Exemple #1
0
        public async Task WhenUpdateResourceAndNoIdIsSpecifiedThenIsNotUpdated()
        {
            var resource =
                await _umaClient.UpdateResource(new ResourceSet(), "header").ConfigureAwait(false) as
                Option <UpdateResourceSetResponse> .Error;

            Assert.Equal(HttpStatusCode.NotFound, resource.Details.Status);
        }
Exemple #2
0
        public async Task When_Using_TicketId_Grant_Type_Then_AccessToken_Is_Returned()
        {
            var handler = new JwtSecurityTokenHandler();
            var set     = new JsonWebKeySet();

            set.Keys.Add(_server.SharedUmaCtx.SignatureKey);

            var securityToken = new JwtSecurityToken(
                "http://server.example.com",
                "s6BhdRkqt3",
                new[] { new Claim("sub", "248289761001") },
                null,
                DateTime.UtcNow.AddYears(1),
                new SigningCredentials(set.GetSignKeys().First(), SecurityAlgorithms.HmacSha256));
            var jwt = handler.WriteToken(securityToken);

            var tc = new TokenClient(
                TokenCredentials.FromClientCredentials("resource_server", "resource_server"),
                _server.Client,
                new Uri(BaseUrl + WellKnownUma2Configuration));
            // Get PAT.
            var result = await tc.GetToken(TokenRequest.FromScopes("uma_protection", "uma_authorization"))
                         .ConfigureAwait(false) as Option <GrantedTokenResponse> .Result;

            var resourceSet = new ResourceSet
            {
                Name   = "name",
                Scopes = new[] { "read", "write", "execute" },
                AuthorizationPolicies = new[]
                {
                    new PolicyRule
                    {
                        ClientIdsAllowed = new[] { "resource_server" },
                        Scopes           = new[] { "read", "write", "execute" }
                    }
                }
            };
            var resource =
                await _umaClient.AddResource(resourceSet, result.Item.AccessToken).ConfigureAwait(false) as
                Option <AddResourceSetResponse> .Result;

            resourceSet = resourceSet with {
                Id = resource.Item.Id
            };
            await _umaClient.UpdateResource(resourceSet, result.Item.AccessToken).ConfigureAwait(false);

            var ticket = await _umaClient.RequestPermission(
                "header",
                requests : new PermissionRequest    // Add permission & retrieve a ticket id.
            {
                ResourceSetId = resource.Item.Id, Scopes = new[] { "read" }
            })
                         .ConfigureAwait(false) as Option <TicketResponse> .Result;

            Assert.NotNull(ticket.Item);

            var tokenClient = new TokenClient(
                TokenCredentials.FromClientCredentials("resource_server", "resource_server"),
                _server.Client,
                new Uri(BaseUrl + WellKnownUma2Configuration));
            var token = await tokenClient.GetToken(TokenRequest.FromTicketId(ticket.Item.TicketId, jwt))
                        .ConfigureAwait(false) as Option <GrantedTokenResponse> .Result;

            var jwtToken = handler.ReadJwtToken(token.Item.AccessToken);

            Assert.NotNull(jwtToken.Claims);
        }