationResponse()
{
IsValid = false,
IsRefreshed = false,
NewAccessToken = null,
NewAccessTokenExpiresIn = null
});
}
}
public async Task ValidateAsync_BadRequest(string audience,
TokenModel tokenModel,
TokenValidationRequest validationRequest,
TokenValidationException exception)
{
// Arrange
_tokenValidationService
.Setup(x => x.ValidateAsync(audience, tokenModel, It.IsAny <CancellationToken>()))
.ThrowsAsync(exception);
_mapper.Setup(x => x.Map <TokenModel>(It.Is <TokenValidationRequest>(p => p.Token == validationRequest.Token))).Returns(tokenModel);
// Act
var result = await _client.PostAsync(string.Format(ValidationRequestPath, audience), new JsonContent(validationRequest));
// Assert
result.StatusCode.Should().Be(StatusCodes.Status400BadRequest);
var validationProblemDetails = await result.Content.ReadAsAsync <ValidationProblemDetails>();
validationProblemDetails.Detail.Should().Be(exception.Message);
_tokenValidationService.VerifyAll();
}
public async Task ValidateAsync_BadRequest(string audience,
TokenModel tokenModel,
TokenValidationRequest validationRequest,
TokenValidationException exception)
{
// Arrange
_tokenValidationService
.Setup(x => x.ValidateAsync(audience, tokenModel, CancellationToken.None))
.ThrowsAsync(exception);
_mapper.Setup(x => x.Map <TokenModel>(It.Is <TokenValidationRequest>(p => p.Token == validationRequest.Token))).Returns(tokenModel);
// Act
var result = await _controller.ValidateAsync(audience, validationRequest, CancellationToken.None);
// Assert
var badRequestObjectResult = result.Should().BeOfType <BadRequestObjectResult>();
var validationProblem = badRequestObjectResult.Subject.Value.Should().BeOfType <ValidationProblemDetails>();
validationProblem.Subject.Detail.Should().Be(exception.Message);
_tokenValidationService.VerifyAll();
}
public IActionResult Validate([FromBody] TokenValidationRequest request)
{
try { return(Ok(_tokenManager.HandleValidationRequest(request))); }
catch (ArgumentException) { return(BadRequest(new { error = "invalid token validation request" })); }
}
