public async void AuthenticateAuthorizationCode_WhenGivenValidClientIdAndRedirectUri_ShouldReturnValidResponse(string clientId, string redirectUri)
{
var code = string.Empty;
// Get authorization code
using (var browser = new BrowserSession())
{
browser.Visit(string.Format("{0}oauth/authorize?response_type=code&client_id={1}&state=&scope={2}&redirect_uri={3}", this.client.BaseAddress, clientId, Scope.Read, redirectUri));
Console.WriteLine("Opened authorize page");
browser.FillIn("Username").With("user");
browser.FillIn(GrantType.Password).With("pass");
browser.ClickButton("Sign in");
Console.WriteLine("Signing in");
browser.HasContent("The application NUnit wants to access your account", new Options() { RetryInterval = TimeSpan.FromSeconds(1) });
browser.ClickButton("Allow");
Console.WriteLine("Accepting authorization");
await Task.Delay(TimeSpan.FromSeconds(5));
var uri = browser.Location;
Console.WriteLine("Query String: {0}", uri.Query);
Assert.Contains("code", uri.ParseQueryString().AllKeys);
code = uri.ParseQueryString()["code"];
}
var request = new HttpRequestMessage(HttpMethod.Post, "oauth/token");
request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "NUnit");
request.Content = new FormUrlEncodedContent(new Dictionary<string, string>()
{
{ "grant_type", "authorization_code" },
{ "redirect_uri", "http://localhost" },
{ "code", code }
});
Console.WriteLine("Request: {0}{1}", this.client.BaseAddress, request.RequestUri);
var response = await this.client.SendAsync(request);
var content = JsonConvert.DeserializeObject<AccessTokenResponse>(await response.Content.ReadAsStringAsync());
Console.WriteLine("Response: [{0} {1}] {2}", (int)response.StatusCode, response.StatusCode, await response.Content.ReadAsStringAsync());
Assert.IsNotNullOrEmpty(content.AccessToken, "No access token returned");
var identity = await this.PrintIdentity(content.AccessToken);
Assert.IsTrue(identity.HasClaim(ClaimType.Scope, Scope.Read));
}
public async void AuthenticateAuthorizationCode_WhenGivenValidAuthorizationCodeAndInvalidRedirectUri_ShouldReturnInvalidRequest(string clientId, string clientSecret, string redirectUri)
{
var code = string.Empty;
// Get authorization code
using (var browser = new BrowserSession())
{
var url = string.Format("{0}oauth/authorize?response_type=code&client_id={1}&redirect_uri={2}", this.client.BaseAddress, clientId, redirectUri);
browser.Visit(url);
Console.WriteLine("Opened authorize page: {0}", url);
browser.FillIn("Username").With("user");
browser.FillIn(GrantType.Password).With("pass");
browser.ClickButton("Sign in");
Console.WriteLine("Signing in");
browser.HasContent("The application NUnit wants to access your account", new Options() { RetryInterval = TimeSpan.FromSeconds(1) });
browser.ClickButton("Allow");
Console.WriteLine("Accepting authorization");
await Task.Delay(TimeSpan.FromSeconds(5));
var uri = browser.Location;
Console.WriteLine("Query String: {0}", uri.Query);
Assert.Contains("code", uri.ParseQueryString().AllKeys);
code = uri.ParseQueryString()["code"];
}
var request = new HttpRequestMessage(HttpMethod.Post, "oauth/token");
request.Headers.Authorization = new BasicAuthenticationHeaderValue(clientId, clientSecret);
request.Content = new FormUrlEncodedContent(new Dictionary<string, string>()
{
{ "grant_type", GrantType.AuthorizationCode },
{ "code", code }
});
Console.WriteLine("Request: {0}{1}", this.client.BaseAddress, request.RequestUri);
var response = await this.client.SendAsync(request);
var content = await response.Content.ReadAsStringAsync();
Console.WriteLine("Response: [{0} {1}] {2}", (int)response.StatusCode, response.StatusCode, await response.Content.ReadAsStringAsync());
Assert.AreEqual(HttpStatusCode.BadRequest, response.StatusCode);
Assert.AreEqual("{\"error\":\"invalid_request\"}", content);
}