public async Task Valid_Reference_Token_with_required_Scope() { var store = new InMemoryTokenHandleStore(); var validator = Factory.CreateTokenValidator(store); var token = TokenFactory.CreateAccessToken("roclient", "valid", 600, "read", "write"); var handle = "123"; await store.StoreAsync(handle, token); var result = await validator.ValidateAccessTokenAsync("123", "read"); Assert.IsFalse(result.IsError); }
public async Task Valid_AccessToken_but_Client_not_active() { var store = new InMemoryTokenHandleStore(); var validator = Factory.CreateTokenValidator(store); var token = TokenFactory.CreateAccessToken("unknown", "valid", 600, "read", "write"); var handle = "123"; await store.StoreAsync(handle, token); var result = await validator.ValidateAccessTokenAsync("123"); Assert.IsTrue(result.IsError); }
public async Task Valid_Reference_Token_with_missing_Scope() { var store = new InMemoryTokenHandleStore(); var validator = Factory.CreateTokenValidator(store); var token = TokenFactory.CreateAccessToken("roclient", "valid", 600, "read", "write"); var handle = "123"; await store.StoreAsync(handle, token); var result = await validator.ValidateAccessTokenAsync("123", "missing"); Assert.IsTrue(result.IsError); Assert.AreEqual(Constants.ProtectedResourceErrors.InsufficientScope, result.Error); }
public async Task Valid_Reference_Token() { var store = new InMemoryTokenHandleStore(); var validator = Factory.CreateTokenValidator(store); var token = TokenFactory.CreateAccessToken("roclient", "valid", 600, "read", "write"); var handle = "123"; await store.StoreAsync(handle, token); var result = await validator.ValidateAccessTokenAsync("123"); Assert.IsFalse(result.IsError); Assert.AreEqual(8, result.Claims.Count()); Assert.AreEqual("roclient", result.Claims.First(c => c.Type == Constants.ClaimTypes.ClientId).Value); }
public async Task Valid_Reference_Token_with_missing_Scope() { var store = new InMemoryTokenHandleStore(); var validator = Factory.CreateTokenValidator(store); var token = TokenFactory.CreateAccessToken(new Client { ClientId = "roclient" }, "valid", 600, "read", "write"); var handle = "123"; await store.StoreAsync(handle, token); var result = await validator.ValidateAccessTokenAsync("123", "missing"); result.IsError.Should().BeTrue(); result.Error.Should().Be(OidcConstants.ProtectedResourceErrors.InsufficientScope); }
public async Task Expired_Reference_Token() { var store = new InMemoryTokenHandleStore(); var validator = Factory.CreateTokenValidator(store); var token = TokenFactory.CreateAccessToken("roclient", "valid", 2, "read", "write"); var handle = "123"; await store.StoreAsync(handle, token); await Task.Delay(2000); var result = await validator.ValidateAccessTokenAsync("123"); Assert.IsTrue(result.IsError); Assert.AreEqual(Constants.ProtectedResourceErrors.ExpiredToken, result.Error); }
public async Task Valid_Reference_Token() { var store = new InMemoryTokenHandleStore(); var validator = Factory.CreateTokenValidator(store); var token = TokenFactory.CreateAccessToken(new Client { ClientId = "roclient" }, "valid", 600, "read", "write"); var handle = "123"; await store.StoreAsync(handle, token); var result = await validator.ValidateAccessTokenAsync("123"); result.IsError.Should().BeFalse(); result.Claims.Count().Should().Be(8); result.Claims.First(c => c.Type == JwtClaimTypes.ClientId).Value.Should().Be("roclient"); }
public async Task Valid_AccessToken_but_User_not_active() { var mock = new Mock <IUserService>(); mock.Setup(u => u.IsActiveAsync(It.IsAny <ClaimsPrincipal>())).Returns(Task.FromResult(false)); var store = new InMemoryTokenHandleStore(); var validator = Factory.CreateTokenValidator(tokenStore: store, users: mock.Object); var token = TokenFactory.CreateAccessToken("roclient", "invalid", 600, "read", "write"); var handle = "123"; await store.StoreAsync(handle, token); var result = await validator.ValidateAccessTokenAsync("123"); result.IsError.Should().BeTrue(); }
public async Task Expired_Reference_Token() { now = DateTimeOffset.UtcNow; var store = new InMemoryTokenHandleStore(); var validator = Factory.CreateTokenValidator(store); var token = TokenFactory.CreateAccessToken(new Client { ClientId = "roclient" }, "valid", 2, "read", "write"); var handle = "123"; await store.StoreAsync(handle, token); now = now.AddMilliseconds(2000); var result = await validator.ValidateAccessTokenAsync("123"); result.IsError.Should().BeTrue(); result.Error.Should().Be(OidcConstants.ProtectedResourceErrors.ExpiredToken); }