/// <summary> /// Handle the request to authorize the request /// </summary> /// <param name="request">The request to handle</param> /// <param name="jsonRequest">The parameters of the call, if JSON request</param> public DnoaAuthZResponse HandleTokenRequest(IRequest request, CreateAccessToken jsonRequest) { OutgoingWebResponse response = GetResponse(request, jsonRequest); var responseBody = response.Body.FromJson <Dictionary <string, string> >(); if (response.Status == HttpStatusCode.OK) { return(new DnoaAuthZResponse { AccessToken = responseBody[@"access_token"], RefreshToken = responseBody[@"refresh_token"], ExpiresIn = responseBody[@"expires_in"], TokenType = responseBody[@"token_type"], Scope = responseBody[@"scope"], }); } string error = (responseBody.ContainsKey(@"error")) ? responseBody[@"error"] : string.Empty; string message = (responseBody.ContainsKey(@"error_description")) ? responseBody[@"error_description"] : error; throw LogicErrorThrower.RuleViolation(message); }
public void WhenPostCreateAccessForRefreshToken_ThenCreatesResource() { Client.AddCredentials(Clients.Test.ClientApplication.ClientIdentifier, Clients.Test.ClientApplication.ClientSecret); //Get an access token CreateAccessToken request1 = MakeCreateAccessToken(); request1.Username = Clients.Test.ClientUserAccount.AuthInfo.Username; request1.Password = Clients.Test.ClientUserAccount.Password; CreateAccessTokenResponse result1 = Client.Post(request1); Assert.True(result1.AccessToken.HasValue()); Assert.Equal(TimeSpan.FromMinutes(15).TotalSeconds.ToString(CultureInfo.InvariantCulture), result1.ExpiresIn); Assert.True(result1.RefreshToken.HasValue()); Assert.Equal(AccessScope.Profile, result1.Scope); // Get a refresh token var request2 = new CreateAccessToken { GrantType = GrantTypes.RefreshToken, RefreshToken = result1.RefreshToken, }; CreateAccessTokenResponse result2 = Client.Post(request2); Assert.True(result2.AccessToken.HasValue()); Assert.Equal(TimeSpan.FromMinutes(15).TotalSeconds.ToString(CultureInfo.InvariantCulture), result2.ExpiresIn); Assert.True(result2.RefreshToken.HasValue()); Assert.Equal(AccessScope.Profile, result2.Scope); }
public void WhenPostCreateAccessTokenWithoutClientApplicationCredentials_ThenThrows() { CreateAccessToken request = MakeCreateAccessToken(); Assert.Throws <InvalidOperationException>(HttpErrorCode.FromHttpStatusCode(HttpStatusCode.BadRequest), () => Client.Post <HttpWebResponse>(request)); }
public void WhenPostCreateAccessTokenForNormalUser_ThenAccessTokenReturned() { Assert.Equal("user", normalUser.Roles); CreateAccessToken request = MakeCreateAccessToken(normalUser); AssertTokenCreated(Client.Post(request)); }
public void WhenPostCreateAccessTokenForParticipantUser_ThenAccessTokenReturned() { Assert.Equal("participant", participantUser.Roles); CreateAccessToken request = MakeCreateAccessToken(participantUser); AssertTokenCreated(Client.Post(request)); }
public CreateAccessTokenResponse Post(CreateAccessToken body) { return(ProcessRequest(body, HttpStatusCode.Created, () => { var response = this.AccessTokensManager.CreateAccessToken(this.Request, body); this.SetLocationHeader(GetCreateAccessTokenResponseId(response)); return response; })); }
public void WhenPostCreateAccessTokenWithUnknownUsername_ThenThrows() { Client.AddCredentials(Clients.Test.ClientApplication.ClientIdentifier, Clients.Test.ClientApplication.ClientSecret); CreateAccessToken request = MakeCreateAccessToken(); Assert.Throws <InvalidOperationException>(HttpErrorCode.FromHttpStatusCode(HttpStatusCode.BadRequest), () => Client.Post <HttpWebResponse>(request)); }
public void WhenPostCreateAccessTokenWithUnknownClientApplication_ThenThrows() { Client.AddCredentials("aclientapp", "asecret"); CreateAccessToken request = MakeCreateAccessToken(); request.Username = Clients.Test.ClientUserAccount.AuthInfo.Username; request.Password = Clients.Test.ClientUserAccount.Password; Assert.Throws <InvalidOperationException>(HttpErrorCode.FromHttpStatusCode(HttpStatusCode.BadRequest), () => Client.Post <HttpWebResponse>(request)); }
public void WhenPostCreateAccessTokenWithWrongUserPassword_ThenThrows() { Client.AddCredentials(Clients.Test.ClientApplication.ClientIdentifier, Clients.Test.ClientApplication.ClientSecret); CreateAccessToken request = MakeCreateAccessToken(); request.Username = Clients.Test.ClientUserAccount.AuthInfo.Username; request.Password = "******"; Assert.Throws <InvalidOperationException>(HttpErrorCode.FromHttpStatusCode(HttpStatusCode.BadRequest), () => Client.Post <HttpWebResponse>(request)); }
public void Initialize() { validator = new CreateAccessTokenValidator(); dto = new CreateAccessToken { GrantType = GrantTypes.AccessToken, Password = "******", Username = "******", RefreshToken = "arefreshtoken", Scope = "ascope", }; }
