public void ExpiredRefreshToken()
{
TestTokenHandleManager handleManager =
new TestTokenHandleManager("abc", "codeclient", "https://validredirect", expired: true);
var validator = new TokenRequestValidator(handleManager);
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.RefreshToken,
Refresh_Token = "abc"
};
try
{
var result = validator.Validate(app, request, _client);
}
catch (TokenRequestValidationException ex)
{
Assert.AreEqual(OAuthConstants.Errors.InvalidGrant, ex.OAuthError);
return;
}
Assert.Fail("No exception thrown.");
}
public void InvalidCodeToClientBinding()
{
var handleManager =
new TestTokenHandleManager("abc", "someotherclient", "https://validredirect");
var validator = new TokenRequestValidator(handleManager, _clientManager);
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.AuthorizationCode,
Code = "abc",
Redirect_Uri = "https://validredirect"
};
try
{
var result = validator.Validate(app, request, _client);
}
catch (TokenRequestValidationException ex)
{
Assert.AreEqual(OAuthConstants.Errors.InvalidGrant, ex.OAuthError);
return;
}
Assert.Fail("No exception thrown.");
}
public void InvalidCodeToClientBinding()
{
var handleManager =
new TestTokenHandleManager("abc", "someotherclient", "https://validredirect");
var validator = new TokenRequestValidator(handleManager);
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.RefreshToken,
Refresh_Token = "abc",
};
try
{
var result = validator.Validate(app, request, _client);
}
catch (TokenRequestValidationException ex)
{
Assert.AreEqual(OAuthConstants.Errors.InvalidGrant, ex.OAuthError);
return;
}
Assert.Fail("No exception thrown.");
}
public void Init()
{
DataProtectection.Instance = new NoProtection();
_testConfig = new TestAuthorizationServerConfiguration();
_client = Principal.Create(
"Test",
new Claim("client_id", "codeclient"),
new Claim("secret", "secret"));
_handleManager = new TestTokenHandleManager(
"abc",
"codeclient",
"https://validredirect");
}
public void Init()
{
DataProtectection.Instance = new NoProtection();
_testConfig = new TestAuthorizationServerConfiguration();
_client = Principal.Create(
"Test",
new Claim("client_id", "codeclient"),
new Claim("secret", "secret"));
_handleManager = new TestTokenHandleManager(
"abc",
"codeclient",
"https://validredirect");
}
public void UnauthorizedClientCredentialsGrant()
{
TestTokenHandleManager handleManager =
new TestTokenHandleManager("abc", "codeclient", "https://validredirect");
var validator = new TokenRequestValidator(handleManager);
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.ClientCredentials,
};
try
{
var result = validator.Validate(app, request, _client);
}
catch (TokenRequestValidationException ex)
{
Assert.AreEqual(OAuthConstants.Errors.UnauthorizedClient, ex.OAuthError);
return;
}
Assert.Fail("No exception thrown.");
}
public void UnauthorizedRefreshTokenGrant()
{
TestTokenHandleManager handleManager =
new TestTokenHandleManager("abc", "codeclient", "https://validredirect");
var validator = new TokenRequestValidator(handleManager);
var app = _testConfig.FindApplication("test");
var request = new TokenRequest
{
Grant_Type = OAuthConstants.GrantTypes.RefreshToken,
};
try
{
var result = validator.Validate(app, request, _client);
}
catch (TokenRequestValidationException ex)
{
Assert.AreEqual(OAuthConstants.Errors.UnauthorizedClient, ex.OAuthError);
return;
}
Assert.Fail("No exception thrown.");
}
