public void WhenPostCreateAccessForRefreshToken_ThenCreatesResource()
{
Client.AddCredentials(Clients.Test.ClientApplication.ClientIdentifier,
Clients.Test.ClientApplication.ClientSecret);
//Get an access token
CreateAccessToken request1 = MakeCreateAccessToken();
request1.Username = Clients.Test.ClientUserAccount.AuthInfo.Username;
request1.Password = Clients.Test.ClientUserAccount.Password;
CreateAccessTokenResponse result1 = Client.Post(request1);
Assert.True(result1.AccessToken.HasValue());
Assert.Equal(TimeSpan.FromMinutes(15).TotalSeconds.ToString(CultureInfo.InvariantCulture),
result1.ExpiresIn);
Assert.True(result1.RefreshToken.HasValue());
Assert.Equal(AccessScope.Profile, result1.Scope);
// Get a refresh token
var request2 = new CreateAccessToken
{
GrantType = GrantTypes.RefreshToken,
RefreshToken = result1.RefreshToken,
};
CreateAccessTokenResponse result2 = Client.Post(request2);
Assert.True(result2.AccessToken.HasValue());
Assert.Equal(TimeSpan.FromMinutes(15).TotalSeconds.ToString(CultureInfo.InvariantCulture),
result2.ExpiresIn);
Assert.True(result2.RefreshToken.HasValue());
Assert.Equal(AccessScope.Profile, result2.Scope);
}
private static void AssertTokenCreated(CreateAccessTokenResponse result)
{
Assert.True(result.AccessToken.HasValue());
Assert.Equal(TimeSpan.FromMinutes(15).TotalSeconds.ToString(CultureInfo.InvariantCulture),
result.ExpiresIn);
Assert.True(result.RefreshToken.HasValue());
Assert.Equal(AccessScope.Profile, result.Scope);
}
public void WhenPostCreateAccessToken_ThenManagerReturnsAccessToken()
{
var response = new CreateAccessTokenResponse();
this.accesstokensManager.Setup(man => man.CreateAccessToken(It.IsAny <IRequest>(), It.IsAny <CreateAccessToken>()))
.Returns(response);
var result = this.service.Post(new CreateAccessToken());
this.accesstokensManager.Verify(man => man.CreateAccessToken(It.IsAny <IRequest>(), It.IsAny <CreateAccessToken>()), Times.Once());
Assert.Equal(response, result);
}
public override void WhenPostCreateAccessToken_ThenCreatesResource()
{
Client.AddCredentials(Clients.Test.ClientApplication.ClientIdentifier,
Clients.Test.ClientApplication.ClientSecret);
CreateAccessToken request = MakeCreateAccessToken();
request.Username = Clients.Test.ClientUserAccount.AuthInfo.Username;
request.Password = Clients.Test.ClientUserAccount.Password;
CreateAccessTokenResponse result = Client.Post(request);
Assert.True(result.AccessToken.HasValue());
Assert.Equal(TimeSpan.FromMinutes(15).TotalSeconds.ToString(CultureInfo.InvariantCulture),
result.ExpiresIn);
Assert.True(result.RefreshToken.HasValue());
Assert.Equal(AccessScope.Profile, result.Scope);
}
public void WhenCreateAccessToken_ThenReturnsAccessToken()
{
dnoaAuthZProvider.Setup(
pro => pro.HandleTokenRequest(It.IsAny <IRequest>(), It.IsAny <CreateAccessToken>()))
.Returns(new DnoaAuthZResponse
{
AccessToken = "anaccesstoken",
ExpiresIn = "anexpiresin",
RefreshToken = "arefreshtoken",
Scope = "ascope",
TokenType = "atokentype",
});
CreateAccessTokenResponse result = manager.CreateAccessToken(request.Object, new CreateAccessToken());
Assert.Equal("anaccesstoken", result.AccessToken);
Assert.Equal("anexpiresin", result.ExpiresIn);
Assert.Equal("arefreshtoken", result.RefreshToken);
Assert.Equal("ascope", result.Scope);
Assert.Equal("atokentype", result.TokenType);
}
/// <summary>
/// Creates a new access token for a specific user.
/// </summary>
internal CreateAccessTokenResponse CreateAccessToken(IRequest request, CreateAccessToken body)
{
Guard.NotNull(() => request, request);
Guard.NotNull(() => body, body);
// Delegate to DNOA to process the incoming request
DnoaAuthZResponse response = DnoaAuthorizationServer.HandleTokenRequest(request, body);
var accessToken = new CreateAccessTokenResponse
{
AccessToken = response.AccessToken,
RefreshToken = response.RefreshToken,
ExpiresIn = response.ExpiresIn,
TokenType = response.TokenType,
Scope = response.Scope,
};
//TODO: Audit the creation of the access_token
return(accessToken);
}
/// <summary>
/// Returns the Identifier of the newly created 'AccessTokens' resource.
/// </summary>
protected string GetCreateAccessTokenResponseId(CreateAccessTokenResponse response)
{
return(null);
}