private OutgoingWebResponse GetResponse(IRequest request, CreateAccessToken jsonRequest) { var authZServer = new AuthorizationServer(OAuthorizationServer); if (request.ContentType == MimeTypes.Json) { // Request is coming from A JSON client return(authZServer.HandleTokenRequest(ConvertJsonRequestToFormRequest(request, jsonRequest))); } // Request is likely coming from DNOA client return(authZServer.HandleTokenRequest((HttpRequestBase)request.OriginalRequest)); }
public async Task Should_Throw_IdentityException_On_Not_Existing_User() { //arrange var(fakeUser, sut, _) = Arrange(); var createAccessToken = new CreateAccessToken(fakeUser.Id); //act Func <Task> action = async() => await sut.Handle(createAccessToken, new CancellationToken()); //assert action.Should().Throw <IdentityException>(); await Task.CompletedTask; }
public async Task Should_Create_AccessToken() { //arrange var(fakeUser, sut, userRepository) = Arrange(); userRepository.GetAsync(Arg.Any <string>()).ReturnsForAnyArgs(fakeUser); userRepository.GetAsync(Arg.Any <Guid>()).ReturnsForAnyArgs(fakeUser); var createAccessToken = new CreateAccessToken(fakeUser.Id); //act Func <Task> action = async() => await sut.Handle(createAccessToken, new CancellationToken()); //assert action.Should().NotThrow(); await Task.CompletedTask; }
public override void WhenPostCreateAccessToken_ThenCreatesResource() { Client.AddCredentials(Clients.Test.ClientApplication.ClientIdentifier, Clients.Test.ClientApplication.ClientSecret); CreateAccessToken request = MakeCreateAccessToken(); request.Username = Clients.Test.ClientUserAccount.AuthInfo.Username; request.Password = Clients.Test.ClientUserAccount.Password; CreateAccessTokenResponse result = Client.Post(request); Assert.True(result.AccessToken.HasValue()); Assert.Equal(TimeSpan.FromMinutes(15).TotalSeconds.ToString(CultureInfo.InvariantCulture), result.ExpiresIn); Assert.True(result.RefreshToken.HasValue()); Assert.Equal(AccessScope.Profile, result.Scope); }
/// <summary> /// Creates a new access token for a specific user. /// </summary> internal CreateAccessTokenResponse CreateAccessToken(IRequest request, CreateAccessToken body) { Guard.NotNull(() => request, request); Guard.NotNull(() => body, body); // Delegate to DNOA to process the incoming request DnoaAuthZResponse response = DnoaAuthorizationServer.HandleTokenRequest(request, body); var accessToken = new CreateAccessTokenResponse { AccessToken = response.AccessToken, RefreshToken = response.RefreshToken, ExpiresIn = response.ExpiresIn, TokenType = response.TokenType, Scope = response.Scope, }; //TODO: Audit the creation of the access_token return(accessToken); }
/// <summary> /// Populates the request object form fields from fields in body /// </summary> /// <remarks> /// The DotNetOpenAuth library expects a <see cref="MimeTypes.FormUrlEncoded" /> request that contains all the /// necessary form fields, /// (equivalent to the fields in the JSON body). /// When we call this REST method from the DotNetOpenAuth client, the form fields are populated, /// AND ServiceStack reads them into the fields of the JSON body for us. /// When we call this REST method from a JsonClient however, the form fields are not populated from the fields of the /// JSON body. /// This needs to be done manually before the DotNetOpenAuth methods will complete properly. /// </remarks> private static HttpRequestMessage ConvertJsonRequestToFormRequest(IRequest request, CreateAccessToken jsonRequest) { var requestMsg = new HttpRequestMessage(HttpMethod.Post, request.AbsoluteUri); var fields = new List <KeyValuePair <string, string> > { new KeyValuePair <string, string>(@"grant_type", jsonRequest.GrantType), new KeyValuePair <string, string>(@"username", jsonRequest.Username), new KeyValuePair <string, string>(@"password", jsonRequest.Password), new KeyValuePair <string, string>(@"refresh_token", jsonRequest.RefreshToken), new KeyValuePair <string, string>(@"scope", jsonRequest.Scope), }; // Fill in form content requestMsg.Content = new FormUrlEncodedContent(fields); //Copy any headers from original request (except ContentType and ContentLength) request.Headers .ToDictionary() .ForEach((name, value) => { if (!name.Equals(HttpHeaders.ContentType) && !name.Equals(HttpHeaders.ContentLength)) { requestMsg.Headers.Add(name, value); } }); // Set caching header requestMsg.Headers.Add(HttpHeaders.CacheControl, new[] { "no-store", "no-cache" }); return(requestMsg); }
CreateAccessTokenResponse IAccessTokensManager.CreateAccessToken(IRequest request, CreateAccessToken body) { return(CreateAccessToken(request, body)); }