public async Task GrantCredentials_Refuses_InvalidUser() { string testPass = "******"; var user = CreateUser(); var userStore = new Mock <IUserStore <User> >(); var userManager = new Mock <UserManager>(userStore.Object); userManager.Setup(m => m.FindAsync(user.UserName, testPass)) .Returns(Task.FromResult <User>(null)); var owinCotext = new OwinContext(); owinCotext.Set(userManager.Object); var oAuthContext = new OAuthGrantResourceOwnerCredentialsContext(owinCotext, new OAuthAuthorizationServerOptions(), user.Id, user.UserName, testPass, new List <string>()); var provider = new ApplicationOAuthServerProvider(); // Act await provider.GrantResourceOwnerCredentials(oAuthContext); Assert.IsFalse(oAuthContext.IsValidated); Assert.IsNotNull(oAuthContext.Error); Assert.IsTrue(oAuthContext.Error == "invalid_grant"); Assert.IsNull(oAuthContext.Ticket); userManager.Verify(m => m.FindAsync(user.UserName, testPass), Times.Once); }
// This method is required by Katana: public void Configuration(IAppBuilder app) { // todo move to IOC var context = new UsersDbContext(); IHashProvider hashProvider = new HashProvider(); IRepository <TbaUser> repository = new EfRepository <TbaUser>(context, TimeProvider.Current); IUsersService usersService = new UsersService(repository, TimeProvider.Current, context, hashProvider); OAuthAuthorizationServerProvider oAuthServerProvider = new ApplicationOAuthServerProvider(usersService); ConfigureAuth(app, oAuthServerProvider); var webApiConfiguration = ConfigureWebApi(); //LocalOnly (default), Always, Never webApiConfiguration.IncludeErrorDetailPolicy = IncludeErrorDetailPolicy.Never; app.UseWebApi(webApiConfiguration); UnityResolver.Register(webApiConfiguration); }